Privacy Policy - Valueattics Re

A. Introduction

Valueattics Reinsurance Limited ("VRL," "we," or "us") is committed to complying with data protection laws. This Privacy Policy describes how VRL collects, uses, shares, and protects your personal and non-personal confidential information when we provide our reinsurance services. It also explains your rights regarding the use, access, and correction of your personal information. Personal information refers to data, or a combination of data, that can reasonably identify you.

VRL primarily operates as a “Reinsurer.” In most instances, our clients are insurance companies, also known as “Insurers.” Insurers offer insurance coverage to individuals, businesses, and organizations, who are often referred to as “Insureds.” In certain situations, VRL may also act as an Insurer.

Typically, Insurers and Insureds enter into contracts known as “Policies.” These Insurance Policies can protect the Insured against various types of losses, including loss of life, property damage, health-related issues, and third-party liabilities.

A Reinsurer provides insurance coverage to Insurers in a similar manner to how Insurers provide coverage to Insureds. Reinsurers and Insurers enter into contracts often called Reinsurance Agreements or Treaties. These agreements provide coverage to Insurers against losses, usually related to one or more underlying Policies between the Insurer and its Insured(s). Reinsurers receive premiums from Insurers and pay claims to them.

Reinsurers like VRL may also have their own Reinsurers, known as Retrocessionaires, who provide coverage to the Reinsurer. This process helps distribute the risk of loss across multiple companies, ensuring that funds are available to pay claims, especially during significant loss events.

B. Data Controller responsible for the Processing of your Personal Data

Valueattics Reinsurance Limited,
Pioneer Atlantis, 95, 4th B Cross Road, Koramangala Industrial Layout, 5th Block, Bengaluru 560095.

C. Usage of personal information

When an insurer issues an insurance policy, it collects necessary information about the insured during the underwriting process to evaluate risk. Similarly, VRL, as a reinsurer, requires information about the insured(s) linked to the underlying policy(ies) when entering into reinsurance agreements or treaties. This information, which may include personal data, is transmitted from the insurer to the reinsurer and may also be shared with VRL's retrocessionaires.

As described above, primarily acting as a reinsurer and secondarily as an insurer, VRL processes personal data in furtherance of its legitimate business interests, as a data controller and a party to reinsurance agreements or treaties with insurers or to insurance policies with insureds. This interest is the fulfillment of VRL’s contractual obligations to the insurer who, in turn, has its own contractual obligations to the insured (or directly to the insured when VRL is acting as an insurer in certain cases). VRL’s processing of such personal data as a reinsurer is therefore in the interests of both the insurer and the underlying insured.

Furthermore, VRL, as a reinsurer regulated under Indian law by the Insurance Regulatory and Development Authority of India (IRDAI), is required by law to process certain personal data for the purpose of establishing reserves and capital requirements, paying claims in a timely manner, and otherwise complying with all applicable laws and regulations relating to its business as a reinsurer.

In its reinsurance activities, VRL engages in various exchanges of information, including letters, emails, contractual reporting, and other similar activities that may involve personal data related to insured(s) or business-related personal data of employees of insurers, reinsurers, retrocessionaires, other clients, or third parties.

Additionally, VRL collects personal data concerning its employees, contractors, interns, and other workers during their professional relationship. VRL also receives personal data from prospective workers through CVs, resumes, letters of interest, and other documentation.

VRL needs this information to assess risks, provide insurance or reinsurance coverage, and manage its products and services. This privacy notice applies to any individual whose personal information we process in the course of providing our services (each a "data subject/data principal" or "you"). We may be legally required to collect certain personal data or it may be necessary due to our contractual relationship with you. Not providing this information could hinder or delay the fulfillment of these obligations.

I. Types of Information collected and stored

The types of Personal Information and Sensitive Personal Data We collect and hold depend on our interactions and relationship with You. We gather personal data about insurance customers, Our Employees and Contractors (including job applicants), and contact details of individuals from our business partners, suppliers, and service providers. This Personal Information and Sensitive Personal Data may include, but is not limited to:

a. Personal Details: Your name, age, gender, date of birth, photos, marital status, nationality, height, weight, Aadhar number, hobbies, and interests.
b. Identification and Criminal Data: Your government-issued ID, driver's license, Aadhar Number (or local equivalent), driving record, and criminal record (only where legally permissible).
c. Contact Information: Your address, phone numbers, and email address.
d. Family and Home Information: Your family's health history, number of children, names, ages, and genders of children, dwelling type, household income, home valuation, and household demographics.
e. Employment and Experience Information: Your employment history, job role, salary, employment benefits, educational background, and professional licenses and qualifications.
f. Financial Information: Details about your bank account, annual income, investments/savings, PAN Card (or any local equivalent Tax ID), credit history, and transaction history.
g. Business-Related Information: Information related to underwriting insurance products and managing insurance claims, such as previous insurance records and claims histories, and details about your business dealings with us.
h. Network Security and Website Performance: Information to enhance our network security and website performance.
i. Legal and Regulatory Activities: Any activities required under applicable laws and regulations.

From the data we collect about you, we may also derive or generate additional information, such as risk ratings. Some of this information is generated through profiling.

II. Sensitive personal information.

Few data we gather are categorized as "sensitive personal information” like:

a. Your health records (such as medical history, genetic test results and information, prescription history, death certificates, and medical diagnosis, tests, and treatment reports)

b. Biometric data (photo ID, fingerprints, and voiceprints)

c. Your family medical history

d. Information about your personal characteristics and sensitive circumstances, such as racial or ethnic origin, sexual orientation, sex life, mental and physical health, and genetic information

e. Your membership in a professional association or trade union

f. We may also collect information about criminal convictions or offenses where permitted by law.

III. Sources of the Information collection:

We collect personal information from you when when you voluntarily provide it

Data is usually provided to VRL pursuant to contracts between VRL and the Insurers. We may also obtain your personal information from various sources:

a. From other reinsurers and retrocessionaires

b. From third-party claims handlers involved in a claim or assisting us in investigating or processing claims, including witnesses and external claims data collectors and verifiers

c. From our business partners who help us provide insurance products

d. From public sources, such as public databases (where allowed by law)

e. From cover-holders, insurance brokers, or other intermediaries

f. From third-party evidence providers

g. From healthcare service providers

h. From financial institutions

i. From pension processing platforms

j. From individuals you may be associated with (e.g., joint account holders, company employees or directors, family members, etc.)

Occasionally, we may collect your personal information from third parties, particularly from authorized, regulatory, public sources such as government regulators, industry self-regulatory bodies, and other publicly available records. This is most common when we are fulfilling our legal obligations regarding money laundering and other financial crimes.

Additional information may be collected through various surveys you agree to participate in or when you provide feedback on our products or services; when you register to receive news or public policy updates; or when you apply for a job through our website. If you do not provide your information or consent to the use of your personal information, or if you later withdraw your consent, we reserve the right to discontinue or cancel the insurance policy/services for which the information was required.

D. Our Processing of Personal Data

a. Management of the client relationship - VRL collects Personal Data for the purpose of identifying its professional contacts with its clients, partners or prospects. For this process, VRL only collects professional data that are necessary to identify and contact its clients, partners or prospects in order to manage its business.

b. Provision of Reinsurance / Insurance Coverage - VRL processes Personal Data for the purpose of identifying, evaluating, underwriting, reserving and making claims payments relating to specific underlying Insureds or to Insureds. Profiling for the purpose of Underwriting, In this regard, underwriting means that VRL may review Personal Data concerning a person- such as age, height, weight, occupation, gender, medical history, hobbies or recreational activities, personal habits affecting health such as smoking cigarettes - in order to make a determination as to the risk of mortality (risk of dying) or morbidity (risk of sickness or health problems). When VRL is acting as a Reinsurer, the results of this underwriting may be passed on to the Insurer who in turn may utilize the information in deciding whether to issue life or health insurance and at what price.

c. Obtaining Reinsurance Coverage - As described above, data is usually provided to VRL pursuant to contracts between VRL and the Insurers. In a similar manner, VRL may provide the same type of Personal Data to its Retrocessionaires, again pursuant to contractual agreements between them. VRL may purchase its own reinsurance coverage from Retrocessionaires. In this regard, VRL may provide information to its Retrocessionaires that is similar to the information provided to VRL by Insurers.

d. Financial Calculations - VRL is required to evaluate its business and to perform a variety of calculations based on such evaluations. These include establishing reserves for the payment of present or future claims and establishing the capital needed to operate VRL's business.

e. Statistical Analysis and Studies - Both in conjunction with the required financial calculations described above as well as VRL's own understanding of its business needs, VRL may conduct studies of the loss experience of its business in the past. These studies help VRL make projections into the future.

f. Scientific Research and Development - VRL may process Personal Data for experience analysis or scientific research to develop and improve its tools and processes in order to enhance its services.

g. Fraud Monitoring and Prevention - VRL regularly reviews certain aspects of Personal Data, such as names, dates of birth, addresses and countries of residence to monitor and prevent insurance fraud. This process helps VRL ensure that it and its clients do not engage in any business transactions, or enable any business transactions, that are part of any fraudulent scheme.

h. Communication, Marketing and Training - VRL may send professional letters, emails or other correspondence and communications, provide trainings to the employees of its business clients, prospective clients, brokers, or other individuals with whom it does business or who may be involved in one or more business transactions with VRL. Similarly, VRL may send newsletters, notices and similar information to individuals in the reinsurance and insurance industry.

i. Screening and Review - VRL regularly screens certain aspects of Personal Data, such as names, dates of birth, addresses and countries of residence against lists provided by governments or organizations relating to sanctions, embargoes, money laundering, politically exposed persons and other similar subjects. VRL may also undertake a review and evaluation of transactions or proposed transactions to determine whether there is or may be money laundering or terrorism activity. This process helps VRL ensure that it does not engage in any business transactions, or enable any business transactions, with regard to any sanctioned individuals or legal entities.

j. Know Your Customer - VRL is a regulated company with the IRDAI. VRL collects Personal Data to perform due diligences and perform checks to comply with Know Your Customer (“KYC”) regulatory requirements.

k. Record of the telephone conversations - VRL records telephone conversations with the personnel likely to receive, issue or process a market order, in order to keep a record of the transactions they make.

l. Human Resources - VRL collects and processes Personal Data in order to establish an application for a specific job advertisement or as an unsolicited application, in particular, for the following purposes: checking and assessing suitability for the position to be filled, performance and behavioural evaluations to the extent allowed by applicable law, if necessary for registration and authentication for application via VRL’s website, if necessary for drawing up any employment contract.

m. Audit - VRL processes Personal Data to conduct audits to ensure compliance with internal policies and regulatory requirements. This involves reviewing and verifying the accuracy and completeness of records, assessing the effectiveness of internal controls, and ensuring that all business activities are conducted in accordance with applicable laws and regulations.

n. Comply with legal obligations and to cooperate with regulatory bodies - VRL processes Personal Data to comply with applicable laws, regulations, and to cooperate with regulatory bodies. This includes responding to requests from regulatory authorities, providing necessary documentation and information, and ensuring that all legal and regulatory requirements are met.

o. General business purposes - VRL processes Personal Data for general business purposes, including but not limited to business planning, strategy development, and corporate governance. This helps VRL to make informed business decisions, develop effective strategies, and ensure that the company operates efficiently and effectively.

p. Platform analytics including but not limited to traffic monitoring - VRL processes Personal Data for platform analytics, including monitoring traffic and usage patterns to improve services. This involves collecting and analyzing data on how users interact with VRL's platforms, identifying trends and patterns, and using this information to enhance the user experience and optimize the performance of VRL's services.

q. Carrying out of outsourced activities as permitted under the IRDAI guidelines - VRL processes Personal Data to carry out outsourced activities in compliance with the IRDAI guidelines. This includes engaging third-party service providers to perform certain functions on behalf of VRL, ensuring that these activities are conducted in accordance with regulatory requirements and maintaining the confidentiality and security of Personal Data.

r. To comply with The Digital Personal Data Protection Act, 2023 and underlying rules - VRL processes Personal Data to ensure compliance with The Digital Personal Data Protection Act, 2023 and its underlying rules. This involves implementing appropriate measures to protect Personal Data, ensuring transparency in data processing activities, and providing individuals with the rights and protections afforded to them under the Act.

We must have a legal basis to process your personal information. In most cases the legal basis will be one of the following:

If it is necessary that we process your sensitive personal information for one of the purposes listed above, we will only do so where one of the following applies:

a. We have obtained your explicit consent

b. We need to process your sensitive personal information to establish, exercise or defend a legal claim

c. We need to process your sensitive personal information for reasons of substantial public interest, for example to prevent or detect unlawful acts or fraud or for an insurance purpose

d. We are otherwise authorised by local law to process your sensitive personal information.

We may obtain your consent to collect and use certain types of personal information when we are required to do so by law (for example, in relation to our direct marketing activities, cookies and tracking technologies or when we process sensitive personal information). If we ask for your consent to process your personal information, you may withdraw your consent at any time by contacting us using the details at the end of this Privacy Notice.

Artificial Intelligence

Artificial Intelligence is an umbrella term for a range of technologies that replace manual processes and solve complex tasks by carrying out functions that previously required human action or input. Certain tasks are increasingly being supported by AI. AI can be used for a number of different functions, for example, grouping data (identifying common characteristics or properties), classifying or labelling data, or using data to come to or recommend a decision or determine an action.

'Generative AI' is a particular type of AI involving systems or models that are capable of creating new content (based on the data that they have been trained on) when given an instruction or input prompt by the user. The difference between generative AI and other AI technologies is that generative AI creates or generates 'net-new' outputs, which could be text or graphics. Generative AI analyses the data that it has been trained on (using machine learning algorithms) in order to create something entirely new based on the instruction that it has been given and its analysis, mimicking human creativity and intelligence.

We may use AI systems and tools (including generative AI) to support our activities and for different purposes which we explain in more detail below.

I. Business process improvement and efficiency, information security
We use AI to improve our business processes with a particular focus on simplifying complex processes, ensuring consistent standards and driving efficiencies. For example, we use AI to help triage, organise and compile documents, extract data for entry into the relevant systems and translate or summarise text. We also use AI to support our business management and development initiatives with activities such as idea generation and trends prediction, the creation of content and for research tasks, including internal and external communications. We also use AI to support our information security practices (for example, by automatically detecting potential data loss).

II. Training AI
We may use personal information (for example where it is not possible to use anonymised data) as part of the development and training phase of an AI solution to be used in the provision of our insurance services. Where we use personal information for such training the lawful basis we will rely on is that it is necessary for the purposes of our legitimate interest in using an AI tool to assist in improving the efficiency and accuracy of our services, managing our business efficiently and maintaining accurate records.

When we process personal information on the basis that we have a legitimate interest to do so, we always balance this against your fundamental rights and freedoms and put in place robust safeguards to ensure that your privacy is protected.

E. Your rights over your personal information

You have certain rights regarding your personal information, subject to local law. These include the following rights to:

a. access your personal information

b. rectify the information we hold about you

c. erase your personal information

d. restrict our use of your personal information

e. object to our use of your personal information

f. receive your personal information in a usable electronic format and transmit it to a third party (right to data portability)

g. lodge a complaint with your local data protection authority.

If you would like to discuss or exercise such rights, please contact us at the details below. We will contact you if we need additional information from you in order to honour your requests.

If you make such a request, VRL will investigate and, if appropriate, cease processing of your Personal Data or, if applicable, restrict processing of your Personal Data, promptly. However, under applicable law and VRL's contractual obligations, your objection and/or request for restriction does not automatically mean that VRL is required to stop processing your Personal Data, or that VRL must delete it or restrict its processing of it.

F. Automated decisions about you

The way we analyse personal information for the purposes of e.g. risk assessment or fraud prevention may involve profiling, which means that we may process your personal information using software that is able to evaluate your personal aspects and predict risks or outcomes. We may also use profiling, or otherwise employ solely automated means, to make decisions about you that relate to the basis on which we provide insurance to you. This is known as "automated decision-making" and is only permitted when we have a legal basis for this type of decision-making.

We may make automated decisions about you:

a. Where such decisions are necessary for entering into a contract. For example, we may decide not to offer insurance to you, or we may decide on the types of insurance that are suitable for you, or how much to charge you for our products based on your credit history and other financial information we have collected about you

b. Where such decisions are required or authorised by law, for example for fraud prevention purposes

c. Where you give your consent to us carrying out automated decision-making.

Subject to local legal requirements and limitations, you can contact us to request further information about automated decision-making, object to our use of automated decision-making, or request an automated decision to be reviewed by a human being.

G. Information Sharing

We may share your personal information with third parties under the following circumstances:

a. Group Companies - We operate as a global business, so we may share Your personal information with group companies for the purposes described in this privacy notice. However, the VRL assures that any personal information received from insurers will only be used for reinsurance processing purposes. We do not share this information with Go Digit General Insurance Limited or Go Digit Life Insurance Limited that compete with cedant Insurer's primary business. Our intention is solely to process data for reinsurance purposes and to maintain the confidentiality and trust of our cedant Insurers.

b. Insurance companies, cover-holders, intermediaries, financial institutions, retrocessionaires and business partners. We may share your personal information with insurance companies, intermediaries, financial institutions, retrocessionaires and business partners that use your personal information in connection with the provision of insurance and processing of claims. For example, we may share your personal information with other reinsurance businesses for the purposes of settling claims.

c. Service providers - We may share your personal information with service providers that perform services and other business operations for us, for example, IT and analytics providers, actuarial service entities, auditors and advisers.

d. Law enforcement and regulatory agencies - Any law enforcement agency, court, regulator, government authority or professional body. We may share your personal information with these parties where we believe this is necessary to comply with a legal or regulatory obligation, or otherwise to protect our rights or the rights of any third party.

H. Confidentiality, Information Security and Storage

We implement technical and organisational measures to ensure a level of security appropriate to the risk to the personal information we process. These measures are aimed at ensuring the on-going integrity and confidentiality of personal information. We evaluate these measures on a regular basis to ensure the security of the processing.

We will keep your personal information for as long as we have a relationship with you, and for a period thereafter, in line with our Records Management Policy.

Any Personal Information which has been shared by you or obtained by us during the course of your interaction with the website or provision of service to cedants shall be subject our internal security and protective protocols which are commensurate with the commercial standards. We take reasonable precautions to protect your information from unauthorized access, unauthorized alteration, unauthorized disclosure, or unauthorized destruction. We store the information primarily in an electronic format and any conversion of such data from electronic format to paper is done on a necessity basis. We store your information for a duration and in a manner which is according to the appliable regulatory requirements. VRL shall retain your personal Information for as long as required to provide you with services or otherwise required under the law. During the usual course of business, your Information is accessed by our employees, officers, and other representatives on a need-to-know basis.

We provide Reinsurance services to cedants for health and life reinsurance coverage for which certain data has to be shared with medical professionals and their representatives. Such data may have to be obtained by us. In such an event, we may store and process your data (including medical information) in order to comply with the applicable laws and regulations.

We shall not be responsible for the confidentiality, security, and processing of your information by any third-parties or partners outside the ambit of this Privacy Policy. You shall not hold us responsible and liable for any breach of security, actions, or omissions of any third parties including without limitation any Force Majeure events.

I. Additional terms for Website

1. Introduction

This section of policy outlines how VRL collects, uses, and protects any personal information that you provide when using our website.

As a general rule, this website does not collect Personal Information about you when you visit the site. You can generally visit the site without revealing Personal Information, unless you choose to provide such information.

“Website” - refers to www.valueattics.com website.

2. Scope

a. Details how user data collected through the website is stored, processed, and protected.

b. Ensures compliance with relevant data protection regulations.

3. Site Visit Data

i. Collection of Personal Information

If you are asked for any other Personal Information, you will be informed how it will be used if you choose to give it. If at any time you believe the principles referred to in this privacy statement have not been followed, or have any other comments on these principles, please notify at below referred contact details (Refer “Contact Us” section).

Note: The use of the term "Personal Information" in this privacy statement refers to any information from which your identity is apparent or can be reasonably ascertained.

ii. Third Party URLs & Platforms

The Platform may redirect you to third-party owned and operated links. Any information accessed and/or provided to such third-party owned platforms shall not come under the ambit of this Privacy Policy and we shall not be held liable, neither directly nor indirectly, for any detrimental outcome arising out of such data sharing. Any and all information provided and/or accessed by such third-party platforms shall remain under the total control and responsibility of such third-party platforms and shall be governed by their privacy policies and guidelines. You agree to not make us a part of, and to not hold us liable, in any capacity, for any grievances and complaints arising out of or in connection with such data.

Please note that VRL is not responsible for the privacy practices or content of these external websites. We encourage you to review the privacy policies of any third-party websites you visit.

iii. Changes to This Privacy Policy:

VRL reserves the right to update or modify this Privacy Policy at any time without prior notice. Any changes will be posted on this page, and your continued use of the website after such changes signifies your acceptance of the updated terms.

4. Data Minimization and Purpose Limitation

VRL shall only collect and process personal data that is adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed.

VRL shall not use the personal data for any purpose other than the specific purpose for which it was collected unless:

i. The individual has provided explicit consent for a new purpose; or

ii. The use is permitted or required under applicable law.

iii. Where personal data is used for research, statistical or archival purposes, such use shall be subject to adequate safeguards including anonymisation or pseudonymisation, where applicable.

5. Information Technology

a. As a part of operating the website, we may gather certain information automatically and store it. This information may include internet protocol (IP) addresses and other ancillary technical data. This data, may be used to analyse trends, identify patterns and other web analytics. This information is not shared with third parties, except for service providers which may be contractually engaged with VRL.

b. The website may store small text files called Cookies in your device in order to enable various features. These are used to store user preferences and trends to improve user/viewer experience. You have the option to change your Browser settings to accept or not accept Cookies (depending on the make and version of your browser) and depending on whether you agree to our use of any information collected by us through that Cookie. Any such information collected will only be used for improving the Platform experience.

c. IP addresses and other ancillary data help us customise your visit to our Platform since they are tied to information such as demographic data, browser versions, operating system version, ISP etc. We confirm that this information is not shared with third parties for their promotional purposes, except as provided under Disclosure of Information clause.

6. Permitted Use:

You are not permitted to use the website and any existing or future portals, links, pages, sections, and features and/or data, its underlying programs (including application programming interfaces (“APIs”)), domain names, Uniform Resource Locators (“URLs”), databases, functions, or its content other than for private, non-commercial purposes. Use of any automated system or software, whether operated by a third party or otherwise, to extract any data from the website or use any feature for commercial or private purposes (“screen / data scraping”) is strictly prohibited and shall be actionable as per applicable law.

J. Limitation of liability:

VRL, its employees, directors, officers, associates, representatives, vendors or persons employed, whether full-time or part-time basis, contractual or otherwise shall not be liable to you under any circumstances for any direct, indirect, consequential, incidental, special, punitive or exemplary damages or damages of any kind arising out of or in connection with accessing, visiting, navigating, interacting and/or using the website or any links therein including, without limitation, the inability to use or access the website, any transactions executed, bugs, malware, viruses, errors, malfunctions, defective outputs, faulty delivery, whether or not any of the above results in pecuniary losses, destruction of property, loss of profits or losses of any kind. The above limitation of liability shall also explicitly extend to any damages resulting from failure, incompleteness or erroneous transactions, downtime, suspension or termination of the website, even in the event such downtime, suspension or termination is negligent, unlawful, inadvertent, or unjustified.

In the event where this limitation of liability is not permitted under the applicable law, in no event shall VRL liability for all damages and liabilities of all kinds, exceed the amount paid by you to us during the cause of action.

K. Responsible Disclosure Guidelines

Company is committed to addressing all reported vulnerabilities in a timely manner. Discloser is requested to:

a. Avoid exploiting the vulnerability for malicious purposes or personal gain.

b. Refrain from sharing the vulnerability details with others.

c. Ensure that testing does not compromise the privacy, data, or experience of other users/visitors.

d. Ensure that testing does not damage or affect Company's systems hence, please avoid any automat.

It must be noted that the Company retains the right to legal recourse if the identified vulnerabilities are exploited for unlawful gains or getting access to restricted customer or system information or impacting our systems in any way.

Recognition in Company's Hall of Fame/other recognitions.

When a legitimate vulnerability is reported to the Company responsibly, in accordance with this policy, the Company may:

a. acknowledge discloser's report and work to resolve the issue promptly.

b. mention discloser's name in the Hall of Fame in recognition of his/her efforts.

Please note as of now there is no monetary reward for any disclosure.

L. Miscellaneous:

The provisions hereof are severable. if any part term or provision hereof shall be held illegal, unenforceable or in conflict with any law of central, state or local government having jurisdiction over this Privacy Policy, the validity of the remaining portion or portions shall not be affected there by. Any valid or unenforceable provision here of shall be replaced with a provision, which is valid and enforceable provision.

In accordance with the applicable laws and regulations, not all products, features and/or services shown on the Platform may be available in all jurisdictions. You shall be responsible for compliance with local laws and regulations whilst accessing and interacting with the Platform.

This Privacy Policy shall be governed by and interpreted in accordance with the laws of India and all disputes shall be subject to the exclusive jurisdiction to the courts of Bengaluru, Karnataka.

All information displayed on the Platform are on “AS IS” basis. VRL does not warrant or guarantee the completeness, accuracy reliability, or content of the information and VRL, at its sole discretion, is free and at liberty to change the information as required under its business processes.

Waiver by VRL of any default/infringement by you shall not be deemed a waiver of any other default/infringement.

VRL reserves the absolute right to take all actions it considers necessary against all parties howsoever involved in the unauthorised use of its website and without notice, in order to vindicate its rights and prevent such unauthorised use, including using blocking technology and/or issuing legal proceedings.

VRL reserves the absolute right to take all actions it considers necessary against all parties howsoever involved in the unauthorized use of its website and without notice, in order to vindicate its rights and prevent such unauthorized use, including using blocking technology and/or issuing legal proceedings.

VRL may amend or modify or novate this Privacy Policy at any time. Notice of material changes to this Privacy Policy will be posted on the Platform. Revised Privacy Policy/amendments thereto shall be effective from the date indicated therein. Users are requested to periodically check the terms and conditions under this Privacy Policy from time to time. VRL shall not in any circumstance be held liable for such lapses on the part of the Users.

M. Contact us:

If you have questions about your rights or concerns regarding the way in which your personal information has been used, please contact our Data Protection Officer Arnik Parmar at dataprivacy@valueattics.com with Mandatory CC arnik.parmar@valueattics.com.

We are committed to working with you to obtain a fair resolution of any complaint or concern about privacy. If, however, you believe that we have not been able to assist with your complaint or concern, you have the right to make a complaint to the data protection authority.

N. Review of the Policy:

This Policy will be reviewed annually by the Board and any modifications or improvements will be accordingly incorporated. Notwithstanding the foregoing, this Policy may be modified during the year by the Managing Director & CEO of the Company, Chief Compliance Officer and Chief Information Security Officer jointly prior to any such annual review and such modifications shall be reported to the Board for ratification. Any changes in the applicable mandatory regulatory provisions shall automatically be treated as part of this Policy.