We are always committed to keeping your data secure, your private information private, and maintaining transparency regarding our practices.
While registering on /accessing Stack Finance Platform or while using Our Services, You may be required to provide some information about yourself, on a voluntary basis. We may also ask You to provide certain additional information from time to time or retrieve information about You from third parties. All information disclosed by You shall be disclosed willingly on a voluntary basis and without any coercion. Also, in some instances You might have to provide certain information on a mandatory basis (such as KYC information).
A. Information supplied by users
The Company shall collect Personal Information about the User, including, without limitation, at the time of:
Users may be required to provide certain personal information for the registration process that may include but not limited to:
The Company shall also collect non-personal information pertaining to the behaviour of the User (Behavioural information), while using/browsing the Stack Finance Platform, messages posted by the User on Stack Finance Platform etc.
When You register using Your other accounts like on Facebook, Twitter, Gmail etc. We shall retrieve Information from such accounts to continue to interact with You and to continue providing the Services.
The Personal Information, any non-personal information and behavioural information (collectively called as Information) is stored by the company on servers owned by its or its group companies or by third parties in India. Only on your explicit consent Stack Finance collects account information from respective institutions [as selected by you], by providing your account details and the corresponding password. The credentials are dual-encrypted, first by a unique-to-user key pair and second by our master key. These credentials are then passed to the institutions to screen scrape the data from the institutions website/platform. Data in transit is also encrypted using TLS and bank-grade public-private key exchange. This will enable Stack Finance to consolidate accurate information and present the same to you.
Investments information: We provide the following options for you to update your investment information in a secure manner :
(i) Upload your investment statements in PDF or Excel versions.
These are investment statements that you get from depositories or brokers or Registrar & Transfer Agents such as Computer Age Management Services, Karvy Fintech Private Limited, National Securities Depositories Limited, Central Depositories Services Limited, etc.
You provide explicit consent to Stack Finance to fetch these statements from https://new.camsonline.com/Investors/Statements/Consolidated-Account-Statement and https://mfs.kfintech.com/investor/General/ConsolidatedAccountStatement.
(ii) Enter the information manually
You provide investment details like scheme name, investment type, investment date and investment value by manually entering the data.
We may collect additional information at other times, including but not limited to, when You provide feedback, comments, change Your content or email preferences, respond to a survey, or any communications with Us. However, in the event You wish to provide Us with Your Aadhar card information, You hereby agree and acknowledge that You are providing the same to Us purely on a voluntary basis only.
B. Information automatically collected/tracked while navigation
Cookies & Third Party Analytics Services
We use Local Storage Objects (LSOs) to store content information, preferences and to keep you signed-in. We identify the user’s signed-in state with a token which has encoded a user identifier. The LSO token expires when a user logs out of our website or mobile application.We do not collect any information about your online activity when you sign-out and/or leave our services.We use third party analytics services in order to better understand user engagement with the Services. When a user browses or uses the Services, these third party analytics services may collect the user’s IP address, browser type, and approximate location (based on the IP address). They may also use web logs or web beacons and may set and access cookies on your computer or other device.These third party analytics services may deploy cookies on your browser. Your browser may offer you a “Do Not Track” option, which allows you to signal to operators of websites and web applications and services that you do not wish such operators to track certain of your online activities over time and across different websites. Do Not Track signals are set on a browser-by-browser basis, so you must set them on every browser you use if you do not wish to be tracked.
Log File Information
We automatically collect limited information about Your computer's connection to the Internet, mobile number, including Your IP address, when You visit Our site, application or service. Your IP address is a number that lets computers attached to the Internet know where to send You data -- such as the pages You view. We automatically receive and log information from Your browser, including but not limited to Your IP address, Your computer's name, Your operating system, browser type and version, CPU speed, and connection speed. We may also collect log information from Your device, including Your location, IP address, Your device's name, device's serial number or unique identification number (e.g.. UDiD on Your iOS device), Your device operating system, browser type and version, CPU speed, and connection speed etc.
Demographic and other information:
We may reference other sources of demographic and other information in order to provide You with more targeted communications and promotions. We use Google Analytics, among others, to track the user behaviour on Our Sites. Google Analytics specifically has been enabled to support display advertising towards helping Us gain understanding of Our users' demographics and interests. The reports are anonymous and cannot be associated with any individual personally identifiable information that You may have shared with Us. You can opt-out of Google Analytics for display advertising and customize Google Display Network ads using the Ads Settings options provided by Google.
Links to third party sites/Ad-servers:
When We present Information to Our advertisers -- to help them understand Our audience and confirm the value of advertising on Our Sites -- it is usually in the form of aggregated statistics on traffic to various pages / content within Our Sites. We use third-party advertising companies to serve ads when You visit Our Sites. These companies may use Information (excluding Your name, address, email address or telephone number or other personally identifiable information) about Your visits to this and other websites or application, in order to provide advertisements about goods and services of interest to You. We do not provide any personally identifiable information to third party websites/advertisers/ad-servers without Your consent.
Information use by the company
The Personal information provided by the User is used by the Company for the purposes, including, without limitation:
We may also use Your email address or other personally identifiable information to send commercial or marketing messages about Our Services and/or such additional updates and features about third parties' products and services with an option to subscribe / unsubscribe. We may, however, use Your email address for non-marketing or administrative purposes (such as notifying You of major changes, for customer service purposes, billing, etc.).
The Company may share Your Information with authorised third party without obtaining the prior consent of the User in the following circumstances but not limited to:
Your personal information with respect to connecting your Gmail account with Stack Finance Application: Compliance w.r.t. Google OAuth API Scopes (Restricted scopes)
We will never rent or sell your information or data to anyone. Stack Finance ensures that it is always in compliance with the restricted scope defined under Google OAuth API policies.
These prohibitions of user of data apply to the raw data obtained from Restricted Scopes and data aggregated, anonymized, or derived from them. Our employees, agents, contractors, and successors comply with the “Google API Services: User Data Policy”.
When You use the Services or Sites (or any of its sub sites), We make good faith efforts to provide You, as and when requested by You, with access to Your personal information and shall further ensure that any personal information or sensitive personal data or information found to be inaccurate or deficient shall be corrected or amended as feasible, subject to any requirement for such personal information or sensitive personal data or information to be retained by law or for legitimate business purposes. We ask individual users to identify themselves and the information requested to be accessed, corrected or removed before processing such requests, and We may decline to process requests that are unreasonably repetitive or systematic, require disproportionate technical effort, jeopardize the privacy of others, or would be extremely impractical (for instance, requests concerning information residing on backup tapes), or for which access is not otherwise required. In any case, where We provide information access and correction, We perform this service free of charge, except if doing so would require a disproportionate effort. Because of the way We maintain certain services, after You delete Your information, residual copies may take a period of time before they are deleted from Our active servers and may remain in Our backup systems.
We encourage You to review, update and correct the personal information that We maintain about You, and You may request that We delete personal information about You that is inaccurate, incomplete or irrelevant for legitimate purposes, or are being processed in a way which infringes any applicable legal requirement.
Your right to review, update, correct etc. Your information is subject to Our records retention policies and applicable law, including any statutory retention requirements.
Retention of Data
We shall retain the records as per applicable laws and such other statutory / regulatory requirements from time to time. In the event any legal / regulatory proceeding is pending, we can retain records for a longer period.
We shall store the data in our database even if the User has chosen not to be contacted and/ or closed his/her account with the Company.
We shall store the data/information/records on a server owned by Us or its group companies in India.
We may keep Our records of the electronic instructions/transactions in any form as permitted under applicable Laws. In this regard, all records, whether in electronic form, magnetic form, documents or any other form with respect to electronic instructions/online transactions shall be conclusive evidence of such instructions/transactions and shall be binding on the User
We take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data. These include internal reviews of Our data collection, storage and processing practices and security measures, including appropriate encryption and physical security measures to guard against unauthorized access to systems where We store personal data. All information gathered on Stack Finance is securely stored within the Company controlled database. The database is stored on servers secured behind a firewall; access to the servers is password-protected and is strictly limited. However, as effective as Our security measures are, no security system is impenetrable. We cannot guarantee the security of Our database, nor can We guarantee that information You supply will not be intercepted while being transmitted to Us over the Internet. And, of course, any information You include in a posting to the discussion areas is available to anyone with Internet access.
We at Stack Finance are committed to our client's data and privacy. We blend security at multiple steps within our products with state of the art technology to ensure our systems maintain strong security measures. The overall data and privacy security design allows us to defend our systems ranging from low hanging issues up to sophisticated attacks.
If you are a security enthusiast or a researcher and you have found a possible security vulnerability on Stack Finance, we encourage you to report the issue to us responsibly.
You could submit a bug report to us at firstname.lastname@example.org with detailed steps required to reproduce the vulnerability.