Privacy Policy
Introduction
Vaia Investment Advisory LLP (“Vaia”) is committed to protecting the privacy and personal data of our clients, employees, and stakeholders in compliance with relevant Indian laws, including the Digital Personal Data Protection (DPDP) Act, 2023. This Privacy Policy outlines our practices regarding the collection, use, and disclosure of personal information.
Scope and Applicability
This Privacy Policy applies to all personal data collected by Vaia from individuals residing in India, including clients, employees, and third parties. It also applies to non-citizens living in India whose personal data is processed in connection with any activity related to offering goods or services to them.
Types of Personal Data Collected
Vaia may collect the following types of personal data:
-
Identification Information: Name, contact details, and identification numbers.
-
Financial Information: Bank account details, payment information, and financial data of companies while providing services as part of its investment and sustainability advisory verticals.
-
Professional Information: Employment history, qualifications, and identity proofs.
-
Communication Data: Correspondence with clients and stakeholders.
Purposes of Data Collection and Processing
Vaia collects and processes personal data for the following purposes:
-
Providing investment and sustainability advisory services.
-
Communicating with clients and stakeholders regarding updates, offers, and services.
-
Complying with legal obligations and regulatory requirements.
-
Conducting internal audits and improving our services.
Consent Requirements
Vaia will obtain valid consent from data principals before processing their personal data, except for certain legitimate uses as defined in the DPDP Act. Vaia ensures that the consent sought by it from data principals is:
-
Free, specific, informed, unconditional, and unambiguous with a clear affirmative action.
-
For a specific purpose, with the data collected limited to what is necessary for that purpose.
Legitimate Uses of Personal Data
Vaia may process personal data without consent for the following legitimate uses:
-
When an individual has voluntarily provided personal data for a specified purpose.
-
Compliance with legal obligations, judgments, decrees, or regulatory orders/ orders from government departments.
-
Medical emergencies, epidemics, or threats to public health.
-
Disaster management or breakdown of public order.
Data Sharing and Disclosure
Vaia does not sell or rent personal data to third parties. We may share personal information with:
-
Service Providers: Third-party vendors who assist us in providing services, subject to confidentiality agreements and contractual obligations.
-
Regulatory Authorities: As required by law or to comply with legal obligations.
-
Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, personal data may be transferred as part of that transaction.
Data Security and Retention
Vaia employs appropriate technical and organizational measures to protect personal data against unauthorized access, loss, or destruction. We will retain personal data only for as long as necessary to fulfill the purposes for which it was collected or as required by law.
Rights of Data Principals
Under the DPDP Act, data principals have the following rights concerning their personal data:
-
Right to Access: Obtain confirmation of whether their personal data is being processed and access such data.
-
Right to Correction: Request rectification of inaccurate or incomplete personal data.
-
Right to Erasure: Request deletion of their personal data under certain circumstances.
-
Right to Withdraw Consent: Withdraw consent at any time if consent is the ground for processing.
-
Right to Data Portability: Receive their personal data in a structured, commonly used format.
Vaia will respond to data principals’ requests within a reasonable time.
Grievance Redressal Mechanism
Vaia has established a grievance redressal mechanism to address complaints related to personal data processing. Data principals can contact our Data Protection Officer at shruthi@cahacapital.com
Non-compliance and Penalties
Vaia takes this Privacy Policy seriously, and any violations may lead to disciplinary action, including termination of employment or business relationships.
Changes to the Privacy Policy
Vaia reserves the right to modify this Privacy Policy at any time. Any changes will be communicated to individuals via email or through our website. Continued use of our services after any changes signifies acceptance of the updated policy.