Privacy Policy

Effective date: 1 April 2026  |  Last updated: 1 April 2026

1. Data Fiduciary

For the purposes of the Digital Personal Data Protection Act, 2023 (India) ("DPDP Act") and other applicable data protection laws, Fivcap India Advisors Private Limited is the Data Fiduciary in respect of personal data collected through this Site and in connection with our investment and funding activities.

2. What Information We Collect

We may collect the following categories of information depending on how you interact with us:

Category	Examples	Source
Identity & contact data	Name, email address, phone number, organisation, designation	Contact and inquiry forms; direct correspondence
Claim and case information	Nature of dispute, claim quantum, counterparty details, jurisdiction, stage of proceedings, outcome history	Funding inquiry forms; direct submission by claimant or counsel
Confidential case documents	Pleadings, expert reports, legal opinions, correspondence, evidence, financial statements	Direct upload or email submission during due diligence
Investor information	KYC documents, financial information, tax identification, bank details	Investor onboarding process
Usage and technical data	IP address, browser type, pages visited, referring URL, session duration	Automatically via cookies and server logs

3. Confidential Case Material — Special Handling

When you share confidential case material with Fivcap for the purposes of a funding evaluation, the following protections apply:

• Strict confidentiality. All case documents, legal memoranda, expert opinions, witness statements, and related materials are treated as strictly confidential and are not disclosed outside Fivcap except as described below.
• Need-to-know access. Access to confidential case material within Fivcap is limited to investment team members and advisers directly involved in the evaluation of your matter. We do not share your case materials with the general staff, marketing functions, or unrelated teams.
• Legal privilege. We recognise that documents shared with us may be covered by legal professional privilege. We take all reasonable steps to preserve the privileged status of such documents and do not use them for any purpose other than evaluating your funding request. If we determine that we cannot proceed with a funding evaluation, we will promptly return or destroy documents at your request.
• No use against you. We will not use confidential case information to take any position adverse to the submitting party or to benefit any counterparty to the submitted dispute.
• Secure channels. We encourage submission of sensitive materials via encrypted email or secure file transfer. Where materials are submitted through a web form or email, we take reasonable technical measures to protect them in transit and at rest.

4. Purposes for Which We Use Your Information

We process personal data and confidential information for the following purposes, each on the legal basis indicated:

• Evaluating funding inquiries — to assess the merits of a potential litigation finance arrangement (basis: legitimate interest / pre-contractual steps).
• Investor onboarding and management — to comply with KYC/AML requirements under the Prevention of Money Laundering Act, 2002, SEBI AIF Regulations, and FATCA/CRS obligations (basis: legal obligation).
• Portfolio management and reporting — to manage active investments and report to investors and SEBI as required (basis: contract / legal obligation).
• Responding to inquiries and communications — to respond to questions submitted through the Site or by email (basis: legitimate interest).
• Improving the Site — to understand how visitors use the Site and improve its functionality (basis: legitimate interest).
• Compliance with law — to comply with applicable legal and regulatory requirements, court orders, or lawful requests from SEBI, regulators, or law enforcement (basis: legal obligation).

5. Sharing of Information

We do not sell, rent, or trade personal data or confidential case information. We may share information in the following limited circumstances:

• Legal advisers. We engage external legal counsel for due diligence, structuring, and enforcement advice. Such advisers are bound by professional privilege and confidentiality obligations.
• Co-funders and syndication partners. In certain cases, we may syndicate a portion of a funded matter with a co-funder. We will not share your confidential case information with any prospective co-funder without first entering into a written non-disclosure agreement and, where required, obtaining your consent.
• Auditors, accountants, and fund administrators. Our statutory auditors and fund administrators may have access to financial and operational records in the ordinary course of their engagement. They are bound by professional and contractual confidentiality obligations.
• SEBI and regulators. We are subject to oversight by SEBI and may be required to disclose information in connection with regulatory inspections, investigations, or reporting obligations under the AIF Regulations and the DPDP Act.
• Law enforcement and courts. We may disclose information where required by a court order, statutory notice, or other lawful compulsion. We will, where permitted by law, notify you of any such compelled disclosure before it is made.
• Service providers. We use third-party service providers for website hosting, IT infrastructure, and cloud storage. These providers are contractually bound to process data only on our instructions and to maintain appropriate security standards.

We do not share personal data with parties outside India unless adequate data protection safeguards are in place and, where required under the DPDP Act, approved by the Government of India.

6. Data Retention

We retain personal data and confidential case information only for as long as necessary for the purpose for which it was collected or as required by law. Our general retention guidelines are:

• Funding inquiries not pursued: identity and contact data are retained for up to 24 months; confidential case documents are returned or destroyed within 30 days of your written request, or within 90 days of the conclusion of the evaluation, whichever is earlier.
• Active funded matters: all relevant data is retained for the duration of the funded matter and for a further period of 7 years following final resolution, in compliance with applicable statutory and regulatory requirements.
• Investor records: retained for a minimum of 8 years following the end of the investor's relationship with the Fund, in accordance with SEBI AIF Regulations and anti-money laundering laws.
• Website usage data: retained for up to 12 months.

7. Your Rights as a Data Principal

Under the DPDP Act and applicable law, you have the following rights in relation to your personal data:

• Right to access: to obtain a summary of personal data we hold about you and details of how it has been processed.
• Right to correction: to request correction of inaccurate or incomplete personal data.
• Right to erasure: to request deletion of personal data where it is no longer necessary for the purpose for which it was collected, subject to applicable legal retention requirements.
• Right to withdraw consent: where processing is based on your consent, to withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing prior to withdrawal.
• Right to grievance redressal: to lodge a complaint with our Grievance Officer (see Section 11 below) or with the Data Protection Board of India.

To exercise any of these rights, please contact our Grievance Officer using the details in Section 11. We will respond within the timeframes required by applicable law.

8. Security of Your Information

We implement technical and organisational measures appropriate to the nature of the information we hold, including:

• Encryption of confidential documents in transit (TLS) and at rest where supported by our storage systems;
• Access controls limiting access to personal data and case materials to authorised personnel on a need-to-know basis;
• Regular review of our data handling practices and security posture;
• Contractual requirements on third-party service providers and advisers to maintain equivalent security standards.

No method of transmission over the internet or electronic storage is fully secure. If you have concerns about the secure transmission of particularly sensitive materials, please contact us to discuss alternative secure channels before submitting.

9. Cookies and Tracking Technologies

This Site uses cookies and similar technologies to operate correctly and to understand how visitors use it. We use the following categories of cookies:

• Strictly necessary cookies: required for the Site to function correctly (e.g., session management and access to protected areas). These are always active and cannot be disabled.
• Analytics cookies: set only with your consent. We use Google Analytics 4 to collect anonymised data about how visitors interact with the Site � including pages viewed, session duration, and traffic source. This data is used solely to improve the Site and is never sold or used to personally identify visitors.

We do not use advertising or targeting cookies.

Cookies set by Google Analytics 4

Analytics cookies are set only if you accept them when the cookie banner appears, or later via the preference centre. You can withdraw your consent at any time � your preference is stored in a cookie named cc_cookie that expires after one year.

Manage cookie preferences

10. Children's Privacy

This Site is not directed at, and we do not knowingly collect personal data from, children under the age of 18. If you believe that a child has provided personal data to us without appropriate parental consent, please contact us immediately and we will take steps to delete such data.

11. Grievance Officer

In accordance with the DPDP Act and the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, any grievance relating to this Privacy Policy or our handling of personal data may be directed to our Grievance Officer:

Grievance Officer
Fivcap India Advisors Private Limited
144 Jolly Maker Chambers II, Nariman Point, Mumbai 400021
Email: info@5riverscap.com
Please mark your communication "Privacy Grievance" in the subject line.

We will acknowledge your grievance within 48 hours and endeavour to resolve it within 30 days of receipt. If you remain dissatisfied with our response, you may refer your complaint to the Data Protection Board of India at such time as the Board becomes operational under the DPDP Act.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, regulatory requirements, or the services we offer. We will post the revised policy on this page with an updated "Last updated" date. Where changes are material, we will take reasonable steps to notify affected individuals. Your continued use of the Site or submission of information after the posting of any change constitutes your acceptance of the revised policy.

13. Governing Law

This Privacy Policy is governed by the laws of the Republic of India, including the DPDP Act, the Information Technology Act, 2000, and applicable rules and regulations thereunder. Any disputes arising under this policy shall be subject to the exclusive jurisdiction of the courts of Mumbai, Maharashtra.