This appendix summarizes TNV-LEI’s commitments and practices in handling personal and entity-related data as part of its LEI issuance, renewal, transfer, and update services.
1. Legal Basis for Data Processing
TNV-LEI processes personal and legal entity data based on:
- The Digital Personal Data Protection (DPDP) Act, 2023 (India)
- The General Data Protection Regulation (GDPR) (European Union), where applicable
- The Swiss Federal Act on Data Protection
- GLEIF’s open data principles under ISO 17442
By using TNV-LEI’s services, Legal Entities and Authorized Representatives consent to the collection, processing, and publication of their data for LEI lifecycle management and transparency obligations under global financial standards.
2. Data Types Collected
TNV-LEI may collect and store the following:
- Legal Entity Information (LE-RD): Legal name, address, registration details, corporate hierarchy (if applicable)
- Personal Data: Names, email addresses, phone numbers, and official designations of Authorized Users and Representatives
- Authentication Documents: Power of Attorney, Board Resolutions, KYC proofs, and identity verification documents
- Payment Information: Payment status, transaction reference, and method used (but not full card details)
3. Purpose of Processing
Collected data is used solely for:
- Verifying LEI eligibility
- Issuing, renewing, updating, or transferring LEIs
- Publishing LEI data to the public LEI database
- Maintaining internal compliance, invoicing, and audit records
- Communicating with GLEIF, regulators, or the Legal Entity
4. Data Sharing and Third Parties
TNV-LEI may share data with:
- GLEIF – for global publication and LEI oversight
- Government and regulatory bodies – upon lawful request
- Payment processors – such as Razorpay and HDFC Bank, strictly limited to transaction processing and as per their own privacy policies
- IT infrastructure vendors – bound by confidentiality and data protection clauses
TNV-LEI does not sell or share personal data with advertisers or unauthorized third parties.
5. Data Storage and Security
TNV-LEI implements robust controls including:
- Encrypted communications (SSL/TLS)
- Firewall and access control for sensitive data
- Role-based access and two-factor authentication for system users
- Data backups and retention protocols
All LEI-related data is retained for a minimum of 8 years for regulatory and audit purposes, unless otherwise required by law.
6. Rights of Data Subjects
Authorized Users and Legal Entities may:
- Request a copy of their stored personal data
- Request correction or update of personal details
- Withdraw consent (where applicable)
- Request deletion of personal data after termination, subject to legal limitations
Requests may be submitted to: privacy@tnvlei.com
7. Payment Gateway Privacy
For online payments:
- TNV-LEI uses Razorpay, HDFC Bank, and UPI gateways
- All payment information is handled directly by these gateways under their respective terms and privacy policies
- TNV-LEI does not store full card or banking credentials
By proceeding with payment, users also accept the respective privacy terms of the selected payment platform.
8. Privacy Policy Access
TNV-LEI’s complete Privacy Policy is available at:
www.tnvlei.com/privacy
