☰ Accessibility

OBJECTIVE:

Elite Wealth Limited. (“Elite Wealth” / “Company”) recognises its legal, fiduciary and ethical obligation to safeguard the personal data, sensitive personal data and confidential information entrusted to it by its clients, investors, employees and other stakeholders. Elite Wealth is a regulated financial services company engaged in wealth management, investment advisory, broking and allied services and is affiliated with regulatory authorities including SEBI, NSE, BSE, MCX and IRDAI.
In the ordinary course of business, the Company and its employees have access to highly sensitive financial, personal, medical and proprietary information. The objective of this Policy is to ensure that such Sensitive Personal Data or Information (“SPDI”) is collected, processed, stored, disclosed and protected strictly in accordance with applicable law and best industry practices.
This Policy seeks to ensure that, under no circumstances, shall any employee or associated person misuse, disclose, compromise or unlawfully process SPDI or Confidential Information, whether accessed directly or indirectly during the course of employment or engagement. The obligations under this Policy shall survive cessation of employment or contractual engagement.

STATUTORY FRAMEWORK AND GENERAL REQUIREMENTS:
This Policy is framed in compliance with:

  • The Information Technology Act, 2000; and
  • The Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (“SPDI Rules, 2011”).

References to the Digital Personal Data Protection Act, 2023 are included only for harmonisation and future readiness and shall not dilute or override the specific obligations applicable to Sensitive Personal Data under the SPDI Rules, 2011.
Compliance with this Policy is mandatory. Any violation shall be treated as serious misconduct and may result in disciplinary action, including termination of employment or engagement, recovery of losses, and initiation of civil and/or criminal proceedings under applicable law.

APPLICABILITY AND ELIGIBILITY:
This Policy applies to:

  • All permanent, temporary, contractual and probationary employees;
  • Consultants, advisors, interns and trainees;
  • Directors, officers and key managerial personnel; and
  • Employees or representatives of affiliates, subsidiaries, group entities and authorised third-party service providers who have access to SPDI.

DEFINITIONS:

  • Personal Data

“Personal Data” means any information relating to an identified or identifiable individual or entity, including clients, customers, investors, employees, vendors or representatives of corporate clients, which directly or indirectly identifies such person.

  • Processing
  • “Processing” includes any operation performed on Personal Data or SPDI, whether automated or otherwise, including collection, recording, organisation, storage, adaptation, retrieval, use, disclosure, transfer, uploading, alignment, restriction or deletion.
  • Sensitive Personal Data or Information (SPDI)
  • In accordance with the SPDI Rules, 2011, SPDI includes, but is not limited to:
    • Passwords;
    • Financial information such as bank account details, credit/debit card details, UPI and other payment instrument details, investment account and portfolio information;
    • Physical, physiological and mental health conditions;
    • Sexual orientation;
    • Medical records and medical history;
    • Biometric information;
    • Any information relating to the above categories provided to the Company for provision of services; and

Any information received for processing or storage under a lawful contract or otherwise.

Information that is freely available in the public domain or furnished under the Right to Information Act, 2005 or any other law shall not be regarded as SPDI.

  • Confidential Information

“Confidential Information” includes all non-public information relating to the Company or its clients, whether oral, written, electronic or otherwise, including business plans, strategies, financial data, client lists, systems, software, reports, research, communications and any information not generally available in the public domain.

SCOPE OF COVERAGE:

This Policy governs all SPDI and Confidential Information collected, received, stored, processed or otherwise handled by the Company in the course of its business operations, including data processed on behalf of clients pursuant to contractual, regulatory or statutory obligations.

COLLECTION, STORAGE, PROCESSING AND DISCLOSURE OF SPDI

  • Collection of SPDI

SPDI shall be collected solely for lawful, specific and necessary purposes connected with the Company’s business. Prior informed consent of the data provider shall be obtained before collection, and the purpose and intended use of such information shall be clearly communicated.

  • Storage and Processing of SPDI

SPDI shall be stored securely and protected against unauthorised access, alteration, disclosure or destruction. Access shall be restricted to authorised personnel strictly on a need-to-know basis. SPDI shall be processed only for the purpose for which consent has been obtained and in accordance with applicable law.

  • Disclosure of SPDI

SPDI shall not be disclosed to any third party without prior consent of the data provider, except where such disclosure is required by law, court order or regulatory direction. Any third party receiving SPDI shall be contractually obligated to maintain equivalent standards of data protection.

  • Security Practices and Procedures

The Company shall implement reasonable security practices and procedures as mandated under Rule 8 of the SPDI Rules, 2011, including appropriate administrative, technical and physical safeguards, access controls and periodic audits.

  • Rights of Individuals

Individuals shall have the right to access and correct their SPDI and may withdraw consent for processing, subject to legal, contractual or regulatory obligations.

  • Data Breach Response

Any actual or suspected breach of SPDI shall be promptly reported, investigated, contained and remediated. The Company shall notify affected individuals and authorities where required and maintain proper documentation of such incidents.

  • Third-Party Data Handling

Third-party service providers handling SPDI shall be subject to due diligence, contractual safeguards, access restrictions, audit rights and mandatory incident reporting obligations.

EMPLOYEE OBLIGATIONS AND ENFORCEMENT:

Employees and associated persons shall exercise due care and diligence while handling SPDI and shall immediately report any suspected breach or vulnerability. Non-compliance with this Policy may result in disciplinary action, termination, recovery of damages and initiation of legal proceedings.

GRIEVANCE REDRESSAL MECHANISM:

In accordance with Rule 5(9) of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, the Company has designated a Grievance Officer to address discrepancies and grievances relating to processing of Personal Data and Sensitive Personal Data.

Grievance Officer:

Name: Mr. Diwan Singh
Designation: Grievance Officer – Data Protection
Email:  investorquery@elitewealth.in
Contact No.: +91-9871195533
Address: Registered Office of Elite Wealth Limited.
Any grievance or complaint shall be resolved by the Company within a period of one (1) month from the date of receipt.

AMENDMENTS AND REVIEW:

The Company reserves the right to amend or modify this Policy at any time to ensure continued compliance with applicable laws, regulations and business requirements.

FILING COMPLAINTS ON SCORES – EASY & QUICK

a. Register on SCORES portal

b. Mandatory details for filing complaints on SCORES:
i. Name, PAN, Address, Mobile Number, E-mail ID

c. Benefits:
i. Effective communication
ii. Speedy redressal of the grievances

SEBI : https://scores.sebi.gov.in