Legal

Privacy Policy

How MITCON Credensia collects, uses, and protects your personal information.

Last updated:

MITCON Credensia Trusteeship Limited (“we,” “us,” or “our”) respects your privacy and is committed to protecting the personal information you share with us. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or interact with our services.

This Policy is published in compliance with the Information Technology Act, 2000, Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the Digital Personal Data Protection Act, 2023 (DPDPA).

1. Information We Collect

We may collect the following categories of information:

  • Personal information — name, email address, phone number, postal address, designation, and organization details when you contact us, subscribe to updates, or apply for services.
  • Technical information — IP address, browser type, operating system, referring URLs, pages viewed, and time spent on the site.
  • Cookies and tracking — session cookies, analytics cookies, and preference cookies (see our Cookie Policy).
  • Communication records — copies of emails, phone calls, or messages exchanged with us.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • To respond to your enquiries, service requests, or grievances.
  • To provide and improve our trusteeship and related services.
  • To comply with legal, regulatory, and SEBI obligations.
  • To send updates about regulatory developments, circulars, and service announcements (only with your consent).
  • To analyse website traffic and improve user experience.
  • To prevent fraud, secure our systems, and enforce our policies.

We process your personal information based on (a) your consent, (b) the necessity to perform a contract with you, (c) compliance with legal obligations, and (d) our legitimate business interests, where such interests are not overridden by your rights.

4. Sharing of Information

We do not sell your personal information. We may share information with:

  • Regulatory authorities — SEBI, RBI, MCA, courts, and law-enforcement agencies, when legally required.
  • Service providers — technology vendors, auditors, legal advisors, and partners assisting us in delivering services. All such parties are contractually bound to confidentiality.
  • Group companies — entities within the MITCON group, only as needed to provide services.

5. Data Security

We implement reasonable security practices and procedures consistent with ISO/IEC 27001 standards, including encryption in transit (HTTPS), access controls, regular security audits, and employee training. However, no transmission over the internet can be guaranteed 100% secure, and we encourage you to take precautions when sharing sensitive information.

6. Data Retention

We retain personal information only as long as necessary to fulfil the purposes outlined in this Policy or as required by law. Records relating to SEBI-regulated services are retained in accordance with applicable retention requirements (typically 5 to 8 years).

7. Your Rights Under DPDPA

Under the Digital Personal Data Protection Act, 2023, you have the right to:

  • Access information about the personal data we process.
  • Request correction or update of inaccurate or incomplete data.
  • Request erasure of your data, subject to legal retention requirements.
  • Withdraw your consent at any time (where processing is based on consent).
  • File a grievance with our Data Protection Officer (details below).
  • File a complaint with the Data Protection Board of India.

8. Cookies

Our website uses cookies and similar technologies to enhance your browsing experience. For details, see our Cookie Policy. You can disable cookies in your browser settings, though some site features may not function properly.

Our website may contain links to third-party websites (such as SEBI portals, social media, or partner sites). We are not responsible for the privacy practices of these external sites. Please review their privacy policies before sharing personal information.

10. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe we have collected information from a minor, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. The “Last updated” date at the top of this page indicates when the Policy was last revised. We encourage you to review it regularly.

12. Grievance & Data Protection Officer

For any privacy-related concerns or to exercise your rights under DPDPA, please contact our Grievance Officer:

Grievance Officer
MITCON Credensia Trusteeship Limited
Pune, Maharashtra, India
Email: contact@mitconcredentia.in
Phone: +91-20-0000-0000

We aim to acknowledge all grievances within 3 working days and resolve them within 30 days, in accordance with applicable law.