Legal

Privacy Policy

Last updated: 31 May 2026

This Privacy Policy explains how Monk3y GC ("we", "us", "our") collects, uses, stores, discloses and protects personal data when you interact with this website, our portal, or our services. We respect your privacy and are committed to handling your data in accordance with the Digital Personal Data Protection Act, 2023 ("DPDP Act") and, where applicable, the General Data Protection Regulation ("GDPR").

1. What we collect

Contact details, including name, email address, organisation, role, phone number where provided, and message content.

Account details used for portal access, including email address, authentication identifiers, access role, and activity logs.

Engagement information, including instructions, documents, comments, deliverables, invoices, and matter status.

Technical information, including IP address, browser type, device details, security logs, and strictly necessary cookies.

2. How we use information

To respond to enquiries, template requests, and contact form submissions.

To onboard, administer, and deliver agreed engagements.

To operate the client portal and maintain document workflows.

To comply with applicable legal, regulatory, tax, accounting, security, and record-keeping obligations.

To protect the website, portal, users, and engagement data from unauthorised access or misuse.

3. Legal basis

We process your personal data on the basis of your consent (which you may withdraw at any time), the performance of an engagement, our legitimate interests, and where required to comply with applicable law.

4. Sharing

We do not sell your personal data. We may share data with: (i) the assigned counsel handling your engagement; (ii) trusted service providers (cloud hosting, authentication, payment) under written confidentiality terms; (iii) regulators or courts where legally required.

5. Storage & retention

Engagement records are retained for the period required to administer the engagement, comply with applicable obligations, resolve disputes, and maintain appropriate records. Contact form submissions may be retained for up to 24 months unless a longer period is required.

6. Your rights

Subject to applicable law, you may request access, correction, updating, erasure, withdrawal of consent, grievance redressal, and nomination rights where available. Requests may be sent to privacy@monk3ygc.com.

7. Cookies

We use strictly necessary cookies for authentication, session management, security, and portal functionality. We do not use third-party advertising cookies.

8. Security

We use industry-standard technical and organisational measures including encryption in transit, role-based access, and row-level data isolation in our portal. No method is 100% secure; we will notify affected users and regulators of any qualifying personal data breach as required by law.

9. Grievance Officer

For questions or complaints, write to the Grievance Officer at grievance@monk3ygc.com. We will respond within the timelines prescribed under the DPDP Act.

10. Changes

We may update this Privacy Policy from time to time. The latest version will be identified by the updated date above.