Effective Date: February 2025

Privacy Policy

Privacy Policy

Townhall Technologies Private Limited (Operating as "mool.ail")

1. Introduction


Townhall Technologies Private Limited ("Company", "we", "us", or "our"), operating under the brand name "Mool", is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our capital market intelligence platform and related services.

Townhall Technologies Private Limited partners with Mool Capital Private Limited which is registered with the Securities and Exchange Board of India (SEBI) as:

  • Research Analyst: Registration No. INH000012449

  • Investment Adviser: Registration No. INA000018708

This Policy is framed in accordance with the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, the SEBI (Research Analysts) Regulations, 2014 (as amended), the SEBI (Investment Advisers) Regulations, 2013 (as amended), and is designed to be compatible with the Digital Personal Data Protection Act, 2023 ("DPDP Act") when it comes into full effect.

  1. Definitions


For the purposes of this Privacy Policy:

  • "Personal Data" means any information relating to an identified or identifiable natural person.

  • "Sensitive Personal Data or Information" (SPDI) includes passwords, financial information (bank account, credit/debit card details), biometric information, physical/physiological/mental health conditions, sexual orientation, and medical records.

  • "Data Principal" refers to the individual whose personal data is being processed.

  • "Data Fiduciary" refers to us, as we determine the purpose and means of processing of personal data.

  • "Services" refers to our AI-powered capital market intelligence platform, including research reports, analysis, investment advice, and related offerings accessible through www.mool.ai and associated applications.

  1. Information We Collect


3.1 Personal Information

We collect the following categories of personal information:

  • Identity Information: Name

  • Contact Information: Email address, telephone number, postal address, and registered office address (for institutional clients)

  • KYC Information: Know Your Customer documentation as required under SEBI regulations, including identity proof, address proof, and income/networth documentation

  • Professional Information: Designation, organization name, professional qualifications, and investment experience

  • Financial Information: Risk profile, investment objectives, existing portfolio information (where voluntarily provided), and payment details for subscription services


3.2 Technical and Usage Information

When you use our platform, we automatically collect:

  • Device Information: IP address, browser type, operating system, device identifiers

  • Usage Data: Pages visited, features used, research reports accessed, queries submitted, time spent on platform

  • Cookies and Similar Technologies: Session cookies, authentication tokens, and analytics cookies (see Section 10 for details)


3.3 Information from Third Parties

We may receive information about you from KYC Registration Agencies (KRAs), Central KYC Registry (CKYC), credit information companies (where applicable), and other sources as permitted by law for verification purposes.

  1. Information We Collect


3.1 Personal Information

We collect the following categories of personal information:

  • Identity Information: Name

  • Contact Information: Email address, telephone number, postal address, and registered office address (for institutional clients)

  • KYC Information: Know Your Customer documentation as required under SEBI regulations, including identity proof, address proof, and income/networth documentation

  • Professional Information: Designation, organization name, professional qualifications, and investment experience

  • Financial Information: Risk profile, investment objectives, existing portfolio information (where voluntarily provided), and payment details for subscription services


3.2 Technical and Usage Information

When you use our platform, we automatically collect:

  • Device Information: IP address, browser type, operating system, device identifiers

  • Usage Data: Pages visited, features used, research reports accessed, queries submitted, time spent on platform

  • Cookies and Similar Technologies: Session cookies, authentication tokens, and analytics cookies (see Section 10 for details)


3.3 Information from Third Parties

We may receive information about you from KYC Registration Agencies (KRAs), Central KYC Registry (CKYC), credit information companies (where applicable), and other sources as permitted by law for verification purposes.

  1. Purpose of Data Collection

We collect and process your personal data for the following purposes:

  1. Service Delivery: To provide you with our capital market intelligence services, including research reports, equity analysis, forensic analysis, scenario valuations, and investment recommendations

  2. Regulatory Compliance: To comply with KYC norms, anti-money laundering (AML) requirements, and other obligations under SEBI regulations and applicable laws

  3. Client Onboarding: To verify your identity, assess suitability, and establish a client relationship

  4. Communication: To send you research updates, service notifications, regulatory disclosures, and respond to your inquiries

  5. Platform Improvement: To analyze usage patterns, improve our AI-powered research capabilities, and enhance user experience

  6. Risk Management: To assess and manage risks associated with our services

Legal Proceedings: To establish, exercise, or defend legal claims and comply with court orders or regulatory directives

  1. Legal Basis for Data Protection

We process your personal data based on the following legal grounds:

  • Consent: Where you have provided explicit consent for the collection and processing of your personal data

  • Contractual Necessity: Where processing is necessary for the performance of our service agreement with you

  • Legal Obligation: Where processing is required to comply with SEBI regulations, tax laws, AML requirements, and other applicable legal obligations

  • Legitimate Interests: Where processing is necessary for our legitimate business interests, provided such interests do not override your fundamental rights

  1. Use of Artificial Intelligence

Important Disclosure: In compliance with SEBI guidelines on AI usage by Research Analysts and Investment Advisers, we disclose that Mool utilizes artificial intelligence and machine learning technologies in the following aspects of our services:

  • Generation of research reports and equity analysis

  • Processing of financial data, company filings, and market information

  • Driver-based valuations and scenario analysis

  • Forensic analysis and earnings quality assessment

  • Natural language processing for query responses

Data Security with AI: Your personal data, uploaded files, and queries submitted to our platform are:

  • Not used to train any AI models (our platform uses pre-trained models with your data processed only for generating your specific outputs)

  • Processed in secure, encrypted environments

  • Subject to automatic deletion protocols for uploaded files as specified in our platform terms

7. Data Sharing and Disclosure

We may share your personal data with:

7.1 Regulatory Authorities

SEBI, stock exchanges, Research Analyst Administration and Supervisory Body (RAASB), Investment Adviser Administration and Supervisory Body (IAASB), and other regulatory bodies as required by law.

7.2 Service Providers

Third-party service providers who assist us in operating our platform, conducting our business, or servicing you, including cloud infrastructure providers, payment processors, and KYC verification agencies. All such providers are bound by confidentiality obligations.

7.3 Legal Requirements

Government agencies pursuant to valid legal process, court orders, or to protect our rights or the rights of others.

7.4 Business Transfers

In connection with any merger, acquisition, or sale of company assets, your personal data may be transferred as part of such transaction, subject to continued protection under this Policy.

We do not sell your personal data to any third party for commercial purposes.

8. Data Retention

We retain your personal data in accordance with the following principles:

  • SEBI Mandated Records: Client records, KYC documents, communication records (including written correspondence, telephone recordings, emails, and SMS), and all client interactions are retained for a minimum of five (5) years from the date of termination of the client relationship, or until the resolution of any disputes, whichever is longer, as mandated by SEBI regulations.

  • Research Reports: Published research reports and underlying analysis are retained as required for regulatory audit and compliance purposes.

  • Technical Data: Server logs and technical data are retained for periods necessary for security, troubleshooting, and legal compliance.

  • Post-Retention: Upon expiry of the retention period and subject to no ongoing legal requirement, personal data will be securely deleted or anonymized.

Disclosure of Your Personal Data

Business Transactions

If the Company is involved in a merger, acquisition or asset sale, Your Personal Data may be transferred. We will provide notice before Your Personal Data is transferred and becomes subject to a different Privacy Policy.

  • Email address

  • First name and last name

  • Phone number

  • Usage Data

Law Enforcement

Under certain circumstances, the Company may be required to disclose Your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

Other legal requirementsThe Company may disclose Your Personal

  • Comply with a legal obligation

  • Protect and defend the rights or property of the Company

  • Prevent or investigate possible wrongdoing in connection with the Service

  • Protect the personal safety of Users of the Service or the public

  • Protect against legal liability

Security of Your Personal Data

The security of Your Personal Data is important to Us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While We strive to use commercially reasonable means to protect Your Personal Data, We cannot guarantee its absolute security.

9. Data Security

We implement reasonable security practices and procedures as required under Section 43A of the Information Technology Act, 2000 and the SPDI Rules, 2011. Our security measures include:

  • Encryption: Data is encrypted in transit (TLS/SSL) and at rest using industry-standard encryption protocols

  • Access Controls: Role-based access controls and multi-factor authentication for system access

  • Security Standards: Our information security program is aligned with ISO/IEC 27001 standards for Information Security Management Systems

  • Regular Audits: Annual security audits and compliance assessments as required by SEBI regulations

  • Incident Response: Documented incident response procedures to address any data security breaches

Employee Training: Regular training of personnel on data protection and security practices

10. Cookies and Tracking Technologies

Our platform uses cookies and similar technologies to:

  • Maintain your session and authentication state

  • Remember your preferences and settings

  • Analyze platform usage and improve functionality

  • Ensure platform security and prevent fraud

You can manage cookie preferences through your browser settings. Disabling certain cookies may affect your ability to use some features of our platform.

11. Your Rights

Subject to applicable law and regulatory requirements, you have the following rights:

  • Right to Access: Request access to the personal data we hold about you

  • Right to Correction: Request correction of inaccurate or incomplete personal data

  • Right to Withdraw Consent: Withdraw your consent at any time for processing based on consent (this does not affect lawfulness of prior processing)

  • Right to Erasure: Request deletion of your personal data, subject to our retention obligations under SEBI regulations and other applicable laws

  • Right to Grievance Redressal: Lodge a complaint with our Grievance Officer or the Data Protection Board of India (when operational under the DPDP Act)

To exercise these rights, please contact our Grievance Officer using the details provided in Section 15 below.

12. Cross-Border Data Transfers

Your personal data may be processed on servers located outside India in connection with our cloud infrastructure. Any such transfer is conducted in compliance with applicable law and subject to appropriate safeguards, including:

  • Ensuring the receiving jurisdiction provides equivalent data protection standards

  • Implementing contractual data protection obligations with service providers

  • Complying with any restrictions notified by the Central Government under the DPDP Act

13. Children's Data

Our Services are designed for professional and institutional use and are not intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If you believe we have inadvertently collected such data, please contact us immediately.

14. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or regulatory guidance. The updated policy will be posted on our website with a revised "Effective Date." For material changes, we will provide notice through email or prominent notice on our platform. Your continued use of our Services after such notification constitutes acceptance of the updated Policy.

15. Grievance Redressal and Contact Information

For any questions, concerns, or complaints regarding this Privacy Policy or our data practices, please contact:

Grievance Officer / Compliance Officer

Mr Abhinav Nayar, Director, Townhall Technologies Private Limited

Email: hello@mool.ai

Website: www.mool.ai

We will endeavor to address your grievances within 30 days of receipt, in accordance with applicable regulatory timelines.

Regulatory Escalation

If you are not satisfied with our response, you may escalate your complaint to:

  • SEBI SCORES Portal: https://scores.gov.in

  • Data Protection Board of India: (Contact details to be notified upon operationalization under the DPDP Act)

15. Grievance Redressal and Contact Information

For any questions, concerns, or complaints regarding this Privacy Policy or our data practices, please contact:

Grievance Officer / Compliance Officer

Mr Abhinav Nayar, Director, Townhall Technologies Private Limited

Email: hello@mool.ai

Website: www.mool.ai

We will endeavor to address your grievances within 30 days of receipt, in accordance with applicable regulatory timelines.

Regulatory Escalation

If you are not satisfied with our response, you may escalate your complaint to:

  • SEBI SCORES Portal: https://scores.gov.in

  • Data Protection Board of India: (Contact details to be notified upon operationalization under the DPDP Act)

16. Acknowledgment

By using our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. Where applicable, your explicit consent will be obtained through a clear affirmative action at the time of registration or data collection.

End of Privacy Policy

Intelligence Meets Performance

About

Pricing

Investor Charter

T&C

Privacy

Get Started

Investor Charter

Copyright © 2024 Townhall Technologies
All Rights Reserved

SEBI Registered Research Analyst
INH000012449

Intelligence Meets Performance

About

About

Pricing

Pricing

Investor Charter

Investor Charter

T&C

T&C

Privacy

Privacy

Get Started

Get Started

Copyright © 2024 Townhall Technologies
All Rights Reserved

SEBI Registered Research Analyst
INH000012449