Privacy Policy

Last updated:

1. Definitions

For the purposes of this Policy:

“Personal Data” or “Personal Information” shall mean any data that identifies or can reasonably be linked to a natural person, whether directly or indirectly, including sensitive personal data as defined under applicable laws.

“Processing” shall include any operation performed on Personal Data including collection, recording, organization, structuring, storage, adaptation, retrieval, use, transmission, dissemination, restriction, erasure, or destruction.

2. Categories of Personal Data Collected

The Company may collect, retain, and process the following categories of Personal Data:

• Identifiers: Full name, date of birth, mobile number, residential address, email ID;
• Government-issued identifiers: Aadhaar number, PAN, and KYC documents;
• Financial data: Payment instrument details, including UPI ID, masked card information, and transaction identifiers;
• Nominee details: Name, relationship, and identity documentation;
• Device and technical data: IP address, device identifiers, OS version, session data, and diagnostic logs;
• Location data (if explicitly permitted by the User).

3. Legal Basis for Processing

The Company processes Personal Data pursuant to one or more of the following legal bases:

• Performance of a contract entered into with the User;
• Compliance with a legal obligation;
• Consent explicitly provided by the User for specified purposes;
• Legitimate interest of the Company, provided such interest does not override the User’s fundamental rights and freedoms.

4. Purpose of Data Processing

The Personal Data collected may be used for, but is not limited to, the following purposes:

• Enrollment and administration of the gold savings scheme;
• Verification of identity and KYC compliance;
• Transaction processing and redemption validation;
• Compliance with applicable laws and taxation norms;
• Communication regarding payments, scheme milestones, or updates;
• Prevention of fraud and unauthorized access;
• System maintenance, debugging, and enhancement of user experience.

5. Disclosure of Personal Data

Personal Data may be disclosed to the following categories of recipients:

• Employees and authorized personnel of the Company, bound by confidentiality obligations;
• Government authorities, regulatory bodies, or law enforcement agencies in accordance with applicable laws;
• Third-party service providers (e.g., payment gateway providers, IT infrastructure vendors) under legally binding agreements ensuring data protection;
• Statutory auditors or legal advisors for the purpose of compliance, audit, or legal proceedings.

6. Data Retention

Personal Data shall be retained for the duration required to fulfill the stated purpose, or as mandated by statutory retention requirements under applicable Indian and international laws, whichever is longer. Upon cessation of purpose and expiration of legal retention periods, Personal Data shall be deleted, anonymized, or securely archived in accordance with data minimization principles.

7. Cross-border Data Transfers

To the extent Personal Data is transferred to any entity located outside the jurisdiction of India, such transfers shall be in accordance with applicable laws and shall ensure the implementation of appropriate safeguards, including but not limited to Standard Contractual Clauses, adequacy decisions, or binding corporate rules, as required under the relevant law.

8. Data Subject Rights

Subject to applicable law, Users may have the following rights with respect to their Personal Data:

• Right to access the Personal Data processed;
• Right to rectification of inaccurate or incomplete data;
• Right to erasure, subject to legal exceptions;
• Right to data portability;
• Right to withdraw consent at any time (without affecting past lawful processing);
• Right to object to processing where applicable;
• Right to lodge a complaint before a Data Protection Authority or Grievance Officer.

Requests to exercise rights shall be submitted in writing to the designated contact details under Clause 12.

9. Data Security

The Company undertakes commercially reasonable and appropriate administrative, technical, and physical measures to safeguard the confidentiality, integrity, and availability of Personal Data from unauthorized access, disclosure, alteration, and destruction, including but not limited to data encryption, access control, periodic audits, secure storage, and multi-layer authentication protocols.

10. Children’s Data

The Application is intended solely for individuals who are 18 years of age or older. The Company does not knowingly collect or process Personal Data of minors. If it is discovered that data of a minor has been collected inadvertently, the same shall be deleted promptly.

11. Amendments to Policy

The Company reserves the right to amend, revise, or update this Privacy Policy at its sole discretion and without prior notice. Continued use of the Application after any such amendment shall constitute deemed acceptance of the revised terms.

12. Grievance Redressal / Data Protection Contact

For any queries, complaints, or to exercise your rights under this Policy, please contact:

Grievance Officer / Data Protection Officer
Elite KP Jewellery,
177, KP building, Meenakshipuram, Vadiveeswaram Village,
Nagercoil, Tamil Nadu 629001
+91 96592 22000

Governing Law

This Policy shall be governed by and construed in accordance with the laws of the Republic of India. Jurisdiction over any disputes shall lie exclusively with the competent courts at Nagercoil, Tamil Nadu.