Legal & data
Privacy Policy
How Ethika handles the personal data you give us through this website — what we collect, why, how long we keep it, and the rights you have over it under India’s Digital Personal Data Protection Act, 2023.
This policy covers personal data collected from visitors to this website. It does not cover employee or claims data that Ethika processes on behalf of client companies through Ethika Hub — that has its own privacy terms and is a separate arrangement under your company’s contract with us.
1Who we are
This website is operated by Ethika Insurance Broking Pvt Ltd, an IRDAI-licensed Direct Broker (Life & General), Certificate No. 574. For the personal data collected here, Ethika is the data fiduciary — the entity that decides why and how your data is processed.
Registered address: Unit 1309, Block B, Asian Sun City, behind Sarath City Capital Mall, Forest Dept Colony, Kondapur, Hyderabad, Telangana 500084.
Data-protection contact & grievance officer
For any question about this policy or to exercise your rights, contact our data-protection contact:
Name / designation and a published email for the person who owns data-grievance matters internally. CONFIRM — this need not be the Principal Officer, but the data-grievance route here and the insurance Grievance redressal route in the footer must not contradict each other. Provisional contact: [email protected] CONFIRM — address.
2What we collect, by where you give it
We collect only what each interaction needs. Itemised by touchpoint:
Fields: name, work email, organisation, your policy renewal date, and your meeting preference (and the persona context the page passes through).
Fields: name and email to unlock the founder video and the live-workshop sessions you ask for.
Fields: name and email, to send you the requested document.
Fields: email, for the weekly note you choose to receive.
Fields: if you message us on WhatsApp, the phone number and message content you send.
Fields: standard GA4 behavioural data (pages, paths, device) — collected only after you opt in via the cookie banner. See the Cookie Policy.
Fields: standard technical logs (IP, timestamp, request) kept for security and reliability.
3Why we use it, per item
Each item above is used only for the purpose it was given for:
- Your enquiry — to respond and have a genuine conversation about your cover.
- Scheduling — to set up your call with a Growth Advisor.
- Your renewal date — collected so we can time our follow-up around when your policy is actually up for renewal. We say this plainly: renewal-timed follow-up is a purpose, not a side-effect.
- Workshop / business case / Friday Musings — to send you the specific thing you requested.
- Analytics — to understand, on the consenting subset of visitors, how the site is used so we can improve it.
Purpose limitation: data you give for one purpose is not reused for another without fresh consent.
4Lawful basis & consent
Our lawful basis for processing this website data is your consent, given through the checkbox at each form and the cookie banner.
Consent is a clear, affirmative action. Boxes are never pre-ticked, and each consent is specific to the purposes stated at that form.
5Withdrawing consent
You can withdraw consent as easily as you gave it. Email [email protected], or use the unsubscribe link in any nurture email.
After you withdraw, we stop the relevant processing.
6Your rights
Under the DPDP Act, you have the right to:
- Access a summary of the personal data we hold about you and how we process it;
- Correct, complete, update or erase your personal data;
- Grievance redressal — raise a concern and have it addressed;
- Nominate another person to exercise your rights in case of death or incapacity.
To exercise any of these, contact our data-protection contact above. We will respond within the timelines set by the DPDP Rules.
If your grievance is unresolved, you may escalate to the Data Protection Board of India.
8How long we keep it
We keep data only as long as the purpose needs:
- Enquiry data — retained through the renewal-nurture cycle, then erased unless you become a client. CONFIRM — period, e.g. renewal + N months.
- Analytics — per the GA4 retention setting. CONFIRM — 14 months or 2 months; decide and state.
- Consent records — kept per counsel’s guidance. LEGAL — retention period.
9Security & breach notification
We apply reasonable security safeguards to protect your data.
If a personal-data breach occurs, we will notify the Data Protection Board of India and affected individuals as required.
10Children
This is a business-to-business website, not directed at anyone under 18, and we do not knowingly collect data from children.
11Changes to this policy
If we change this policy we will update the version and “last updated” date at the top, and — for material changes, a new processor category, or any introduction of marketing cookies — we will ask for fresh consent.