MLM :

  1. Home
  2. DATA PROTECTION POLICY

ARTICLE I

PREAMBLE & OBJECT

This Data Protection Policy (“Policy”) is hereby formulated pursuant to Section 43A and Section 72A of the Information Technology Act, 2000, read with the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (“SPDI Rules”) and other applicable statutory instruments, to govern the collection, storage, processing, use, transfer, and retention of Personal Data and Sensitive Personal Data or Information (“SPDI”) of any natural person availing services or accessing the FUNDJONE platform (including, but not limited to, website, mobile applications, and affiliated domains)

This Policy shall not be interpreted to impose any obligation or liability not expressly provided herein.

ARTICLE II

DEFINITIONS
  • “Company” shall mean SUPERVISIONSET PRIVATE LIMITED, a private limited company registered under the Companies Act, 2013, and the lawful proprietor and operator of the FUNDJONE platform.
  • “User” or “Data Principal” shall mean any natural person who accesses, uses, registers with, or interacts with the FUNDJONE platform in any capacity.
  • “Personal Data” shall mean any information that relates to a natural person, which, either directly or indirectly, in combination with other information, is capable of identifying such person.
  • “Sensitive Personal Data or Information (SPDI)” shall include, without limitation, financial information, passwords, biometric data, sexual orientation, medical history, and such other information classified as sensitive under applicable law.
  • “Processing” shall mean any operation or set of operations performed upon Personal Data or SPDI, whether or not by automated means.

ARTICLE III

LAWFUL COLLECTION & IMPLIED CONSENT

3.1 The Company shall collect, store, and process Personal Data and SPDI of the User only for such purposes as are necessary, incidental, or ancillary to the lawful functioning of the platform, including but not limited to registration, identity verification, networking structure maintenance, subscription management, and fraud prevention.

3.2 By accessing or using the FUNDJONE platform, the User expressly and irrevocably grants to the Company the right to collect, use, disclose, and retain their Personal Data and SPDI. Such usage shall be deemed as informed consent in accordance with Rule 5(1) of the SPDI Rules.

3.3 The Company shall be under no obligation to obtain separate or additional consent unless expressly required by a statutory authority.

ARTICLE IV

PURPOSE OF PROCESSING

The User’s data may be processed for, inter alia:

  • Account creation, authentication, and secure access to the platform.
  • Crowdfunding, subscription management, and networking tree administration.
  • Downline fund handling and passive ID maintenance.
  • Compliance with applicable KYC/AML/CFT norms.
  • Marketing, retargeting, analytics, and internal research.
  • Administrative correspondence and policy updates.

The Company may, at its sole discretion, amend, expand, or restrict the stated purposes at any time without notice.

ARTICLE V

DATA DISCLOSURE & THIRD PARTY SHARING

5.1 The Company reserves an absolute and non-negotiable right to disclose Personal Data or SPDI:

  • To internal departments, franchisees, agents, or representatives engaged by the Company.
  • To financial institutions, regulatory bodies, enforcement authorities, or judicial agencies upon any lawful demand.
  • To vendors, hosting providers, data processors, or technology partners under binding non-disclosure obligations.

5.2 The Company shall not be liable for any loss or damage suffered by the User due to authorized disclosures or sharing under this Article.

ARTICLE VI

USER RIGHTS – CONDITIONAL & LIMITED

6.1 The Company may, subject to its internal discretion and data security obligations, permit the User:

  • To request access to Personal Data stored by the Company.
  • To request rectification of inaccurate data.
  • To request deletion or withdrawal of consent for processing of SPDI.

6.2 All such rights shall be subordinate to the overriding legal obligations, platform functionality, fraud mitigation, and business continuity interests of the Company.

ARTICLE VII

DATA RETENTION & ERASURE

7.1 The Company shall retain data for such duration as may be necessary to serve its commercial, operational, legal, and archival purposes, including post-deletion scenarios.

7.2 Notwithstanding any User request, the Company shall retain transactional and SPDI data for a minimum statutory period of eight (8) years or as required under applicable law.

7.3 The Company reserves the right to pseudonymize or anonymize data for research and analytical usage even after termination of the User relationship.

ARTICLE VIII

SECURITY PRACTICES & PROCEDURES

8.1 The Company hereby declares that it has implemented, and shall continue to maintain, Reasonable Security Practices as defined under Rule 8 of the SPDI Rules, including but not limited to:

  • Secure socket layer encryption.
  • Regular system audits
  • Role-based access restrictions
  • Password protection and token-based access
  • Periodic penetration testing.

8.2 The Company shall not be held responsible for breaches resulting from acts of third parties, cyber attacks, or User negligence.

ARTICLE IX

CROSS-JURISDICTIONAL OPERATIONS

The Company may, without restriction, transfer or process data in jurisdictions outside Bharat, subject to adoption of equivalent or higher safeguards. No User shall claim territorial limitations on such transfers.

ARTICLE X

GRIEVANCE REDRESSAL MECHANISM

In accordance with Rule 5(9) of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, the Company shall designate an internal officer as the Grievance Redressal Authority to address and resolve grievances related to Personal Data and SPDI.

The identity, contact details, and method of access to such officer shall be made available to Users via the official communication channels of the platform from time to time and shall remain subject to internal administrative policies and rotation.

  • All grievances must be formally submitted through the official communication interface provided on the FUNDJONE platform or through such designated portal as may be notified.
  • Acknowledgement of such grievance shall be issued within seventy-two (72) working hours.
  • Resolutions shall be provided within thirty (30) business days of receipt of the grievance, subject to complexity and available records.

ARTICLE XI

AMENDMENTS AND INTERPRETATION

11.1 This Policy is subject to revision, modification, or repeal at the sole discretion of the Company, without prior notice. Users are advised to review this page periodically.

11.2 In the event of any ambiguity or interpretational conflict, the construction most favorable to the Company shall prevail.

ARTICLE XII

JURISDICTION AND GOVERNING LAW

This Policy shall be governed by and construed in accordance with the laws in force in Bharat. Exclusive jurisdiction over all disputes arising out of or in connection with this Policy shall vest with the competent courts at High Court of Odisha to the exclusion of all other forums.

CERTIFICATION

This Policy has been approved by the Board of Directors of SUPERVISIONSET PRIVATE LIMITED and shall be binding upon all stakeholders, without exception.