(Owned and Operated by Freedom Registry Limited – SEBI Category II RTA)
Effective Date: 18-02-2025
Last Updated: 19-02-2025

1. 1. 1. DEFINITIONS

1.1 “FusionMF” / “We” / “Us” / “Our” refers to Freedom Registry Limited, a company incorporated under the Companies Act, 1956, and a SEBI-registered Category – II Registrar and Transfer Agent (RTA), which owns and operates the FusionMF platform.

1.2 “User” / “Investor” / “Customer” refers to any individual or entity using the platform, including distributors and their clients.

1.3 “Platform” refers to www.fusionmf.com, its mobile applications, and any related interfaces.

1.4 “Personal Data” refers to any information relating to an identifiable individual.

1.5 “Sensitive Personal Data or Information (SPDI)” refers to financial data, KYC information, Aadhaar-related data, transaction history, and other sensitive information.

1.6 “Processing” means any operation on personal data including collection, storage, usage, sharing, retention, erasure, or destruction.

1. 1. 2. SCOPE

2.1 This Privacy Policy applies to all Users accessing or using the Platform, including:

• • • • Investors using the platform directly
      • Distributors and their clients
      • Prospective users accessing the website or mobile application

2.2 FusionMF acts as a Category II SEBI-registered RTA, primarily as a mutual fund aggregator and technology facilitator, and does not hold or transfer investor funds.

2.3 By accessing or using the Platform, Users provide affirmable, specific, and informed consent for the collection and processing of their personal data for the purposes stated herein.

1. 1. 3. REGULATORY DISCLOSURES

3.1 FusionMF is registered with SEBI as a Category II RTA under registration number INR000003563[Insert SEBI Registration Number].

3.2 The Platform operates in compliance with:

• • • • Securities and Exchange Board of India (Registrars to an Issue and Share Transfer Agents) Regulations,1993and Exchange Board of India regulations
      • Prevention of Money Laundering Act, 2002 and rules thereunder
      • Income Tax Act, 1961
      • Digital Personal Data Protection Act, 2023
      • SEBI Cyber Security and Cyber Resilience Framework for RTAs
      • Other applicable Indian laws

1. 1. 4. CATEGORIES OF DATA COLLECTED

FusionMF collects information necessary for onboarding, investment facilitation, compliance, and analytics. Categories include:

4.1 Identity & Demographic Data

• • • • Name, date of birth, gender, photograph, email, phone number

4.2 KYC / Regulatory Data

• • • • PAN, Aadhaar (masked and processed via Digio), address, FATCA/CRS declarations

4.3 Financial Data

• • • • Bank account numbers, IFSC codes, cancelled cheques for mandate verification

4.4 Transaction Data

• • • • Mutual fund selection, SIP/STP/SWP mandates, portfolio history, transaction confirmations

4.5 Technical / Usage Data

• • • • IP address, device identifiers, browser type, clickstream data, session logs, cookies

4.6 Communication Data

• • • • Email, call recordings, chat logs, support tickets

1. 1. 5. PURPOSE OF PROCESSING

FusionMF processes data for:

5.1 Onboarding & KYC Compliance – Verification and completion of Know Your Customer norms under PMLA and SEBI guidelines

5.2 Transaction Facilitation – Transmitting orders to AMCs / RTAs / payment gateways

5.3 Payment Confirmation – Ensuring fund movement from customer bank accounts to AMC / designated accounts (FusionMF does not hold funds)

5.4 Regulatory Compliance – AML monitoring, tax reporting, suspicious activity detection

5.5 Portfolio Reporting & Analytics – Consolidated views for users, product improvement, notifications

5.6 System & Fraud Risk Monitoring – Detecting anomalies, securing accounts, and preventing unauthorized access

1. 1. 6. LEGAL BASIS FOR PROCESSING

6.1 Processing is based on:

• • • • Explicit user consent
      • Compliance with legal obligations
      • Performance of contractual obligations
      • Legitimate interests (fraud prevention, cybersecurity, system optimization)

1. 1. 7. DATA SHARING & THIRD-PARTY DISCLOSURE

7.1 Data may be shared with:

• • • • Authorized RTAs / AMCs – Only for execution of orders and regulatory reporting
      • Payment Gateways / Banks – For mandate verification and fund transfers
      • Regulators – SEBI, RBI, Income Tax authorities, or law enforcement as legally required
      • Technology Providers – Only under NDA and data protection agreements (Yotta-managed infrastructure, Digio for KYC/Aadhaar)

7.2 FusionMF does not sell or rent personal data to third parties.

1. 1. 8. DATA STORAGE & SECURITY

8.1 All SPDI is stored within India at the Yotta-managed facility.

8.2 Security measures include:

• • • • Encryption of sensitive data at rest and in transit
      • Device safeguards and restricted access
      • Role-based access and multi-factor authentication
      • Periodic system audit (CERT-In empanelled auditor, as mandated by applicable laws)
      • Oversight of third-party vendors (Digio for KYC/Aadhaar)

8.3 Business Continuity & Disaster Recovery (BCP/DR) framework in place to protect against service disruption.

1. 1. 9. USER RIGHTS

9.1 Right to Access & Correction – Users can request view and correction of personal data

9.2 Right to Erasure / Withdrawal of Consent – Users may withdraw consent or request deletion (subject to regulatory retention obligations)

9.3 Right to Nominate – Users may authorize another individual to exercise rights in case of incapacity

9.4 Grievance Redressal – Users may raise complaints regarding data misuse (see Clause 13)

1. 1. 10. DATA RETENTION & ERASURE

10.1 Data is retained as required by:

• • • • SEBI / PMLA / Income Tax obligations 
      • Transaction facilitation and audit requirements

10.2 Data minimization principles are observed. Unnecessary data is deleted securely once no longer required.

1. 1. 11. DATA BREACH & INCIDENT MANAGEMENT

11.1 FusionMF has formal procedures to detect, assess, investigate, and report data breaches.

11.2 In case of a breach:

• • • • Users are notified where legally required
      • Regulators are informed as mandated
      • Corrective measures implemented immediately

1. 1. 12. DISTRIBUTOR & INVESTOR LIABILITY DISCLAIMER

12.1 FusionMF acts only as a technology and transaction facilitation platform.

12.2 FusionMF does not hold investor funds, nor is responsible for:

• • • • Refunds or failed transactions
      • Delays in fund transfer or settlement
      • Investment outcomes

12.3 Distributors and investors remain responsible for bank mandates, transaction instructions, and verification of fund transfers.

1. 1. 13. GRIEVANCE REDRESSAL

13.1 Users may contact the Grievance Officer:

• • • • Name: [Insert Name]Vinay Kavali
      • Designation: Grievance / Compliance Officer
      • Email: support@freedomregistry.co.in[Insert Email]
      • Phone: 8639833944[Insert Contact]

13.2 Complaints not resolved may be escalated to SEBI SCORES at https://scores.sebi.gov.in/.

13.3 Response timeline: 30 days from receipt of complaint.

1. 1. 14. AUTOMATED DECISION-MAKING

14.1 FusionMF may use automated tools for fraud detection, transaction verification, and portfolio analytics.

14.2 No automated process will deny lawful investment rights without human oversight.

1. 1. 15. COOKIES & TRACKING

15.1 FusionMF uses cookies and analytics to improve service, monitor usage, and enhance user experience.

15.2 Users may disable cookies in their browser, noting some functionality may be affected.

1. 1. 16. AMENDMENTS TO POLICY

16.1 FusionMF may update this policy periodically.

16.2 Users will be informed via the Platform. Continued use constitutes consent to updated policy.

1. 1. 17. GOVERNING LAW & JURISDICTION

17.1 This Policy is governed by Indian law.

17.2 Courts in Mumbai have exclusive jurisdiction.