At Wealth Empires, we value your right to data privacy and protection. If you are a resident of the European Union (EU), the European Economic Area (EEA), or the United Kingdom (UK), this section outlines your specific rights under the General Data Protection Regulation (GDPR) and how we comply with them.
1. Legal Basis for Processing Personal Data
We process personal data only when we have a lawful basis to do so under GDPR. These bases include:
- Contractual Necessity: To deliver the services you request (e.g., business registration, compliance filings, tax services).
- Legal Obligation: To comply with applicable accounting, tax, or regulatory requirements.
- Legitimate Interests: To improve our services, secure our systems, and manage our business operations.
- Consent: When you voluntarily provide information for AI tools, newsletters, or marketing purposes.
- Vital Interests: To protect your or another person's vital interests (in rare cases).
2. Data Controller and Data Processor
- Data Controller: Wealth Empires determines the purposes and means of processing your personal data.
- Data Processor: In some cases, we act as a processor when handling data on behalf of clients for filings, submissions, or automated AI analysis.
3. Categories of Personal Data Collected
We may collect and process:
- Identification data (name, email, phone, business name, registration numbers)
- Financial data (company financials, tax details, transaction history)
- AI tool inputs (responses to compliance assessments, reports, etc.)
- Technical data (IP address, device info, cookies, browser type)
We ensure all data collected is relevant and limited to the purpose for which it is processed.
4. Your Rights Under GDPR
As an EU/EEA/UK resident, you have the following rights:
| Right |
Description |
| Right to Access |
You can request a copy of your personal data held by us. |
| Right to Rectification |
You can ask to correct inaccurate or incomplete data. |
| Right to Erasure ("Right to be Forgotten") |
You can request deletion of your data when it's no longer needed or consent is withdrawn. |
| Right to Restrict Processing |
You can request limited use of your data under certain conditions. |
| Right to Data Portability |
You can request your data in a structured, machine-readable format. |
| Right to Object |
You can object to processing based on legitimate interests or direct marketing. |
| Right to Withdraw Consent |
You may withdraw your consent at any time where processing is based on consent. |
5. International Data Transfers
As Wealth Empires operates primarily from India, your data may be transferred and processed outside the EEA. We ensure adequate protection through:
- Standard Contractual Clauses (SCCs) approved by the European Commission; or
- Equivalent data protection safeguards as per GDPR Article 46.
Important: By using our Services, you acknowledge that your data may be processed in jurisdictions that may not offer the same level of protection as the EU.
6. Data Retention
We retain your personal data only as long as necessary to:
- Deliver the contracted services
- Comply with legal and tax obligations
- Resolve disputes or enforce agreements
When no longer required, your data will be securely deleted or anonymized.
7. Automated Decision-Making and Profiling
Our AI-driven tools (such as Startup Health Check, Networth Calculator, and AI CRM) may use algorithms to assess compliance readiness, risk scores, or insights. However:
- These tools do not make legally binding decisions.
- You can request human review or clarification of any automated assessment at any time.
8. Data Security Measures
Wealth Empires employs robust organizational and technical measures, including:
- End-to-end data encryption
- Role-based access control
- Regular audits and compliance reviews
- Secure cloud storage under ISO/IEC 27001 standards
9. Data Breach Notification
In the event of a personal data breach that is likely to result in risk to your rights and freedoms, we will:
Notify you and the relevant supervisory authority within 72 hours, as required by GDPR Article 33.
10. Contact and Complaints
If you have questions or concerns about how we handle your data, contact our DPO:
If you believe your data protection rights have been violated, you have the right to lodge a complaint with your local Data Protection Authority (DPA).