Applies To: www.raghavcapital.in and any related sub pages, forms, or digital touchpoints operated for or on behalf of Raghav Investment Private Limited ("Raghav Capital," "we," "us," or "our").

Raghav Investment Private Limited is a company incorporated in India (CIN: U65999RJ2019PTC065819) with its registered office at 501, 506 & 507B Crystal Mall, Sawai Man Singh Highway, Bani Park, Jaipur, Rajasthan, India, 302016. Operational contact: info@raghavcapital.in

This Privacy Policy explains what personal data we collect, how and why we process it, the choices and rights available to you, and how to contact us. It is drafted to align with India’s evolving data protection regime, including the Digital Personal Data Protection Act, 2023 (DPDP Act), and legacy requirements under Section 43A of the Information Technology Act, 2000 and the Information Technology (Reasonable Security Practices & Procedures and Sensitive Personal Data or Information) Rules, 2011 (SPDI Rules).

This Policy covers personal data collected through:

• Our Website pages (Home, About, Careers, Contact/Enquiry, and any financing interest forms).
• Email, phone, or messaging interactions that originate from Website submissions.
• Résumé / job application uploads via Careers or email.
• Offline data you provide that we digitize and associate with Website records (e.g., follow up KYC).

Personal Data - Any data about an identifiable individual, including when offline data is later digitized. (DPDP Act definition of personal data + application trigger for digitized data.)

Data Principal - The individual to whom the personal data relates (you). (DPDP Act.)

Data Fiduciary - The entity that determines why and how personal data is processed (us). (DPDP Act.)

Sensitive Personal Data (legacy category) - Financial information, health data, biometric identifiers, passwords, and similar categories historically specified under India’s SPDI Rules; treat these as high protection fields if collected.

Customize before publishing: Tick only what you actually collect.

*Legal grounds described in DPDP Act (consent based) and legacy IT/SPDI practice for reasonable security & lawful processing.

We do not knowingly collect personal data from children below the age threshold requiring parental consent under Indian law. Where data of a minor must be processed (e.g., beneficiary information in a financial literacy program), we will obtain verifiable consent from the parent/guardian and limit processing to what is necessary. The DPDP Act contemplates special protection for children’s data and restricts harmful processing such as behavioural tracking without consent.

We process personal data to:

• Respond to enquiries and provide requested information.
• Evaluate financing or service interest submissions.
• Review and respond to job applications.
• Send newsletters, updates, or event information when you opt in.
• Improve Website functionality, security, and user experience (analytics, troubleshooting).
• Meet legal, regulatory, tax, or record keeping obligations applicable to our business (e.g., if later registered under a financial regulator or required to retain records under law).
• Detect, prevent, or investigate fraud, security incidents, or misuse of our systems. These purposes map to lawful processing bases and reasonable security obligations under the DPDP Act, IT Act Section 43A, and SPDI Rules.

We may share personal data—subject to purpose limitation and contractual safeguards—with:

• Internal teams / Group entities to fulfil your request.
• Cloud & IT Service Providers (hosting, email, analytics, applicant tracking) operating under confidentiality and security obligations.
• Professional Advisors (legal, tax, compliance) under NDA.
• Regulators / Government Authorities when required by law, regulation, or court order.
• Corporate Transaction Counterparties (merger, acquisition, financing diligence) under protective agreements.

Indian SPDI Rules require consent for disclosure of sensitive personal data and impose reasonable security obligations; DPDP Act introduces consent centric processing and government notified transfer conditions.

Where we transfer personal data outside India (for example, to cloud infrastructure or support vendors), we will do so in compliance with applicable Indian law, including any cross border transfer conditions or government notifications issued under the DPDP Act. Until full DPDP transfer rules are operational, SPDI Rule level contractual and security safeguards remain a best practice baseline.

We retain personal data only for as long as needed to fulfil the purpose for which it was collected, to comply with legal / regulatory record keeping requirements, to resolve disputes, and to enforce agreements. Indian IT/Section 43A and SPDI frameworks emphasize reasonable security and purposeful retention; specific sector regulators (e.g., SEBI for investment advisers) may prescribe minimum record periods—update this section if/when such rules apply to Raghav Capital.

We implement technical, administrative, and physical safeguards intended to protect personal data against unauthorized access, alteration, disclosure, or destruction, including secure transmission channels, access controls, and periodic review of vendor practices. Section 43A of the IT Act and the SPDI Rules require body corporates handling sensitive personal data to maintain "reasonable security practices and procedures," which may be demonstrated through documented policies or recognized standards (e.g., ISO/IEC 27001).

Subject to applicable Indian law, you may be able to:

• Request confirmation of whether we process your personal data and access a copy.
• Request correction, completion, or updating of inaccurate data.
• Request deletion/erasure, subject to legal retention requirements.
• Withdraw consent at any time (processing up to withdrawal remains lawful).
• Nominate another individual to exercise rights in the event of your death or incapacity (DPDP Act nomination right).

Email info@raghavcapital.in or write to the Grievance Officer (see Section 14). Include your name, contact details, description of the request, and proof of identity (we will provide secure upload steps). We will acknowledge within 3 working days and aim to resolve within 30 days, consistent with the SPDI Rule requirement that grievances be addressed within one month by a designated officer.

We (and authorized service providers) may use cookies, pixel tags, analytics scripts, or device identifiers to understand site usage, improve performance, remember preferences, and measure marketing effectiveness. Where legally required, a consent banner will let you accept, reject, or manage categories (analytics, marketing, functional). India’s DPDP Act emphasizes informed consent; SPDI Rules require prior consent before collecting certain data elements—good practice is to offer choice for non essential cookies.

Under India’s SPDI Rules, every corporate collecting sensitive personal data must designate a Grievance Officer, publish their name and contact details on its website, and resolve grievances within one month of receipt. Please appoint and insert details below before publication.

Grievance Officer
Name: Hiitender Gahlyan
Email: hiitender@raghavcapital.in
Phone: +91-8826668887

Postal: 501, 506 & 507B Crystal Mall, Sawai Man Singh Highway, Bani Park, Jaipur, Rajasthan, India, 302016

Our Website may link to or embed third party tools (e.g., loan calculators, scheduling widgets, résumé parsers, analytics dashboards). These providers operate under their own terms and privacy policies; we encourage you to review them before submitting data. Where a regulated data flow (e.g., online loan application) redirects you to a partner environment, that partner’s privacy notice governs that flow. Alignment of privacy notices and contractual security obligations is part of India’s reasonable security and consent expectations.

If you apply for a role via the Careers page or email, we will process your application data (contact details, CV, work history, qualifications) to evaluate suitability, communicate status, arrange interviews, conduct background checks where lawful and consented, and maintain recruitment records. Retention: configure (e.g., 12–24 months post cycle) unless law requires longer or records are needed for legal defence. Purpose limitation, consent, and reasonable security are required under India’s IT/SPDI framework and reflected in the DPDP’s consent centric model.

Information you share about financing needs, project details, or financial interests will be used only to evaluate and respond to your request. Do not upload sensitive financial statements, government ID images, or regulated KYC documents via unsecured forms; if such materials are needed, we will provide a secure channel. Protecting sensitive personal data and adopting reasonable security safeguards is required under Section 43A and the SPDI Rules.

Your use of the Website is also governed by our Terms & Conditions, which include important disclaimers (no investment advice; market risk; limitation of liability). Please read them. Sector regulators such as SEBI require clear disclosures from regulated financial intermediaries; if Raghav Capital becomes registered, additional mandated wording will be added to the Terms.

We may update this Policy to reflect Website changes, legal developments (including DPDP Act rulemaking), or operational needs. Material changes will be signalled (banner / email if subscribed). Continued use of the Website after the effective date of an update constitutes acknowledgement of the revised Policy. The DPDP Act contemplates user notice in accessible language when processing changes; updating published privacy notices is a recognized practice under India’s IT/SPDI framework.

This Policy is effective 17 July 2025 unless replaced by a later dated version posted here.