Privacy Policy

Your privacy is our priority. Learn how we protect your data under India's DPDP Act 2023.

Last Updated: November 20, 2025

Privacy Policy

1. Introduction

This Privacy Policy describes how NAO Technologies Private Limited ("TaxNAO - a project of NAO Technologies", "we", "us", or "our") collects, uses, stores, and protects your personal data in accordance with the Digital Personal Data Protection Act, 2023 (DPDP Act) and other applicable Indian laws.

By using TaxNAO, you consent to the collection and use of your personal data as described in this Privacy Policy.

2. Data We Collect

2.1 Personal Information

  • Name, email address, phone number
  • PAN (Permanent Account Number)
  • GSTIN (for business clients)
  • Address and location data

2.2 Professional Information (for Chartered Accountants)

  • ICAI Membership Number
  • Professional credentials and certifications
  • Work experience and specializations
  • Profile photo and bio

2.3 Usage Data

  • IP address, browser type, device information
  • Pages visited, time spent on site
  • Referral source
  • Cookies and similar tracking technologies

2.4 Payment Information

  • Payment method details (processed securely by Razorpay)
  • Billing address
  • Transaction history

3. How We Use Your Data

We use your personal data for the following purposes:

  • Service Delivery: Facilitate connections between clients and Chartered Accountants
  • Account Management: Create and manage user accounts
  • Payments: Process subscription fees and service payments
  • Verification: Verify ICAI membership for Chartered Accountants
  • Communication: Send booking confirmations, notifications, and service updates
  • Compliance: Comply with tax regulations, ICAI requirements, and legal obligations
  • Improvement: Analyze usage patterns to improve our platform
  • Security: Detect and prevent fraud, abuse, and security threats

4. Data Storage and Security

Data Localization: Your personal data is stored on secure servers located in India (AWS Mumbai region) in compliance with Indian data protection requirements.

Data Retention: We retain your personal data for as long as your account is active, plus 7 years thereafter for tax compliance and audit purposes as required by Indian law.

Security Measures: We implement industry-standard security measures including:

  • Encryption of data in transit (SSL/TLS) and at rest
  • Access controls and authentication
  • Regular security audits and monitoring
  • Secure backup and disaster recovery

5. Data Sharing and Disclosure

5.1 With Chartered Accountants

When you book a service, we share necessary information (name, contact details, service requirements) with the Chartered Accountant you select to facilitate service delivery.

5.2 With Service Providers

We share limited data with trusted third-party service providers:

  • Razorpay: Payment processing (PCI-DSS compliant)
  • SendGrid: Transactional email delivery
  • AWS: Cloud hosting and storage (India region)
  • PostHog: Privacy-first analytics (anonymized data)

5.3 With Authorities

We may share data with:

  • ICAI: For verification of CA credentials
  • Tax Authorities: As required by law (GST, Income Tax Department)
  • Law Enforcement: When legally obligated (court orders, subpoenas)

5.4 We Do NOT Sell Your Data

We never sell, rent, or trade your personal data to third parties for marketing purposes.

6. Your Rights Under DPDP Act

Under the Digital Personal Data Protection Act, 2023, you have the following rights:

Right to Access

Request a copy of your personal data we hold

Right to Correction

Request correction of inaccurate or incomplete data

Right to Erasure

Request deletion of your data (subject to legal retention requirements)

Right to Data Portability

Request your data in a machine-readable format

Right to Withdraw Consent

Withdraw consent for data processing (may limit service access)

Right to Complain

Lodge a complaint with the Data Protection Board of India

To exercise your rights, contact us at: privacy@taxnao.com

We will respond to your request within 30 days.

7. Cookies and Tracking

We use cookies and similar technologies to:

  • Essential Cookies: Maintain your session, authentication, and preferences
  • Analytics Cookies: Understand usage patterns (Google Analytics, PostHog - anonymized)
  • Functional Cookies: Remember your language and location preferences

You can control cookies through your browser settings. Note that disabling essential cookies may limit site functionality.

8. Children's Privacy

TaxNAO is not intended for users under 18 years of age. We do not knowingly collect data from minors. If you believe we have collected data from a minor, please contact us immediately.

9. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be notified via email or prominent site notice. Continued use after changes constitutes acceptance of the updated policy.

Previous versions are archived and available upon request.

10. Contact Us

For Privacy-Related Inquiries:

NAO Technologies Private Limited
Block A, Connaught Place
Connaught Place
New Delhi, Delhi 110001
India

Email: privacy@taxnao.com

Phone: +91 11 1234 5678

Disclaimer

This Privacy Policy is provided for informational purposes and constitutes a good faith effort to comply with the Digital Personal Data Protection Act, 2023. It should be reviewed by a qualified legal professional before final publication. TaxNAO reserves the right to seek legal counsel for compliance verification.