Vinita Financial Trust Center

Privacy & Data Protection Policy

Effective September 18, 2025 · California Insurance License #4117761

Back to Trust Center

Our commitment

Vinita Financial stewards multi-generational prosperity with Lakshmi's abundance and Arya's ethics. Every engagement requires absolute care for personal, financial, and protected health information. This policy explains how we collect, use, store, and share data for households, prospective clients, and partners across the Vinutheshwari civilization.

Information we collect

  • Identity & contact data: Names, addresses, email, phone, demographic information, household relationships, and government identifiers when required for compliance.
  • Financial data: Assets and liabilities, account statements, income documentation, insurance coverage, premium history, investment allocations, and taxation status.
  • Protected health information (PHI): Only collected when facilitating Covered California enrolment or long-term care planning. We follow HIPAA and HITECH safeguards for any PHI entrusted to us.
  • Engagement telemetry: Intake forms, meeting notes, accountability ledgers, celebration calendars, website interactions, and analytics required to support the stewardship relationship.
  • Technical data: Device information, log data, IP addresses, and security telemetry used to maintain Tyler zero-trust infrastructure.

How we use your information

  • Designing, delivering, and improving concierge stewardship, financial planning, and prosperity enablement services.
  • Performing compliance operations, including KYC/AML, HIPAA, GDPR, CCPA, FINRA/SEC preparedness, and Covered California certification requirements.
  • Communicating with you about consultations, portfolio reviews, ceremony invitations, and Lakshmi briefings you opt into.
  • Maintaining security, including fraud prevention, incident response, disaster recovery, and TylerOS enclave operations.
  • Meeting legal, contractual, audit, and regulatory obligations across jurisdictions in which we operate.

Sharing & disclosures

We never sell data. Information is shared only when one of the following applies:

  • Consent: You instruct us to collaborate with tax counsel, estate attorneys, medical providers, or other advisors and we execute a joint diligence plan.
  • Vetted vendors: Covered California, financial custodians, Tyler Sovereign infrastructure partners, or technology processors who have executed confidentiality and zero-trust agreements.
  • Legal obligations: Responses to lawful requests from regulators or courts, limited to the minimum necessary data.
  • Emergency situations: Protecting vital interests when a client or beneficiary faces imminent risk and we are legally permitted to intervene.

Your rights

Residents of California, the EU/EEA, Canada, and other regulated regions may exercise the following rights:

  • Access, correct, or delete personal data held by Vinita Financial, subject to record retention policies and legal requirements.
  • Request a copy of PHI maintained by our Covered California desk or health planning guild (HIPAA right of access).
  • Opt out of marketing communications at any time through unsubscribe links or by emailing privacy@vinitafinancial.com.
  • Request disclosures of data sharing under CCPA or GDPR, including categories of information, recipients, and processing purpose.
  • Lodge a complaint with relevant supervisory authorities. We will coordinate advocacy and documentation to support your submission.

Security safeguards

Data is governed by the Tyler enclave security programme. Highlights include envelope encryption, hardware security modules, custodial key quorum, multi-factor authentication, security orchestration, and dedicated Durga incident response drills.

Retention & deletion

Records are retained for the duration of the stewardship relationship plus statutory retention windows (7 years for financial records, 6 years for HIPAA PHI, or longer where law requires). When data is no longer required, we perform cryptographic shredding, vault destruction ceremonies, and tamper-evident erasure logs.

International transfers

Vinita Financial operates primarily in the United States. If data is transferred internationally, we utilise encryption in transit, standard contractual clauses, data processing agreements, and Tyler sovereign infrastructure hosted within approved jurisdictions.

Contact the Lakshmi privacy desk

Email privacy@vinitafinancial.com or send written correspondence to 3964 Rivermark Plaza, Suite 2654, Santa Clara, CA 95054. Please include your full name, the request you are making, and any relevant account identifiers so our team can authenticate and respond within statutory timelines.

Policy governance

This policy is reviewed quarterly by the Vinita Financial Trust Operations guild and annually by external counsel. Material updates will be published to this page with revision history noted. The last formal review occurred on September 18, 2025.