MyFinWealthBack to Home

Last updated: March 2026

Privacy Policy

Finlura ("we," "us," or "our") operates the website finlura.comand the Finlura platform (collectively, the "Platform"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Platform. We are committed to protecting the privacy and security of all personal and financial data entrusted to us by Independent Financial Advisors (IFAs), investors, and other users.

By accessing or using the Platform, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the Platform.

1. Information We Collect

1.1 Personal Information

When you register on or use the Platform, we may collect the following personal information:

  • Full name, email address, mobile number, and date of birth
  • Permanent Account Number (PAN)
  • Know Your Customer (KYC) verification data, including identity and address proof
  • Bank account details and IFSC codes
  • Nominee details
  • Photographs and signatures as required for KYC compliance
  • Professional details (for IFAs): AMFI Registration Number (ARN), EUIN, firm name, and SEBI registration details

1.2 Financial Information

To provide our wealth management services, we collect and process:

  • Mutual fund portfolio holdings and transaction history
  • Assets Under Management (AUM) data
  • Systematic Investment Plan (SIP) details
  • Capital gains and tax-related information
  • Risk profile and investment preferences
  • Financial goal information

1.3 Usage and Technical Data

We automatically collect certain information when you access the Platform:

  • Device information (type, operating system, browser)
  • IP address and approximate geolocation
  • Pages visited, features used, and interaction patterns
  • Date and time of access, session duration
  • Referral URLs and search queries

2. How We Use Your Information

We use the information we collect for the following purposes:

  • To create and manage your user account on the Platform
  • To enable IFAs to manage investor portfolios, process mutual fund transactions, and provide advisory services
  • To display portfolio valuations, performance analytics, and generate reports
  • To process SIP registrations, redemptions, switches, and other mutual fund transactions
  • To generate capital gains statements and tax reports
  • To send transaction confirmations, SIP reminders, NAV alerts, and other notifications
  • To verify your identity and complete KYC requirements as mandated by SEBI and AMFI
  • To improve, personalise, and optimise the Platform and user experience
  • To ensure the security and integrity of the Platform
  • To comply with applicable laws, regulations, and legal processes
  • To resolve disputes and enforce our agreements

3. Data Sharing and Disclosure

3.1 Sharing with Your Advisor

If you are an investor, your personal and financial information is shared with the IFA who has onboarded you on the Platform. This is necessary for your advisor to provide portfolio management and advisory services. Each IFA operates within their own tenant on the Platform and can only access data of their own clients.

3.2 Regulatory and Legal Disclosure

We may disclose your information to regulatory authorities, including but not limited to the Securities and Exchange Board of India (SEBI), Association of Mutual Funds in India (AMFI), Registrar and Transfer Agents (RTAs such as CAMS and KFintech), and other governmental bodies, where required by law or regulation.

3.3 Service Providers

We may share your information with trusted third-party service providers who assist us in operating the Platform, including cloud hosting providers, email delivery services, and analytics tools. These providers are contractually obligated to protect your information and use it only for the purposes for which it was shared.

3.4 No Sale of Data

We do not sell, rent, or trade your personal or financial information to any third party for marketing or commercial purposes.

4. Data Security

We implement industry-standard security measures to protect your information:

  • Encryption: All data transmitted between your device and our servers is encrypted using 256-bit SSL/TLS encryption. Sensitive data at rest is encrypted using AES-256 encryption.
  • Multi-Tenant Isolation:Each IFA's data is logically isolated within the Platform. Tenant-level access controls ensure that one IFA's clients cannot view or access another IFA's data.
  • Authentication: We use secure authentication mechanisms, including JWT-based token authentication, bcrypt password hashing, and OTP-based verification.
  • Access Controls: Role-based access control (RBAC) ensures that users can only access features and data appropriate to their role (IFA, investor, or platform administrator).
  • Audit Logging: All significant actions on the Platform are logged for security auditing and compliance purposes.
  • Regular Security Assessments: We conduct periodic security audits, vulnerability assessments, and penetration testing.

While we strive to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security but are committed to promptly addressing any security incidents.

5. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Maintain your login session and authentication state
  • Remember your preferences and settings
  • Analyse Platform usage and performance
  • Enhance security and detect fraudulent activity

You may configure your browser to refuse cookies; however, some features of the Platform may not function properly without them. We do not use cookies for third-party advertising purposes.

6. Your Rights

Subject to applicable laws, you have the following rights regarding your personal data:

  • Right to Access: You may request a copy of the personal information we hold about you.
  • Right to Correction: You may request correction of any inaccurate or incomplete personal information.
  • Right to Deletion: You may request deletion of your personal information, subject to our legal and regulatory obligations to retain certain data.
  • Right to Withdraw Consent: Where processing is based on consent, you may withdraw your consent at any time. This will not affect the lawfulness of processing carried out before withdrawal.
  • Right to Data Portability: You may request your data in a commonly used, machine-readable format.

To exercise any of these rights, please contact us at support@finlura.com. We will respond to your request within 30 days.

7. Data Retention

We retain your personal and financial information for as long as your account is active or as needed to provide you services. Upon account closure or deletion request, we will delete or anonymise your data within a reasonable period, except where retention is required by applicable laws and regulations. Under SEBI regulations and the Prevention of Money Laundering Act (PMLA), certain records, including KYC documents and transaction records, must be retained for a minimum of five (5) years after the cessation of the business relationship. Audit logs and compliance records may be retained for up to eight (8) years as required.

8. Regulatory Compliance

Our data collection and processing practices are designed to comply with applicable Indian laws and regulations, including but not limited to the Information Technology Act, 2000 and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, the Digital Personal Data Protection Act, 2023, and applicable SEBI circulars and guidelines pertaining to the handling of investor data. We cooperate with SEBI, AMFI, and other regulatory bodies as required by law.

9. Children's Privacy

The Platform is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from minors. If we become aware that a minor has provided us with personal information, we will take steps to delete such information. Minor accounts for mutual fund investments must be operated by their legal guardian.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the updated policy on the Platform with a revised "Last updated" date. We encourage you to review this Privacy Policy periodically. Your continued use of the Platform after any changes constitutes your acceptance of the updated policy.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Finlura

Email: support@finlura.com

Website: finlura.com