Privacy Policy

Certus Capital Online Privacy Notice

Updated: 30 Apr 2020

Certus Investment Management Private Limited, Certus Capital Private Limited, Maxim Capital Advisors LLP and their respective affiliates (“Certus“), respect your concerns about privacy and is committed to protecting your personal data.

This Online Privacy Notice will inform you as to how we collect, handle, store, process and protect the personal data of users of the Website (referred hereinafter as “Visitors” or “you”), when they visit our Website (regardless of where you visit it from) (available at: www.certus.co.in and www.certuscapital.in); and tell you about your privacy rights and how the law protects you. If you reside outside India, your information will be handled, processed, stored, used, stored and shared as per applicable Indian privacy laws and standards.

This Online Privacy Notice should be read along with the Terms of Use of the Website (available at: www.certus.co.in and www.certuscapital.in). Personal data of a Visitor is collected if the Visitor registers with the Website, accesses the Website, or takes any action on the Website or uses or accesses the services of Certus on the Website only.

It is important that you read this Online Privacy Notice together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your personal data. This Online Privacy Notice supplements the other notices and is not intended to override them.

You agree and accept the Terms of Use of the Website as well as this Online Privacy Notice.

This Online Privacy Notice may be updated from time to time and we will notify you of any changes to this Online Privacy Notice by posting the new Online Privacy Notice here. You are advised to regularly review this page for any changes. Your continued access and use of the Website shall be deemed to be your approval and acceptance of the Online Privacy Notice and Terms of Use of this Website.


Personal Data means any information that relates to a natural person, which, either directly or indirectly, in combination with other information available or likely to be available, is capable of identifying such natural person. Personal data does not include anonymized or aggregated data which cannot identify an individual. Personal data consists of ‘sensitive personal data or information’ which consists of financial data and information relating to a natural person.

We may collect, use, store and transfer the following types of Personal Data which is provided by you:

  • Personal and business contact information including name, postal and email address, and telephone number;
  • Tax status (tax ID, tax residence);
  • Financial data (assets, investor profile, credit history, bank account details, debts and expenses);
  • Other background data (information on unlawful conduct/criminal history) and
  • Technical data including internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this Website.

By providing your Personal Data, you consent to our use of your Personal Data in accordance with this Online Privacy Notice. You can withdraw your consent to our use of your Personal Data, at any time, by writing to Certus’s Privacy Officer (as per details provided below). If you withdraw your consent to our use of your Personal Data, Certus shall not be obligated to provide its services to you or permit you to access our Website.


We use different methods to collect data from and about you including through:

  • Direct interactions. You may give us your Personal Data by filling in forms or by corresponding with us by post, phone, email or otherwise.
  • Website use and registration. Personal Data may be provided by you, as appropriate, when contacting Certus through the Website.
  • Automated technologies or interactions. As you interact with our Website, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. We may also receive Technical Data about you if you visit other website employing our cookies.
  • Third parties or publicly available sources. We may receive your Personal Data from various third parties


You are solely responsible for ensuring that the Personal Data provided by you is accurate, up-to-date and complete. Certus shall not be responsible for ensuring authenticity of the Personal Data supplied by you. Certus will also not be liable for any issues arising out of inaccurate or incomplete Personal Data provided by you. You may update your Personal Data, as required, by writing to contactus@certus.co.in.


We will only use your Personal Data for reasonable and legitimate business purposes in accordance with applicable Indian law.

Most commonly, we will use your Personal Data in the following circumstances:

  • For the performance of a contract already / to be entered into with you and providing the requisite services to you;
  • When necessary for our legitimate business interests (or those of a third party), where your interests and fundamental rights do not override those interests;
  • To improve our Website in order to better serve you;
  • To allow us to better service you in responding to your customer service requests;
  • For compliance with a legal or regulatory obligation, or dispute;
  • For internal compliance audits;
  • For developing our products and services;
  • For conducting research or surveys;
  • For considering and confirming applications for employment etc.

We will only use your Personal Data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is incidental to the original purpose.

Please note that we may process your Personal Data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.


This Website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our Website, we encourage you to read the privacy notice of every website you visit.


Cookies help provide functionality to the Website and help us analyse Website usage more accurately. Technical information collected through the Website is used to analyse and report on website traffic, usage trends, for security purposes, and to improve Certus’s online content and services. Certus may use third party analytics tools to analyse website traffic and improve the site, based on information collected by cookies.

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this Website may become inaccessible or not function properly.


Certus does not disclose Personal Data collected via our Website to third parties for commercial purposes; and does not sell, trade or transfer such Personal Data.

Personal Data collected through the Website may, however, be accessible to and stored by Certus’ service providers, for example, service providers who design, maintain or host the Website. You agree and consent to such access, storage and processing by our service providers.

In some cases, Certus may disclose your Personal Data provided to other Certus affiliates, service providers or partners in order to best respond to an inquiry or provide a service. You agree and consent to such access, storage and processing by our service providers, partners and affiliates.

In certain circumstances, Certus may be permitted or required to disclose your Personal Data collected through the Website to third parties without your knowledge or consent. For example, Certus may disclose your Personal Data if required by law or legal process, or when we believe disclosure is necessary or appropriate to prevent harm or financial loss, or in connection with an investigation of suspected or actual fraudulent or illegal activity.

We require all third parties to respect the security of your Personal Data and to treat it in accordance with the law. We do not allow our third-party service providers to use your Personal Data for their own purposes and only permit them to process your Personal Data for specified purposes and in accordance with our instructions. The processing of your Personal Data by these service providers may involve a transfer of data outside the country in which the information was originally provided. Such third parties are not permitted to further disclose your Personal Data to anyone else.

Certus may, however, disclose aggregated user statistics or other information that is incapable of identifying any individual Visitor in order to describe, market or advertise our services to current and prospective business partners and to other third parties for other lawful purposes.


We have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.

In addition, we limit access to your Personal Data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your Personal Data on our instructions and are subject to a duty of confidentiality.

Certus takes steps to ensure the security of your Personal Data, regardless of the format in which it is held, while in its custody is appropriate to the sensitivity of the information, including physical security measures (such as the use of locked cabinets and storage facilities) and technological security measures (such as the use of passwords and encryption).

Certus also takes appropriate steps to protect Personal Data disclosed to third parties, such as by way of contractual agreements stipulating the confidentiality and security of the information and the purpose for which it is to be used. Security standards maintained by such third parties are equivalent to those of Certus and commensurate with market practice.

Please be aware that, although we endeavour to provide reasonable security for your Personal Data, no security system can prevent all potential security breaches.


We may transfer the Personal Data we collect about you to recipients in countries other than the country in which the information originally was collected. Those countries may not have the same data protection laws as the country in which you initially provided the Personal Data. Whenever we transfer your personal data out of the country in which you initially provided the information, we will protect that Personal Data as described in this Online Privacy Notice.


We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for Personal Data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorised use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Once Personal Data is no longer required to fulfil the purposes and is no longer required or permitted to be retained for legal or business purposes, it will be destroyed or made anonymous.


Under certain circumstances, you have rights under data protection laws in relation to your Personal Data. To the extent provided by the law, you may request access to the Personal Data we maintain about you or request that we correct, amend, or delete your Personal Data by contacting us as indicated below. The written request must provide sufficient detail to enable Certus, with a reasonable effort, to identify the individual and the Personal Data or correction being sought.

Your right to access and amend your Personal Data are not absolute. Certus may deny access when denial of access is required or permitted by law, including but not limited to if granting an individual access would reveal:

  • Personal Data about a third party, or information which could reasonably be expected to threaten the life or security of an individual;
  • Confidential commercial information;
  • Personal Data which is protected by solicitor/attorney-client privilege; or
  • Personal Data collected relating to an investigation.

If we deny your request for access to, or refuse a request to correct your Personal Data, we will explain why, to the extent required by law.


If you have any questions or grievances about this Online Privacy Notice, including any requests for access to your personal information, please contact us at:

Certus Capital Private Limited

1/23 C, Durian Estate, Goregaon Mulund Link Road, Goregaon East, Mumbai 400063 Phone: +91 22 4445-1087

Email: puja.khandelia@certus.co.in

You will not have to pay a fee to access your Personal Data (or to exercise any of your other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it.

We may also contact you to ask you for further information in relation to your request to speed up our response.

We shall make all reasonable efforts to redress your grievances expeditiously.