Privacy Policy

Effective Date: 07 May 2026

M5 Wealth Tech Limited ("M5 Wealth", "we", "our", or "us") is committed to protecting the privacy and security of the information we collect and process. As a provider of Software as a Service (SaaS) and software development solutions for wealth and portfolio management serving international clients, we uphold high standards of data protection aligned with international frameworks such as ISO 27001, SOC 2, and the EU General Data Protection Regulation (GDPR).

By using our website, platform, and services ("Services"), you acknowledge that you have read and understood this Privacy Policy and agree to the practices described herein. If you do not agree with this policy, please do not use our Services.

Section 01

Information We Collect

We may collect the following categories of information, depending on how you interact with us:

Personal identifiers such as your name, email address, phone number, job title, company name, and country of residence
Financial and portfolio-related data, including investment preferences, account details, transaction history, and performance metrics (when applicable through our services)
Usage and technical information such as IP address, browser and device type, access times, error logs, referring URLs, and navigation activity on our website or platform
Information collected through cookies and similar technologies to understand user behaviour, personalise content, and improve system performance
Voluntarily provided information, such as when you contact us, fill out forms, respond to surveys, or participate in webinars or events

Section 02

How We Use Your Information

We use the information we collect for the following purposes:

To deliver, operate, and maintain our software and services
To personalise user experiences and improve content relevance
To provide customer support, address enquiries, and manage user accounts
To send updates, notifications, and service-related communications
To analyse usage trends, improve system performance, and enhance features
To comply with legal, regulatory, or contractual obligations across applicable jurisdictions
To prevent fraud, abuse, and violations of our Terms of Use or applicable laws
For other business functions aligned with your relationship with us or as disclosed at the time of data collection

Section 03

Legal Basis for Processing

Where required by law (including but not limited to the GDPR, UK GDPR, and other applicable data protection regulations), we process your personal information based on one or more of the following legal grounds:

Your explicit consent
The necessity of the processing for the performance of a contract with you
Compliance with legal obligations applicable in your jurisdiction
Our legitimate interests in delivering, securing, and improving our services, provided such interests are not overridden by your fundamental rights and freedoms

Section 04

Cookies & Tracking Technologies

We use cookies and similar technologies to collect certain technical information automatically when you access our Services. These tools help us enhance your experience, understand usage behaviour, and improve performance.

You may manage or disable cookies through your browser settings. However, please note that certain features of the Services may not function properly without them. Where required by applicable law, we obtain your consent before placing non-essential cookies on your device.

Section 05

Data Sharing & Disclosure

Section 06

International Data Transfers

As a company serving international clients, Data is primarily stored and processed within the customer-selected or contractually agreed regional hosting location. Cross-border data transfers may occur only where necessary for disaster recovery or other legitimate business purposes.

Where such transfers involve countries that may not provide an equivalent level of data protection, appropriate safeguards are implemented in accordance with applicable data protection laws. These safeguards may include the use of Standard Contractual Clauses (SCCs) approved by the European Commission, reliance on adequacy decisions where applicable, and other lawful transfer mechanisms under regulations such as the GDPR and UK GDPR

Section 07

Data Security

Section 08

Data Retention

Section 09

Your Rights

Section 10

Third-Party Sites & Services

Section 11

Customer Data in Our Platform

Section 12

Changes to This Privacy Policy

Section 13

If you have any questions, requests, or complaints related to this Privacy Policy or our handling of your personal data, please contact us:

Email
privacy@m5wealth.com

Website
m5wealth.com

Section 14

Data Protection Officer (DPO)

M5 Wealth Tech Limited has appointed a Data Protection Officer (DPO) to oversee data privacy compliance and safeguard your personal information.

DPO Email

dpo@m5wealth.com

Address

22nd Floor, Off Western Express Highway, HD-014, WeWork Oberoi, Commerz II, Oberoi Garden City, Goregaon East, Mumbai – 400063, India

The DPO’s responsibilities include:

Ensuring compliance with applicable data protection laws, including GDPR, UK GDPR, DPDP, and other international regulations
Acting as a point of contact for data subject rights requests, such as access, rectification, erasure, or portability of personal data
Advising on data protection impact assessments (DPIAs) for new projects or services
Providing guidance to the company on data protection obligations and best practices
Monitoring and auditing the company’s data processing activities to ensure compliance
Coordinating with supervisory authorities in case of data breaches or regulatory enquiries

Section 15

Children's Privacy

Our website and products are not intended for use by children. M5 Wealth does not knowingly collect personal information from anyone under 16 years of age (or a higher age where required by applicable local law). Product access is granted only to the authorised employees and representatives of our client organisations, who we assume to be above 18 years of age. In the event of any exceptions, we collect personal data of minors only with verifiable parental or guardian consent as required by applicable law.