Last Updated: 16 March 2026
Welcome to TaxSaathi. This Privacy Policy explains how we collect, use, and protect your information when you use our app and website at taxsaathi.online.
1. Information We Collect
- Account info: Name, email, mobile number
- Business info: Company name, GSTIN, address
- Financial data: Invoices, GST returns, expenses, TDS records
- Tax info: PAN, Aadhaar (for ITR), bank details
- Device and usage data collected automatically
- Google OAuth login information
2. How We Use Your Information
- Filing GST returns on your behalf (with explicit consent)
- Generating invoices and financial reports
- Sending WhatsApp deadline reminders
- Connecting you with verified CAs
- Processing subscription payments
- Customer support and app improvement
✅ We NEVER sell your personal or financial data to third parties.
3. GST Portal Access
- You explicitly authorize TaxSaathi to file on your behalf
- GST credentials used only for that filing session
- We do not store your GST portal password
- Filed via WhiteBooks — GSTN licensed GSP provider
4. Data Sharing
We share data only with: Supabase (database), WhiteBooks GSP (GST filing), Razorpay (payments), Vercel (hosting), Google (authentication). We do not sell data.
5. Data Security
- All data encrypted in transit (HTTPS/TLS)
- Database encrypted at rest (AES-256)
- Row-level security — you only access your own data
- API keys stored as environment variables
6. Your Rights
- Access, correct, or delete your personal data
- Export your data in CSV/JSON format
- Opt-out of marketing communications
- Revoke GST portal access at any time
7. Children's Privacy
TaxSaathi is for adults (18+). We do not knowingly collect data from children under 18.
8. Data Retention
Data retained while account is active. Deleted within 30 days of account deletion. Tax records recommended to keep for 6 years per Indian law.
9. Governing Law
Governed by laws of India including IT Act 2000 and DPDPA 2023. Jurisdiction: Indore, Madhya Pradesh.
10. Changes to Policy
We notify users of significant changes via email or in-app notification with 30 days notice.