Privacy and Policy
What is The Finance Story
Grey Matter Professionals Advsiory a LLP incorporated under the laws of India, having its registered office at [●] (“LLP”, “we”, “our”) is engaged in providing [●] (“Services”) through its website www.thefinancestory.com (“Website”) to its users registered for the Services (“Users”, “you”, “your”).
What is this Privacy Policy?
1. This privacy policy (the “Privacy Policy”), together with the terms of use [insert hyperlink to the terms of use], describes how and why the LLP collects, uses and discloses the information provided by Users and Visitors (as defined below). All Users and Visitors shall be bound by this Privacy Policy and the LLP shall not use any information supplied by Users and Visitors except in accordance with this Privacy Policy. In order to use and access the Website and Services provided by the LLP, it is necessary for Users and Visitors to accept this Privacy Policy along with the Terms of Use [insert hyperlink to the terms of use]. Users and Visitors who do not agree with the terms set out in this Privacy Policy and the Terms of Use are advised to refrain from accepting them and are advised to refrain from using any Services from/through the LLP.
2. The Users’ visit to and/or use of the Website and any dispute over privacy is subject to this Privacy Policy and the Terms of Use. The LLP may update this Privacy Policy at any time, with or without advance notice. The LLP shall not be required to notify the Users or Visitors of any changes made to this Privacy Policy. It is your responsibility, in such cases, to review the terms of this Privacy Policy from time to time.
Why does the LLP have this Privacy Policy?
1. This Privacy Policy is published pursuant to:
- 1. Section 43A of the Information Technology Act, 2000;
- 2. Regulation 4 of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information) Rules, 2011 (“SPI Rules”); and
- 3. Regulation 3(1)(a) of the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021.
2. In this Privacy Policy, the LLP will disclose what kind of information is collected from the Users. It will also specify why the LLP collects this information, the modes and means by which it will be used, and the entities or persons who will have access to this information.
What is Sensitive Personal Data or Information?
1. Under the SPI Rules, sensitive personal data or information of a person means and includes such personal information about that person relating to the following (“Personal Information”):
- Passwords;
- Financial information such as bank accounts, credit and debit card details or other payment instrument details (“Financial Information”);
- Physical, physiological and mental health condition;
- Sexual orientation;
- Medical records and history;
- Biometric information; and
- Information received by body corporates under lawful contract or otherwise.
2. There is also certain information which will be collected from Users (such as name, email addresses and telephone numbers) which may be used to personally identify Users (“Personally Identifiable Information”).
3. It is important to note that information that is freely available in the public domain, or accessible under the Right to Information Act, 2005, or any other law will not be considered Personal Information, or as Personally Identifiable Information.
Whose information is collected by the LLP?
1. Users are required to give Personal Information and Personally Identifiable Information only if the User creates a user account on the Website. Therefore, there is no compulsion on those who simply browse the Website to provide any such Personal Information. Users can also refrain from submitting any information at any time and refrain from accessing the Website and availing the Services provided the LLP. At all points, it is advised that Users exercise strict caution while submitting any Personal Information.
2. Users can access, modify, correct and eliminate the data about him/her/it which has been collected pursuant to his/her/its decision to become a User.
What kind of information does the LLP collect and how is it used?
Without the need for further, repeated consents (aside from the acceptance of this Privacy Policy) by the User, information including Personal Information, Personally Identifiable Information and/or Financial Information shall be collected by the LLP on an ongoing basis, for one or more of the following reasons:
1. Personal Information / Personally Identifiable Information
- For creating a user account, we request for your name and email address or phone number. You may also be asked to choose a username and a password, which will be used solely for the purpose of providing access to your user account. Your name, email address and phone number will be used to inform you regarding new services, releases, upcoming events and changes in this Privacy Policy.
- We will have access to third party personal information provided by you as part of using Services such as contacts in your phonebook. This information may include third party names, email addresses, phone numbers and physical addresses and will be used for servicing your requirements as expressed by you to us and solely as part and parcel of your use of Services. We do not share this third party personal information with anyone for promotional purposes, nor do we utilize it for any purposes not expressly consented to by you.
- We post User testimonials on our Website. These testimonials may include names and other Personal Information and we acquire permission from our Users prior to posting these on our Website. We are not responsible for the Personal Information Users elect to post within their testimonials.
- Your usage details such as time, frequency, duration and pattern of use, features used and the amount of storage used will be recorded by us in order to enhance your experience of the Services and to help us provide you the best possible service.
- We store and maintain User data stored in your user account at AWS, Singapore. In order to prevent loss of data due to errors or system failures, we also keep backup copies of data including the contents of your user account. Hence your files and data may remain on our servers even after deletion or termination of your user account. We may retain and use your Personal Information and data as necessary to comply with our legal obligations, resolve disputes, and enforce our rights.
2. Financial Information
In case of services requiring payment, we request credit card or other payment account information, which will be used solely for processing payments. Your financial information will not be stored by us except for the name and address of the card holder, the expiry date and the last four digits of the credit card number. Subject to your prior consent and where necessary for processing future payments, your financial information will be stored in encrypted form on secure servers of our reputed payment gateway service provider who is beholden to treating your Personal Information in accordance with this Privacy Policy.
3. Visitor data
We use the Internet Protocol address, browser type, browser language, referring URL, files accessed, errors generated, time zone, operating system and other visitor details collected in our log files to analyze the trends, administer the website, track visitor’s movements and to improve our website. We link this automatically collected data to other information we collect about you.
4. We use third party software for analytics. All metrics information collected from your usage of the Service shall be transmitted to analytics provider. This information is then used to evaluate how users use Service, and to compile statistical reports on activity for us. We further use the same statistical analytics tool to track or to collect your Personal Information. We will use this information in order to maintain, enhance, or add to the functionality of the Service and to personalize the experience for you. Anonymized and aggregated information and analysis may be made public where desired by the LLP.
5. Cookies and tracking technology
- We use Local Storage Objects (“LSOs”) such as HTML5 to store content information, preferences and to keep you signed-in. Third parties with whom we partner to provide certain features on our site or to display advertising based upon your web browsing activity use LSOs such as HTML5 to collect and store information. Various browsers may offer their own management tools for removing HTML5 LSOs.
- We partner with third parties to manage our advertisements on other sites. Our third party partners may use technologies such as cookies to gather information about your activities on this site and other sites in order to provide you advertising based upon your browsing activities and interests
- It is at the discretion of Users to set or amend their web browsers to delete or disable cookies. Disabling cookies on a computer or mobile telecommunication device may impair, degrade or restrict access to certain areas of the Website. Temporary cookies may be cleared by quitting the browser. However, Users are encouraged to use the “clear cookies” functionality of their browsers to ensure deletion, as the LLP cannot guarantee, predict or provide for the behavior of the equipment of all the Users of the Website.
6. External widgets
We provide the users third party widgets such as Facebook and Twitter buttons on the Website that allow users to share articles and other information on different platforms. These widgets may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the widgets to function properly. These widgets do not collect or store any Personal Information from Users on the website and simply act as a bridge for your convenience in sharing information. Your interactions with these widgets are governed by the privacy policy of the LLP providing it. While the LLP shall make reasonable endeavors to ensure that the User’s Personal Information and the Financial Information is duly protected by undertaking security measures prescribed under applicable laws, the User is strongly advised to exercise discretion while providing Personal Information or Financial Information while using the Services given that the Internet is susceptible to security breaches.
Who has access to your information?
1. Employees and authorised personnel All information that is collected, stored and disclosed to the LLP by Users is accessible only to authorised personnel and employees on a need-to-know basis. All LLP employees and data processors, who have access to and are associated with the processing of Personal Information or Financial Information provided by Users are obliged to respect the confidentiality of every User’s Personal Information or Financial Information. The LLP has implemented security policies, rules and technical measures, as required under applicable law including firewalls, transport layer security and other physical and electronic security measures to protect the Financial Information and Personal Information that it has under its control from unauthorised access, improper use or disclosure, unauthorised modification and unlawful destruction or accidental loss. While the LLP is committed to maintaining confidentiality of all Personal Information, Personally Identifiable Information and Financial Information, the LLP shall not be responsible for any breach of security or for any action of any third parties that receive Users’ personal data or events that are beyond the reasonable control of the LLP including, acts of government, computer hacking, unauthorised access to computer data and storage device, computer crashes, breach of security and encryption, etc. All information collected from the Users by the LLP is maintained in electronic form on servers and/or cloud systems and shall be accessible by certain employees of the LLP. The User information may also be converted to physical form from time to time. Regardless of the manner of storage, the LLP shall make commercially reasonable endeavors to ensure that the User information is rendered confidential, and will disclose User information only in accordance with the terms of this Privacy Policy.
2. Government institutions or authorities
The LLP may be required to disclose Personal Information or Financial Information to governmental institutions or authorities under any law or judicial decree. The LLP may also do so in its sole discretion, if it deems it necessary in order to protect its rights or the rights of others, to prevent harm to persons or property, to fight fraud and credit risk, or to enforce or apply the Terms of Use. The LLP shall not be responsible for the manner or method in which such institutions and authorities use or disclose such information.
3. Other parties
The LLP may share / use Personal Information and Personally Identifiable Information provided by Users with the other parties such as affiliates, resellers, service providers and business partners for the purposes of:
- providing services, technical support and enhancing User experience;
- data storage, database management, web analytics and payment processing;
- detecting and preventing identity theft, fraud or any other potentially illegal acts; or
- monitoring and enhancing User interest and engagement, including through promotional activity, personal messages to Users using Personally Identifiable Information provided by Users, etc; or
5. processing the purchase of Products and Services on the Website.
In the event that such other parties have access to Personal Information or Personally Identifiable Information, the LLP may, at its discretion, make commercially reasonably efforts to ensure that the other parties treat such Personal Information at least as protectively as they treat personally identifiable information obtained from their users or members. We will obtain your prior specific consent before we share your or Personal Information to any person outside the LLP for any purpose that is not directly connected with providing our Services to you We do not sell your Personal Information to third parties. We may share generic aggregated demographic information not linked to any Personal Information regarding visitors and users with our business partners and advertisers.
4. Merging / acquiring parties
In the event that the LLP is merged with or acquired by another business entity, the LLP will be required to transfer all Personal Information to such merging or acquiring party. In such a case, the LLP will take all reasonable efforts to make sure that Personal Information is protected by the merging or acquiring entity, in conformity with applicable laws.
5. Third party upon sale
The LLP may also disclose or transfer the personal and other information provided by Users, to any third party as a part of reorganization or a sale of the assets, division or transfer of a part or whole of the LLP. Any third party to which the LLP transfers or sells its assets will have the right to continue to use the personal and other information that Users provide to the LLP.
6. Advertisers
The LLP may allow other companies or entities to serve advertisements to Users. These companies or entities include third party advertisement servers, advertisement agencies, advertisement technology vendors and research firms. The LLP may target some advertisements to Users that fit a certain general profile but does not use Personally Identifiable Information to target advertisements to specific Users. While serving advertisements or optimising the Services to its Users, the LLP may allow authorised third parties to place or recognise a unique cookie on the User’s browser.
7. Third-party sites
The LLP does not exercise control over the websites displayed as search results or links from within the Services. These other sites may place their own cookies or other files on the Users’ computer, collect data or solicit Personal Information or Financial Information from the Users, for which the LLP shall not be held responsible or liable. The LLP does not make any representations concerning the privacy practices or policies of such third parties or terms of use of such websites, nor does the LLP guarantee the accuracy, integrity, or quality of the information, data, text, software, sound, photographs, graphics, videos, messages or other materials available on such websites. The inclusion or exclusion does not imply any endorsement by the LLP of such websites, the websites’ provider, or the information on the website.
The LLP will never ask Users or Visitors to provide any sensitive or personal information through email or the telephone. Any requests to do so must not be entertained by Users or Visitors and they are requested to refrain from revealing any such information. Knowledge and details of such requests are to be forwarded to [insert email ID] so that the LLP may take necessary action.
Whom does LLP not collect information from?
1. The LLP does not knowingly collect personal data from children (only persons above the age of 18 shall be permitted to use the Website, as provided in the Terms of Use). If someone below this age accesses and uses the Website, the LLP will not be held liable for any damage or injury suffered due to the divulging of any information.
2. Personal or Financial Information of those who are simply browsing the Website with no action towards using the services in any way (“Visitor”) will not be collected. However, provisions of the Privacy Policy pertaining but not limited to cookie usage, location, website records, etc. will be applicable to Visitors. Therefore, we urge Visitors to also peruse the Privacy Policy prior to accessing the Website.
3. In case a Visitor has willingly submitted any Personal Information or Financial Information (including phone numbers, email addresses, responses to surveys, etc.) to the LLP through any means, including email, telephone calls, telephonic messaging or while availing or signing-up for the Services, he/she/it will be considered to be Users for the purpose of this Privacy Policy.
4. If you, as a Visitor, have inadvertently browsed any other pages of the Website prior to reading the privacy statements set out herein, and you do not agree with the manner in which such information is obtained, stored or used, merely quitting the Website should ordinarily clear all temporary cookies installed by the LLP. All Visitors, however, are encouraged to use the “clear cookies” functionality on their browsers to ensure such clearing or deletion, as the LLP cannot guarantee, predict or provide for the behavior of the equipment of all the Visitors of the Website.
5. If you are accessing the Website from outside India you must ensure that you are not violating any local or national law of your location. The LLP will not be liable for legal violations committed in this regard.
Does the Website have an Opt-Out Policy?
1. The third-party service providers with whom the LLP may share Personal Information or Financial Information provided by Users are not permitted to market their own services or send promotional e-mails or engage in promotional communication with the Users. All Users may opt-out of receiving non-essential, promotional, or marketing-related communication from itself or its partners. These settings can be found on the Website.
2. If a User wishes to remove his/her/its contact information from all the LLP’s lists and newsletters, the User can click on the “unsubscribe” link or follow the instructions in each e-mail message. Alternatively, the User can contact the LLP at [insert email ID]. The LLP reserves the right to limit membership based on availability of contact information. All Users will be notified by email prior to any actions taken.
What are the reasonable security practices and procedures adopted by the LLP?
1. [Please set out the reasonable security practices and procedures adopted by the LLP]
What are the details of the grievance officer appointed by the LLP?
Any grievances in relation to the information shared by the User with the LLP may be brought to the attention of [Mr/Ms] [●], the grievance officer appointed by the LLP (“Grievance Officer”). The phone number of the Grievance Officer is [●] and the email address of the Grievance Officer is [●]. Copyright 2021 © The Finance Story
