PRIVACY POLICY FOR ROOTEL INVESTREE

LATEST UPDATE: 1 JANUARY 2025

Rootel InvesTree (“we,” “our,” “us”) values your trust and is committed to safeguarding your privacy. This Privacy Policy outlines how we collect, use, disclose, and protect your information when you access our website or use our services related to real estate investments, blockchain technology for fractional ownership, and other future features (“Services”).

By accessing our website or using our Services, you agree to the practices described in this Privacy Policy. If you do not agree, please do not use our website or Services.

1. How We Collect Data

We collect data to provide and improve our services while adhering to the rules and regulations set by Indian law and international best practices, including Google’s guidelines for data collection. Below are the methods we use:

a. Information You Provide Directly

We collect information you provide to us voluntarily when:

• You register or create an account on our website.
• You make transactions for fractional ownership or real estate investments.
• You fill out forms, surveys, or questionnaires.
• You upload or submit identity documents, such as PAN, Aadhaar, or KYC information.
• You communicate with us via email, phone, or customer support channels.

b. Automated Collection Through Website and Apps

When you access our website or use our Services, we collect certain data automatically to ensure functionality, compliance, and personalization. This includes:

• Cookies: Small files stored on your browser to track session data, preferences, and user behavior.
• Device Information: Details about the device used, such as browser type, operating system, IP address, and device identifiers.
• Usage Data: Information on your activity on our platform, such as pages viewed, features accessed, and time spent.
• Location Data: Approximate geolocation based on your IP address to provide location-specific services.

c. Information Collected from Third Parties

We may collect data about you from third parties in compliance with Indian laws and Google’s data policies, including:

• Verification Agencies: For KYC compliance and identity verification (e.g., Aadhaar, PAN validation).
• Business Partners and Affiliates: If you interact with partners integrated into our ecosystem.
• Publicly Available Sources: For verification of your real estate ownership or other public information.

d. Google-Specific Data Collection Practices

In compliance with Google policies, we collect and manage data in ways that prioritize transparency and user control:

• Data collected through Google Analytics is anonymized and used to analyze traffic patterns and optimize website performance.
• Google Ads-related data (if applicable) complies with the Google Ads Data Protection Terms, ensuring transparency and consent for personalized ads.
• We never collect sensitive data through Google Ads without explicit user consent.

e. Consent-Based Collection

We collect personal and sensitive information only after obtaining your explicit consent, as required by:

• The Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011.
• Google’s Consent Policy for data usage and transparency.

Examples include:

• Financial information collected for fractional ownership transactions.
• Sensitive personal data, such as identity proofs or biometric data for compliance purposes.

f. Data Protection and User Control

We ensure the following:

• Transparency: Clearly inform you about what data is collected and why.
• User Control: Allow you to manage preferences for cookies, location sharing, and other data collection methods.
• Security: Use encryption and other safeguards to protect collected data.

2. Consent

We prioritize obtaining clear and informed consent from users before collecting, processing, or sharing their data. Our consent framework complies with Indian laws and Google’s policies to ensure transparency, user autonomy, and compliance.

a. Explicit Consent for Sensitive Data

In accordance with The Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, we obtain explicit consent before collecting or processing Sensitive Personal Data or Information (SPDI).

This includes:

• Financial information (e.g., credit/debit card details, bank account details).
• Government-issued identification (e.g., Aadhaar, PAN).
• Biometric data or other personal identifiers.

Consent is collected via:

• Digital checkboxes during registration or KYC submission.
• Electronic acknowledgment when completing transactions or signing agreements.
• Verifiable opt-in mechanisms for specific features requiring sensitive data.

b. General Consent for Non-Sensitive Data

For non-sensitive personal information (e.g., name, email, IP address), we follow a clear notice-and-consent process:

• A concise and transparent privacy notice is provided before data collection.
• Consent is obtained when users register, access specific features, or interact with our Services.

c. Consent for Cookies and Tracking Technologies

We comply with Google’s consent policy and Indian laws for cookies and tracking technologies by:

• Displaying a cookie banner or notice when users visit our website for the first time.
• Explaining the types of cookies used (e.g., essential, analytics, advertising).
• Providing users the ability to manage or withdraw cookie preferences through a settings panel.

d. Withdrawal of Consent

Users have the right to withdraw their consent at any time, subject to legal or contractual obligations. Withdrawal of consent may affect the provision of certain Services.

How to Withdraw Consent:

• By accessing the privacy settings on your account.
• By contacting us directly at grievance@rootelinvestree.com.

e. Consent for Marketing and Advertising

In compliance with Google’s policies and Indian laws:

• Users are informed about how their data may be used for marketing or advertising.
• Explicit consent is obtained for personalized advertisements and promotional communications.
• Users can opt out of marketing communications by clicking the "Unsubscribe" link in emails or adjusting their account settings.

f. Recording and Documentation of Consent

We maintain detailed logs of user consent as required under Indian regulations and Google policies to ensure accountability. This includes:

• Date and time of consent.
• Purpose for which consent was obtained.
• Method of consent (e.g., digital acceptance).

3. Consent Not Valid Under Such Circumstances

In accordance with Indian laws and Google's privacy and security policies, certain circumstances may invalidate consent for using our services, especially when financial risk or monetary loss is involved. These include:

a. Age Limit for Consent

As per Indian laws and Google's policies, we do not allow individuals below the age of 18 to access or use our Services, as it involves financial transactions, investment in fractional ownership, and the potential for monetary loss or gain. This age restriction is based on the fact that:

• Individuals below the age of 18 are not legally competent to enter into binding contracts under Indian Contract Act, 1872.
• Financial transactions and investment in real estate through blockchain technology involve significant financial risk and legal obligations, which require the maturity and legal capacity to understand and manage.

Therefore, users must be 18 years or older to access, use, or provide consent for our services, which may include financial risks, investments, and ownership of assets.

b. Inability to Understand Financial Risks and Risks Involved

If we determine that a user has provided consent, but their understanding of the financial risks and investment obligations is unclear or insufficient (e.g., due to mental incapacity or lack of experience), consent for continued usage of the Services may be invalid. This ensures the protection of users from unintended financial consequences, in compliance with:

• Consumer Protection Laws in India, ensuring that users are protected from deceptive practices and financial exploitation.
• The Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, requiring businesses to ensure informed and voluntary consent.

c. Invalid or Fraudulent Consent

Consent obtained through fraudulent means, coercion, misrepresentation, or without providing adequate information about the risks involved (such as investment or monetary loss) is considered invalid under both Indian law and Google’s policies.

Examples of invalid consent include:

• Providing false information during registration or KYC.
• Engaging in activities such as impersonating another user to gain access to our services.

d. Invalid Consent Due to Legal Restrictions

In certain cases, if the user resides in a jurisdiction where access to such services is restricted (e.g., due to local regulations), consent may be deemed invalid. These may include:

• Jurisdictions where blockchain technology or fractional ownership is prohibited.
• Countries or regions that have laws prohibiting real estate investments or financial activities online.

4. Personal Data Collection

Rootel InvesTree is committed to safeguarding your privacy and handling your personal information responsibly. In line with Indian laws, such as the Information Technology Act, 2000 and its associated rules, and Google's privacy policies, we collect the following types of data when you use our website or services:

a. Personal Information

This includes any information that can directly or indirectly identify you. We may collect:

• Identity Information: Full name, gender, date of birth (for age verification).
• Contact Information: Email address, phone number, mailing address.
• Demographic Information: Location (e.g., city, state, or region), profession, or other demographic details.
• Government ID Numbers: Aadhar number (if used for KYC), PAN (for financial transactions).
• Transaction Data: Records of your investment, payments, or purchases, including financial details (e.g., bank account details or credit card information).

b. Sensitive Personal Data

We collect sensitive data only with your explicit consent, and it may include:

• Financial Information: Bank account number, credit/debit card information, wallet addresses (for blockchain transactions).
• Investment Details: Information related to fractional ownership investments or related financial activities.
• Biometric Data: If used for identity verification (e.g., through facial recognition or other means).

We ensure that the collection and processing of this data comply with the Sensitive Personal Data or Information provisions under The Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011.

c. Account and Login Information

To provide you with a secure and personalized experience, we collect the following data:

• User Credentials: Username, password, security questions, and answers (if applicable).
• Authentication Data: Two-factor authentication data (e.g., OTPs sent via SMS or email).

d. Cookies and Tracking Data

To enhance your experience and provide personalized services, we use cookies and similar technologies. These technologies collect:

• Cookies: To store preferences and settings, enable login features, and provide personalized content and ads.
• Analytics Information: Information about how you use the website (pages viewed, links clicked, duration of session), which we use to improve our website and services. This may include data from Google Analytics.
• Advertising Information: We use cookies to serve personalized ads based on your interests, and allow you to opt out of personalized advertising using tools like Google's Ad Settings.

For more details, refer to our Cookie Policy.

e. Device Information

We collect data related to the device used to access our services, including:

• Device Information: Type of device (mobile, tablet, desktop), operating system, browser type.
• IP Address: We collect your IP address to detect fraud, manage traffic, and enhance security.
• Location Data: We may collect precise location information if enabled by you to provide location-based services.

f. Blockchain Data

As our services utilize blockchain technology for fractional ownership, we collect:

• Blockchain Wallet Information: Data related to your blockchain wallet, including public wallet addresses used for transactions.
• Blockchain Transaction Details: Information about the transactions you initiate or complete through our platform, including the amount and asset type.

This data is processed using decentralized technology and is stored in a distributed ledger that is immutable.

g. Third-Party Data

We may collect data from third-party sources, such as:

• Partner Organizations: For the purpose of verifying your identity (e.g., KYC data from financial institutions).
• Payment Providers: For processing transactions or refunds.
• Marketing and Analytics Providers: To analyze your usage behavior on our platform and serve personalized content and ads.

How We Collect Your Data

We collect your data through the following means:

• Direct Collection: When you register on our platform, update your profile, or use our services.
• Automatic Collection: Through cookies, server logs, and analytics tools that automatically collect data as you interact with our website.
• Third-Party Sources: When you interact with our partners or use third-party services integrated with our platform.

5. Personal Information

Rootel InvesTree values your privacy and is committed to protecting your personal information. As part of our business operations, we collect and process personal information that is necessary to provide our services to you. This section outlines the types of personal information we collect, how we use it, and how we protect it in compliance with Indian laws and Google's policies.

a. Types of Personal Information We Collect

We collect the following personal information when you use our website or services:

• Identity Information:
  • Full name
  • Gender
  • Date of birth (for age verification)
• Contact Information:
  • Email address
  • Phone number
  • Residential or mailing address
• Financial Information: Payment details, including bank account information, credit/debit card details, and wallet addresses used for blockchain transactions
• Transaction Data: Records of your investment transactions, purchases, or any financial dealings made through our platform
• Identification Information: Government-issued IDs, such as Aadhar or PAN card, for identity verification and compliance with KYC norms
• Account Information: Username, password, and security credentials used for account creation and login
• Device Information: Details about the device used to access our platform, such as device type, operating system, browser type, and IP address
• Geolocation Data: If enabled by you, we may collect location data to provide location-based services
• Blockchain Data: Blockchain wallet addresses and transaction details related to fractional ownership and investments in real estate assets via blockchain

b. How We Use Your Personal Information

We collect your personal information for the following purposes:

• To Provide Services: To process transactions, manage your account, and provide customer support.
• To Verify Your Identity: To comply with legal requirements such as Know Your Customer (KYC) and Anti-Money Laundering (AML) regulations.
• To Process Payments: To process your financial transactions, including investments and purchases, through secure payment gateways.
• To Improve User Experience: To personalize your experience on our platform and to send you tailored content, offers, and marketing communications.
• To Ensure Security: To monitor and improve the security of our website and prevent fraud.
• To Comply with Legal Obligations: To meet the regulatory and legal requirements set by Indian laws and authorities.
• To Provide Blockchain Services: To facilitate fractional ownership through blockchain technology, ensuring the secure transfer of assets and maintaining an immutable ledger of transactions.

c. How We Protect Your Personal Information

We implement appropriate physical, technical, and organizational measures to safeguard your personal information from unauthorized access, loss, or misuse. These measures include:

• Encryption: Data transmitted through our platform is encrypted using industry-standard SSL encryption to protect sensitive information during transmission.
• Access Control: Only authorized personnel have access to your personal information, and we maintain strict internal controls to prevent unauthorized access.
• Two-Factor Authentication: We use two-factor authentication (2FA) to enhance account security, ensuring that only you can access your account.
• Data Retention: We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy or as required by law.

d. Sharing of Your Personal Information

We do not sell or rent your personal information to third parties. However, we may share your personal information with trusted partners under the following circumstances:

• Service Providers: We may share your personal information with third-party vendors or service providers who assist us in operating our platform, processing payments, or performing other services on our behalf.
• Legal and Regulatory Compliance: We may disclose your personal information if required by law or in response to a legal process, such as a court order, to comply with applicable laws and regulations.
• Payment Processors: We may share your financial data with payment processors to complete transactions securely.
• Blockchain Networks: If you engage in fractional ownership through blockchain technology, your transaction data may be recorded on the blockchain for transparency and security purposes.

e. Third-Party Links and Services

Our website may contain links to third-party websites or services. These third-party services have their own privacy policies, and we recommend you review them before providing any personal information. Rootel InvesTree is not responsible for the content or privacy practices of third-party websites.

f. Your Rights Regarding Personal Information

As per Indian data protection laws and Google’s policies, you have the following rights regarding your personal information:

• Access and Rectification: You have the right to request access to your personal information and correct any inaccuracies.
• Deletion: You can request the deletion of your personal data, subject to legal obligations and business requirements.
• Opt-Out of Marketing Communications: You can opt out of receiving marketing and promotional communications from us by following the unsubscribe instructions in the emails or contacting us directly.
• Data Portability: You have the right to request a copy of your personal information in a structured, commonly used, and machine-readable format.

To exercise any of these rights, please contact us using the details provided in the Contact Us section.

g. Data Retention Period

We will retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, and to comply with our legal obligations. If you request the deletion of your personal information, we will delete it, unless we are required to retain it for legal or regulatory purposes.

6. Usage and Analytics Data

At Rootel InvesTree, we strive to provide a seamless user experience by gathering, analyzing, and improving our services through usage and analytics data. This section describes how we collect, use, and protect this data in compliance with Indian laws and Google’s policies.

a. Types of Usage and Analytics Data We Collect

When you interact with our website, we automatically collect data related to how you use the platform. This data includes:

• User Interaction Data: Pages viewed, links clicked, and actions taken on the website, time spent on the website and specific sections or features, search queries entered and results viewed and navigation paths (e.g., entry and exit points)
• Device and Technical Data: Device type (desktop, mobile, tablet), operating system, browser type, and version, IP address, which helps us analyze geographic location and prevent fraud, screen resolution and other device characteristics to optimize the website's layout and functionality & browser language settings and preferences.
• Behavioral Data: Data related to how you engage with our content (e.g., video views, scroll behavior, form submissions), time and frequency of visits, including login/logout events and interaction with specific features of the platform, such as blockchain transactions, real estate investment tools, or account settings.
• Transaction Data (for Analytics and Improvement): Details of purchases or investments you make, such as amount and type of transaction and Blockchain transaction data related to fractional ownership investments.

b. How We Use Usage and Analytics Data

The usage and analytics data we collect helps us to enhance your experience and improve the performance of our platform. We use this data for the following purposes:

• Platform Improvement: Analyzing how users interact with the platform to identify areas for improvement & understanding usage patterns to optimize website layout, functionality, and navigation. A/B testing new features and content to assess user preferences and behavior.
• Personalization: Offering tailored content, recommendations, and advertisements based on your interests and interactions with the website. Enhancing the user interface and experience based on device and browser preferences.
• Security and Fraud Prevention: Detecting and preventing fraudulent activities by analyzing unusual behavior patterns (e.g., multiple failed login attempts). Ensuring the safety of transactions and protecting user accounts from unauthorized access.
• Marketing and Communications: Serving personalized advertising through platforms such as Google Ads and other marketing networks. Sending you promotional materials or updates relevant to your interests, investment opportunities, or new features based on your usage data (subject to your consent).
• Compliance and Reporting: Analyzing and reporting on aggregate user activity to comply with legal requirements and ensure regulatory compliance (e.g., for financial transactions, KYC requirements).

c. Cookies and Similar Technologies

We use cookies and similar technologies to collect usage data. These are small data files placed on your device that help us collect the following:

• Session Information: To keep you logged in during your session and maintain settings across pages.
• Performance Data: To analyze how the website performs across different devices, browsers, and locations.
• Tracking and Analytics: To track usage and interactions, helping us understand your preferences and improve our website’s functionality.

You can manage or disable cookies by adjusting your browser settings. However, disabling cookies may affect your ability to use certain features of the platform.

For detailed information on our cookie practices, please refer to our Cookie Policy.

d. Third-Party Analytics Services

To assist in analyzing and improving our website, we use third-party analytics services, such as:

• Google Analytics: Google Analytics helps us collect and analyze data on user interactions, behavior, and traffic on our website. The data collected through Google Analytics is anonymized and used solely for analytical purposes. Google Analytics may use cookies and other tracking technologies to gather data about your usage of our website, which is then aggregated and analyzed to help us improve our services.
• Other Third-Party Services: We may use other analytics platforms to collect, track, and analyze data to improve your experience and optimize performance.

e. Data Retention

We retain usage and analytics data for as long as necessary to fulfill the purposes outlined in this Privacy Policy, or as required by law. In the case of Google Analytics, data is retained for a period of 14 months before being anonymized or deleted.

If you choose to opt-out of data collection for analytics purposes, certain features may not function optimally, and your experience may be less personalized.

f. Your Choices Regarding Usage and Analytics Data

• Opt-Out of Tracking: You can choose to disable tracking through Google Analytics by installing the Google Analytics Opt-Out Browser Add-On.
• Personalization: You can manage your ad preferences on platforms like Google Ads to control the type of advertising shown to you.
• Cookies Preferences: You can adjust your browser settings to reject or delete cookies. However, disabling cookies may limit certain features of the website.

By using our platform, you consent to the collection, processing, and use of usage and analytics data as described in this section.

7. Legal Grounds of Data Collection

Rootel InvesTree collects and processes personal data in accordance with applicable data protection laws, including the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and other relevant Indian laws. We ensure compliance with Google's policies on data collection and processing as well. This section outlines the legal grounds for collecting and processing personal data.

a. Legal Grounds Under Indian Law

Under the Information Technology Act, 2000 (IT Act) and Privacy Laws applicable in India, we rely on the following legal grounds to collect, process, and store your personal data:

• Consent (Article 7 of the IT Act & Personal Data Protection Bill, 2019): We rely on your explicit consent to collect and process your personal data. By using our services, you consent to the collection and use of your data as outlined in this Privacy Policy. In certain circumstances, we may request consent for specific purposes (such as for receiving marketing communications or processing sensitive personal data). You may withdraw your consent at any time by contacting us, and we will honor your request unless there is a legal obligation to retain the data.
• Performance of a Contract (Section 43A of the IT Act): In order to fulfill the contract we have with you (for example, to process transactions, manage your account, and provide services related to real estate investment), we may need to collect and process personal data. This includes collecting financial details for transactions, identity information for KYC compliance, and any other necessary information to enable the services that you have requested.
• Compliance with Legal Obligations (Section 72A of the IT Act & KYC Regulations): We may collect and process personal data to comply with legal obligations, including anti-money laundering (AML) and know-your-customer (KYC) regulations that are required under Indian laws. And for Personal information, such as government-issued IDs (Aadhar, PAN card), may be required for identity verification as part of regulatory compliance.
• Legitimate Interests (Section 72A of the IT Act): Rootel InvesTree may collect and process personal data based on our legitimate business interests, such as ensuring platform security, preventing fraud, improving services, and enhancing user experience. Where we balance your privacy rights with our legitimate interests, ensuring that we do not overstep your reasonable expectations when using the platform.
• Public Interest and Health (Section 8 of the IT Act & Indian Personal Data Protection Bill, 2019): In some instances, we may process personal data to comply with regulatory requirements or to fulfill duties in the public interest (for example, reporting to regulators or government authorities).

b. Legal Grounds Under Google’s Policy

As per Google’s policies on data collection, processing, and use, we rely on the following legal grounds:

• Consent: Google requires that we obtain your consent for the collection of personal information when using Google services, such as Google Analytics or Google Ads. By interacting with our platform, you consent to the use of Google services in accordance with Google’s Privacy Policy. Additionally, for personalized advertisements, Google requires that we obtain consent to use cookies or tracking technologies that collect personal information for targeted advertising.
• Contractual Necessity: Google’s policy also allows for data processing based on the necessity to perform a contract. For instance, if you make an investment or engage in transactions via our platform, personal data related to these transactions may be processed to fulfill the contract and deliver the required services.
• Legitimate Interests: Google allows the processing of personal data under legitimate interests when it is necessary for business purposes. This may include ensuring platform functionality, improving user experience, and providing personalized services and ads.
• Legal Compliance: Google also provides grounds for data collection when required to comply with legal obligations, including responding to legal processes, law enforcement requests, and complying with regulatory requirements (e.g., KYC, AML compliance).

c. Sensitive Personal Data

In certain cases, we may collect sensitive personal data (such as financial details, government-issued IDs, and payment information) that may be required under Indian law for legal, regulatory, or contractual reasons. This includes compliance with KYC regulations for financial services, as stipulated by the Reserve Bank of India (RBI) and other relevant authorities.

For sensitive personal data, we ensure that:

• Your explicit consent is obtained before collection.
• We take all reasonable measures to protect the security and confidentiality of your data.
• You have the right to withdraw consent or request the deletion of sensitive personal data as per applicable laws.

d. Your Rights Under Indian Law

As per Indian data protection laws, you have the following rights regarding your personal data:

• Right to Access: You can request access to the personal data we hold about you.
• Right to Rectification: You can request the correction of any inaccurate or incomplete data.
• Right to Erasure: You can request the deletion of your data in certain circumstances.
• Right to Restrict Processing: You can request that we limit the processing of your data in specific situations.
• Right to Data Portability: You can request that your data be transferred to another service provider in a structured, commonly used, and machine-readable format.
• Right to Object to Processing: You can object to the processing of your data, especially in cases where processing is based on legitimate interests.

You may exercise these rights by contacting us at any time.

e. Data Protection and Security

We ensure that all personal data is processed lawfully, transparently, and securely. Rootel InvesTree implements appropriate security measures to protect personal data from unauthorized access, disclosure, alteration, and destruction. We also comply with relevant Indian security practices under the IT Act and Google’s data protection policies to safeguard your information.

8. Who We Share Data With

Rootel InvesTree is committed to protecting your privacy and ensuring that your personal data is used only for the purposes stated in our Privacy Policy. We do not share your personal data with third parties except as described below, in compliance with Google policies and Indian laws.

a. Third-Party Service Providers

We may share your data with third-party service providers to help us operate, maintain, and improve our platform. These third-party providers may include:

1. Payment Processors - For transactions involving fractional ownership in real estate or any financial activity, we may share your data with payment gateways and financial institutions that facilitate secure payments and transfers.
2. Cloud Services - Your data may be stored on cloud platforms operated by third-party providers such as Amazon Web Services (AWS) or Google Cloud, who help us store and manage your data securely.
3. Analytics Providers - We may share data with analytics platforms such as Google Analytics to gather information on how users interact with our website, which helps us improve functionality and user experience. As these third-party services may collect and analyze data on our behalf, they are prohibited from using that data for their own purposes.
4. Advertising Partners - We may share limited data with advertising networks like Google Ads or Facebook Ads to serve personalized advertisements based on your browsing behavior and interests. As these services may track user interactions with our ads and offer targeted advertising, but we ensure compliance with data protection laws and provide users with options to opt-out of personalized ads.
5. Legal and Regulatory Authorities - We may be required to share your personal data with law enforcement or other regulatory bodies in accordance with Indian laws, including but not limited to the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, the Personal Data Protection Bill, 2019, and other applicable legal requirements**. This includes sharing data in response to legal processes, such as a court order, government request, or when necessary to protect our rights or those of others.

b. Compliance with Google Policies

1. Data Sharing for Legal Compliance - In accordance with Google's policies, we may share your data to comply with applicable laws, regulations, or legal processes, including requests from government agencies. This may include sharing personal information if required by Google's Terms of Service or Privacy Policy, such as for maintaining compliance with data retention or security measures.
2. Data Processing by Third Parties - Google’s advertising services (such as Google Ads) may receive certain data about you when you interact with our platform. However, as a data controller, Rootel InvesTree is responsible for ensuring that these third parties process your data in accordance with applicable laws.

c. Transfer of Data to Other Countries

• In certain cases, we may share your data with third parties located in countries outside of India, especially if our third-party service providers are based in countries such as the United States or the European Union.
• These transfers will be conducted in compliance with relevant data protection laws, including the General Data Protection Regulation (GDPR) if applicable, and Indian laws. We will take all reasonable steps to ensure that your personal data is treated securely and in accordance with this Privacy Policy.

d. Aggregated or Anonymized Data

• We may share aggregated or anonymized data with third parties for various purposes, including analysis, research, and business development. Such data will not personally identify you and is not subject to the same legal restrictions.

e. With Your Consent

• In some instances, we may seek your explicit consent to share your data with certain third parties for purposes other than those listed in this Privacy Policy.
• You will always have the option to grant or withdraw your consent for such data sharing.

f. Who We Do Not Share Data With

• We will not sell, rent, or lease your personal data to third parties for their marketing purposes.
• We will not share your data with any third parties for any purposes other than those described in this Privacy Policy, unless required by law.

g. Your Data Protection Rights

• As per Indian laws (especially under the Personal Data Protection Bill, 2019), you have the right to request access to your data, correct any inaccuracies, or request deletion of your data, subject to certain exceptions.
• You also have the right to object to or restrict the processing of your data in some circumstances, and to withdraw consent at any time where applicable.

9. Compliance, Fraud Protection, and Safety

Rootel InvesTree is committed to maintaining the safety, security, and integrity of your personal data and financial transactions. This section outlines our approach to ensuring compliance, fraud protection, and safety in line with Indian laws and Google's policies.

a. Compliance with Indian Laws

We ensure full compliance with applicable Indian laws relating to data protection, fraud prevention, and business operations. This includes, but is not limited to, the following:

• The Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011: Rootel InvesTree follows the standards set by the IT Rules, 2011 to secure sensitive personal data or information (SPDI). This includes implementing reasonable security measures to protect your personal data from unauthorized access, disclosure, alteration, and destruction. As Rootel InvesTree conduct regular audits and assessments of our data security practices to ensure we are meeting these standards.
• The Personal Data Protection Bill, 2019 (pending law): Rootel InvesTree acknowledges the potential provisions of the Personal Data Protection Bill as it aims to regulate the processing of personal data in India. We proactively ensure compliance with the anticipated framework and aim to protect the rights of individuals regarding their personal data.
• Know Your Customer (KYC) and Anti-Money Laundering (AML) Compliance: Rootel InvesTree complies with the KYC and AML regulations under Indian laws, including those mandated by the Reserve Bank of India (RBI). This involves collecting and verifying personal and financial information to ensure that transactions are legitimate and comply with Indian financial regulations. As we implement a robust KYC process to verify identities and prevent money laundering and other fraudulent activities within the platform.
• The Prevention of Money Laundering Act, 2002 (PMLA): We comply with the PMLA, which mandates financial institutions and businesses involved in the transfer of funds to monitor and report suspicious activities. Our platform follows the due diligence process to detect, investigate, and report any potential money laundering activities.
• Consumer Protection Act, 2019: We adhere to consumer protection guidelines as set out by the Consumer Protection Act, ensuring that your data is handled responsibly and that you have avenues for grievance redressal in case of any data breaches, security concerns, or issues related to fraud.

b. Fraud Protection and Detection

Protecting users from fraud is a top priority for Rootel InvesTree. We employ a combination of measures to detect, prevent, and mitigate fraud within the platform:

• Transaction Monitoring: We monitor all transactions in real-time to identify any unusual or potentially fraudulent activities, such as high-value transactions, multiple failed attempts, or unusual geographical patterns. As our system automatically flags suspicious activities for further investigation, ensuring that you are not impacted by fraudulent transactions.
• Two-Factor Authentication (2FA): To protect your account and transactions, we use two-factor authentication (2FA) for login and sensitive operations. This adds an extra layer of security by requiring a second form of authentication (such as a one-time password sent to your registered phone number) in addition to your username and password.
• Secure Payment Processing: Rootel InvesTree uses secure, encrypted payment gateways to process financial transactions. These payment gateways comply with the highest security standards, including Payment Card Industry Data Security Standards (PCI DSS), ensuring that your payment details are protected during every transaction.
• Data Encryption: We encrypt sensitive information, including personal and financial data, both at rest and in transit, using industry-standard encryption protocols. This protects your data from unauthorized access while it is being stored or transmitted across networks.
• Machine Learning and AI-based Fraud Detection: We employ machine learning algorithms and AI-based technologies to detect and prevent fraudulent activities, such as fake account creation, unauthorized access, or fraudulent transactions. These systems are constantly updated to adapt to new and evolving fraudulent tactics.

c. Safety Measures

We take comprehensive safety measures to ensure that your data, investments, and personal information are always secure:

• Data Minimization: We only collect and process the minimum amount of data necessary to fulfill the purposes of providing our services. This helps mitigate the risk of exposure and ensures your privacy.
• Access Control: We have strict internal policies in place to control access to personal and financial data. Only authorized personnel have access to sensitive data, and their access is monitored and logged for auditing purposes.
• User Education: Rootel InvesTree provides information to users on how to protect their personal and financial data, including how to recognize phishing attempts, avoid fraudulent offers, and ensure safe transactions on the platform. We regularly update users about any potential security risks and provide guidance on maintaining the safety of their accounts.
• Incident Response Plan: In the event of a data breach or security incident, we have an Incident Response Plan in place to quickly mitigate the impact, investigate the incident, and notify affected users as per Indian laws and Google’s policies. We notify affected users within the timelines stipulated by Indian law and provide necessary steps to protect their data.

d. Compliance with Google’s Policies

Rootel InvesTree also complies with Google’s policies on fraud prevention, security, and compliance. Google’s services (such as Google Analytics, Google Ads, and Google Cloud) adhere to strict data protection and security standards. Rootel InvesTree follows these policies to ensure that your data is handled securely across all platforms we use.

• Google Ads Fraud Detection: Google Ads uses machine learning and AI to detect fraudulent clicks and fraudulent advertising practices. Rootel InvesTree leverages these systems to ensure the integrity of our ad campaigns.
• Google Cloud Security Compliance: Rootel InvesTree uses Google Cloud for storing and processing data, ensuring that we comply with the highest security standards outlined in Google’s compliance documentation (including certifications such as ISO/IEC 27001).

e. Reporting Fraud or Security Issues

If you suspect any fraudulent activity or security concerns, we encourage you to report it immediately by contacting our customer support team. We take all reports seriously and will investigate the issue promptly.

Contact Information:

• Email: info@rootelinvestree.com
• Phone: +91 9619702122
• Address: Rootel InvesTree, Hiranandani Estate, Ghodbunder Road, Thane (w) - 400607, Maharashtra, India.

f. User Rights in Relation to Compliance, Fraud Protection, and Safety

As a user of Rootel InvesTree, you have the following rights regarding your data:

• Right to Access: You can request information about your personal data and how it is processed, including details about security measures in place to protect your data.
• Right to Rectification: You can request corrections to any inaccurate or incomplete information.
• Right to Data Deletion: You can request the deletion of your data, subject to any legal or regulatory retention requirements.
• Right to Lodge a Complaint: If you believe that your data protection rights have been violated, you can lodge a complaint with the relevant authorities, such as the Indian Data Protection Authority (once established).

10. Basis of Processing

Rootel InvesTree processes personal data in accordance with Google’s policies and Indian laws. This section outlines the legal grounds on which we process your personal data, ensuring transparency and compliance with applicable regulations.

a. Basis of Processing under Indian Laws

Under Indian data protection laws, particularly the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the Personal Data Protection Bill, 2019 (pending law), personal data processing must be based on one or more legal grounds. The main legal grounds for processing your personal data include:

• Consent (Article 7 of the Personal Data Protection Bill, 2019) - We process your personal data based on your explicit consent, especially in cases involving sensitive personal data (SPDI) such as financial information. By interacting with our platform, registering an account, or engaging in real estate transactions, you are providing your consent for us to process your data in line with this Privacy Policy. You can withdraw your consent at any time, subject to legal and contractual limitations, by contacting us through the support channels mentioned.
• Performance of a Contract (Article 6(1)(b) of the GDPR) - We process your personal data to perform our contract with you, which includes providing services related to fractional ownership of real estate and processing transactions on the Rootel InvesTree platform. This includes activities such as:
  • Verifying your identity.
  • Facilitating financial transactions.
  • Providing access to the real estate services and platforms.
  • Communicating regarding updates, promotions, or relevant changes to our services.
• Compliance with Legal Obligations (Article 6(1)(c) of the GDPR) - We process your data when required to comply with our legal obligations under Indian laws. This includes:
  • KYC (Know Your Customer) and AML (Anti-Money Laundering) compliance to prevent money laundering, fraud, and other illegal activities.
  • Compliance with tax regulations, consumer protection laws, and any other legal or regulatory requirements that apply to the real estate business.
• Legitimate Interests (Article 6(1)(f) of the GDPR) - Rootel InvesTree processes personal data based on legitimate interests where necessary, for example:
  • Improving our services and the user experience.
  • Detecting and preventing fraud or illegal activities.
  • Providing customer support.
  • Performing business analysis to improve the platform's efficiency.
• Vital Interests (Article 6(1)(d) of the GDPR) - In rare cases, we may process your data to protect your vital interests, for example, in cases of emergency where we need to notify you of security risks or breaches that might directly impact your financial investments or personal safety.
• Public Interest or Official Authority (Article 6(1)(e) of the GDPR) - We may process personal data in cases where such processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority, which aligns with the functions or purposes set forth by applicable laws, such as providing services related to fractional ownership and real estate investments in India.

b. Basis of Processing under Google’s Policies

In addition to compliance with Indian laws, Rootel InvesTree also ensures that its processing of data is aligned with Google’s policies (specifically for services like Google Analytics, Google Ads, Google Cloud, etc.):

1. Consent - For certain Google services like Google Analytics and Google Ads, we obtain consent from users to process data related to their usage of our website, platform, and services. This is done in compliance with Google’s data processing agreements and policies. Consent is obtained either through cookie banners or when users sign up for personalized services that involve tracking or ads.
2. Contractual Necessity - When users engage with Rootel InvesTree’s services (e.g., signing up for fractional ownership or completing a real estate transaction), Google’s services may be used to process and analyze user data for performance optimization. This processing is done to fulfill the contractual obligations to users, such as improving the service delivery and transaction experience.
3. Legitimate Interests - In accordance with Google's policies, Rootel InvestTree processes data based on legitimate interests when using Google services for advertising, analytics, or product improvements. This includes processing data to:

• Improve the performance of our website and platform.
• Offer targeted advertisements in line with users’ preferences and interests.
• Ensure the delivery of relevant content and personalized services to users.

4. Legal Compliance - Rootel InvestTree ensures that any data processing carried out using Google's services complies with Indian laws and Google's data protection regulations. For example, Google’s Cloud services are compliant with international data protection standards, including the General Data Protection Regulation (GDPR), and are incorporated into Rootel InvestTree’s data processing agreements as needed.

c. Data Processing Agreements and Third-Party Services

Rootel InvestTree enters into Data Processing Agreements (DPA) with third-party service providers, including Google. These agreements ensure that any third-party processing of personal data adheres to the following principles:

• Processing personal data only for specified purposes.
• Ensuring security measures to protect data from unauthorized access.
• Restricting data access to authorized personnel only.
• Complying with data protection laws and regulations applicable to India and Google policies.

d. Changes to Processing Grounds

Rootel InvestTree may update the basis for processing personal data if there are changes in legal requirements, contractual terms, or if new purposes for processing arise. Users will be informed of any such changes through updates to this Privacy Policy. We will also provide the necessary mechanisms to ensure that any processing based on consent is revalidated when required.

e. Data Access and User Rights

As part of our compliance with Indian laws and Google’s policies, you have the following rights regarding your personal data:

• Right to Access: You may request access to the personal data we hold about you and inquire about how it is processed.
• Right to Rectification: You can request correction of inaccurate or incomplete personal data.
• Right to Erasure: You may request deletion of your data, subject to our legal obligations or the necessity of processing for business purposes.
• Right to Object: You can object to data processing based on legitimate interests or request that we limit processing under certain conditions.

For any inquiries related to your data rights or the processing grounds, please contact our customer support team.

11. Cookies and Tracking Technologies

Rootel InvesTree uses cookies and similar tracking technologies to improve user experience, provide personalized services, and collect analytical data. This section explains how we use these technologies in accordance with Indian laws and Google policies.

a. What are Cookies and Tracking Technologies?

• Cookies are small files stored on your device when you visit a website or use an app. They are commonly used to make websites work or function more efficiently, and to provide information to the website owner.
• Tracking Technologies such as web beacons, pixels, and local storage are also used to gather information about how users interact with the website or app.

These technologies help us understand your preferences, improve functionality, and personalize your experience on Rootel InvesTree’s platform.

b. Types of Cookies and Tracking Technologies Used

1. Essential Cookies: These cookies are necessary for the basic functionality of the website or app. Without them, services such as secure login, cart functionality, and transaction processing would not work. Examples: Session cookies, authentication cookies, etc.
2. Performance and Analytical Cookies: These cookies collect data about how users interact with our website or app, such as which pages are visited most often or if users receive error messages. The information helps us improve the performance of our platform. Examples: Google Analytics, Hotjar, etc.
3. Functional Cookies: These cookies allow us to remember your preferences (such as language, region, or login details) to provide a more personalized experience. Examples: Language preference cookies, font size cookies, etc.
4. Advertising and Targeting Cookies: These cookies are used to deliver personalized advertisements to users based on their browsing habits or interests. These cookies are used to track users across websites for advertising and marketing purposes. Examples: Google Ads, Facebook Pixel, etc.
5. Third-Party Cookies: Third-party services (such as Google, Facebook, and analytics platforms) may set their own cookies through our website to track user behavior and serve relevant ads. Examples: Cookies from social media platforms, third-party analytics cookies, etc.

c. How We Use Cookies and Tracking Technologies

1. Improving User Experience: We use cookies and tracking technologies to remember your preferences, such as language selection or login credentials, so you don’t have to re-enter them every time you visit our platform.
2. Analytics and Performance Tracking: We use tools like Google Analytics to track how users interact with our platform. This helps us improve the website’s functionality and ensure we’re providing valuable content and services.
3. Marketing and Personalization: We may use cookies for targeted advertising and personalized marketing. This allows us to show you relevant ads on other websites or apps based on your interactions with our platform.
4. Security and Fraud Prevention: Certain cookies are essential for ensuring the security of our platform, preventing fraudulent activities, and maintaining the integrity of transactions made through Rootel InvesTree.

d. Cookie Consent and Management

When you first visit our website, you will be prompted with a cookie consent banner asking for your permission to use cookies and other tracking technologies. By clicking "Accept," you agree to our use of cookies as outlined in this policy.

If you do not wish to allow the use of cookies, you can manage your cookie preferences. This can be done in the following ways:

1. Cookie Settings on the Website: You can adjust your cookie preferences at any time by clicking the “Cookie Settings” link in the footer of the website. This will allow you to enable or disable certain types of cookies.
2. Browser Settings: Most modern browsers allow you to block or delete cookies. You can adjust your cookie settings through the privacy or settings section of your browser. Please note that disabling cookies may affect your ability to use certain features of the website.
3. Opt-Out of Google Analytics: If you do not want Google Analytics to collect data about your website usage, you can install the Google Analytics Opt-Out Browser Add-On on your browser. This add-on prevents data from being sent to Google Analytics.
4. Opt-Out of Targeted Advertising: If you wish to opt-out of personalized advertising, you can visit the Google Ads Settings page: https://adssettings.google.com to adjust your ad preferences.

e. Data Retention Period for Cookies

Cookies will be retained on your device for the duration of your session or as per the expiration date specified for persistent cookies. If you have opted out of cookies or restricted their usage, certain features of our platform may not work as intended.

f. Compliance with Indian Laws and Google Policies

1. Indian Laws: As per India’s Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 and the Personal Data Protection Bill, 2019, Rootel InvesTree ensures transparency and compliance in collecting and processing cookies. We inform users about the data being collected and give them control over their preferences.
2. Google Policies: Rootel InvesTree adheres to Google's policies on data privacy and advertising. We ensure that third-party cookies, such as Google Ads and Google Analytics, comply with applicable privacy laws and regulations, and we provide users with options to opt-out.

g. Your Rights Regarding Cookies

Under Indian laws and Google's policies, you have the following rights regarding cookies:

• Right to Withdraw Consent: You may withdraw your consent for the use of cookies at any time by adjusting your cookie settings or through your browser settings.
• Right to Opt-Out: You can opt-out of personalized advertisements and analytics through the respective platforms (such as Google Ads and Google Analytics).
• Right to Data Deletion: You have the right to request the deletion of cookies and related data in accordance with our Privacy Policy.

h. Updates to This Cookie Policy

We may update this Cookie Policy from time to time to reflect changes in technology, legal obligations, or business practices. We will notify you of any significant changes by updating the date at the top of this policy and providing relevant notices.

12. How Users Can Opt Out

Rootel InvesTree respects your privacy and provides several ways for users to opt out of data collection, processing, or marketing activities in accordance with Indian laws and Google’s policies. Below are the different options available for users to manage their preferences and opt out of various services:

a. Opting Out of Marketing Communications

1. Email Opt-Out: If you no longer wish to receive promotional emails, newsletters, or marketing communications from us, you can unsubscribe at any time by clicking on the “Unsubscribe” link provided in the footer of the email. Alternatively, you can contact our support team at support@rootelinvestree.com to request the cessation of such communications.
2. SMS/Push Notifications Opt-Out: If you wish to stop receiving promotional SMS or push notifications, you can unsubscribe directly through the settings on your mobile device or app, or opt-out by contacting our support team. For mobile app users, you can also adjust your notification preferences through the settings menu of the app.
3. Google Ads Personalization: If you wish to opt out of personalized advertising through Google Ads, you can do so by visiting the Google Ads Settings page: https://adssettings.google.com. This will allow you to control and disable personalized ads. You can also adjust your ad preferences by clicking on the “Ad Choices” icon available on Google Ads.

b. Opting Out of Data Collection (Cookies & Tracking Technologies)

1. Cookie Settings: When you visit our website or use our platform, we use cookies and similar tracking technologies for improving the user experience, analytics, and marketing. You can opt out of certain cookie categories by managing your cookie preferences in the pop-up cookie consent banner displayed on the website. You can also configure your browser settings to block cookies or delete them manually through your browser’s privacy settings. Please note that disabling cookies may impact the functionality of certain parts of our website or platform.
2. Google Analytics Opt-Out: If you do not wish to allow Google Analytics to collect your data, you can use the Google Analytics Opt-Out Browser Add-On. This add-on is available for popular web browsers and can be downloaded from Google’s official website. It prevents Google Analytics from collecting data about your website visits. Alternatively, you can adjust your preferences on your Google account settings.

c. Opting Out of Data Processing for Third-Party Services

1. Third-Party Data Processing (Google Services): As part of our use of third-party services like Google Cloud, Google Ads, and Google Analytics, you can manage your preferences through your Google Account settings. For Google Ads and Google Analytics, you can opt-out by visiting Google’s Ad Settings or Google Analytics Opt-Out options.
2. Opting Out of Financial Transaction Tracking: If you prefer not to have your financial transactions processed or monitored by third-party services such as payment gateways, you can choose not to engage in such transactions or request alternate payment options by contacting our support team. Keep in mind that opting out of transaction tracking may limit your ability to engage in certain business activities or transactions through our platform.

d. Account Deletion (Right to Erasure)

If you wish to have your personal data deleted or your account terminated with Rootel InvesTree, you can submit a request by contacting our support team at support@rootelinvestree.com. We will respond to your request in a timely manner and take appropriate action in compliance with applicable laws.

Please note that data deletion may be subject to certain legal obligations, such as financial recordkeeping requirements or compliance with tax regulations.

e. Managing Your Preferences for Financial Risk and Real Estate Transactions

Due to the nature of our services, which include real estate investment and fractional ownership, some data processing is necessary for the completion of transactions, verification, and compliance with legal requirements. If you wish to opt out of these processes, you may need to refrain from engaging in transactions or investments through Rootel InvesTree. If you wish to stop receiving transaction-related communications, you can contact our support team.

f. Contacting Support for Opting Out

For any further assistance in opting out of data collection, processing, or communications, or if you have concerns about how your data is being processed, you can contact us through the following methods:

• Email: support@rootelinvestree.com
• Phone: +91 9619702122
• Postal Address: Rootel InvesTree, Hiranandani Estate, Ghodbunder Road, Thane (w) - 400607, Maharashtra, India.

Our support team will assist you in managing your preferences in accordance with Indian laws and Google’s policies.

g. Legal Rights and Data Protection

As per Indian laws and Google’s policies, users also have the right to:

• Request Access: You may request access to the personal data we hold about you.
• Request Correction: You may request to correct any inaccurate or incomplete data.
• Request Deletion: You may request deletion of your personal data in certain circumstances.
• Object to Processing: You may object to the processing of your data under certain conditions.
• Withdraw Consent: You may withdraw your consent for data processing at any time, subject to our legal obligations.

To exercise these rights, please reach out to our customer support team.

13. Access and Correction of Your Personal Data

Rootel InvesTree is committed to ensuring the accuracy and privacy of your personal data. As per Indian laws and Google policies, you have the right to access, correct, and update your personal data that we collect and maintain.

a. Access to Your Personal Data

You have the right to access the personal data we hold about you. This includes information such as:

• Your account information, including contact details and preferences.
• Transaction history related to fractional ownership or any other services availed through Rootel InvesTree.
• Data generated from your interactions with our platform, including usage data, cookies, and activity logs.

To request access to your personal data, you may contact us at support@rootelinvestree.com. We will respond to your request in accordance with Indian laws and within a reasonable timeframe.

b. Correcting and Updating Your Personal Data

We aim to keep your personal data accurate, complete, and up-to-date. If you believe that any of the personal data we hold about you is inaccurate or incomplete, you have the right to request corrections.

To correct or update your personal information, you can:

1. Access your account settings on the Rootel InvesTree website or app and make changes to your profile information.
2. Contact our support team at support@rootelinvestree.com with a request to correct specific data.

We will make the necessary updates or corrections as per your request, unless we have a legitimate reason not to do so, such as complying with legal obligations or contractual requirements.

c. Right to Data Portability

Under Indian laws (especially under the Personal Data Protection Bill, 2019), you may have the right to request a copy of your personal data in a structured, commonly used, and machine-readable format. This enables you to transfer your data to another service provider if you so wish.

If you wish to exercise your right to data portability, please contact our support team at support@rootelinvestree.com.

d. Right to Request Deletion of Personal Data

In certain circumstances, you have the right to request the deletion of your personal data. For example, you can request deletion of your data if:

• The data is no longer needed for the purposes for which it was collected.
• You withdraw your consent, and we have no legal basis to continue processing the data.
• The data is being processed unlawfully.

To request the deletion of your personal data, please send a request to support@rootelinvestree.com. We will assess the request in accordance with applicable laws and notify you of the outcome.

Please note that certain data may be retained for legal, regulatory, or security reasons, even after you request its deletion.

e. Withdrawing Consent

You have the right to withdraw your consent at any time for the collection and processing of your personal data. This withdrawal of consent will not affect the lawfulness of processing that was based on your consent before its withdrawal.

To withdraw your consent, you can contact us at support@rootelinvestree.com. Upon withdrawal, we may still process certain data if required for legal obligations or legitimate interests.

f. Data Security and Protection

We take appropriate security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. However, please note that no data transmission over the internet is entirely secure, and we cannot guarantee absolute security of your data.

We will notify you promptly in case of a data breach or security incident involving your personal data, in compliance with applicable laws.

g. Contact Us

If you would like to access, correct, update, or delete your personal data, or if you have any other concerns regarding your data privacy, please contact us at:

• Email: support@rootelinvestree.com
• Phone: +91 9619702122
• Address: Rootel InvesTree, Hiranandani Estate, Ghodbunder Road, Thane (w) - 400607, Maharashtra, India.

We will process your request in accordance with Indian laws and Google policies.

14. Data Processing

At Rootel InvesTree, we process your personal data in accordance with Indian laws and Google policies to ensure your data is handled responsibly and securely. This section outlines the key principles of how we process your data, including the legal bases for processing, the purposes for which we process it, and the safeguards in place.

a. Legal Basis for Data Processing

We process your personal data based on one or more of the following legal bases under Indian laws (including the Personal Data Protection Bill, 2019) and Google’s policies:

1. Consent: We process your data based on the consent you provide when you interact with our platform. This includes signing up for our services, using our platform, or accepting our Privacy Policy. You have the right to withdraw consent at any time, but this will not affect the lawfulness of processing prior to withdrawal.
2. Contractual Necessity: We process your personal data when necessary for the performance of a contract with you or to take steps at your request before entering into a contract. This applies to situations such as processing transactions related to fractional ownership, managing your account, and providing you with the services requested.
3. Legal Obligations: We may process your data when required to comply with legal obligations under Indian laws, such as regulations related to financial transactions, tax laws, or anti-money laundering (AML) compliance.
4. Legitimate Interests: We may process your data when it is necessary for the legitimate interests pursued by Rootel InvesTree or a third party, provided that such interests do not override your rights and freedoms. For example, we may process your data to enhance our services, improve customer experience, and conduct analytics for business operations.
5. Vital Interests: In rare cases, we may process your data to protect your vital interests or the interests of others, such as in an emergency situation where personal data is necessary for life-saving purposes.

b. Purposes for Data Processing

We process your personal data for the following purposes, in accordance with Indian laws and Google’s policies:

1. Providing Services: To provide you with access to fractional ownership in real estate, manage transactions, and ensure that your investments are securely processed.
2. Account Management: To create and manage your account, provide customer support, and address any issues or requests you may have regarding our platform.
3. Improvement and Customization of Services: To enhance the features of the platform, including the introduction of new services or functionalities, and to personalize the experience for you based on your preferences and interactions.
4. Marketing and Communication: To send you relevant information about new features, updates, promotions, and services related to Rootel InvesTree, in compliance with Indian laws regarding marketing communications. You may opt out of these communications at any time.
5. Fraud Prevention and Security: To detect and prevent fraudulent activities, monitor transactions, and ensure the integrity and security of our platform. We may process your data for security assessments and to prevent unauthorized access or activities.
6. Legal Compliance: To ensure compliance with financial regulations, tax laws, AML requirements, and other legal obligations in India, and to respond to law enforcement or regulatory inquiries as necessary.

c. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. This includes:

• Transactional data: Retained for a period necessary to complete your transactions and comply with regulatory requirements.
• Account data: Retained as long as your account is active or as needed to provide you with our services.
• Compliance data: Retained for as long as required by applicable legal obligations (such as tax records or regulatory audits).

Once your data is no longer required for the purposes stated above, we will securely delete or anonymize it in compliance with applicable laws.

d. Data Processing Outside India

In some cases, we may share your data with third-party service providers located outside of India (e.g., cloud hosting services, payment processors, etc.). In these cases, we ensure that your data is processed in compliance with Indian data protection laws and contractual safeguards, including the implementation of data transfer agreements and ensuring that your rights under Indian law are upheld.

e. Safeguards for Data Processing

We take appropriate technical and organizational measures to ensure that your personal data is processed securely and in accordance with legal requirements, including:

• Encryption of sensitive data during transmission (e.g., payments and financial data).
• Access controls and user authentication mechanisms to ensure that only authorized personnel can access personal data.
• Data anonymization or pseudonymization to reduce risks in case of data breaches.
• Regular security audits and assessments to ensure the integrity and security of our data processing practices.

f. Your Rights Regarding Data Processing

As a data subject under Indian laws, you have the following rights regarding the processing of your personal data:

1. Access: You can request information about the personal data we process and obtain a copy of your data.
2. Correction: You can request corrections to inaccurate or incomplete personal data.
3. Deletion: You can request the deletion of your personal data under certain circumstances, subject to applicable legal exceptions.
4. Restriction of Processing: You can request that we restrict the processing of your data in certain situations.
5. Data Portability: You can request a copy of your personal data in a machine-readable format for transfer to another service provider.

For more details on exercising these rights, please contact us at support@rootelinvestree.com.

g. Processing by Third Parties

We may engage third-party processors (e.g., payment processors, cloud storage providers, and marketing platforms) to process your personal data on our behalf. These third-party processors are bound by strict data processing agreements to ensure that your data is processed in compliance with Indian laws and Google’s policies.

h. Data Protection and Security

We are committed to protecting your personal data and take various steps to secure your data, including using encryption and firewalls. However, no method of electronic transmission is 100% secure, and we cannot guarantee absolute security of your data.

For any further inquiries or requests regarding the processing of your personal data, please reach out to us at:

• Email: support@rootelinvestree.com
• Phone: +91 9619702122
• Address: Rootel InvesTree, Hiranandani Estate, Ghodbunder Road, Thane (w) - 400607, Maharashtra, India.

This section ensures that Rootel InvesTree complies with Indian data protection laws (including the Personal Data Protection Bill, 2019) and adheres to Google's policies on data processing.

15. Data Protection and Measures

Rootel InvesTree is committed to safeguarding your personal data and ensuring that it is processed in a secure manner. We implement comprehensive technical, organizational, and administrative measures to protect your personal information from unauthorized access, misuse, or disclosure. These measures are in line with Indian data protection laws, Google's policies, and best practices in the industry.

a. Security Measures Implemented

To protect your personal data, we have implemented several technical and organizational security measures to ensure the confidentiality, integrity, and availability of the data, including but not limited to:

1. Encryption: All sensitive personal data transmitted via our website or app (e.g., financial information, login credentials, and payment data) is encrypted using Secure Socket Layer (SSL) or Transport Layer Security (TLS) protocols to prevent unauthorized access during transmission.
2. Firewalls and Network Security: We utilize firewalls, intrusion detection systems (IDS), and intrusion prevention systems (IPS) to monitor and protect against unauthorized access and attacks on our network infrastructure.
3. Secure Data Storage: Personal data is stored on secure servers with appropriate access controls. Access to your data is limited to authorized personnel based on their roles and responsibilities, and sensitive data is stored in encrypted or masked formats when appropriate.
4. Two-Factor Authentication (2FA): For users and employees accessing sensitive data, we utilize two-factor authentication (2FA) to add an extra layer of security to ensure that only authorized individuals can access personal data.
5. Regular Security Audits: We conduct regular security audits and assessments of our infrastructure, including vulnerability scans and penetration testing, to identify and resolve any security weaknesses.
6. Backup and Disaster Recovery: We perform regular data backups and have a disaster recovery plan in place to ensure the availability and recovery of personal data in case of any unforeseen incidents, such as server failures or cyberattacks.

b. Organizational Measures

1. Access Control: We maintain strict access control policies and only grant access to personal data on a need-to-know basis. Access to personal data is granted to employees based on their roles and responsibilities, ensuring that only authorized individuals can process and access sensitive data.
2. Employee Training and Awareness: We regularly train our employees on data protection principles, cybersecurity best practices, and the handling of personal data in compliance with applicable Indian laws and Google policies. Employees are required to adhere to strict confidentiality agreements and security policies.
3. Incident Response Plan: We have a well-defined incident response plan in place to address any potential data breaches or security incidents. In the event of a data breach, we will promptly notify affected users and take corrective actions to mitigate any potential risks.

c. Data Minimization and Retention

1. Data Minimization: We collect and process only the personal data necessary for the specific purposes outlined in our Privacy Policy. We strive to minimize the amount of data we collect and store, and avoid unnecessary retention of personal information.
2. Data Retention Policy: Personal data is retained only for as long as required to fulfill the purposes for which it was collected or as mandated by legal obligations. Once data is no longer required, it is securely deleted or anonymized in accordance with our data retention policy.

d. User Rights and Control

1. Data Access and Correction: As a user, you have the right to access your personal data and request corrections if any of the data we hold is inaccurate or incomplete. For more information on how to access and correct your data, please refer to our Access and Correction section.
2. Right to Deletion: You have the right to request the deletion of your personal data under certain circumstances. However, certain data may need to be retained for legal, regulatory, or business reasons. Please refer to our Access and Correction section for further details.

e. Third-Party Processors and Data Transfers

1. Third-Party Service Providers: We may share your personal data with trusted third-party service providers who help us in operating our platform, conducting business activities, or providing customer support (e.g., payment processors, cloud hosting providers, and data analytics services). These third parties are subject to contractual obligations that ensure the protection of your personal data.
2. Data Transfers: In some cases, personal data may be transferred to countries outside of India for processing, particularly if our service providers or partners are located internationally. In such cases, we ensure that appropriate safeguards are in place, including data processing agreements and mechanisms for ensuring compliance with Indian data protection laws.

f. Compliance with Data Protection Laws

1. Indian Laws: Rootel InvesTree complies with Indian data protection laws, including the Personal Data Protection Bill, 2019 (if passed), and any other applicable regulations. We ensure that our data protection practices align with the latest legal requirements and best practices in the country.
2. Google Policies: Rootel InvesTree also adheres to Google’s data protection policies and Google’s Privacy Policy when utilizing Google’s services or platforms for processing, storage, or analytics purposes.

g. Data Breach Notification

In the event of a data breach, we are committed to promptly informing the relevant authorities and affected individuals in compliance with applicable laws, including Indian data protection regulations. We will outline the nature of the breach, the potential impact, and the steps we are taking to mitigate risks and prevent further incidents.

If you suspect any unauthorized access to your personal data, please contact us immediately at support@rootelinvestree.com.

h. Limitations of Data Security

While we strive to protect your personal data with the highest level of security, no method of electronic transmission or storage is completely secure. We cannot guarantee the absolute security of your data. Therefore, we recommend that you also take steps to protect your account, such as using strong passwords and ensuring that your devices are secure.

i. Contact Us

If you have any concerns about the security of your personal data or require additional information regarding our data protection practices, please contact us at:

• Email: support@rootelinvestree.com
• Phone: +91 9619702122
• Address: Rootel InvesTree, Hiranandani Estate, Ghodbunder Road, Thane (w) - 400607, Maharashtra, India.

16. Third-Party Service Providers

Rootel InvesTree may share your personal data with trusted third-party service providers to assist in delivering our services, maintaining the platform, or improving our operations. These third parties are essential for the functioning of our business and may include, but are not limited to, payment processors, hosting services, data analytics providers, cloud storage services, and marketing platforms. In accordance with Indian laws and Google policies, we take measures to ensure that your data is processed in a secure and compliant manner by third parties.

a. Categories of Third-Party Service Providers

1. Payment Processors: We may share payment-related information with third-party payment processors to facilitate transactions. These processors are responsible for securely handling your payment details in compliance with industry standards and regulations, including PCI DSS (Payment Card Industry Data Security Standard).
2. Hosting Providers and Cloud Services: Rootel InvesTree may use third-party cloud service providers or web hosting companies to store and process personal data. These providers help ensure the availability, security, and performance of our platform.
3. Data Analytics Providers: We may engage data analytics providers to gain insights into platform usage, enhance user experience, and improve our services. These providers may collect and analyze data regarding user interactions with the platform, which may include aggregated data but not personally identifiable information (unless otherwise stated).
4. Marketing and Advertising Services: To enhance our marketing efforts, we may share your data with marketing and advertising platforms, such as Google Ads, social media platforms, or email marketing tools, to deliver relevant advertisements and promotional materials based on your interests and preferences.
5. Customer Support and Communication Tools: We may use third-party customer support tools (such as live chat services, ticketing systems, or communication platforms) to assist in addressing user inquiries or providing support services. These third parties may collect and process information related to your customer support requests.
6. Legal, Compliance, and Fraud Prevention Services: Rootel InvesTree may share personal data with third-party providers to assist in legal matters, compliance with applicable laws, or fraud detection. These providers help us ensure that our platform operates in accordance with Indian laws, industry regulations, and to mitigate potential risks.
7. Business Transfer or Sale: In the event of a merger, acquisition, or sale of all or a portion of Rootel InvesTree’s business, your personal data may be transferred to the new entity or partner as part of the transaction. In such cases, we will notify you and update our privacy policy as appropriate.

b. Data Sharing Agreement

Before engaging any third-party service provider, we ensure that appropriate data processing agreements (DPAs) or contracts are in place. These agreements outline the third party’s obligations to ensure that they handle your data securely and in compliance with relevant laws, including Indian data protection regulations and Google’s policies. These third parties are required to implement adequate data protection measures and are only permitted to use your personal data for the specific purposes agreed upon, such as performing the services they are contracted for. They are prohibited from using your data for their own purposes.

c. International Transfers

In certain cases, your personal data may be processed by third-party service providers that are located outside of India. When such transfers occur, we take appropriate steps to ensure that your data is protected in accordance with Indian data protection laws and Google’s policies, including the use of Standard Contractual Clauses (SCCs) or other legal safeguards for international data transfers.

d. Data Security and Compliance

We ensure that any third-party service provider with whom we share your data has implemented adequate security measures to protect your personal information and that they comply with applicable laws, including the Indian Personal Data Protection Bill (PDPB) and Google’s policies. These providers are also required to notify us of any data breaches affecting your personal data.

e. Your Rights Regarding Third-Party Data Sharing

While Rootel InvesTree takes every precaution to ensure that third-party service providers handle your data responsibly, you have the right to inquire about how your data is shared and processed. You can request more information regarding the third parties with whom we share your data by contacting us at support@rootelinvestree.com.

17. Rights of Customers

As a customer or user of Rootel InvesTree, you have specific rights regarding your personal data under Indian data protection laws and Google's policies. These rights are designed to empower you with control over how your data is collected, processed, and used. We are committed to respecting and protecting your rights in accordance with applicable laws, and we have outlined the key rights below:

a. Right to Access

You have the right to request access to the personal data we hold about you. This includes information on:

1. What data we have collected: A description of the types of personal data collected, including any sensitive information.
2. How your data is being used: Information about the purposes for which your data is processed.
3. Who your data is shared with: Details of any third parties with whom your data has been shared.

To exercise your right to access, you may submit a written request to us via email at support@rootelinvestree.com. We will respond within the timeframes set by law.

b. Right to Rectification

If you believe that any of the personal data we hold about you is incorrect, incomplete, or outdated, you have the right to request that we correct or update it.

To request corrections, please contact us at support@rootelinvestree.com, and we will process your request promptly.

c. Right to Deletion

You have the right to request the deletion of your personal data under certain conditions. These conditions include, but are not limited to:

1. Your personal data is no longer necessary for the purposes it was collected.
2. You withdraw your consent and no other legal grounds for processing your data exist.
3. Your personal data was unlawfully processed.

Please note that we may not be able to fulfill a deletion request in cases where the data is required for legal or regulatory compliance, or if it is necessary for the performance of an agreement.

To request the deletion of your data, please contact us at support@rootelinvestree.com.

d. Right to Restriction of Processing

In some cases, you have the right to request that we restrict the processing of your personal data. This means that while we are allowed to store your data, we cannot further process it unless:

1. You consent to the processing.
2. We are required to process the data for legal reasons.

You may request this restriction under circumstances such as:

• You contest the accuracy of the data, and we need time to verify it.
• You object to the processing, and we need to assess whether our legitimate interests outweigh your rights.

To exercise this right, please contact us at support@rootelinvestree.com.

e. Right to Data Portability

You have the right to receive a copy of your personal data in a structured, commonly used, and machine-readable format. Additionally, you have the right to request that we transfer this data directly to another data controller, where technically feasible.

To request data portability, please contact us at support@rootelinvestree.com.

f. Right to Object

You have the right to object to the processing of your personal data, especially in cases where:

1. We are processing data based on legitimate interests.
2. The data is being processed for direct marketing purposes.

If you object to the processing of your data, we will stop processing your data unless we have compelling legitimate grounds for processing that override your interests, rights, and freedoms.

To exercise your right to object, please contact us at support@rootelinvestree.com.

g. Right to Withdraw Consent

If you have provided your consent for us to process your personal data, you have the right to withdraw that consent at any time. Withdrawal of consent will not affect the lawfulness of processing based on consent before it was withdrawn.

You can withdraw consent for specific purposes such as marketing communications or data sharing with third-party providers. To withdraw consent, please contact us at support@rootelinvestree.com.

h. Right to Lodge a Complaint

If you feel that your rights regarding your personal data have been violated or if you are dissatisfied with how we process your data, you have the right to lodge a complaint with the Data Protection Authority in India or other relevant regulatory bodies.

In case of any concerns, you can also contact us directly, and we will strive to resolve the issue promptly.

i. Exercising Your Rights

To exercise any of the above rights, please submit a request in writing to support@rootelinvestree.com. We will respond to your request in accordance with applicable laws, and in no event will we take longer than 30 days to fulfill your request. If the request is complex or involves a large amount of data, we may extend the period for processing by an additional 60 days, and we will notify you of the delay.

We will verify your identity before processing your request to ensure that we are not sharing personal data with unauthorized parties. In some cases, we may need additional information from you to process the request.

18. Data Retention Limits

Rootel InvesTree is committed to ensuring that your personal data is not kept longer than necessary for the purposes for which it was collected, as per the Indian laws and Google's policies. We adhere to the principle of data minimization and ensure that personal data is retained for no longer than required, and securely deleted once it is no longer needed.

a. Retention Periods Based on Purpose

The retention period for your personal data is determined by the specific purposes for which it was collected. These purposes may include, but are not limited to, the provision of services, compliance with legal obligations, fraud prevention, and customer support. Below are the general guidelines for data retention:

1. Transaction and Financial Data: We retain data related to transactions, payments, and financial records for as long as necessary to comply with legal obligations (such as tax regulations, anti-money laundering requirements, and financial reporting), typically up to 5-7 years.
2. Customer Service and Support: If you have interacted with our customer support team, we will retain your personal data related to those interactions for as long as necessary to resolve the issue or provide continued support. Typically, this data is retained for up to 2 years after the last interaction.
3. User Account Information: We retain user account information, including registration data, for the duration of your active relationship with Rootel InvesTree. If you decide to deactivate or delete your account, we may retain your personal data for a period of time to comply with legal obligations, settle disputes, and enforce agreements, but we will not retain data longer than necessary.
4. Marketing and Promotional Data: Personal data collected for marketing purposes (e.g., email addresses for newsletters) will be retained for as long as you do not opt-out of receiving marketing communications. If you withdraw consent or unsubscribe, we will retain your information in a suppressed list to ensure that we do not send you further communications.
5. Legal and Regulatory Compliance: In cases where we are required to retain personal data to comply with legal, regulatory, or contractual obligations (e.g., for compliance with tax or anti-money laundering laws), we will retain such data for the legally required periods. This may be up to 10 years depending on the jurisdiction and the nature of the data.
6. Data Associated with Blockchain Transactions: As our business operates with blockchain technology, certain transactional data may be stored in the decentralized nature of the blockchain and may not be subject to deletion. We will retain necessary data related to blockchain transactions in accordance with our internal policies and for auditing and record-keeping purposes.

b. Anonymized and Aggregated Data

In some cases, we may retain data in an anonymized or aggregated form for analysis and research purposes. Since such data is not personally identifiable, it will not be subject to the same retention limits as personal data.

c. Data Retention Periods by Third-Party Providers

If we share your personal data with third-party service providers, the retention period may be subject to the provider's own data retention policies. We ensure that third-party service providers comply with the applicable data retention laws and regulations. However, we cannot guarantee that third-party providers will retain or delete your data according to our specific policies.

d. Data Deletion

Once your personal data is no longer necessary for the purposes for which it was collected or required to be retained under applicable legal obligations, we will take appropriate steps to ensure that it is securely deleted or anonymized.

You may request deletion of your personal data at any time, subject to legal exceptions (such as ongoing legal claims or compliance requirements). To request data deletion, please contact us at support@rootelinvestree.com.

e. Regular Review

We periodically review our data retention policies and practices to ensure that we comply with the Indian data protection laws and Google’s policies. If any changes to our data retention practices are made, we will update this Privacy Policy and notify you accordingly.

19. Anti-Money Laundering (AML) Policy

Rootel InvesTree is committed to maintaining the highest standards of compliance with Anti-Money Laundering (AML) regulations and Know Your Customer (KYC) guidelines under Indian laws and applicable international laws. Our platform is designed to prevent, detect, and report any activities related to money laundering or financing of terrorism. We implement strict policies to ensure that our services are not misused for such illegal activities.

a. Purpose of Anti-Money Laundering Measures

The primary goal of our AML policy is to prevent any illegal activity, including money laundering and financing of terrorism, through the services provided by Rootel InvesTree. As part of our business, we deal with transactions related to fractional ownership in real estate, which may involve substantial amounts of money. To ensure compliance with the law and minimize risks, we adopt the following:

1. Monitoring: Monitoring financial transactions for suspicious activities.
2. Verification: Conducting identity verification (KYC) of users to ensure they are not involved in illicit activities.
3. Reporting: Reporting suspicious activities to relevant authorities, such as the Financial Intelligence Unit (FIU-IND) in India, as required under Indian AML regulations.

b. Know Your Customer (KYC)

As per Indian regulations, businesses involved in financial transactions must verify the identity of their customers. Rootel InvesTree follows a robust KYC procedure to ensure that all users on the platform are properly identified. The KYC process includes:

1. Collecting Personal Information: Full name, date of birth, address, nationality, etc.
2. Document Verification: Users must submit valid government-issued identity proof (e.g., Aadhaar card, PAN card, passport) and proof of address (e.g., utility bills, bank statements).
3. Ongoing Monitoring: Regular monitoring of user activities to detect any suspicious or unusual patterns that may indicate money laundering activities.

c. Customer Due Diligence (CDD)

Rootel InvesTree performs Customer Due Diligence (CDD) measures to assess the risk level associated with each user or transaction. Depending on the risk profile of the user, additional scrutiny may be conducted, including enhanced due diligence (EDD).

Standard Due Diligence applies to low-risk customers, while Enhanced Due Diligence (EDD) applies to high-risk customers or transactions involving significant sums of money. EDD involves more rigorous scrutiny, such as:

1. Verifying the source of funds.
2. Reviewing the background of the customer, particularly in relation to politically exposed persons (PEPs), known criminals, or entities involved in high-risk industries.
3. Investigating transactions involving countries or regions with weak AML regulations.

d. Reporting Suspicious Activities

In compliance with the Prevention of Money Laundering Act, 2002 (PMLA), Rootel InvesTree reports suspicious transactions or activities to the Financial Intelligence Unit - India (FIU-IND). This includes any activity that could indicate the attempt to launder money or finance terrorism, such as:

1. Unusual transaction patterns (e.g., large or rapid transactions inconsistent with the user's history or profile).
2. Transactions involving high-risk countries known for lax AML regulations or terrorism financing activities.
3. Unexplained or unverified sources of funds used for fractional ownership investments.

e. Risk-Based Approach

Rootel InvesTree adopts a risk-based approach to AML compliance, where we focus our resources and attention on users and transactions that present a higher risk of involvement in money laundering or terrorism financing. We prioritize compliance with the following principles:

1. Proportionality: AML measures should be in proportion to the identified risks.
2. Transparency: Clearly communicating the company’s policies and measures regarding AML to customers and authorities.
3. Confidentiality: Ensuring that any information related to AML investigations or reports is kept confidential in accordance with applicable laws.

f. Employee Training

To ensure that our employees understand and effectively implement the AML policies, Rootel InvesTree provides regular training to all relevant staff. This training includes:

1. Awareness of money laundering red flags.
2. Understanding the legal and regulatory requirements under Indian laws and international AML standards.
3. How to report suspicious activities internally and to the authorities.

g. Legal and Regulatory Compliance

Rootel InvesTree complies with all Indian AML laws and regulations, including:

1. Prevention of Money Laundering Act (PMLA), 2002.
2. Reserve Bank of India (RBI) guidelines for digital transactions and financial services.
3. Foreign Exchange Management Act (FEMA) for cross-border transactions.
4. FATF (Financial Action Task Force) guidelines for international compliance.

We continuously monitor changes in the legal landscape to ensure that our AML policy remains up-to-date with evolving regulatory requirements and international best practices.

h. Retention of Transaction Data

In accordance with the PMLA and other applicable regulations, Rootel InvesTree retains transaction data related to financial transactions, customer identity verification (KYC), and suspicious activity reports for a minimum of 5 years after the completion of a transaction. This data is retained in a secure manner and is made available to relevant authorities in case of an investigation.

20. Redressal Mechanism

Rootel InvesTree is committed to resolving any concerns or grievances related to the use of our platform and services in an effective and timely manner. We have established a clear and accessible Redressal Mechanism to address any complaints or issues raised by users, in accordance with Indian laws and Google policies.

a. Filing a Complaint

If you have any concerns or complaints regarding our services, privacy practices, or any other aspect of your interaction with Rootel InvesTree, you can follow the steps outlined below:

1. Initial Contact

   • Contact Us: Please reach out to our customer support team at support@rootelinvestree.com. Include a detailed description of your issue, along with relevant information (e.g., account number, transaction details, etc.).
   • Phone Support: You can also contact our customer support team through the phone number provided on our website for immediate assistance.

2. Acknowledgment of Complaint

   • Once your complaint is received, we will acknowledge your concern within 5-7 business days and provide you with an estimated timeline for resolution. We will maintain clear communication with you during the entire process.

b. Internal Review and Investigation

Our team will thoroughly review and investigate your complaint. Depending on the nature of the complaint, we may take the following actions:

1. Verification: We will verify the facts related to your complaint, such as checking transaction details, reviewing account activities, and validating your concerns.
2. Root Cause Analysis: If your complaint involves an issue related to our services, such as a technical failure, misuse of the platform, or a privacy concern, we will conduct an in-depth analysis to identify the root cause.
3. Resolution: Based on our findings, we will propose an appropriate resolution, which may involve:
   • Refund or adjustment for any erroneous charges or transactions.
   • Technical fixes if the issue was related to platform functionality or system failures.
   • Corrective action on the part of Rootel InvesTree to address privacy or security concerns.
   • Policy clarification or changes if your complaint involves a policy or terms of service.

c. Timely Resolution

Rootel InvesTree aims to resolve all complaints within 30 business days from the date of receipt. For complex cases that require extended investigation or third-party involvement, we will keep you informed of the progress at regular intervals.

d. Escalation Process

If your complaint is not resolved to your satisfaction through the standard procedure, you may escalate the issue to a higher level:

1. Escalate to Senior Management: You may request that your complaint be escalated to our Senior Management team for further review. We will ensure that your concern is treated with priority and handled by a senior representative.

Please email escalation@rootelinvestree.com to escalate your concern.

2. Regulatory Authorities and Ombudsman: If you are not satisfied with the resolution or feel that your concern has not been adequately addressed, you may seek assistance from relevant regulatory authorities in India. These authorities include:
   • Reserve Bank of India (RBI): For complaints related to financial transactions.
   • Financial Intelligence Unit (FIU-IND): For concerns about anti-money laundering or suspicious activities.
   • National Consumer Helpline (NCH): For issues related to consumer rights.
   • Indian Data Protection Authority: For concerns related to personal data protection.

You can also approach Alternate Dispute Resolution Methods or seek legal remedies through the court system, if necessary.

e. Grievance Redressal Timeline

We will aim to resolve any complaints within 30 business days of escalation. In cases where the issue requires more time for investigation or third-party involvement, we will provide you with regular updates and an expected timeline for resolution.

f. Transparency and Documentation

We are committed to maintaining transparency in our Redressal Mechanism. All complaints and their resolutions are documented and reviewed periodically to improve our services and prevent similar issues in the future.

g. Data Protection and Privacy

Rootel InvesTree ensures that any complaints related to personal data or privacy are handled in compliance with applicable data protection laws, including the Personal Data Protection Bill, 2019 and other relevant regulations in India. Personal data shared in the complaint process will be handled securely and will only be used for the purpose of resolving the issue.

h. Feedback and Improvement

As part of our continuous improvement process, we actively encourage feedback from our users. If you have any suggestions for improving our platform or Redressal Mechanism, please feel free to share them with us. Your feedback helps us enhance the quality of our services and ensures that your experience with Rootel InvesTree is positive.

21. Power to Modify the Privacy Policy

Rootel InvesTree reserves the right to modify, update, or revise this Privacy Policy at any time, in accordance with Indian laws, Google policies, and business requirements. Any such changes will be reflected in this document and will become effective immediately upon posting on the website. We may also notify users of significant changes through other communication channels, such as email or platform notifications.

a. Reasons for Modification

Rootel InvesTree may modify the Privacy Policy for several reasons, including but not limited to:

1. Legal or Regulatory Changes: To comply with changes in Indian data protection laws, financial regulations, or other relevant laws.
2. Business or Operational Changes: As the company evolves or introduces new services, features, or business practices, the Privacy Policy may need to be updated to reflect these changes.
3. Enhancement of Data Practices: To align with industry standards, improve transparency, and enhance user privacy and security.
4. Third-Party Integrations: If we integrate new third-party services or make changes to existing services, we may update the policy to reflect those integrations and data-sharing practices.

b. How We Notify Users

In the event of any substantial changes to this Privacy Policy, Rootel InvesTree will notify users through one or more of the following methods:

1. Email Notification: We may send an email notification regarding the update, particularly for significant policy changes.
2. Website Notification: A prominent notice will be displayed on the homepage of the website or on the platform to inform users of the update.
3. In-App Notifications: If applicable, we may send notifications within the application or platform to ensure users are aware of the changes.

c. User’s Responsibility

It is the responsibility of the users to review the Privacy Policy periodically. Continued use of the website or services after any changes to the Privacy Policy constitutes acceptance of those changes. If a user does not agree with the updated policy, they must discontinue using the website and services.

d. Effective Date of Changes

Any modifications to the Privacy Policy will be effective as soon as they are posted on the website or communicated through other channels. The "Effective Date" of the current Privacy Policy will be indicated at the top of this document.

22. Contact Us

If you have any questions, concerns, or feedback regarding this Privacy Policy, our data practices, or any other aspect of your experience with Rootel InvesTree, please feel free to contact us using the details provided below. We are committed to addressing your inquiries and resolving any issues in a timely and efficient manner.

Contact Information

• Customer Support Email: support@rootelinvestree.com
• Phone Number: +91 9619702122
• Escalation Email: escalation@rootelinvestree.com
• Mailing Address: Rootel InvesTree, Hiranandani Estate, Ghodbunder Road, Thane (w) - 400607, Maharashtra, India.
• Website: www.rootelinvestree.com

We encourage you to reach out to us if you require any clarification or have concerns related to this Privacy Policy or any other matter. Our dedicated team is here to assist you and ensure your privacy is protected while using our platform.

Business Hours: Our support team is available from 11:00 AM to 7:00 PM, Monday to Friday.