Data Privacy Policy

Section I - Introduction

This Data Privacy Policy ( “Policy” ) is aimed to ensure the Confidentiality, Integrity and Availability of data belonging to Ambit is protected and processes and controls that help prevent and detect misuse of data or unauthorized access to critical information and protection of data for record and compliance purposes. Ambit Private Limited (“Ambit”) believes in respecting the Client’s, employees, clients, contractors, consultants, outsourcing partner’s right to privacy and safeguarding their personal information in physical or electronic form. In the course of its regular business activities, Ambit needs to collect certain information about individuals including past, present and prospective clients. Ambit will only handle their clients’/third party’s personal information in a manner that is reasonable appropriate in the circumstances and as required under applicable laws. Ambit stores and processes such Information including any sensitive financial information collected (as defined under the Information Technology Act, 2000), if any, on computers that are protected by physical as well as reasonable technological security measures and procedures in accordance with Information Technology Act 2000 and Rules made there under. Ambit or its authorized agents shall not retain or store that information for longer than is required for the purposes except when the information may lawfully be used or is otherwise required under any other law for the time being in force. The information collected shall be used for the purpose for which it has been collected. By agreeing to avail the service offered by Ambit, the Client (including customers, vendors and third parties) has agreed to the collection and use of the Client’s Sensitive Personal Data or Information by Ambit. The Client shall always have the right to refuse or withdraw their consent to share/dissemination of their Sensitive Personal Data or Information by contacting Ambit. However, in such an event, the Client would no longer be able avail the services of Ambit.

Section II – Applicability

The Policy applies to all the employees, clients, contractors, consultants, outsourcing partners, third parties and including all personnel affiliated with third parties.

Section III – Rationale for Collecting Personal Information

In accordance with the Policy, Ambit may ask for the following personal information about the Clients, who engage with Ambit, from time to time. This information is needed to identify an individual, can establish the identity of an individual/non-individual to whom the information applies for any legal applications. This information includes and is not limited to: i. Name, address, telephone and fax numbers, e-mail address, date of birth, signature and photograph; ii. Financial information such as Bank account, PAN, KYC Status, credit card, debit card or other payment instrument details; iii. Physical, physiological and mental health condition; iv. Sexual orientation; v. Medical records and history; vi. Biometric information; vii. Any detail relating to the above clauses as provided to body corporate for providing service; viii. Any of the information received under above clauses by body corporate for processing, stored or processed under lawful contract or otherwise: provided that, any information that is freely available or accessible in public domain or furnished under the Right to Information Act, 2005 or any other law for the time being in force shall not be regarded as sensitive personal data or information for the purposes of Rules. Ambit would ensure that it collects requisite information only to the extent it is necessary to establish identity and provide the services in the best possible manner and required under the applicable laws.

Section IV - Usage of Personal Information:

1) The use of Personal Information necessary in order to comply with certain applicable laws; or 2) Legal obligation; or 3) Have a legitimate interest in using the Client’s information for defined purposes. Ambit shall not deliberately disclose individual/non individual’s personally identifiable information to any unauthorized third person, save and except where such information shall be disclosed in good faith and for the purpose of compliance with law for the time being in force or to protect the rights and property of Ambit. However, Ambit has a right or duty to disclose or is permitted or compelled to so disclose such information by law, for the time being in force; for example, Ambit may share/provide information with/to judicial bodies and regulatory authorities who have jurisdiction over Ambit.

Section V – Responsibility

The responsibility for identification and classification of data rest with the Chief Operating Officer, the Functional Heads for their individual business functions/ Departments/Teams, Managing Directors/ Executive Directors/ Directors of Investment Banking teams and respective heads of Enterprise Functions in consultation with the Executive Director- IT and Director - IT. The responsibility of implementing and managing the control framework for protection of data and information assets and its periodic monitoring lies with the IT team in consultation with Chief Operating Officer, Managing Directors/ Executive Directors/ Directors of Investment Banking teams and respective heads of Enterprise Functions.

Section VI – Sharing Information

The Ambit website sometimes may have links to other website(s) in the World Wide Web. Once the user leaves the website/servers of Ambit, use of any information provided is governed by the privacy policy of the operator of the site being visited. It is advisable to read their privacy policies for further information. The user’s browsing and interaction on any other website, including those that may have a link on the Ambit website, is subject to that third party website's own set of rules and policies. It is advisable to read the respective privacy policies for further information. Ambit may share information about Clients in the limited circumstances spelled out below and with appropriate safeguards with respect to Client’s privacy: • Regulators: SEBI/ or any other regulatory/statutory bodies solely on the basis of enquiries/ investigation/ inspections conducted by them. • Legal Requests: Ambit may disclose information about you in response to a subpoena, court order, or other governmental and/or Regulatory bodies’ request. • Any other circumstances to protect the rights and property of Ambit

Section VII - Protection of Information

The privacy and protection of Client data and information provided to Ambit is of vital importance. Ambit shall ensure to safeguard the security and confidentiality of any information Clients share with Ambit. Any personally identifiable information of the Clients obtained by Ambit shall not be used or shared other than for the purposes to which the Individual/non-Individual consent to or provides consent for. However, security and confidentiality of information cannot be guaranteed cent percent. Hence despite Ambit’s utmost efforts to protect Client’s personal information, Ambit cannot warrant the security of any information Clients transmit to Ambit through Ambit’s online services. Such transmission of personal information is done at the Client’s own risk. In order to protect the Client’s personal information and right to privacy, Ambit will: • Keep the client’s personal information only for as long as Ambit needs it to fulfill the stated purpose or as required by law; • Maintain the client’s personal information in as accurate, complete and up-to-date form as possible; • Safeguard the client’s personal information to the best of Ambit’s ability; • Respond to any request that the client may make to access or correct the personal information Ambit holds about him; • Obtain the appropriate consent from the client for the collection, use or disclosure of his personal information (if required). The Ambit website is not intended for use by children and minors. Parents are requested to ensure that Personal Information is not provided by minors, unless required.

Section VIII - Communication

When a Client uses the website of Ambit or send emails or other data, information or communication to Ambit, the Client agree and understand that they are communicating with Ambit through electronic records and that they consent to receive communications via electronic records periodically and as and when required. Ambit may communicate by email or by such other mode of communication, electronic or otherwise. The Client may upon written request to Ambit may review the sensitive personal data or information provided. Ambit shall not be responsible for any personal information or sensitive personal data or information found to be inaccurate or deficient or untrue. Ambit may provide notifications, whether such notifications are required by law or are for marketing or other business related purposes, to Clients via email notice, written or hard copy notice, or through conspicuous posting of such notice on the Ambit Website page, as determined by Ambit in its sole discretion. Ambit reserves the right to determine the form and means of providing notifications to Clients, provided that the Clients may opt out of certain means of notification as described in this Policy.

Section IX - Policy Governance:

This Policy shall be reviewed by the Chief Operating Officer, Executive Director -IT and Compliance Officer on a periodical basis in order to ensure that the Policy is up to date and reflects all changes to as may be applicable to the Company from time to time.

Section X - Changes to the Privacy Policy of Ambit:

Please note that this Policy may change from time to time without any prior notice. For any further information or concerns, the Clients may write to Ambit Private Limited, having address at Ambit House, 449, Senapati Bapat Marg, Lower Parel, Mumbai - 400 013.

SELECT ENTITY TO LOGIN