This Privacy Policy is made effective immediately by: (i) Paasa Inc., a company incorporated in the United State of America having its place of business at 360 S Baywood Avenue, San Jose, CA 952; and (ii) Bruhm Labs Private Limited (subsidiary of Paasa Inc.), a private limited company incorporated under the Companies Act, 2013 having its registered address at 30, Ground Floor, Block-C, Nirvana Courtyard, Sector-50 Gurgaon Haryana-122018, India (“Paasa”, “We”, “Us”).

General 

1. Paasa takes Your (“You”, “Your”, “User”) privacy very seriously and exercises best efforts to protect Your private data/information. Paasa endeavors to provide a secure and reliable environment for using its Platform and Services. Any private information collected by Paasa from You will be used only in accordance with this Privacy Policy and the Terms and Conditions provided hereunder.

   
   

2. This Privacy Policy applies to Paasa’s website as also its mobile/desktop application (“Platform”), and services offered by Paasa in connection with the Platform (“Services”).

   
   

3. This Privacy Policy sets out the manner in which We collect, use, maintain and disclose information collected from the Users of website, mobile/desktop application and/or services connected with it.

   
   

4. You are advised to read the instant privacy policy carefully and provide Your consent only if You agree with the terms of the Policy. By using or by registering Your profile with the Platform and/or by using Services offered in connection with the Platform, You are consenting to the use, collection, transfer, storage, disclosure and other uses of Your information in the manner set out in this Privacy policy. 

   
   

5. By updating, downloading, installing and/or continuing to access/use the Platform, You agree to be bound by any alteration, amendment, addition or modification to this Privacy Policy.

   
   

6. This Privacy Policy does not apply to the practices of third parties that Paasa does not own, control, or manage including but not limited to any third-party websites, services, applications, or businesses (“Third-Party Services”) which You might encounter during the course of using the Platform. Paasa does not take responsibility for the content or privacy policies of those Third-Party Services.

What information may be collected by Paasa

1. Paasa may collect personal information that is capable of identifying You. This may include, but is not limited to the following: Your name, email address, phone number, Personal Account Number (PAN), AADHAR Number, date of birth, residential address, mother/father’s name and demographic information such as nationality, postcode etc. Considering that Paasa is focused towards providing the best wealth management services, we may also collect other personal information including but not limited to: Your salary, other sources of income, assets, liabilities, investment risk assessment data, investment transactions made on the Platform, financial goals and interests, and Platform usage information/activity.

   
   

2. Paasa may also collect and store other information, which may or may not be personal information, whenever You use, access or interact with the Platform and/or use its Services. Such information may include Your mobile or computer’s name, version, the type of device used, Your operating system and version, the unique ID of the mobile device, third-party apps or websites or services that referred You to this Platform, language preferences, location information, IP address, technical information, installation and/or uninstallation event information and other similar information about the User.

How information may be collected by Paasa

1. Paasa may collect information from its Users at various stages from registration/signing up on the Platform by the Users to submission of information by the Users or while the User is accessing/using Services. Paasa collects such information for the fundamental purpose of bettering Paasa’s services and enhancing User experience. 

   
   

2. Paasa collects personal information only if You submit such information to Us or provide access to such information. For example, when You use the facilities or Services connected with the Platform or engage in certain Platform related activities including, but not limited to signing up or creating an account, filing questionnaires/surveys or linking an account through a social media network.

   
   

3. Paasa may also collect personal information You may provide when corresponding with Us via email/telephone. 

   
   

4. Paasa may also collect information using Cookies and other tracking Technologies. These technologies are focused towards user interactions, preferences, and browsing behaviour.

   
   

5. We may also collect Your personal information from third-party sources, such as financial institutions and credit bureaus, to verify User information or to enhance the accuracy of financial services offered by Paasa.

   
   

6. You may also provide Us with access to information which is already publicly available, or becomes publicly available to Us in the future. You understand and acknowledge that any such public information We may collect cannot be accorded the protections of this policy.

   
   

7. You can always refuse to supply personal information, except that it may prevent You from using the Platform, and/or certain features of the Platform and Services. Please note that refusal to supply personal information may also reduce the effectiveness of any investment based/financial recommendation that Paasa might provide to the User. Furthermore, Paasa may not be able to offer any Services in case the User refuses to supply personal information which is fundamental to the KYC (“Know Your Customer”) process.

   
   

8. You may not download, install and/or use the Platform if You do not wish to provide or share personal information and/or other information with Paasa. By providing personal and other information to Paasa, You are agreeing to permit Paasa to use the said information as provided in this Privacy Policy.

How Paasa uses the information collected

Paasa may collect and use Your personal information and other information for business and/or non-commercial purposes. Paasa may use the information for the following purposes:

1. Account management: Paasa may use the information provided by You for verifying Your Identity, processing transactions, maintaining account records, and providing efficient customer support.

   
   

2. Performance and analytics:  Paasa may use the information provided by You for assessing the performance of Your investments, creation/customisation of investment portfolios, and suggesting overall financial strategies.

   
   

3. Security and fraud prevention: Paasa may also access and use the information provided by You for maintaining and enhancing the Platform’s security measures and preventing fraudulent activities.

   
   

4. Feedback and Communication: Paasa may also access and use the information provided by You for understating User behaviour, receiving feedback, providing updates/ inputs for improving User experience on the Platform and in connection with Services, to provide targeted content, promotional offer and for other business and/or non-commercial purposes.

   
   

5. Marketing and personalization: Paasa may also use Your Information for market research purposes, targeted advertising, targeted content delivery, and other business purposes, unless You specifically opt out of such uses.

   
   

6. Legal and Regulatory Compliance: Paasa may also use Your Information for ensuring Legal and Regulatory Compliance. 

   
   

7. Sharing User Information: Paasa does not sell, trade, or rent Your personal information collected by Paasa to third parties except as provided in this Privacy Policy. Paasa may share your information with third parties in the following manner:

   
   

   • Financial Institutions: Paasa may share your personal information with financial institutions in order to facilitate transactions and manage Your accounts. 

     
     

   • Technology Service Providers: Paasa may share Your personal information with third-party technology providers which are engaged to host Paasa’s website, manage Paasa’s IT infrastructure, provide customer support tools, and ensure the smooth operation of the Platform. 

     
     

   • Analytics and Marketing Services: Paasa may share Your information, and other generic information regarding visitors and users with third party analytics/marketing services providers in order to analyze user behavior, optimize services, and improve user experience. Your information may also be shared for targeted advertising and promotional campaigns.

     
     

   • Legal and Compliance Services: Paasa may be required by law or litigation to disclose personal information about the Users. Paasa may also disclose information about the Users if Paasa determines that for national security, law enforcement, or other issues of public importance that disclosure of information is necessary. 

     
     

   • Apart from the above, Paasa may disclose information if it is necessary to enforce the applicable terms of use of the Platform and/or reasonably necessary to protect our rights and property or our officers, stakeholders, employees or agents.

   
   

8. Cookies 

   
   

   • Whenever You access the Platform and/or Services, Paasa may place cookies on Your hard drive for record-keeping purposes to enhance Your experience or sometimes to personalize Your experience. Cookies are small text files that are placed on Your computer’s hard drive by the Platform You visit. Cookies help Paasa to identify information relating to Your activities and retain information relating to Your preferences and history on the Platform.

     
     

   • You may choose to disable cookies by turning off cookie(s) feature on the web browser. However, by disabling this feature, some parts of the Platform may not function properly. This may prevent You from taking full advantage of the Platform and Services.

Encryption standards used by Paasa to protect data in Transit and at Rest/Other Control Measures

1. Paasa follows industry best practices, using open and known principles when transferring and storing Your data. These include the following encryption standards:

   
   

   • Encryption in Transit: Paasa uses protocols like TLS (“Transport Layer Security”) to encrypt data transmitted between the app and Users.

     
     

   • Encryption at Rest: Paasa encrypts sensitive data stored on servers to protect it from any unauthorized access.

   
   

2. Paasa also follows access control measures in order to restrict access to personal data. These include the following: 

   
   

   • User Authentication: Basic authentication mechanisms (such as Usernames and Passwords), often combined with additional layers for enhanced security.

     
     

   • Multi-Factor Authentication (MFA): These mechanisms require Users to provide additional verification factors, such as one-time codes sent to mobile devices, biometric scans (fingerprints or facial recognition), or hardware tokens, to confirm their identity. 

Process for deletion of data

Paasa values Your privacy preferences and provides You with a process for deletion of Your information. You may request Paasa to delete Your information by following the below-mentioned process:

1. User Request Submission: The User submits a request to withdraw consent or delete their personal data/information by sending an email to “sparsh@paasa.co”. Please note that You may not be able to access the Platform/Services offered by Paasa in case the information requested to be deleted is fundamental to the provision of such Services. 

   
   

2. Verification of Identity: Once the User submits a request, We will need to verify the identity of the User making the request to ensure that they are authorized to access and manage the data associated with their account.

   
   

3. Processing the Deletion Request: Once the request and identity verification are complete, We will proceed to delete the personal data associated with the User's account. This includes data stored in their databases, backups, and any third-party systems or services that may have received the data. 

   
   

4. Confirmation of Deletion:  We will provide a confirmation to the User once their personal data has been successfully deleted from the systems.

   
   

5. At the same time, it is made clear while the personal information/data is deleted as per the User's request, We may retain certain non-personal information for legitimate purposes, such as transaction records for accounting and legal/regulatory compliance purposes, provided such data cannot be linked back to individual users.

Retention of data

Paasa will keep personal information of Users for only as long as is necessary for the purpose for which it was collected and as required by the law. At the end of that retention period, Paasa may either delete the information, or anonymize it or pseudonymize it.

Your personal information is deleted or anonymized using the following measures:

1. Data Masking: Replacing sensitive data with non-sensitive equivalents. For example, replacing actual names or identification numbers with pseudonyms or random values.

   
   

2. Aggregation: Combining data points in a way that individual records cannot be identified. For example, reporting data in aggregated form where individual User details are not disclosed.

   
   

3. Generalization: Reducing the precision of data to make it less identifiable. For instance, replacing specific ages with age ranges.

   
   

4. Suppression: Removing specific data fields or values that are considered sensitive or personally identifiable.

Privacy grievances

If You have any grievances or concerns regarding Your Privacy or this Privacy Policy, You may contact Paasa’s Privacy/Grievance Officer by email or post. You may send Your grievances to the email address sparsh@paasa.co  with the subject “Privacy Grievance”. You may also contact the Grievance Officer at the following address:

Mr. Sparsh Sharma

Privacy/Grievance Officer

Email: sparsh@paasa.co

Postal address:
30, Ground Floor, Block-C, Nirvana Courtyard, Sector-50, Gurgaon, Haryana 122018, India

Please be assured that Paasa’s privacy team will review the User complaints internally and thereafter, work with the concerned User to resolve them. 

Changes and updates to this Privacy Policy

1. Paasa may update and revise this Privacy Policy from time to time. Users shall be informed of the revisions/updates to this Privacy Policy via email. Furthermore, the updates Privacy Policy shall be posted here. You are encouraged to periodically check this page to stay informed about changes to this Privacy Policy. 

   
   

2. If You disagree with any of the changes to the Privacy Policy, You may refrain from using or accessing the Platform and Services. Your continued use of the Platform and/or Services following the posting of the revised Policy shall indicate Your acceptance and acknowledgement of the changes and You will be bound by the changed policy.

Last Updated on: 10 August 2024