Privacy Policy

This Privacy Policy ("Policy") is published in compliance with:

• Section 43A of the Information Technology Act, 2000;
• Regulation 4 of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information) Rules, 2011 (the "SPI Rules");
• Regulation 3(1) of the Information Technology (Intermediaries Guidelines) Rules, 2011.

1. Definitions

For the purpose of this Policy:

• "Company" means Lumiotech Private Limited, a company incorporated under the Companies Act, 2013 having its registered office in New Delhi, India
• "Personal Information" means any information that relates to a natural person, which, either directly or indirectly, in combination with other information available or likely to be available with a body corporate, is capable of identifying such person;
• "Sensitive Personal Information" means personal information as defined under the SPI Rules;
• "Services" means the lumioCapital platform and related services;
• "User" means any person who accesses or uses the Services.

2. Information We Collect

2.1 Personal Information

We collect the following categories of Personal Information:

• Company registration details (CIN, authorized capital, paid-up capital)
• Director and authorized signatory information
• Contact details (email address, phone number, address)
• Shareholder information and records
• Financial information related to shareholding
• Authentication credentials

2.2 Automatically Collected Information

Our systems automatically collect:

• IP address and access logs
• Device and browser information
• Usage patterns and analytics
• Cookies and similar tracking technologies

3. Legal Basis for Processing

We process your information based on:

• Explicit consent provided by you
• Contractual necessity
• Legal obligations under Indian law
• Legitimate business interests

4. Use of Information

By using our Services, you explicitly consent to:

• Processing of share transfers and maintaining statutory records
• Generation of reports and regulatory filings
• Communication regarding service updates and notices
• Compliance with legal and regulatory requirements
• Fraud detection and security enhancement
• Service improvement and user experience optimization

5. Data Storage and Security

We implement security measures as prescribed under:

• ISO/IEC 27001 standards for information security
• The Information Technology Act, 2000
• The SPI Rules

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your Personal Information, we cannot guarantee its absolute security.

6. Disclosure of Information

We may disclose your information to:

• Regulatory authorities (SEBI, ROC, etc.)
• Law enforcement agencies upon lawful request
• Professional advisors and auditors
• Service providers and business partners
• Other users as necessary for share transfers

7. Data Subject Rights

Under applicable law, you have the right to:

• Access your Personal Information
• Correct inaccurate information
• Request deletion (subject to legal requirements)
• Withdraw consent
• File complaints with relevant authorities

8. Limitation of Liability

THE COMPANY SHALL NOT BE LIABLE FOR:

• Any unauthorized access to or alteration of your information
• Any actions or omissions of third parties
• Any direct, indirect, incidental, consequential or punitive damages arising from use of our Services
• Technical or security breaches beyond our reasonable control

9. Changes to Privacy Policy

We reserve the right to modify this Policy at any time. Changes will be effective immediately upon posting on our platform. Your continued use of the Services constitutes acceptance of such changes.

10. Grievance Officer

In accordance with Information Technology Act 2000 and rules made there under, the contact details of the Grievance Officer are provided below: