Privacy Policy

Introduction

Privacy encompasses an individual's autonomy, dignity, and control over personal data and its collection, usage, and disclosure. At iArista, we recognize the importance of protecting your personal and financial information and maintaining your trust. We adopt appropriate technical, operational, and administrative safeguards to protect Personal Information, Sensitive Personal Data or Information ("SPDI"), and financial data from unauthorized access, misuse, or loss.

Applicability & Governing Law

This Privacy Policy applies to all Users ("you", "your") who visit, register, or transact on the Platform. This Policy is governed by Indian law, including the following laws, as updated / amended from time to time:

• The Information Technology Act, 2000
• IT (Reasonable Security Practices and SPDI) Rules, 2011
• Digital Personal Data Protection Act, 2023
• SEBI and other sectoral regulations

If you do not agree with this Policy, please do not access or use the Platform.

Eligibility

• You must be at least 18 years old and provide accurate identity details.
• Use of the Platform is personal and non-transferable.

Information We Collect

We may collect information:

How We Collect Information

Information is collected when:

• You register or complete KYC
• You transact
• You contact us
• Authorized parties provide information
• Service providers verify identity/fraud
• You voluntarily submit feedback

How We Use Your Information

We use data for:

• Processing transactions
• Account servicing
• Regulatory compliance
• Fraud prevention
• Customer support
• Product improvement
• Analytics and research
• Marketing communications (opt-out available)
• Legal obligations
• Referral or distributor arrangements

Automated tools may be used to analyze data.

Sharing of Information

We do not sell or rent personal data. We may share with:

• Mutual Fund AMCs
• RTAs
• Banks & payment gateways
• KYC agencies
• Regulators or courts
• IT service providers
• Group companies (lawfully)

All recipients are contractually bound to confidentiality.

Gmail Data (Optional Feature)

If you connect Gmail:

• Data is used only for investment analytics
• Not used for advertising
• No human access except security/legal needs
• Sharing limited to service delivery
• Consent-based and optional

Data Security

We implement:

• Encryption
• Restricted access
• Secure servers
• Monitoring systems
• Incident response plans

Despite safeguards, no system is fully secure.

Data Storage & Retention

Data is:

• Stored securely in India (unless required otherwise)
• PAN and Aadhaar information is transmitted directly to authorized third-party service providers and is not stored on our servers
• Other personal information is retained per PMLA, SEBI, or other regulatory requirements and for legal mandates
• Deleted/anonymized once no longer required

Your Rights

You may:

• Access or update information
• Withdraw consent
• Request deletion (subject to law)
• Deactivate accounts

Requests: contact@iarista.com

Cookies & Analytics

We use cookies and analytics tools for:

• Performance improvement
• Security
• User experience

You may disable cookies via browser/device settings.

Third-Party Links

We are not responsible for third-party privacy practices linked from our Platform.

Advertising & Marketing

• We may show targeted ads using anonymized data and partner services.
• You may opt-out of marketing communications anytime.

Mobile Permissions

• We do not access contacts, call logs, or files.
• Camera/location/microphone access is taken only with explicit consent for onboarding/KYC.
• We do not collect biometric data.

Account Deletion

Users may request account deletion or deactivation by emailing contact@iarista.com. Requests are processed subject to regulatory retention requirements.

Policy Updates

• We may revise this Policy periodically.
• Changes take effect once published on the Platform.