In the course of using this website or any of the websites under the ‘Zerodha’ domain or availing the products and services vide the online application forms and questionnaires, online consents and such other details required from time to time on any of Zerodha’s (and/or its affiliates) web platforms or mobile applications, Zerodha and/or its affiliates may become privy to some of Your personal information, including which may or may not be of confidential nature. Zerodha is strongly committed to protecting the privacy of its users/clients and has taken all necessary and reasonable measures to protect the confidentiality of any customer information.
Zerodha allows any person to use/visit/browse the website without registering on the website. The term "We", "Us" , "Our" and "Team Zerodha" shall mean Zerodha Broking Limited. Zerodha Broking Limited and/or Zerodha Commodities Pvt. Ltd. (hereinafter shall be referred together as ‘Zerodha’). Zerodha Broking Limited is a Trading Member of NSE and BSE, registered with Securities & Exchange Board of India ("SEBI") and having Registration No. INZ000031633. This website is owned, operated and maintained by Zerodha Broking Limited, a Company incorporated under the Companies Act, 2013 having CIN: U65929KA2018PLC116815, and having its Registered Office at #153/154, 4th Cross, Dollars Colony, JP Nagar 4th Phase, Bangalore - 560078. Access to Your Zerodha account and the usage of Your account is subject to Your compliance with all the terms and conditions set forth herein, read along with all documents, including but not limited to; applications forms and undertakings, signed by you during account opening, and any terms/consents/policies included on Zerodha’s website/domain, i.e. https://zerodha.com/, including its “Terms and Conditions”, “Policies & Procedures”, and “Disclosure”.
Scope of this Policy
Collection and use of your personal information
Zerodha may or may not collect your Personal Information to provide services on its web based platform or mobile application. While opening a trading and demat account with Zerodha, you may be asked for certain Sensitive Personal Data or Information (as defined under the Information Technology Act, 2000) to complete your KYC (as per the ‘Know Your Client’ requirements set by SEBI) and as per the Prevention of Money Laundering Act, 2002.
Zerodha, may or may not, request for sensitive information from You at the time of account opening, which would include but not be limited to, (i) setting a password; (ii) financial information such as Bank account or credit card or debit card or other payment instrument details; (iii) information such as name, contact number, gender, date of birth, residence and employment addresses, father’s/mother’s and spouses names, bank account details, scans/copies of document proofs of address & identity such as Photograph, PAN, passport, drivers license, Aadhaar (voluntarily) etc. (iv) uploading signature proof/photo etc. All such information would be for the purpose of: identity verification and background checking for account opening as per KYC & AML Rules, personalising services offered to you, keeping you updated of our products and services relevant to you, information pertaining to our services you’ve subscribed to, and for any legal and regulatory / audit purposes.
Under Regulation 5 of the Information Technology (Reasonable Security and Procedures and Sensitive Personal Data or Information) Rules, 2011, Zerodha is obliged to provide every registered user of Zerodha with a readable copy of the personal information you have provided us.
We would save such information as required by the law, and as directed by the regulators along with such intermediaries regulated by them, for the purpose of offering You our services, and for such further regulatory, audit, and business purposes. We collect Personal Information from you only when you voluntarily use the services provided by Zerodha, and/or enquire to begin an association with Zerodha and/or complete the process of opening an account with Zerodha.
With regard to security, we respect all information provided to us, and take all reasonable steps towards protection of the same. We have implemented technology and policies, with the objective of protecting your privacy from unauthorized access and improper use, and periodically review the same. We maintain procedural safeguards to protect the confidentiality and security of personally identifiable information transmitted to us.
Aadhaar user consent policy
The act of providing your Aadhaar is voluntary in nature, which will only be required for completing your account opening procedure online and for digitally signing the Zerodha account opening form. Your Aadhaar may also be used as a proof of address as an alternative choice to drivers license or Passport copy, which is a voluntary decision to be made by You.
You may alternatively choose to go through the offline route of account opening by physically signing all such account opening documents, which does not require you to share your Aadhaar information at all.
Zerodha does not store any Aadhaar information
During your online account opening process, you do not input any Aadhaar details on the Zerodha platform. You would be issuing your Digital Aadhaar to Digilocker, from where Zerodha (Zerodha is registered as a Requester on the Digilocker platform) would receive information, based on your consent to allow Digilocker to share such information with Zerodha, limited to: (1) The last four digits of your Aadhaar / VID (Virtual ID created on the UIDAI website), (2) Full Name, (3) Date of Birth, (4) Gender, (5) Address, and (6) Your Photo.
Digilocker is a part of the National eGovernance Division under the Ministry of Electronics & Information Technology (MeitY), Government of India. The Digital Aadhaar issued within DigiLocker is the same as the eAadhaar issued by UIDAI (https://eaadhaar.uidai.gov.in). DigiLocker has partnered with UIDAI to make it available automatically to its users when they link their DigiLocker account with Aadhaar. This act of issuing an eAadhaar within Digilocker and subsequently Digilocker sharing the information limited to the above points, leads to behaving as a physical KYC. Zerodha only receives information limited to the above points for the purposes of completing KYC of clients online.
All clients may alternatively follow the offline route of account opening, which does not require sharing any Aadhaar related information.
During your online account opening process, you would also be sharing your Aadhaar with Digiotech Solutions Pvt. Ltd. for the purpose of digitally signing the Zerodha account opening form. Digiotech Solutions Pvt. Ltd. does not share your Aadhaar with Zerodha. After the account opening form has been digitally signed by you, a copy of the digitally signed form would be emailed to you and to Zerodha for reference/audit purposes. Digiotech Solutions Pvt. Ltd. is a licensed e-Sign ASP (Application Services Provider) with CDAC, compliant with the guidelines laid down by the Controller of Certifying Authorities (CCA), India and UIDAI, to enable you to eSign the account opening forms online.
Collection and use of your non-personal information
Zerodha may from time to time collect information, i.e. Non-personal information which cannot be used to identify you personally, while You are using the website or mobile application. Zerodha may from time to time collect information such as Non-personal information such as IP (internet protocol) addresses, browser types, the name of your ISP (internet service provider), information about a third party link/URL from where You arrive to our website/mobile application, which pages/URLs do You click on the Zerodha website / mobile application, and the amount of time spent on each.
Zerodha uses Google Analytics, a web analytics service provided by Google, Inc. Google Analytics uses first-party cookies to report on user interactions with our web-based services. These cookies store non-personally identifiable information.
Usage of Cookies
Disclosure and transfer of collected information
Zerodha does not share any of your information with third parties except: (i) with respect to providing the information or services that you have requested earlier, (ii) or with your express permission for sharing such information, or (iii) with intermediaries/applications who require such information as per regulatory requirements and procedure laid down by SEBI/Exchanges.
Under no circumstances will we sell or rent your personal information to anyone, for any reason, at any time. Zerodha has taken best and reasonable steps to ensure prevention of any unauthorised disclosure of your sensitive personal information.
Disclosure for regulatory compliances: Zerodha will share your information with judicial, administrative and regulatory entities to comply with any legal and regulatory requirements.
Disclosures with your prior consent: If, at any time, you choose to utilise the integrated services of third party service partners through us, we will share your information with these third party service partners with your prior consent.
Disclosure for provision of services: Zerodha will share your information with third party vendors of Zerodha as necessary for the provision of services. Authorized third party vendors are bound by the same standards of data security practices and procedures as we are under law and contract. They are subject to the same penalties as we are for the unauthorised disclosure of your personal information.
Privacy Statement as per EU-GDPR
Zerodha shall implement and fulfil all its obligations under the EU General Data Protection Regulation 2016/679 (“GDPR”). Zerodha shall process any personal data we collect from you in accordance with Data Protection Legislation and the provisions of this Policy.
In case You are subjected to the above stated Regulation, You would have the below stated rights:
- You may request your data be deleted or corrected;
- You may request for access of any data that has been stored by Zerodha for providing You services;
- You may request storable & readable data to be transferred to another party, this shall be done by Zerodha to the maximum extent possible;
- As and where any data is requested, it would be taken only post your prior consent.
We are permitted to process your personal data in compliance with Data Protection Legislation by relying on one or more of the following lawful grounds:
- You have explicitly agreed to us processing such information for a specific reason.
- The processing is necessary to perform the agreement we have with you or to take steps to enter into an agreement with you.
- The processing is necessary for compliance with a legal obligation we have.
- The processing is necessary for the purposes of a legitimate interest pursued by us, which might be: to provide services to you; to ensure that Your trading & demat account products/services are running smoothly;
- To prevent, detect, investigate and prosecute fraud and alleged fraud, money laundering and other crimes and to verify your identity in order to protect our business and to comply with laws that apply to us and/or where such processing is a contractual requirement of the services you have requested;
- to ensure that complaints are investigated;
- to evaluate, develop or improve our services; or
- to keep our customers informed about relevant services, unless you have indicated at any time that you do not wish us to do so.
After giving a written notice, a user, who is subject to GDPR, shall have the right to receive Personal Information and Non-Personal Information, which is provided to Zerodha during the usage of Zerodha’s services, such that, this information may be used by another entity which is technically feasible by all parties to the maximum extent possible. For sending across any notice pertaining to removal or requesting to receive all such Personal Information and Non Personal Information, such that, this information may be transferred to another entity/controller of such data as per the GDPR, all subject users are required to write to “legal[@]zerodha[.]com”. The designated Data Protection Officer for the purposes of this GDPR shall be Mr Somnath Mukherjee.
Our hosting services and servers maintain its systems in accordance with industry standards and best practices to reasonably secure the information of its customers, such as using SSL encryption in certain places to prevent eavesdropping, and employing up-to-date software on the server. However, no data transmission over the Internet can be guaranteed to be 100% secure. “Perfect security” does not exist on the Internet, and therefore You use the website and mobile application at your own risk.
Your data is transmitted between your device and our servers using HTTPS protocol for encryption. HTTPS is the technology used to create secure connections for your web browser, and is indicated by a padlock icon in your browser.
Zerodha follows industry best practices, using open and known principles when transferring and storing your data. We believe the biggest threat to the security and privacy of your data is if someone gains access to any of your devices. Remember to keep your password safe and secret to prevent unauthorised access to your Zerodha account. If you think that the security of your Zerodha account has been compromised, change your password and contact us immediately for further assistance.
Correction/Updating or Access to Personal Information
In case of any changes with respect to any of your information, especially Personal Information has been changed or in case you would not like to continue the services of Zerodha, then you would be required to either update your Personal Information or unsubscribe from any updates / information with respect to notifications on the products/services that you had earlier utilised or enquired upon at Zerodha. In case you would like to modify / delete any details with respect to your Personal / Non-personal information, or to access your information in readable format, you would have to write to: (i) “india[@]zerodha[.]com”; and (ii) “legal[@]zerodha[.]com” or to the address: Zerodha, #153/154, 4th Cross, Dollars Colony, Opp. Clarence Public School, J.P Nagar 4th Phase, Bangalore - 560078.
Subject to Change