Privacy Policy

Introduction

SSBA Innovations Limited ("SSBA", "Company", "we", "our" or "us"), operating under the brand name TaxBuddy, is committed to protecting the privacy and personal data of its clients, prospective clients, website visitors, users, advisers, service providers and other stakeholders.

​

We recognize the importance of maintaining the confidentiality, integrity and security of personal data entrusted to us and are committed to processing such data responsibly, transparently and in accordance with applicable law.

​

This Privacy Policy explains how SSBA collects, uses, stores, processes, shares, retains and protects personal data in connection with its websites, mobile applications, client portals, software platforms and services, including but not limited to:

​

• Income tax return preparation and filing;

• Tax planning and advisory services;

• Tax notice and scrutiny support services;

• Accounting and bookkeeping services;

• Financial planning and related advisory services;

• Client communication and document management services; and

• Other products and services offered by SSBA from time to time.

​

SSBA processes personal data in accordance with:

• The Digital Personal Data Protection Act, 2023;

• The Digital Personal Data Protection Rules, 2025;

• The Information Technology Act, 2000 (where applicable);

• Rules, regulations and notifications issued thereunder; and

• Other applicable laws and regulatory requirements.

​

For the purposes of the Digital Personal Data Protection Act, 2023, SSBA Innovations Limited acts as the Data Fiduciary in respect of Personal Data processed under this Privacy Policy.

​

To Whom This Privacy Policy Applies

This Privacy Policy applies to:

​

Clients

Individuals and entities that engage SSBA for services.

​

Prospective Clients

Individuals and entities that enquire about our services.

​

Website Visitors

Visitors to our websites, applications and digital platforms.

​

Registered Users

Users who create accounts on our platforms.

​

Advisers and Representatives

Individuals acting on behalf of clients or interacting with SSBA in a professional capacity.

​

Service Providers and Vendors

Persons and entities that provide services to or receive services from SSBA.

​

Beneficiaries and Authorized Persons

Persons whose information may be provided in connection with tax, compliance or advisory engagements.

For convenience, all such individuals are collectively referred to as "Users", "you" or "your" in this Privacy Policy.

​

 

How This Privacy Policy Works

This Privacy Policy explains:

​

• What personal data we collect;

• How we collect personal data;

• Why we collect personal data;

• How we use personal data;

• The legal basis on which personal data is processed;

• How personal data may be shared;

• How long personal data is retained;

• The rights available to Data Principals;

• How consent may be managed or withdrawn;

• How we protect personal data;

• How grievances may be raised; and

• How to contact us regarding privacy matters.

​

Personal Data We Collect

​

1. Identity Information​

Including:

​

• Full name;

• Father's name;

• Date of birth;

• PAN;

• Aadhaar number (where voluntarily provided or legally required);

• Passport information;

• DIN;

• GST registration details;

• Government-issued identification details;

• Signature and verification information.

​

2. Contact Information​

Including:

​

• Residential address;

• Business address;

• Email address;

• Mobile number;

• Telephone number;

• Communication preferences.

​

3. Tax and Financial Information​

Including:

​

• Income information;

• Salary details;

• Business income details;

• Capital gains information;

• Investment details;

• Asset and liability information;

• Deduction information;

• Tax payment details;

• Bank account information;

• IFSC and MICR details;

• Form 16;

• Form 26AS;

• AIS;

• TIS;

• Tax challans;

• Financial statements;

• Books of accounts;

• Accounting records.

​

4. Compliance and Regulatory Information​

Including:

​

• GST information;

• Payroll information;

• Company information;

• Partnership information;

• Trust information;

• Regulatory filings;

• KYC information;

• Statutory records.

​

5. Tax Notice and Scrutiny Information​

Where users engage us for tax notice or scrutiny services, we may collect:

​

• Tax notices;

• Assessment orders;

• Department communications;

• Responses submitted to authorities;

• Supporting documentation.

​

6. Communication Information​

Including:

​

• Emails;

• WhatsApp messages;

• SMS communications;

• Chat messages;

• Support requests;

• Feedback;

• Recorded telephone calls;

• Meeting notes;

• Correspondence history.

​

7. Technical Information​

Including:

​

• IP address;

• Browser type;

• Device information;

• Operating system;

• Log files;

• Cookie information;

• Usage analytics;

• Session information.

​

8. Information About Other Individuals​

Users may provide information relating to:

​

• Spouses;

• Children;

• Directors;

• Partners;

• Employees;

• Shareholders;

• Beneficiaries; or

• Other persons.

​

Users represent and warrant that they have obtained all necessary authority, consent or lawful basis required to provide such information to SSBA.

​

Sources of Personal Data

We may collect personal data:

​

Directly from Users​

Through:

​

• Website forms;

• Client onboarding;

• Service requests;

• Document uploads;

• Telephone calls;

• Email communications;

• WhatsApp communications;

• Meetings and consultations.

​

From Government and Regulatory Sources​

Where permitted by law, including:

​

• Income Tax Department portals;

• GST portals;

• MCA databases;

• Regulatory databases.

​

From Service Providers

Including KYC verification agencies, payment providers and other authorized service providers.

​

From Publicly Available Sources

Where lawfully available.

 

Why We Collect Personal Data

SSBA collects personal data only to the extent reasonably necessary for lawful purposes including:

​

Service Delivery

​

To provide:

​

• Tax preparation services;

• Tax filing services;

• Tax advisory services;

• Tax scrutiny support;

• Accounting services;

• Bookkeeping services;

• Financial planning services.

​

Identity Verification

To verify identity and prevent fraud.

​

Regulatory Compliance

To comply with legal, tax, regulatory and audit requirements.

​

Customer Support

To respond to enquiries and support requests.

​

Security

To protect users, systems and services.

​

Fraud Prevention

To detect and prevent unauthorized activity.

​

Quality Assurance

To improve service quality and user experience.

​

Payment Processing

To invoice and collect payments.

​

Legal Protection

To establish, exercise or defend legal rights.

 

How We Use Personal Data

SSBA uses personal data only for lawful purposes and only to the extent reasonably necessary to provide Services, comply with applicable legal obligations, protect legitimate business interests, maintain security, and improve user experience.

​

Personal data may be used for the following purposes:

​

Service Delivery

​

To provide, manage, administer and support Services, including:

​

• Income tax return preparation and filing;

• Tax planning and advisory services;

• Tax notice and scrutiny support services;

• Accounting and bookkeeping services;

• Payroll processing and compliance services;

• Financial planning and related advisory services;

• Document management and client portal services; and

• Other products and services offered by SSBA from time to time.

​

Identity Verification and KYC

To verify the identity of Users, validate information provided to us, comply with Know Your Customer (KYC) requirements and prevent unauthorized access, fraud or misuse of Services.

​

Processing Tax and Compliance Matters

To prepare, review, submit, manage and support tax filings, compliance filings, responses to notices, regulatory submissions and related activities on behalf of Users.

​

Communication and Support

To communicate with Users regarding Services, respond to enquiries, provide customer support, send service notifications, address grievances and manage ongoing engagements.

​

Security and Fraud Prevention

To protect Users, systems, networks and Services against unauthorized access, misuse, cyber threats, fraud, identity theft, financial crime and other security risks.

​

Payment Processing and Administration

To issue invoices, collect payments, maintain accounting records, process refunds where applicable and administer commercial relationships.

​

Legal and Regulatory Compliance

To comply with applicable laws, regulations, judicial orders, regulatory requirements, audit obligations and lawful requests from government authorities.

​

Service Improvement

To analyze usage patterns, improve operational efficiency, enhance service quality, develop new features and improve user experience.

​

Protection of Rights

To establish, exercise or defend legal claims, protect contractual rights, investigate disputes and enforce agreements.

​

SSBA shall not process personal data for purposes that are incompatible with the purposes for which such personal data was collected, except where permitted or required by applicable law.

 

Consent and Consent Management

Where required under applicable law, SSBA shall obtain consent from Users through clear affirmative action before processing personal data for specified purposes.

​

Consent may be obtained through one or more of the following methods:

• Acceptance of Terms of Service or Privacy Policy;

• Selection of consent checkboxes;

• Submission of online forms;

• Account registration;

• Uploading documents for processing;

• Electronic acknowledgements;

• Written instructions;

• Email confirmations; or

• Other consent mechanisms made available by SSBA.

​

By providing personal data, creating an account, engaging SSBA for Services, uploading documents, submitting forms or otherwise interacting with our Platforms, Users acknowledge and consent to the collection, use, storage and processing of personal data as described in this Privacy Policy and applicable law.

​

Withdrawal of Consent

​

Where processing is based on consent, Users may withdraw such consent at any time by:

• Sending a request to privacy@taxbuddy.com; 

• Contacting SSBA through designated communication channels;

• Updating consent preferences through available account settings (where applicable); or

• Following any consent withdrawal mechanism provided by SSBA.

​

Withdrawal of consent shall not affect the lawfulness of processing undertaken prior to such withdrawal.

​

Users acknowledge that withdrawal of consent may limit, restrict or prevent SSBA from providing certain Services where personal data processing is necessary for:

• Service delivery;

• Contractual performance;

• Security requirements;

• Fraud prevention;

• Legal compliance;

• Regulatory obligations; or

• Record retention requirements.

​

SSBA may continue to process personal data where such processing is permitted or required under applicable law notwithstanding withdrawal of consent.

​

Communications and Marketing

Service Communications

​

SSBA may communicate with Users through various channels including:

• Email;

• SMS;

• WhatsApp;

• Telephone calls;

• Client portal notifications;

• Mobile application notifications; and

• Other electronic communication channels.

​

Such communications may include:

• Service updates;

• Filing status notifications;

• Compliance reminders;

• Tax deadlines;

• Payment confirmations;

• Security alerts;

• Customer support communications;

• Regulatory disclosures; and

• Account administration messages.

​

Users acknowledge that such communications are an integral part of the Services and may continue to be sent where necessary for service delivery, contractual obligations, security or legal compliance.

​

Marketing Communications

​

Subject to applicable law, SSBA may send promotional, educational, informational or marketing communications relating to its products, services, events, webinars, updates and offerings.

​

Users may opt out of receiving promotional or marketing communications at any time by:

• Clicking the unsubscribe link included in marketing emails;

• Sending an opt-out request to privacy@taxbuddy.com; 

• Updating communication preferences where available; or

• Following instructions contained in the communication.

​

SSBA shall make reasonable efforts to process such opt-out requests within a reasonable period.

​

Opting out of marketing communications shall not affect the delivery of service-related, security-related, compliance-related or legally required communications.

​

WhatsApp, Email and Electronic Communications

Users may choose to communicate with SSBA through email, WhatsApp, client portals, web forms and other electronic communication channels.

​

By communicating through such channels, Users acknowledge and agree that:

• Electronic communications may be retained as business records;

• Communications may be stored and processed for service delivery, quality assurance, compliance, audit and dispute resolution purposes;

• Information transmitted electronically may be subject to risks inherent in electronic communication systems;

• SSBA may rely upon instructions, requests and information received through authorized communication channels where reasonably believed to originate from the User or an authorized representative.

​

Users should avoid sharing highly sensitive credentials, passwords, OTPs or authentication information through unsecured channels.

​

While SSBA implements reasonable safeguards to protect communications, no electronic communication system can be guaranteed to be completely secure and users acknowledge the risks associated with electronic transmission of information.

​

Call Recording and Monitoring

SSBA may monitor, record and retain telephone calls, video calls and other voice communications involving Users.

​

Call recordings may be used for purposes including:

​

• Quality assurance;

• Training and staff development;

• Service improvement;

• Customer support;

• Verification of instructions;

• Dispute resolution;

• Fraud prevention;

• Security investigations;

• Regulatory compliance; and

• Legal proceedings.

​

Recordings may be retained for periods considered reasonably necessary for the purposes described above or as required by law.

​

By participating in calls with SSBA, Users acknowledge and consent to such monitoring and recording to the extent permitted by applicable law.

 

Sharing of Personal Data

SSBA does not sell personal data to third parties.

​

Personal data may be shared only where reasonably necessary for service delivery, legal compliance, operational requirements, security purposes or other lawful purposes.

​

Within SSBA

​

Personal data may be accessed by authorized employees, consultants, contractors and personnel who require access to perform their duties.

​

Access is restricted on a need-to-know basis and subject to confidentiality obligations.

​

Service Providers and Processors

SSBA may share personal data with authorized third-party service providers including:

• Technology service providers;

• Cloud and hosting providers;

• Communication providers;

• Payment processors;

• Customer support providers;

• Security providers;

• KYC verification providers;

• Document processing providers; and

• Other service providers supporting the operation of Services.

​

Such service providers are required to implement appropriate safeguards and process personal data only in accordance with contractual obligations and applicable law.

​

Government Authorities and Regulators

SSBA may disclose personal data to:

• Income Tax Department;

• Goods and Services Tax authorities;

• Regulatory authorities;

• Courts and tribunals;

• Law enforcement agencies;

• Statutory authorities; and

• Other governmental bodies,

​

where required by law, regulation, judicial order or lawful request.

​

Professional Advisers

Personal data may be shared with legal advisers, auditors, accountants, consultants and other professional advisers where necessary for business, compliance or legal purposes.

​

Business Transfers

In connection with mergers, acquisitions, restructuring transactions, business transfers or similar corporate transactions, personal data may be transferred to the extent reasonably necessary, subject to applicable law.

​

Protection of Rights

SSBA may disclose personal data where necessary to:

• Protect the rights, property or safety of SSBA;

• Protect Users or third parties;

• Prevent fraud or unlawful activity;

• Enforce agreements; or

• Establish, exercise or defend legal claims.

​

SSBA shall take reasonable steps to ensure that personal data shared with third parties is protected through appropriate contractual, organizational and technical safeguards.

​

Cookies and Tracking Technologies

Use of Cookies

SSBA's websites, applications and digital platforms may use cookies, web beacons, pixel tags, log files and similar technologies to improve functionality, enhance user experience, maintain security, analyze usage patterns and support service delivery.

​

Cookies are small text files stored on a user's device that enable websites and applications to recognize devices, remember preferences and improve functionality.

​

Types of Cookies We Use

Essential Cookies

These cookies are necessary for the operation of our websites and services and may be used to:

• Maintain user sessions;

• Authenticate users;

• Protect against unauthorized access;

• Enable secure navigation; and

• Support core website functionality.

​

Without these cookies, certain services or website features may not function properly.

​

Functional Cookies

These cookies help remember user preferences and improve user experience, including:

• Language preferences;

• Login preferences;

• Portal settings; and

• User interface customizations.

​

Analytics Cookies

These cookies help us understand how visitors interact with our websites and services by collecting information relating to:

• Website traffic;

• Visitor behavior;

• Feature usage;

• Performance metrics; and

• Service improvement opportunities.

​

Analytics information is generally aggregated and used for statistical purposes.

Security Cookies

Security-related cookies may be used to:

• Detect suspicious activity;

• Prevent fraud;

• Maintain system integrity;

• Protect user accounts; and

• Support cybersecurity controls.

​

Log Files and Technical Information

Like many online platforms, SSBA may automatically collect certain technical information including:

• IP addresses;

• Browser type;

• Device information;

• Internet service provider information;

• Operating system information;

• Referring and exit pages;

• Access timestamps;

• Session information; and

• Usage statistics.

​

Such information may be used for security, diagnostics, analytics and service improvement purposes.

​

Pixel Tags and Similar Technologies

SSBA may use pixel tags, web beacons and similar technologies to:

• Measure website performance;

• Analyze communication effectiveness;

• Improve user experience;

• Support security monitoring; and

• Understand engagement with content.

​

Third-Party Analytics

SSBA may use third-party analytics providers to help understand website usage and improve services.

​

Such providers may process technical and usage information in accordance with their own privacy policies and applicable legal requirements.

​

Cookie Controls

Users may manage cookies through browser settings or device controls.

Users may choose to:

• Accept cookies;

• Reject cookies;

• Delete cookies; or

• Configure browser settings regarding cookies.

​

Disabling certain cookies may affect the availability or functionality of certain website features.

​

By continuing to use SSBA websites where cookies are enabled, Users acknowledge the use of cookies and similar technologies as described in this Privacy Policy.
 

Information Security and Protection of Personal Data

​

SSBA recognizes the importance of maintaining the confidentiality, integrity and availability of personal data and implements administrative, technical and organizational measures designed to protect personal data against unauthorized access, disclosure, alteration, destruction, misuse, loss or theft.

​

Security Measures

Such measures may include:

• Role-based access controls;

• User authentication mechanisms;

• Multi-factor authentication where appropriate;

• Encryption of data in transit and at rest where feasible;

• Network security controls;

• Security monitoring and logging;

• Vulnerability management processes;

• Backup and disaster recovery mechanisms;

• Incident response procedures; and

• Employee awareness and training programs.

​

Access Controls

Access to personal data is restricted to authorized personnel who require such access for legitimate business purposes and performance of their duties.

​

Personnel handling personal data are subject to confidentiality obligations and internal security requirements.

​

User Responsibilities

Users are responsible for:

• Maintaining the confidentiality of account credentials;

• Protecting passwords and authentication information;

• Securing devices used to access Services;

• Promptly reporting suspected unauthorized access or security incidents.

​

No Absolute Security Guarantee

While SSBA employs commercially reasonable safeguards, no information system, communication network or method of electronic transmission can be guaranteed completely secure.

​

Accordingly, SSBA does not warrant that unauthorized access, cyber incidents, data breaches or security failures can be completely prevented.

​

Data Localization and Cross-Border Processing

SSBA's operational objective is to store and process personal data within India.

Personal data collected through SSBA's platforms and services is primarily stored and processed using infrastructure located within India.

​

Authorized Service Providers

SSBA may engage technology providers, communication providers, cloud service providers, software providers and other authorized vendors to support the delivery of Services.

​

Where any such provider processes limited personal data outside India, such processing shall occur only:

• In accordance with applicable law;

• Subject to appropriate contractual safeguards;

• Subject to reasonable security controls; and

• Only to the extent necessary for the provision of Services.

​

Compliance with Applicable Law

SSBA shall take reasonable steps to ensure that any processing undertaken by authorized service providers maintains an appropriate level of protection for personal data and complies with applicable legal requirements.

​

Data Retention

SSBA retains personal data only for as long as reasonably necessary to fulfill the purposes for which such data was collected and processed.

​

Retention periods may vary depending upon:

• Nature of Services provided;

• Legal requirements;

• Regulatory requirements;

• Tax obligations;

• Audit requirements;

• Contractual obligations;

• Dispute resolution requirements; and

• Security and fraud prevention considerations.

​

Retention Purposes

Personal data may be retained for purposes including:

• Completion of service engagements;

• Compliance with tax and accounting requirements;

• Record retention obligations;

• Regulatory inspections and audits;

• Investigation of complaints and disputes;

• Enforcement of agreements;

• Protection of legal rights; and

• Business continuity requirements.

​

Deletion and Disposal

Upon expiry of applicable retention periods, personal data may be:

• Deleted;

• Anonymized;

• Archived where legally required; or

• Securely destroyed,

​

in accordance with internal policies and applicable law.

​

Where Users request erasure of personal data, SSBA may retain information to the extent necessary to comply with legal, regulatory, audit, fraud prevention, security or record-retention obligations.

​

Data Principal Rights

Subject to applicable law, Users may exercise rights relating to their personal data.

Right to Access Information

Users may request information regarding:

• Personal data being processed;

• Processing activities undertaken;

• Categories of personal data processed;

• Purpose of processing; and

• Other information available under applicable law.

​

Right to Correction and Updating

Users may request correction, completion or updating of inaccurate, incomplete or outdated personal data.

​

Right to Erasure

Users may request erasure of personal data where retention is no longer necessary and where applicable law does not require continued retention.

​

Right to Withdraw Consent

Where processing is based on consent, Users may withdraw such consent in accordance with this Privacy Policy.

​

Right to Grievance Redressal

Users may raise concerns, complaints or grievances regarding the processing of personal data.

​

Right to Nominate

Users may nominate another individual to exercise rights relating to their personal data in the event of death or incapacity.

​

Exercise of Rights

Requests may be submitted through:

privacy@taxbuddy.com 

or through other channels made available by SSBA.

SSBA may take reasonable steps to verify identity before processing requests.

SSBA shall address requests in accordance with applicable legal requirements and timelines.

​

Nomination Rights

In accordance with applicable law, Users may nominate another individual to exercise rights relating to personal data in the event of the User's death or incapacity.

​

SSBA may require reasonable information and documentation to:

• Verify the identity of the nominee;

• Verify the validity of the nomination;

• Verify the occurrence of circumstances giving rise to the nominee's authority; and

• Prevent fraud, misuse or unauthorized access.

​

SSBA reserves the right to seek additional documentation where reasonably necessary to process nomination-related requests.

​

Withdrawal of Consent

Where personal data processing is based on consent, Users may withdraw consent at any time.

Users may withdraw consent by:

• Sending an email to privacy@taxbuddy.com; 

• Contacting SSBA through designated communication channels;

• Updating preferences through available account settings; or

• Following other withdrawal mechanisms made available by SSBA.

​

Withdrawal of consent shall not affect:

• Processing undertaken prior to withdrawal;

• Processing required for legal compliance;

• Processing required for security or fraud prevention;

• Processing required for dispute resolution; or

• Processing otherwise permitted under applicable law.

​

Users acknowledge that withdrawal of consent may limit, restrict or prevent SSBA from providing certain Services where processing of personal data is necessary for service delivery.

​

AI-Assisted Processing and Automation​

SSBA may utilize artificial intelligence (AI), machine learning technologies, optical character recognition (OCR), automated data extraction tools and other automation technologies to support the delivery of Services, improve operational efficiency, assist in document processing, facilitate customer support, enhance compliance workflows and improve user experience.

​

Such technologies may be used for purposes including:

​

• Extraction of information from documents and forms;

• Categorization and organization of data;

• Preparation of draft responses, reports and summaries;

• Workflow automation;

• Fraud detection and risk monitoring;

• Customer support and service assistance; and

• Other operational and service-related purposes.

​

While SSBA may use automated technologies to support service delivery, Users acknowledge that automated outputs may contain inaccuracies, omissions or errors.

​

Users remain solely responsible for reviewing, verifying and approving all information, filings, reports, recommendations, responses and other deliverables before reliance upon or submission to any authority, regulator, institution or third party.

SSBA may apply human review and validation processes where considered appropriate but shall not be obligated to do so in every case.

​

SSBA does not guarantee that information generated, extracted or processed through AI-assisted or automated systems will be accurate, complete or error-free.

​

Personal Data Breaches

SSBA maintains procedures designed to identify, assess, respond to and mitigate actual or suspected personal data breaches.

​

In the event SSBA becomes aware of a personal data breach involving personal data processed by SSBA, SSBA shall take reasonable measures to:

• Contain and investigate the incident;

• Assess the nature and extent of the breach;

• Mitigate potential harm;

• Restore affected systems and services where appropriate; and

• Comply with applicable legal and regulatory obligations.

​

Where required under applicable law, SSBA shall notify the Data Protection Board of India and affected Data Principals as soon as practicable after becoming aware of a reportable personal data breach and in accordance with applicable legal requirements.

​

Nothing in this Privacy Policy shall be construed as creating a guarantee that personal data breaches, cyber incidents or unauthorized access can be entirely prevented.

 

Children's Personal Data

SSBA's Services are intended primarily for individuals who are eighteen (18) years of age or older and are legally competent to enter into binding agreements.

​

SSBA does not knowingly collect personal data from children except where:

• Such collection is permitted under applicable law;

• Necessary for the provision of Services requested by a parent, guardian or authorized representative; or

• Otherwise lawfully permitted or required.

​

Where SSBA becomes aware that personal data has been collected from a child in a manner inconsistent with applicable law, SSBA may take reasonable steps to delete, restrict or otherwise appropriately process such information.

​

Parents, guardians or lawful representatives who believe that personal data relating to a child has been provided to SSBA may contact SSBA using the contact details provided in this Privacy Policy.

​

Third-Party Websites and Services

SSBA's websites, applications, communications and Services may contain links to third-party websites, platforms, applications or services that are not owned, operated or controlled by SSBA.

​

SSBA does not control and is not responsible for:

• The privacy practices of third parties;

• The content of third-party websites;

• The security measures implemented by third parties; or

• The collection, use, storage or disclosure of personal data by third parties.

​

Users who access third-party websites or services do so at their own discretion and are encouraged to review the applicable privacy policies, terms of use and security practices of such third parties before providing personal information.

​

The inclusion of a link or integration does not imply endorsement, approval or responsibility by SSBA for any third-party website, service or content.

​

Changes to this Privacy Policy

SSBA may amend, update, modify or replace this Privacy Policy from time to time to reflect:

• Changes in applicable law;

• Regulatory requirements;

• Business operations;

• Technology changes;

• Service enhancements; or

• Other legitimate business requirements.

​

Updated versions of this Privacy Policy shall be published through appropriate channels, including SSBA's websites, applications, client portals or other communication mechanisms.

​

Unless otherwise stated, revisions shall become effective upon publication.

​

Users are encouraged to periodically review this Privacy Policy to remain informed regarding how personal data is collected, used and protected.

​

Continued use of SSBA's Services following publication of an updated Privacy Policy may constitute acknowledgment of the revised Privacy Policy to the extent permitted by applicable law.

 

Grievance Redressal

SSBA is committed to addressing concerns relating to privacy, personal data processing and the exercise of rights available under applicable law.

​

Users may submit requests or grievances relating to:

• Access to personal data;

• Correction, completion or updating of personal data;

• Erasure requests;

• Withdrawal of consent;

• Nomination requests;

• Data processing concerns;

• Security incidents; or

• Any other privacy-related matter.

​

Requests and grievances may be submitted through the contact details specified in this Privacy Policy.
 

SSBA shall acknowledge and address grievances, privacy requests and other data protection requests within the timelines prescribed under applicable law.

​

Where a User remains dissatisfied with the resolution provided by SSBA, the User may avail themselves of remedies available under applicable law.

​

Contact Information

For questions regarding this Privacy Policy, privacy matters, personal data processing, consent withdrawal, Data Principal rights, nomination requests or grievance redressal, Users may contact:

​

SSBA Innovations Limited

1309, Lodha Supremus

Saki Vihar Road, Powai

Mumbai – 400072, Maharashtra, India

 

General Support: support@taxbuddy.com

Privacy and Data Protection Requests: privacy@taxbuddy.com

Grievance Officer: grievance@taxbuddy.com

Telephone: +91 22 4602 5465

​

Users may exercise rights available under applicable law, including requests for access, correction, updating, erasure of personal data (where applicable), withdrawal of consent, nomination requests and grievance submissions, by contacting SSBA through the channels listed above and providing sufficient information to enable verification of identity and processing of the request.