Calculators

Our Policies

Explore our comprehensive set of policies that ensure transparency, compliance, and protection for all our clients. Stay informed about our terms, regulatory guidelines, grievance redressal procedures, and investor rights.

Terms & ConditionsPrivacy PolicyClient Consent and Terms & ConditionsCode Of ConductInvestor CharterRedressal Of GrievanceDisclosure, USER & KYC AgreementComplaints BoardPMLA PolicyDisclaimer for WebsiteSocial Media DisclaimersLegal & Risk DisclosureRefund PolicyCancellation PolicyInternal Policy on Conflict of Interest

PRIVACY POLICY

1. Introduction

This Privacy Policy explains howWealthFino, operated by Krishna Kumar Pathak (SEBI Registered Research Analyst,Reg. No. INH300009914, BSE Enlistment No. 5590), collects, processes, stores, and protects your information.
By accessing our website, mobile app, or services, you agree to the practices outlined in this Policy.
We comply with:

  • The SEBI (Research Analyst) Regulations, 2014 and circulars issued thereunder
  • BSE/NSE guidelines applicable to Research Analysts
  • The Information Technology Act, 2000 and SPDI Rules, 2011
  • The Digital Personal Data Protection Act, 2023
  • RBI guidelines and PCI-DSS standards for payment data security

2. Scope

This Policy applies to all users, clients, vendors, and partners (“User”) interacting with WealthFino services.
It governs the lawful collection, processing, storage, and transfer of personal data strictly for permitted Research Analyst activities, including:
  • Client onboarding and SEBI-compliant KYC verification
  • Distribution of SEBI-compliant research reports
  • Subscription-based research services
  • Record-keeping, disclosures, and regulatory reporting
We do not provide portfolio management or execution-based advisory.

3. Applicability

This Privacy Policy applies to all individuals who:

  • Visit or use WealthFino’s website, mobile app, or online/offline platforms
  • Subscribe to research services, reports, or communications
  • Share personal data for KYC or engagement purposes

4. Information Collected

4.1 Principle of Collection

We collect only data that is relevant, necessary, and lawful as per SEBI RA Regulations, IT Act, SPDI Rules, and DPDP Act. No excessive or unrelated data is collected

4.2 Categories of Information

a. Identity Information
  • Full name and DOB (as per PAN)
  • Masked Aadhaar number (Collected with user consent)
  • PAN card number and Date of birth (KYC verification)
  • Voter ID, Passport, or equivalent document (if submitted voluntarily for KYC verification)

Purpose: For establishing identity and fulfilling SEBI-mandated compliance (Regulation 16 and 18 of SEBI RA Regulations)

b. Contact Information
  • Mobile numbers (including Aadhaar-linked for OTP e-consent)
  • Email address
  • Permanent and correspondence address

Purpose: Communication, verification, grievance redressal, SEBI record-keeping.

c. Demographic Information
  • Date of Birth
  • Gender
  • Nationality

Purpose: Legal capacity to contract; suitability checks per SEBI Code of Conduct.

d. Statutory KYC Information
  • PAN & DOB (mandatory)
  • KRA/CKYC Identifier (if retrieved via SEBI-registered KRAs)
  • KYC documents under SEBI framework

Purpose: Onboarding, compliance, lawful delivery of research services.

e. Technical & Session Data (auto-collected)
  • IP address
  • Device type and operating system
  • Browser type and version
  • Date and time of access
  • Location metadata (approximate, coarse level)
  • Session cookies and user agent string

IT Act Sec. 43A compliance; fraud prevention; security.

f. Consent Records & Communication Metadata
  • OTP timestamps
  • IP logs
  • digital consent receipts
  • email delivery status

Purpose: Proof of explicit user consent under DPDP Act & SEBI rules.

g. Payment Data
  • Transaction ID, payment method, billing info (processed via PCI-DSS–compliant payment gateways)
  • We do not store card numbers, CVV, UPI PINs

Purpose: Subscription billing & statutory reporting.

5. Purpose of Processing

We process your data for:

  • SEBI compliance, audit, and record-keeping
  • KYC verification and risk profiling
  • Delivering research reports and services
  • Fraud prevention and platform security
  • Regulatory/statutory reporting (SEBI, BSE, NSE, RBI)

6. Consent & Authorization

By using our services, you agree to:

  1. Lawful Use Consent:
    Free, informed consent for collection, storage, and processing under IT Act & DPDP Act.free, specific, and informed consent to allow us
  2. Aadhaar-linked e-KYC
    Authorization for OTP-based verification in line with UIDAI & Aadhaar Act, 2016.
  3. Regulatory Sharing:
    Permission to share verified data with SEBI, Exchanges, KRAs, or regulators for compliance.
  4. Legal Validity:
    You agree that OTP/digital acceptance is valid consent under IT Act, Aadhaar Act, and Indian Evidence Act.

7. Data Sharing & Disclosure

We may share your information with:

  • SEBI, BSE, NSE, KRAs, RBI (regulatory compliance)
  • Auditors, consultants, service providers under confidentiality agreements
  • Law enforcement or courts, when legally mandated We never sell or commercially exploit your data

8. Payment Data Compliance

  • All payments are routed via PCI-DSS–compliant payment gateways
  • We comply with RBI data localization rules – a copy of all payment data remains stored in India.
  • Limited offshore processing (fraud detection, chargebacks) occurs only with safeguards and retention in India.

9. Data Security

We adopt reasonable security practices including:

  • SSL/TLS encryption, firewalls, intrusion detection
  • Secure hosting with restricted access
  • Regular audits and vulnerability testing
  • Employee confidentiality obligations

10. Data Breach & Notification

In case of a breach:

  • Immediate steps will be taken to contain risks
  • Users will be notified within a reasonable timeframe
  • Authorities (including the Data Protection Board of India) will be informed if required
  • Corrective actions (audits, patches, monitoring) will be implemented

11. Data Retention

  • Personal/KYC data: Minimum 5 years, or longer as mandated by SEBI, Exchanges, or Indian law.
  • Payment records: Retained per RBI and Income Tax laws.
  • Once expired, data is securely deleted, anonymized, or archived.

12. Children’s Data

Our services are intended for individuals 18 years and above. We do not knowingly collect or process children’s data.

13. Limitation of Liability

We are not liable for losses due to:

  • Unauthorized access, breaches, cyber-attacks, outages
  • Errors or delays in third-party APIs, hosting, or payment gateways
  • Use of services provided on “as is” basis

14. Third-Party Disclaimer

Our platform may integrate third-party APIs/tools (analytics, hosting, payments). We are not responsible for their independent privacy practices. Use of such services is at user’s discretion

15. Indemnification

You agree to indemnify and hold harmless Krishna Kumar Pathak / WealthFino against claims or damages arising from misuse of data, breach of this Policy, or violation of laws.

16. Cross-Border Data Transfer

Except for limited regulated purposes (fraud checks, dispute resolution), personal data is not transferred outside India. Where required, transfers are done under DPDP safeguards and RBI mandates.

17. Grievance Officer

In compliance with Rule 5(9) of the IT Rules, 2011:

  • Name:Mr. Krishna Kumar Pathak
  • Mobile::+91 98834 55700
  • Email:wealthfino@gmail.com
  • Address::RS-39/43, 5/3C Golden Park, Sankarpur West, Near Rabindranath Co-operative, Durgapur, West Bengal – 713206

18. Updates & Amendments

We may update this Policy from time to time. Updated versions will be posted with a revised “Last Updated” date. Significant changes will be notified via website/app or email.

19. Governing Law & Jurisdiction

This Policy is governed by the laws of India. Courts at Durgapur, West Bengal shall have exclusive jurisdiction for disputes.