Privacy Policy
SEBI RA: INH000006086 · Effective: April 1, 2026
ScoutStack Technical Research · Plot No. 83, Shrinivas Tower, M.P. Nagar Zone II, Bhopal, MP 462012
1. Information We Collect
We collect the following categories of personal information:
- Identity Data: Full name, date of birth, PAN card number, Aadhaar (last 4 digits only), address
- Contact Data: Email address, mobile number, WhatsApp number
- Financial Data: Bank account details (for KYC verification), demat account number, income range
- Investment Profile: Investment objectives, risk tolerance, trading experience, service interest
- Transaction Data: Subscription payments, invoice history, refund records
- Usage Data: App usage patterns, research calls viewed, login timestamps, device information
- Communication Data: WhatsApp messages, support tickets, grievances, feedback
2. Purpose of Data Collection
We collect and process your data for:
- KYC verification as mandated by SEBI RA Regulations 2014 (Reg. 25)
- Delivering research recommendations via WhatsApp, SMS, Telegram, and mobile app
- Subscription management, billing, and invoice generation
- Compliance with SEBI regulations including 5-year record retention (Reg. 25)
- Risk profiling and suitability assessment
- Grievance handling and resolution (SEBI 21-day mandate)
- Service improvement and communication
3. Legal Basis (SEBI Compliance)
Data processing is required under SEBI (Research Analysts) Regulations 2014:
- Regulation 24: KYC for fee-paying clients (PAN, address proof, investment objectives)
- Regulation 25: Record keeping for minimum 5 years from first interaction
- Regulation 26: Fee documentation and transaction records
- SEBI Circular Jan 2025: Client agreement, MITC acknowledgment
4. Data Retention
As per SEBI Regulation 25, all client records including KYC documents, research communications, transaction records, and correspondence are retained for a minimum of 5 years from the date of last interaction. This includes WhatsApp messages, SMS, email, and app notifications. Records related to pending disputes are retained indefinitely until resolution.
5. Data Sharing
We do NOT sell your personal data. Data may be shared with:
- SEBI / RAASB (BSE Limited): As required for regulatory compliance, audits, and inspections
- KYC Service Providers: Digio (for PAN/Aadhaar/Bank verification) — data transmitted securely
- Payment Gateway: CCAvenue (for subscription payments) — PCI DSS compliant
- Communication Providers: Meta (WhatsApp Business API), TextLocal (SMS), Telegram Bot API — for message delivery only
- Law Enforcement: If required by law, court order, or regulatory authority
6. Data Security
We implement industry-standard security measures:
- SSL/TLS encryption for all data in transit (HSTS enabled)
- Supabase PostgreSQL with Row Level Security (RLS) for data at rest
- Expo SecureStore for mobile token storage (iOS Keychain, Android Keystore)
- Biometric authentication (Face ID / Fingerprint) for app access
- HMAC-SHA256 webhook signature verification
- Rate limiting on all API endpoints
7. Your Rights
You have the right to:
- Access your personal data held by us
- Request correction of inaccurate data
- Request deletion of data (subject to SEBI 5-year retention requirement)
- Withdraw consent for marketing communications
- File a complaint with SEBI if you believe your data rights are violated
8. Cookies & Tracking
Our website uses essential cookies for authentication and session management. We do not use third-party advertising cookies. The mobile app uses device identifiers for push notification delivery only.
9. Children's Privacy
Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal data from minors. Securities trading requires age verification as per Indian law.
10. Changes to This Policy
We may update this privacy policy to reflect changes in our practices or regulatory requirements. Material changes will be communicated via WhatsApp, email, or app notification. Continued use after notification constitutes acceptance.
11. Contact Us
For privacy-related queries or data access requests:
- Compliance Officer: compliance@scoutstack.in
- Phone: +91 88279 79008
- Address: Plot No. 83, Shrinivas Tower, M.P. Nagar Zone II, Bhopal, MP 462012
- SEBI SCORES: https://scores.sebi.gov.in
ScoutStack Technical Research · SEBI Registered Research Analyst · Registration No. INH000006086 · RAASB: BSE Limited · NISM Series XV Certified · CIN: [To be updated] · This privacy policy is governed by the laws of India. Any disputes shall be subject to the jurisdiction of courts in Bhopal, Madhya Pradesh.