Privacy Policy & Legal Information
Last Updated: 7th November, 2025
Effective Date: 7th November, 2025
1. Introduction
Anatrop Capital (“Anatrop”, “we”, “our”, “us”) respects your
privacy.
This Privacy Policy explains how we collect, use, disclose, store,
protect, and retain Personal Data when you:
- Visit or interact with our website anatropcapital.com
- Communicate with us by email, phone, or social media
- Provide data while exploring business collaboration or engaging us for professional services
- Otherwise interact with Anatrop Capital
By accessing our website or providing your information, you consent to the practices described here.
2. Definitions
- Personal Data: Any data about an individual who can be identified directly or indirectly (e.g., name, email, phone, IP address).
- Sensitive Personal Data (SPDI): Includes financial information, passwords, health or biometric information, etc.
- Data Principal: The individual to whom the data relates.
- Data Processor/Data Fiduciary: As defined under the DPDP Act 2023.
- Processing: Any operation on data (collection, storage, use, disclosure, deletion).
3. Information We Collect
3.1 Data you provide directly
- Business Enquiry Information: Name, email address, phone number, organisation, designation, city, message content.
- Engagement Data: Documents, financial information, and other data shared to evaluate projects or execute contracts.
- Recruitment Data: Resume/CV, qualifications, employment history, and references.
- Event or Webinar Registration: Contact details and preferences.
3.2 Data collected automatically
- Device & usage information: IP address, browser type, OS, time zone, pages viewed, click patterns, referral URLs.
- Cookies & tracking technologies: Described in the Cookie Notice below.
3.3 Third-party data
- Public sources (e.g., LinkedIn, company websites, regulatory filings)
- Service providers assisting with email or analytics
- Referrals or business partners (only with your consent or lawful basis)
4. Purposes of Processing
| Purpose | Legal Basis |
|---|---|
| Responding to enquiries and proposals | Pre-contractual steps or legitimate interest |
| Performing contracts with clients and vendors | Contractual necessity |
| KYC / AML as per law (if applicable) | Legal obligation |
| Deal sourcing & relationship management | Legitimate interest |
| Sending sectoral updates or research insights | Consent / Legitimate interest |
| Recruitment and on-boarding | Pre-contractual steps |
| Maintaining accounts and records | Legal obligation |
| Security and fraud prevention | Legitimate interest |
| Compliance with law and responding to authorities | Legal obligation |
5. How We Use Your Data
- To communicate with you and respond to queries.
- To evaluate and structure fundraising or valuation assignments.
- To prepare financial models or presentations based on information you supply.
- To send administrative emails and engagement-related notices.
- To improve our website and user experience.
- To fulfil our regulatory or legal obligations.
We never sell, rent, or trade Personal Data.
6. How We Share Data
6.1 Internal sharing
Partners and employees within Anatrop Capital on a need-to-know basis, subject to confidentiality.
6.2 External sharing
- Professional Alliances: Associated CAs, CS firms, Merchant Bankers, PE funds or legal advisors only when required for an assignment and after consent.
- Service Providers: Secure cloud, email, CRM, IT support and accounting platforms under binding contracts.
- Regulatory Authorities: SEBI, Income-tax, MCA or courts when legally required.
We ensure recipients adhere to comparable data protection obligations.
7. International Transfers
Data is primarily processed in India.
If we use overseas cloud providers (e.g., Google Workspace, Microsoft
365, Zoho Mail), they are contractually bound to ensure adequate
security and compliance with DPDP principles.
8. Data Security
We implement “Reasonable Security Practices and Procedures” under Rule 8 of the SPDI Rules:
- Encrypted transmission (HTTPS/TLS).
- Access control & role-based permissions.
- Password policies & multi-factor authentication.
- Employee NDAs and training.
- Vendor due diligence & confidentiality agreements.
- System logs retained minimum 180 days (on Indian servers) as per CERT-In 2022 Directions.
- Incident-response procedure with notification to affected users and authorities if mandated.
9. Data Retention
| Data Category | Retention Period |
|---|---|
| Enquiry records | 24 months after last interaction |
| Engagement documents | 8 years or as per law |
| Financial / Accounting records | 8 years from FY end |
| Recruitment applications | 12 months after position closure |
| Website analytics logs | 6 months (aggregated/anonymised afterwards) |
After expiry, we securely delete or anonymise data.
10. Your Rights
Under DPDP Act 2023 and IT Rules, you may:
- Request access to your data.
- Request correction or update.
- Request erasure where lawfully permitted.
- Withdraw consent (for consent-based processing).
- Opt out of marketing communications.
- Lodge a complaint with our Grievance Officer.
Submit requests via partners@anatropcapital.com (we aim to respond within 30 days).
11. Children’s Data
We do not intentionally collect information from persons under 18 years of age. If such data is found, it is deleted immediately.
12. Third-Party Links
Our website may link to external sites (Merchant Bankers, AIFs, partners, social media). We are not responsible for their content or privacy practices.
13. Changes to this Policy
We may update this Policy from time to time to reflect legal or operational changes. The latest version will always be available on our website.
14. Grievance Officer & Contact
| Role | Details |
|---|---|
| Grievance Officer | Dilip Choudhary |
| partners@anatropcapital.com | |
| Phone | +91 9022617692 |
| Postal Address | Shivdarshan Chawl No. 1, Room No.11, Asalpha Village, Ghatkopar (W), Mumbai 400084 |