Northbridge Wealth A brand of Suskan Finmaart Private Limited AMFI Registration Number (ARN): 41379<\/p>\n\n\n\n
Last Updated: 11 May 2026<\/p>\n\n\n\n
This Privacy Policy is issued by Suskan Finmaart Private Limited, operating under the brand name Northbridge Wealth (“Northbridge”, “we”, “us”, or “our”). We are a registered Mmutual Fund Distributor with the Association of Mutual Funds in India (AMFI), holding ARN 41379, and we also facilitate distribution and referral of Portfolio Management Services (PMS), Alternative Investment Funds (AIFs), and Specialised Investment Funds (SIFs) offered by SEBI-registered managers.<\/p>\n\n\n\n
We are registered with the Ministry of Corporate Affairs as a private limited company and operate from Kolkata and Mumbai, India.<\/p>\n\n\n\n
For the purposes of the Digital Personal Data Protection Act, 2023 (“DPDPA”) and the Digital Personal Data Protection Rules, 2025, Northbridge acts as a Data Fiduciary in respect of the personal data of its clients, prospective clients, website visitors, and other Data Principals whose data we process.<\/p>\n\n\n\n
Contact for privacy matters: Email: info@northbridgewealth.in Postal: Nilhat House, 6th Floor, 11 R. N. Mukherjee Road, Dalhousie, Kolkata 700001<\/p>\n\n\n\n
This Policy explains how we collect, use, store, share, and protect personal data when you:<\/p>\n\n\n\n
visit northbridgewealth.in or any sub-domain operated by us
interact with us through email, WhatsApp, telephone, video call, or in-person meetings
become a client through our mutual fund distribution, PMS referral, AIF referral, or SIF referral services
engage with our research notes, newsletters (such as the monthly Market Lens), or marketing communications
attend events, webinars, or seminars organised by us
This Policy does not govern the data processing practices of Asset Management Companies (AMCs), Portfolio Managers, AIF managers, SIF managers, KYC Registration Agencies (KRAs), Registrar and Transfer Agents (RTAs), banks, custodians, or any other third party where you transact directly under their own privacy policies and terms. We strongly recommend reading the privacy policies of the AMCs, Portfolio Managers, and other regulated entities you transact with, as those entities are independent Data Fiduciaries for data you provide directly to them.<\/p>\n\n\n\n
This Policy also does not govern third-party websites that may be linked from our site.<\/p>\n\n\n\n
We collect only the personal data that is reasonably necessary to provide our services, comply with our regulatory obligations, and improve your experience with us.<\/p>\n\n\n\n
3.1 Identification and KYC data Full name, father’s or spouse’s name, date of birth, gender, marital status, nationality, PAN, Aadhaar reference (we do not store full Aadhaar numbers; we rely on KRA-validated KYC records), photograph, signature, and proof of address.<\/p>\n\n\n\n
3.2 Contact data Residential and correspondence addresses, email addresses, mobile and landline numbers, and preferred communication channels.<\/p>\n\n\n\n
3.3 Financial and investment data Bank account details (for the limited purpose of facilitating transactions through AMC, PM, AIF, or SIF platforms; funds are debited directly by the asset manager, never by Northbridge), income range, source of funds, occupation, employer, existing investments, risk profile responses, investment objectives, time horizon, and family financial information you choose to share for goal-based planning.<\/p>\n\n\n\n
3.4 Tax and regulatory data Tax residency status, FATCA and CRS declarations, politically exposed person (PEP) status, and other declarations required under the Prevention of Money Laundering Act, 2002 (“PMLA”) and rules made thereunder.<\/p>\n\n\n\n
3.5 Transaction and portfolio data Folio numbers, scheme holdings, transaction history, statements, and consolidated account statements (CAS) shared with us by you or accessed by us with your consent through MFCentral, CAMS, KFintech, or directly from AMCs.<\/p>\n\n\n\n
3.6 Family relationship data Where you choose to add family members under a single advisory relationship, we collect their identification, contact, and financial data on the same basis as yours, subject to their consent.<\/p>\n\n\n\n
3.7 Technical and usage data When you visit our website, we may collect IP address, browser type, device identifiers, operating system, pages visited, time spent, and referral source. This is collected through cookies and analytics tools described in Section 9.<\/p>\n\n\n\n
3.8 Communications data Records of emails, WhatsApp messages, call notes, meeting minutes, and recorded video consultations (only where you have been informed and have consented in advance).<\/p>\n\n\n\n
3.9 Children’s data Our services are intended for individuals aged 18 years and above. Where investments are made for or in the name of a minor, the data of the minor is collected only through the verifiable consent of a parent or legal guardian, in accordance with Section 9 of the DPDPA.<\/p>\n\n\n\n
We collect personal data:<\/p>\n\n\n\n
Directly from you, when you complete onboarding forms, KYC documents, risk profilers, account opening forms, or share information during conversations.
From KYC Registration Agencies (KRAs) such as CVL KRA, NSE KRA, or NDML, where you have completed a centralised KYC. We access KRA records strictly to verify your KYC status and fetch validated KYC data, with your knowledge.
From AMCs, Portfolio Managers, RTAs (CAMS, KFintech), and depositories, in respect of folios and transactions where Northbridge is mapped as your distributor or referrer (ARN 41379 or applicable referral code).
From MFCentral, CAS providers, and account aggregators, only with your explicit consent.
From public sources, such as company websites or regulatory filings, for limited research and due diligence purposes.
Automatically through our website, via cookies and analytics tools.
We do not purchase personal data from data brokers and we do not engage in any practice involving the scraping of personal data.<\/p>\n\n\n\n
Under the DPDPA, we process your personal data on one of the following grounds: your consent, certain legitimate uses recognised by law, or compliance with a legal obligation. The principal purposes are:<\/p>\n\n\n\n
KYC and identity verification, to meet PMLA, SEBI, and AMFI requirements before facilitating any investment (legal obligation).
Facilitating mutual fund transactions through AMCs and RTAs, including subscriptions, switches, redemptions, and SIP, STP, or SWP registrations (consent and performance of service).
Referring you to Portfolio Managers, AIF managers, and SIF managers to enable you to evaluate and onboard with the relevant SEBI-registered manager (consent).
Risk profiling and suitability assessment, in line with the AMFI Code of Conduct for Mutual Fund Distributors (consent and legitimate use).
Portfolio review, reporting, and family-level consolidation (consent and performance of service).
Servicing your account, including statements, queries, grievance handling, and transaction follow-ups (performance of service).
Sharing market updates, Market Lens, research notes, and educational content (consent; you may withdraw at any time).
Compliance, audits, and regulatory reporting to AMFI, SEBI, Income Tax authorities, FIU-IND, or any other competent authority (legal obligation).
Fraud prevention, impersonation detection, and security monitoring (legitimate use).
Improving our website and services, including analytics and usability (consent).
We do not use your personal data for any purpose that is materially different from the purposes set out above without notifying you and, where required, seeking fresh consent.<\/p>\n\n\n\n
Because trust and transparency matter more than legalese, we want to be explicit about the limits of our role:<\/p>\n\n\n\n
We do not custody your money. All investments flow directly from your bank account to the AMC, Portfolio Manager, AIF, or SIF. Funds are received and held by SEBI-registered entities under regulated custody arrangements, not by Northbridge.
We do not have discretionary trading authority over your accounts. Every transaction in your folio is executed on the basis of your written or electronic consent, or by you directly on an AMC, RTA, or transaction platform.
We do not store your internet banking passwords, debit or credit card numbers, CVV, or one-time passwords.
We do not sell or rent your personal data to any third party for marketing purposes.
We do not share your data with insurance companies, loan providers, or any cross-sell partner without your specific, prior consent for that purpose.<\/p>\n\n\n\n
We share your personal data only where necessary, and only with the following categories of recipients:<\/p>\n\n\n\n
7.1 Asset Management Companies, Portfolio Managers, AIF managers, and SIF managers. When you choose to invest in a scheme, the data required to open your folio or account is shared with the relevant manager. This sharing is unavoidable, since the transaction is executed at their end.<\/p>\n\n\n\n
7.2 Registrar and Transfer Agents (CAMS, KFintech, and equivalent). RTAs process applications, maintain folios, and generate statements on behalf of AMCs.<\/p>\n\n\n\n
7.3 KYC Registration Agencies (KRAs). For KYC creation, validation, modification, and retrieval.<\/p>\n\n\n\n
7.4 Stock exchange transaction platforms. Such as BSE StAR MF, NSE NMF II, or MFU, where transactions are routed through these platforms.<\/p>\n\n\n\n
7.5 Statutory and regulatory authorities. SEBI, AMFI, the Income Tax Department, the Financial Intelligence Unit-India (FIU-IND), courts, tribunals, and any other lawful authority, where disclosure is required by law or by a binding regulatory or judicial order.<\/p>\n\n\n\n
7.6 Auditors, professional advisers, and consultants. Including our chartered accountants, company secretaries, lawyers, and IT auditors, who are bound by contractual and professional confidentiality obligations.<\/p>\n\n\n\n
7.7 Technology service providers. CRM platforms, email service providers, cloud storage providers, e-sign providers, analytics tools, and communication platforms (such as WhatsApp Business). These providers act as Data Processors on our behalf and are contractually obligated to process personal data only on our instructions and in accordance with applicable law.<\/p>\n\n\n\n
7.8 Successor in interest. In the event of a merger, acquisition, reorganisation, or sale of business assets, your personal data may be transferred to the successor entity, subject to that entity continuing to honour the protections set out in this Policy.<\/p>\n\n\n\n
We do not share, sell, or transfer your personal data to any other third party.<\/p>\n\n\n\n
The personal data we process is primarily stored on servers located within India. Some of our technology service providers may store backup or processed data on servers located outside India, in jurisdictions that are not currently restricted by the Central Government under the DPDPA. Where such transfers occur, we ensure that contractual safeguards (including data processing agreements and confidentiality undertakings) are in place to maintain the same standard of protection.<\/p>\n\n\n\n
Our website uses cookies and similar technologies for the following purposes:<\/p>\n\n\n\n
Essential cookies, which are necessary for the website to function (for example, page navigation and form submission).
Analytics cookies, which help us understand how visitors use our site, through tools such as Google Analytics and Meta Pixel. Where required, we obtain your consent before placing non-essential cookies.
Marketing cookies, which may be set by advertising platforms (such as Google Ads or LinkedIn Insights) to measure campaign effectiveness.
You may control or disable cookies through your browser settings. Disabling certain cookies may affect website functionality.<\/p>\n\n\n\n
We retain personal data only for as long as is necessary to fulfil the purposes for which it was collected, and to comply with our regulatory record-keeping obligations.<\/p>\n\n\n\n
KYC records, transaction records, and AML-related documents are retained for a minimum of five years from the date of cessation of the business relationship or the date of the transaction, whichever is later, in accordance with PMLA and SEBI requirements. In certain cases, this period may extend up to ten years.
Tax-related records are retained as required under the Income Tax Act, 1961.
Marketing communication records are retained until you withdraw consent or for a reasonable period thereafter.
Website analytics data is retained for the period specified by the relevant analytics provider.
When personal data is no longer required for any of these purposes, it is securely deleted or anonymised.<\/p>\n\n\n\n
We take the confidentiality and security of your personal data seriously. Our security measures are designed to align with the AMFI Code of Conduct for Mutual Fund Distributors (which requires us to maintain confidentiality of all client information and adopt appropriate security measures) and, on a best-effort basis, with the principles set out in the SEBI Cybersecurity and Cyber Resilience Framework (CSCRF) issued for SEBI Regulated Entities.<\/p>\n\n\n\n
Specifically, we implement:<\/p>\n\n\n\n
Role-based access controls, so that only authorised employees with a need to know can access your data.
Two-factor authentication on all internal systems and on our Google Workspace environment.
Encryption of data in transit using industry-standard TLS, and encryption of sensitive data at rest where stored on our systems.
Secure password policies, periodic password rotation, and revocation of access on employee exit.
Vendor due diligence and contractual data protection commitments from all our technology service providers.
Periodic internal reviews of access logs, security configurations, and backup integrity.
Employee training on data privacy, confidentiality, and the AMFI Code of Conduct.
While we take all reasonable steps to protect your data, no system of electronic transmission or storage can be guaranteed to be perfectly secure. We encourage you to maintain the confidentiality of your own credentials, never share OTPs with anyone (including persons claiming to represent Northbridge), and report any suspicious activity to us immediately.<\/p>\n\n\n\n
In the event of a personal data breach that affects your data, we will notify the Data Protection Board of India and affected Data Principals in the manner and within the timelines required under the DPDPA and the Digital Personal Data Protection Rules, 2025.<\/p>\n\n\n\n
Under the DPDPA, you have the following rights in respect of your personal data:<\/p>\n\n\n\n
Right to access: You may request a summary of the personal data we hold about you and the processing activities undertaken.
Right to correction and erasure: You may request correction of inaccurate or incomplete data, and erasure of data that is no longer necessary for the purpose for which it was collected, subject to our regulatory retention obligations.
Right to withdraw consent: Where processing is based on consent, you may withdraw consent at any time. Withdrawal will not affect the lawfulness of processing carried out before withdrawal, and may affect our ability to continue providing certain services to you.
Right to grievance redressal: You may raise any grievance regarding our processing of your personal data through the channels set out in Section 14.
Right to nominate: You may nominate another individual to exercise these rights on your behalf in the event of your death or incapacity, in accordance with the DPDPA.
To exercise any of these rights, please write to us at info@northbridgewealth.in with adequate details for us to verify your identity and process your request. We will respond within the timelines required under applicable law.<\/p>\n\n\n\n
If you have any concern, complaint, or question regarding our processing of your personal data, please contact us in the following order:<\/p>\n\n\n\n
Step 1: Privacy Contact Email: info@northbridgewealth.in We will acknowledge your communication within three working days and respond substantively within fifteen working days.<\/p>\n\n\n\n
Step 2: Grievance Officer Name: Chirag Jain Designation: Founder and Principal Officer Email: info@northbridgewealth.in Address: Nilhat House, 6th Floor, 11 R. N. Mukherjee Road, Dalhousie, Kolkata 700001<\/p>\n\n\n\n
If your grievance is not resolved to your satisfaction, you may escalate the matter to the Data Protection Board of India in accordance with the DPDPA, once the Board becomes operational and the relevant provisions are notified.<\/p>\n\n\n\n
For grievances specifically related to mutual fund transactions, you may also approach:<\/p>\n\n\n\n
The concerned AMC’s grievance redressal mechanism
AMFI: https:\/\/www.amfiindia.com
SEBI SCORES: https:\/\/scores.sebi.gov.in
SEBI SMARTODR: https:\/\/smartodr.in<\/p>\n\n\n\n
We may update this Privacy Policy from time to time to reflect changes in our practices, regulatory developments, or for other operational, legal, or regulatory reasons. The updated Policy will be posted on our website with a revised “Last Updated” date. Where the changes are material, we will additionally notify you by email or other reasonable means.<\/p>\n\n\n\n
We encourage you to review this Policy periodically.<\/p>\n\n\n\n
Mutual fund investments are subject to market risks. Read all scheme-related documents carefully.
Past performance of any scheme, manager, or product is not indicative of future returns.
Investments in PMS, AIFs, and SIFs are subject to product-specific risks, minimum investment thresholds, and lock-ins as set out in the respective Private Placement Memorandum, Disclosure Document, or Scheme Information Document. These products are not suitable for all investors.
Northbridge does not guarantee any returns. All investment decisions remain solely those of the investor.
Northbridge is a Mutual Fund Distributor and earns commissions from AMCs on mutual fund transactions and referral fees from Portfolio Managers, AIF managers, and SIF managers (where applicable and as disclosed). Northbridge does not charge any advisory fee.<\/p>\n\n\n\n
This Privacy Policy is governed by the laws of India. Any dispute arising out of or in connection with this Policy shall be subject to the exclusive jurisdiction of the courts at Kolkata, West Bengal.<\/p>\n\n\n\n
By using our website, our services, or by providing your personal data to us, you acknowledge that you have read and understood this Privacy Policy.<\/p>\n","protected":false},"excerpt":{"rendered":"
Northbridge Wealth A brand of Suskan Finmaart Private Limited AMFI Registration Number (ARN): 41379 Last Updated: 11 May 2026 This Privacy Policy is issued by Suskan Finmaart Private Limited, operating under the brand name Northbridge Wealth (“Northbridge”, “we”, “us”, or “our”). We are a registered Mmutual Fund Distributor with the Association of Mutual Funds in […]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"open","template":"","meta":{"footnotes":""},"class_list":["post-3","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/northbridgewealth.in\/lead\/wp-json\/wp\/v2\/pages\/3","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/northbridgewealth.in\/lead\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/northbridgewealth.in\/lead\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/northbridgewealth.in\/lead\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/northbridgewealth.in\/lead\/wp-json\/wp\/v2\/comments?post=3"}],"version-history":[{"count":7,"href":"https:\/\/northbridgewealth.in\/lead\/wp-json\/wp\/v2\/pages\/3\/revisions"}],"predecessor-version":[{"id":201,"href":"https:\/\/northbridgewealth.in\/lead\/wp-json\/wp\/v2\/pages\/3\/revisions\/201"}],"wp:attachment":[{"href":"https:\/\/northbridgewealth.in\/lead\/wp-json\/wp\/v2\/media?parent=3"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}