🔒 Your Privacy Matters
Homeland Advisory LLP is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your personal information in compliance with Indian data protection laws.
1. Introduction and Scope
1.1 About This Policy
This Privacy Policy describes our practices regarding:
- Collection of personal data from website visitors and clients
- Use and processing of personal information
- Storage, security, and retention of data
- Sharing of information with third parties
- Your rights regarding your personal data
- Compliance with applicable data protection laws
1.2 Applicable Laws
This Privacy Policy is designed to comply with:
- Digital Personal Data Protection Act, 2023 (DPDP Act)
- Information Technology Act, 2000
- Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011
- Prevention of Money Laundering Act, 2002 (PMLA)
- SEBI regulations regarding client data and confidentiality
- Other applicable Indian laws and regulations
1.3 Data Fiduciary
Homeland Advisory LLP acts as the Data Fiduciary (as defined under the DPDP Act, 2023) for personal data collected through our website and services.
Registered Name: Homeland Advisory LLP
CIN: ACT-2852
PAN: AASFH9717R
TAN: CHEH10405D
Registered Office: Chennai, India
Data Protection Officer Contact: privacy@homelandinvestment.in
2. Definitions
For the purposes of this Privacy Policy:
- "Personal Data" means any data about an individual who is identifiable by or in relation to such data
- "Sensitive Personal Data" includes financial information, biometric data, health data, sexual orientation, and other categories as defined under applicable laws
- "Data Principal" refers to the individual to whom the personal data relates (you)
- "Data Fiduciary" refers to us, who determines the purpose and means of processing personal data
- "Data Processor" refers to any entity that processes personal data on behalf of the Data Fiduciary
- "Processing" means any operation performed on personal data, including collection, storage, use, sharing, or deletion
3. Information We Collect
3.1 Personal Information
We may collect the following categories of personal data:
| Category |
Information Collected |
Purpose |
| Identity Information |
Name, date of birth, gender, PAN, Aadhaar, passport details, photograph |
KYC compliance, account creation, identification |
| Contact Information |
Email address, phone number, residential address, correspondence address |
Communication, service delivery, regulatory reporting |
| Financial Information |
Bank account details, income information, tax status, investment portfolio, transaction history |
Service provision, risk assessment, compliance, payment processing |
| Technical Information |
IP address, browser type, device information, cookies, log files, usage data |
Website functionality, security, analytics, user experience improvement |
| Professional Information |
Employment details, occupation, business information, income sources |
Suitability assessment, KYC, risk profiling |
| Regulatory Information |
Tax residency status, politically exposed person (PEP) status, source of wealth |
PMLA compliance, FATCA/CRS reporting, regulatory obligations |
3.2 Sensitive Personal Data
We may collect sensitive personal data including:
- Financial information and transaction details
- Biometric information (if required for authentication)
- Health-related information (if relevant for insurance-linked products)
Note: Collection of sensitive personal data is done only with your explicit consent and for specific, legitimate purposes.
3.3 Information Collected Automatically
When you visit our website, we automatically collect:
- IP address and geographic location
- Browser type and version
- Operating system and device information
- Pages viewed and time spent on website
- Referring website and exit pages
- Date and time of access
3.4 Cookies and Tracking Technologies
We use cookies and similar technologies to:
- Remember your preferences and settings
- Analyze website traffic and usage patterns
- Improve website functionality and user experience
- Deliver personalized content (where permitted)
- Enhance security and prevent fraud
Cookie Management: You can control cookies through your browser settings. Note that disabling cookies may affect website functionality.
4. How We Collect Information
4.1 Direct Collection
We collect information directly from you when you:
- Register on our website or create an account
- Submit inquiry or contact forms
- Apply for our services
- Complete KYC documentation
- Enter into service agreements
- Communicate with us via email, phone, or other channels
- Subscribe to newsletters or updates
4.2 Automated Collection
Information is collected automatically through:
- Website analytics tools (Google Analytics, etc.)
- Cookies and web beacons
- Server logs and access logs
- Security monitoring systems
4.3 Third-Party Sources
We may receive information from:
- KYC registration agencies (KRAs) and CERSAI
- Credit bureaus and financial institutions
- Regulatory databases (PAN verification, etc.)
- Publicly available sources (company registries, etc.)
- Service providers and business partners
5. How We Use Your Information
5.1 Lawful Basis for Processing
We process personal data based on:
- Consent: Where you have given explicit consent for specific purposes
- Contractual Necessity: To perform our obligations under service agreements
- Legal Obligation: To comply with regulatory and legal requirements
- Legitimate Interest: For business operations, fraud prevention, and security (balanced against your rights)
5.2 Purposes of Processing
We use your personal data for:
Service Delivery:
- Account creation and management
- Providing investment advisory or other services
- Processing transactions and payments
- Generating reports and statements
- Communicating about services and updates
Compliance and Regulatory:
- KYC and customer due diligence
- PMLA and anti-money laundering compliance
- SEBI reporting and regulatory filings
- Tax reporting (TDS, Form 26AS, etc.)
- FATCA and CRS compliance
- Record-keeping as per regulatory requirements
Risk Management:
- Assessing suitability and appropriateness
- Conducting risk profiling
- Detecting and preventing fraud
- Monitoring for suspicious activities
Business Operations:
- Improving our services and website
- Conducting research and analytics
- Managing client relationships
- Internal audits and quality control
- Protecting our legal rights and interests
Marketing and Communication (with consent):
- Sending newsletters and updates
- Providing educational content
- Informing about new services or features
6. Sharing and Disclosure of Information
6.1 When We Share Information
We may share your personal data with:
Regulatory and Government Authorities:
- Securities and Exchange Board of India (SEBI)
- Reserve Bank of India (RBI)
- Financial Intelligence Unit (FIU-IND)
- Income Tax Department
- Law enforcement agencies
- Courts and tribunals (pursuant to legal orders)
Service Providers and Processors:
- Payment gateways and banks
- IT service providers and cloud hosting
- KYC service providers and KRAs
- Email and communication service providers
- Analytics and data processing vendors
- Professional advisors (lawyers, auditors, consultants)
Business Partners:
- Stock exchanges and depositories
- Custodians and fund managers
- Other financial institutions (with your consent)
6.2 Cross-Border Transfer
If we transfer personal data outside India, we ensure:
- Transfers are to countries approved by the Government of India
- Adequate safeguards are in place (standard contractual clauses, etc.)
- Compliance with DPDP Act and IT Act requirements
- Your explicit consent is obtained (where required)
6.3 No Sale of Personal Data
We do NOT sell, rent, or trade your personal data to third parties for marketing purposes.
7. Data Security and Protection
7.1 Security Measures
We implement reasonable security practices and procedures including:
- Technical Measures: Encryption (SSL/TLS), firewalls, intrusion detection, secure servers, regular security audits
- Administrative Measures: Access controls, background verification of employees, confidentiality agreements, regular training
- Physical Measures: Secure facilities, restricted access, surveillance systems
- Organizational Measures: Data protection policies, incident response plans, business continuity planning
7.2 Data Retention
We retain personal data:
- For as long as necessary to fulfill the purposes for which it was collected
- As required by regulatory obligations (typically 5-10 years for financial records)
- Until you exercise your right to erasure (subject to legal exceptions)
7.3 Data Breach Notification
In case of a data breach that may affect your rights:
- We will notify you and the Data Protection Board of India as required
- We will take immediate remedial measures
- We will provide guidance on protective actions you can take
8. Your Rights as Data Principal
Under the Digital Personal Data Protection Act, 2023, you have the following rights:
8.1 Right to Access
You have the right to:
- Obtain confirmation about whether we are processing your personal data
- Access your personal data in our possession
- Receive a copy of your personal data
- Know the purposes and legal basis for processing
8.2 Right to Correction
You can request correction of:
- Inaccurate or incomplete personal data
- Outdated information
- Errors in data records
8.3 Right to Erasure
You may request deletion of your personal data if:
- It is no longer necessary for the purposes collected
- You withdraw consent (where processing is based on consent)
- Processing is no longer lawful
Note: This right is subject to our legal and regulatory obligations to retain data.
8.4 Right to Data Portability
You may request:
- Your personal data in a structured, commonly used format
- Transfer of data to another data fiduciary (where technically feasible)
8.5 Right to Withdraw Consent
Where processing is based on consent:
- You may withdraw consent at any time
- Withdrawal does not affect lawfulness of prior processing
- We will cease processing (except where required by law)
8.6 Right to Grievance Redressal
You have the right to:
- File complaints with our Data Protection Officer
- Escalate to the Data Protection Board of India
- Seek compensation for damages arising from data breaches
8.7 Exercising Your Rights
To exercise any of these rights, contact us at:
Email: privacy@homelandinvestment.in
Subject Line: "Data Subject Rights Request"
Response Time: We will respond within 30 days of verification
9. Children's Privacy
Our services are not intended for individuals below 18 years of age. We do not knowingly collect personal data from minors without parental or guardian consent. If we become aware of such collection, we will delete the information immediately.
10. Third-Party Links and Services
Our website may contain links to third-party websites or services. We are not responsible for:
- Privacy practices of third-party sites
- Content or security of external websites
- Data collected by third parties
We encourage you to review privacy policies of any third-party sites you visit.
11. Updates to This Privacy Policy
We may update this Privacy Policy periodically to reflect:
- Changes in laws or regulations
- New services or features
- Improvements in data protection practices
- Feedback from stakeholders or regulators
Material changes will be notified through:
- Website notification
- Email communication
- Updated "Last Updated" date at the top of this policy
Your continued use of our services after changes indicates acceptance of the updated policy.
12. Grievance Officer and Contact Information
12.1 Data Protection Officer
For privacy-related queries, concerns, or complaints:
Name: [Please insert DPO name]
Designation: Data Protection Officer
Email: privacy@homelandinvestment.in
Phone: +91 7603889498
Address: Chennai, India
Working Hours: Monday to Friday, 10:00 AM to 6:00 PM IST
12.2 Complaint Resolution Process
- Step 1: Submit written complaint with details
- Step 2: Acknowledgment within 3 working days
- Step 3: Investigation and resolution within 30 days
- Step 4: If unresolved, escalate to Data Protection Board of India
12.3 Data Protection Board of India
If you are not satisfied with our resolution, you may file a complaint with the Data Protection Board of India as per the DPDP Act, 2023.
Website: [To be notified by Government of India]
13. Consent and Acknowledgment
Your Consent
By using our website and services, you:
- Acknowledge that you have read and understood this Privacy Policy
- Consent to the collection, use, storage, and sharing of your personal data as described
- Agree to comply with applicable laws regarding data protection
- Understand your rights as a Data Principal
Regulatory Compliance: Homeland Advisory LLP (CIN: ACT-2852) is committed to protecting your personal data in accordance with the Digital Personal Data Protection Act, 2023, Information Technology Act, 2000, and all other applicable Indian laws and regulations.
For Legal and Regulatory Information:
SEBI: www.sebi.gov.in
Ministry of Electronics & IT: www.meity.gov.in
Investor Education: investor.sebi.gov.in