Privacy Policy|Finman Taxes

Privacy Policy

FINMAN TAXES MARKETPLACE


Privacy Policy

At Finman Tax Marketplace ("Finman", "we", "us", or "our"), we deeply respect your privacy and are committed to protecting the personal, financial, and professional data you share with us. This Privacy Policy explains how we collect, use, store, share, and protect your information when you access or use our Platform — the world's first dedicated marketplace for tax, accounting, and business solutions.

This Privacy Policy applies to all Users of the Platform, including Clients and Service Providers (Chartered Accountants, tax consultants, and business advisors). By registering or using the Platform, you consent to the practices described in this Policy. If you do not agree, please discontinue use of the Platform immediately.
This Policy is compliant with the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 ("SPDI Rules"), and applicable data protection standards in India.

1. Information We Collect
We collect information to provide, improve, and secure our Platform and services. The categories of information we collect are:
1.1 Information You Provide Directly
 • Full name, date of birth, gender, and photograph
 • Email address, mobile number, and residential/business address
 • Government-issued identity documents (PAN, Aadhaar, Passport, Voter ID)
 • Professional credentials — CA membership number, ICAI registration, tax consultant registration
 • Bank account details, UPI ID, or payment card information for transactions
 • GST registration number, company CIN, or other business identifiers
 • Portfolio, work samples, certifications, and professional biography
 • Communications, messages, and proposals exchanged on the Platform
 • Reviews, ratings, and feedback submitted on the Platform
1.2 Information Collected Automatically
 • IP address, device type, operating system, and browser information
 • Pages visited, features used, time spent, and clickstream data
 • Search queries, filters applied, and job categories browsed
 • Location data (with your permission) to show relevant local professionals
 • Cookies, web beacons, and similar tracking technologies
 • Session tokens and authentication logs
1.3 Information from Third Parties
 • Verification data from government databases (DigiLocker, MCA21, GSTIN portal)
 • Payment information from payment gateway partners (Razorpay, PayU, etc.)
 • Social login data if you register via Google or LinkedIn
 • Professional background checks from authorized verification agencies
1.4 Sensitive Personal Data or Information (SPDI)
In accordance with the SPDI Rules, certain categories of data we process are classified as Sensitive Personal Data, including:
 • Financial information: bank account numbers, credit/debit card details, income data
 • Tax-related data: income tax returns, GST data, financial statements
 • Biometric data used for identity verification (where applicable)
 • Health or medical information (only where required for specific advisory services)
We collect SPDI only with your explicit consent and handle it with additional safeguards.

2. How We Use Your Information
We use the information collected for the following purposes:
2.1 Platform Operations
 • To register, verify, and manage your account
 • To facilitate matching between Clients and Service Providers
 • To process payments, refunds, and escrow transactions
 • To enable messaging, proposals, and Engagement management
 • To issue invoices and generate financial records
2.2 Professional Verification
 • To verify Chartered Accountant credentials with ICAI
 • To authenticate business registrations via MCA and GST portals
 • To conduct background checks and credential validation for Service Providers
 • To display verified badges on Service Provider profiles
2.3 Platform Improvement
 • To analyze usage patterns and improve Platform features
 • To develop new services, tools, and matching algorithms
 • To conduct research, surveys, and user feedback analysis
 • To test, debug, and maintain Platform security
2.4 Communications
 • To send transactional emails (Engagement updates, payment receipts, invoices)
 • To send service-related notifications and alerts
 • To send newsletters, Platform updates, and promotional offers (with consent)
 • To respond to your support queries and complaints
2.5 Legal and Compliance
 • To comply with applicable Indian laws, including income tax, GST, and Companies Act
 • To respond to regulatory inquiries, court orders, or lawful government requests
 • To detect, investigate, and prevent fraud, money laundering, and Platform abuse
 • To enforce our Terms and Conditions and Platform policies

3. Legal Basis for Processing
We process your data on the following legal grounds:
 • Consent: Where you have given explicit consent (e.g., marketing communications, SPDI collection)
 • Contractual Necessity: Where processing is required to fulfil our agreement with you as a Platform User
 • Legal Obligation: Where we are required to process data to comply with Indian law
 • Legitimate Interest: Where processing is necessary for our legitimate business interests (e.g., fraud prevention, Platform security, improvement of services), provided such interests do not override your rights

4. Sharing of Your Information
We do not sell your personal data. We may share your information in the following limited circumstances:
4.1 With Other Users
 • Client profile information is shared with Service Providers during the proposal and Engagement process
 • Service Provider profile, credentials, ratings, and portfolio are visible to Clients
 • Engagement details, deliverables, and communications are shared between the parties to that Engagement
4.2 With Service Partners
 • Payment gateways (Razorpay, PayU, HDFC Payment Services) for transaction processing
 • Cloud infrastructure providers (AWS, Google Cloud) for secure data hosting
 • Communication service providers for email and SMS notifications
 • Identity and credential verification agencies authorized by law
 • Analytics platforms for aggregate usage analysis (data is anonymized where possible)
4.3 With Regulatory and Legal Authorities
 • To comply with any applicable law, regulation, court order, or legal process
 • To respond to requests from the Income Tax Department, GST authorities, SEBI, RBI, or other statutory bodies
 • To investigate fraud, security incidents, or violations of our Terms
4.4 Business Transfers
In the event of a merger, acquisition, restructuring, or sale of assets, your data may be transferred to the acquiring entity, subject to the same privacy protections as this Policy.
4.5 With Your Consent
We may share your data with third parties not listed above where you have provided explicit, informed consent for such sharing.

5. Data Retention
We retain your data only for as long as necessary to fulfil the purposes described in this Policy, or as required by applicable law. The following retention periods apply:
 • Account data: Retained for the duration of your account and for 5 years after account closure
 • Transaction and financial records: Retained for 8 years as required under Indian accounting and tax laws
 • Professional credentials: Retained for the period of active Service Provider registration plus 5 years
 • Communication logs: Retained for 3 years for dispute resolution purposes
 • Legal holds: Data subject to regulatory investigation or litigation will be retained until the matter is resolved
Upon expiry of the applicable retention period, data is securely deleted or anonymized.

6. Cookies and Tracking Technologies
We use cookies and similar technologies to enhance your experience on the Platform. The types of cookies we use include:
 • Essential Cookies: Required for Platform functionality (login sessions, security tokens)
 • Performance Cookies: Collect anonymous data on Platform usage to help us improve
 • Functional Cookies: Remember your preferences and settings
 • Analytics Cookies: Track page views, feature usage, and user journeys (via Google Analytics)
 • Marketing Cookies: Used with your consent to deliver relevant advertisements
You can manage cookie preferences through your browser settings. Disabling essential cookies may affect Platform functionality. For detailed information, refer to our Cookie Policy available on the Platform.

7. Data Security
We implement industry-standard technical, organizational, and administrative security measures to protect your data from unauthorized access, disclosure, alteration, or destruction. Our security practices include:
 • 256-bit SSL/TLS encryption for all data transmitted on the Platform
 • AES-256 encryption for sensitive data at rest
 • Multi-factor authentication for account access
 • Role-based access controls limiting internal data access
 • Regular penetration testing and vulnerability assessments
 • ISO 27001-aligned information security management practices
 • 24/7 security monitoring and incident response protocols
 • Annual third-party security audits
While we employ robust security measures, no system is completely immune to breaches. In the event of a data breach affecting your rights, we will notify you and relevant authorities as required by law within 72 hours of becoming aware.

8. Your Rights and Choices
As a User of our Platform, you have the following rights with respect to your personal data:
8.1 Right to Access
You may request a copy of the personal data we hold about you at any time by contacting privacy@finmantax.com. We will respond within 30 days.
8.2 Right to Correction
You may update or correct inaccurate personal data directly through your account settings or by contacting us.
8.3 Right to Deletion
You may request deletion of your personal data, subject to our legal obligations to retain certain records. We will process deletion requests within 30 days of verification.
8.4 Right to Withdraw Consent
Where processing is based on your consent, you may withdraw it at any time. Withdrawal does not affect the lawfulness of processing prior to withdrawal.
8.5 Right to Opt Out of Marketing
You may opt out of receiving marketing communications at any time by clicking the unsubscribe link in any email or adjusting your notification preferences in account settings.
8.6 Right to Data Portability
You may request your data in a structured, machine-readable format for transfer to another service. We will provide this within 30 days where technically feasible.
8.7 Right to Grievance Redressal
If you have concerns about how your data is processed, you may contact our Grievance Officer (details in Section 14). We will acknowledge your complaint within 24 hours and resolve it within 30 days.

9. Children's Privacy
The Finman Tax Marketplace is not intended for use by individuals under the age of 18. We do not knowingly collect personal data from minors. If we become aware that we have inadvertently collected data from a minor, we will take immediate steps to delete such data. Parents or guardians who believe their child has provided data to us should contact privacy@finman.com.

10. Cross-Border Data Transfers
Your data is primarily stored and processed in India on servers located within Indian territory in compliance with applicable law. In limited cases (such as use of international cloud infrastructure), data may be transferred to servers outside India. In all such cases, we ensure that appropriate safeguards, including standard contractual clauses and data processing agreements, are in place to protect your data.

11. Third-Party Links and Services
The Platform may contain links to third-party websites or integrate with third-party services (such as government tax portals, payment gateways, or cloud storage). These third parties operate under their own privacy policies, and Finman is not responsible for their data practices. We encourage you to review the privacy policies of any third-party services you access through the Platform.

12. Professional Data Handled by Service Providers
Service Providers on the Platform may access Client financial data, tax records, and business information in the course of delivering services. All Service Providers are contractually bound to:
 • Process Client data solely for the purpose of the agreed Engagement
 • Maintain strict confidentiality of all Client information
 • Not retain Client data beyond the period reasonably required for service delivery
 • Comply with all applicable data protection and professional confidentiality laws
 • Report any suspected data breach involving Client information to Finman immediately
Service Providers act as independent data processors with respect to Client data, and are solely responsible for their own compliance with applicable data protection laws.

13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our data practices, legal requirements, or Platform features. The updated Policy will be posted on the Platform with a revised effective date. Material changes will be communicated to registered Users via email or in-app notification at least 15 days before the change takes effect. Your continued use of the Platform after the effective date constitutes acceptance of the updated Policy.

14. Contact Us & Grievance Officer
In accordance with the Information Technology Act, 2000 and the SPDI Rules, we have designated a Grievance Officer to address privacy-related concerns:

Grievance Officer
Finman Tax Marketplace
Email: grievance@ca.finmantax.com
Privacy Queries: privacy@ca.finmantax.com
General Support: support@ca.finmantax.com
Website: www.finmantax.com
Registered Office: GNR Arcade, No. 888, 3rd Phase, J. P. Nagar, Bengaluru, Karnataka 560078

Response Time: Within 24 hours of receipt; resolution within 30 days