This is a placeholder policy capturing the spirit of how Sthira handles personal and financial data. A full SEBI-compliant, legal-reviewed policy will replace this before commercial launch.

What we collect

Waitlist submissions — name, email, how-you-invest answer.
KYC data (in app, post-launch) — as required by SEBI/PMLA. Stored with India-resident infrastructure.
Broker tokens (in app, post-launch) — short-lived OAuth tokens, encrypted at rest, never sold or shared.
Portfolio + transaction data (in app, post-launch) — to run drift detection and explain your portfolio back to you.

What we don't do

No ad networks. No third-party trackers on the marketing site.
No selling, sharing, or aggregating of personal or financial data.
No reading or storing your bank account contents.
No LLM training on your data.

Your rights

You can request access to or deletion of any data we hold by emailing privacy@sosservices.online. We will respond within 7 days. KYC records retained per SEBI/PMLA minimums even after account closure, as required.

Where data lives

KYC and financial data is processed and stored on India-resident infrastructure. The marketing site is hosted on infrastructure in India and Europe.

Questions? Contact us.

Privacy Policy

What we collect

What we don't do

Your rights

Where data lives