Privacy Policy
Last updated: 2 June 2026 · Applies to the SRK Client mobile app and the client portal at portal.srktaxaudit.com
SRK TAX AUDIT (“we”, “us”, “our”) is a professional tax consultancy based in Tuticorin, Tamil Nadu, India. This Privacy Policy explains how we collect, use, store, disclose and protect your personal data when you use the SRK Client application (the “App”) and the related web portal (together, the “Service”). We act as a Data Fiduciary under the Digital Personal Data Protection Act, 2023 (“DPDP Act”) and follow the Information Technology Act, 2000 and the SPDI Rules, 2011 with respect to sensitive personal data.
1. Personal data we collect
We collect only what is needed to deliver tax and compliance services to you:
- Identity & contact data: your name, business / trade name, mobile number, email address, postal address.
- Tax & financial identifiers: PAN, GSTIN, and other registration numbers you or your authorised representative provide.
- Financial & compliance documents: invoices, GST returns, income-tax data, notices, ledgers and any files you upload for us to act on.
- Billing data: invoices we raise, amounts, payment status, and the UPI / bank reference you use to pay (we do not store your full card or bank credentials — payments are made directly through your own UPI / banking app or a PCI-DSS-compliant payment gateway).
- Account & security data: login credentials (passwords and device PINs are stored only as irreversible cryptographic hashes — never in plain text), device identifier, session information, and login timestamps.
- Technical data: app version, basic device/OS information, and error logs needed to keep the Service secure and working.
We do not knowingly collect data from anyone under 18. The Service is intended for businesses and adult taxpayers only.
2. How we use your data & lawful basis
We process your data only for the purposes for which you engaged us, on the basis of your consent and the performance of our professional engagement:
- Preparing and filing your GST, Income-Tax, TDS and related returns.
- Responding to tax notices and representing you before the authorities.
- Raising invoices for our services and recording your payments.
- Communicating filing status, reminders and document requests to you.
- Authenticating you and keeping your account secure.
- Meeting our own legal, audit and record-keeping obligations.
We do not sell your personal data, and we do not use it for advertising or profiling.
3. When we share data
We disclose your data only as needed to provide the Service:
- Government portals: the GSTN, Income-Tax e-filing, TRACES and MCA portals, to file your returns and compliances on your instruction.
- Service providers (Data Processors): our cloud hosting and database providers (e.g. Supabase, and our application hosts) and our payment gateway, who process data only on our instructions under confidentiality and security obligations.
- Legal requirement: where disclosure is required by law, court order, or a lawful request from a government authority.
We do not transfer your data to any third party for their own marketing or independent use.
Shareable status links. At your request we may send you a private, unique link (for example by WhatsApp) that shows a read-only summary of your work status, fees, payment dues and the count of your completed files — without a login. These links are protected by an unguessable token and a verification step (the last four digits of your registered mobile number), do not expose your GSTIN, PAN, address or document contents, and can be revoked by us at any time. Please keep any such link private; anyone you forward it to may be able to view that summary. Your full profile and document downloads remain available only inside the password-protected portal.
4. Data retention
We keep your data only as long as necessary for the purposes above. Because tax records are governed by statute, we are legally required to retain certain filing and financial records for the periods prescribed under the Income-Tax Act, the GST law and other applicable laws (generally up to 8 years). When you ask us to delete your account, we deactivate your login and erase data that is not under a statutory retention obligation; records we are legally required to keep are retained securely and used only for compliance and audit purposes.
5. Your rights as a Data Principal
Under the DPDP Act, 2023 you have the right to:
- Access a summary of the personal data we hold about you and how we process it.
- Request correction or updating of inaccurate or incomplete data.
- Request erasure of your personal data (subject to the statutory retention noted above).
- Withdraw your consent at any time (this does not affect prior lawful processing).
- Nominate another individual to exercise your rights in case of death or incapacity.
- Grievance redressal — raise a complaint with our Grievance Officer (below).
To exercise any of these rights, use the “Request account / data deletion” option inside the App (Profile → Privacy), visit our Data Deletion page, or email us at srktaxaudit5@gmail.com. We respond within a reasonable period and in any case as required by law.
6. How we protect your data
- All data is transmitted over encrypted HTTPS / TLS connections.
- Passwords, OTPs and device PINs are stored only as salted bcrypt hashes — we cannot read them.
- Access to client data is restricted to authorised SRK staff on a need-to-know basis and is logged.
- Session authentication uses secure, HTTP-only cookies.
- Data is hosted on reputable cloud infrastructure with access controls and backups.
No method of transmission or storage is 100% secure, but we apply reasonable security practices appropriate to the sensitivity of tax and financial data. In the event of a personal-data breach, we will notify the Data Protection Board of India and affected users as required by the DPDP Act.
7. Grievance Officer
In accordance with the DPDP Act, 2023 and the IT Rules, you may contact our Grievance Officer for any privacy concern or to exercise your rights:
Grievance Officer: Sibi SRK
Firm: SRK TAX AUDIT
Address: Tuticorin, Tamil Nadu, India
Email: srktaxaudit5@gmail.com
Phone: +91 74180 40882
8. Changes to this policy
We may update this Privacy Policy from time to time. Material changes will be notified through the App or by email. The “Last updated” date at the top reflects the current version.
9. Contact us
SRK TAX AUDIT, Tuticorin, Tamil Nadu, India
Email: srktaxaudit5@gmail.com · Phone: +91 74180 40882
See also our Terms of Service and Data Deletion instructions.