Maintaining the confidentiality and security of all personal information;

Complying with the Digital Personal Data Protection (DPDP) Act, 2023, IT (Reasonable Security Practices) Rules, 2011, and other applicable Indian laws;

Offering transparency, user rights, and ethical handling of data in both digital and offline environments.

Individuals who visit my website;

Clients and prospective clients;

Individuals engaging with me via forms, emails, or calls;

Job seekers or interns applying through the site;

Anyone whose personal data is provided during consultations or advisory services.

Name, email address, phone number

Financial identifiers (PAN, Aadhaar, GSTIN, account numbers)

IP address and geolocation

Uploaded documents (bank statements, IT returns, identity proofs)

Cookies, device IDs, and browser metadata

Contact details: name, phone, email, city

Business profile: company name, GST details, type of services needed

Uploaded documents: for tax, accounting, advisory, audit, and compliance

Job-related documents: resumes, degrees, references

IP address, location (approximate)

Pages visited and interaction logs

Device type, browser version

Cookies and trackers (see Cookies section)

Aadhaar card (masked if not required)

Bank account details

Digital signature (if used for filings)

Income tax filings and login credentials (only with consent for representation)

Consent: For newsletters, form submissions, or marketing

Legal Obligation: As required under ICAI, Income Tax Act, Companies Act, etc.

Contractual Need: For service engagement, representation, or certification

Legitimate Interest: For professional record-keeping, audit trails, legal defense

Respond to queries and offer personalized consultation

Deliver services like tax filing, auditing, certifications, and business structuring

Maintain professional logs and regulatory records

Comply with statutory requirements (e.g., audit trail retention)

Send important updates, deadlines, and compliance notices

Improve website functionality and visitor experience

Understand website usage trends

Secure sessions and forms

Improve site responsiveness

With government or statutory authorities on legal demand

With professional advisors (e.g., CAs, CSs, legal counsel) for authorized cases

With secure hosting/cloud service providers (compliant with Indian data laws)

With regulators during audits (Income Tax, GST, ICAI)

On secure servers hosted within India (unless otherwise noted)

In encrypted formats wherever applicable (files, emails)

With role-based access control, audit logs, and strong authentication

General client records: retained for a minimum of 8 years, as per ICAI guidelines

Financial/tax documents: retained for up to 8 years (or longer if under litigation)

Contact queries: retained for 6–12 months

Job applications: retained for 1 year unless specified otherwise

Access: Get a copy of your data on record

Correction: Request correction of incorrect or outdated information

Deletion: Ask for deletion of data no longer needed (except where legally retained)

Portability: Request transfer of data (where applicable)

Withdrawal of Consent: Revoke consent-based processing

Nominate: Assign a nominee in case of incapacity (under DPDP 2023)

Redressal: Raise a complaint with me or escalate to the Data Protection Board

The service provider adheres to recognized security standards (ISO 27001, SOC 2)

Data transfers comply with Indian law and necessary safeguards