Bank-Grade Security & Privacy

Privacy Policy

Your trust is our foundation. Learn how Share My CA protects your sensitive financial data with industry-leading security measures and transparent privacy practices.

Last Updated: January 1, 2025
GDPR Compliant
Information We Collect How We Use Your Data Data Sharing Security Measures Your Rights Contact DPO

At Share My CA, we understand that Chartered Accountants handle some of the most sensitive financial information. This Privacy Policy explains how we collect, use, protect, and share information when you use our platform, ensuring complete transparency in our data handling practices.

Important Notice

This policy applies to all users of Share My CA, including Chartered Accountants, their clients, and any third parties accessing our platform with proper authorization.

1. Information We Collect

Personal Information

CA Professional Data:

  • Full name, ICAI membership number, professional address
  • Contact information (email, phone, business address)
  • Professional certifications and practice details
  • Bank account details for billing purposes

Client Information:

  • Basic identification data (name, contact details)
  • Financial documents and tax records
  • Business registration information
  • Communication preferences and history

Technical Information

Usage Data:

  • Login times and session duration
  • Features accessed and frequency of use
  • Document upload/download activities
  • Communication patterns within the platform

Device Information:

  • IP address and browser type
  • Device identifiers and operating system
  • Screen resolution and device capabilities
  • Location data (for security purposes only)

2. How We Use Your Data

Service Provision & Platform Functionality

Core Services:

  • Secure document storage and sharing
  • Client communication facilitation
  • Task and deadline management
  • Practice management tools

Account Management:

  • User authentication and authorization
  • Billing and subscription management
  • Technical support and troubleshooting
  • Platform improvement and optimization

Legal & Compliance Purposes

Regulatory Compliance:

Meeting ICAI guidelines, tax regulations, and financial reporting requirements

Legal Obligations:

Responding to court orders, government requests, and regulatory inquiries

Audit & Record Keeping:

Maintaining records as required by law and professional standards

3. Data Sharing and Disclosure

Our Commitment

We do not sell, rent, or trade your personal information to third parties for commercial purposes. Any data sharing is strictly limited to the scenarios outlined below and is always done with appropriate safeguards to protect your privacy and security.

With Your Consent

  • When you authorize specific integrations with third-party accounting software
  • When you grant access to team members or associates in your practice
  • When you share documents or information with clients through the platform

Legal Requirements

  • Court orders or legal process requiring disclosure
  • Tax authorities or regulatory bodies with legitimate requests
  • Emergency situations to prevent fraud or protect safety

Trusted Service Providers

We work with carefully vetted third-party service providers who help us deliver and improve our services. These providers are bound by strict contractual obligations to protect your data.

Cloud Infrastructure

Secure hosting and data storage providers

Payment Processing

PCI-compliant billing and payment services

Communication

Email and messaging service providers

4. Security Measures

Bank-Grade Security Architecture

Your data is protected by the same security standards used by major financial institutions worldwide.

AES-256 Encryption

Military-grade encryption for all data

SSL/TLS 1.3

Secure data transmission

Multi-Factor Auth

Additional security layers

24/7 Monitoring

Continuous threat detection

Data Protection

End-to-End Encryption

All documents encrypted before storage

Data Backup & Recovery

Multiple redundant backups across secure locations

Access Controls

Role-based permissions and audit trails

Infrastructure Security

Secure Data Centers

ISO 27001 certified facilities in India

Network Security

Firewalls, DDoS protection, intrusion detection

Regular Security Audits

Third-party penetration testing and vulnerability assessments

5. Your Rights and Choices

Your Data, Your Rights

You have comprehensive control over your personal information. These rights are protected under Indian data protection laws and GDPR for international clients.

Access & Transparency

Right to Access

Request a complete copy of all personal data we hold about you

Data Portability

Export your data in a structured, machine-readable format

Transparency

Detailed information about how your data is being used

Control & Correction

Right to Rectification

Correct any inaccurate or incomplete personal data

Data Deletion

Request deletion of your data (subject to legal obligations)

Processing Restrictions

Limit how we process your data in specific circumstances

Data Retention Policy

Data Type Retention Period Reason
Client Financial Documents 7 years after last transaction Legal & regulatory requirements
Communication Records 3 years after account closure Professional practice standards
Account Information 1 year after account deletion Billing and support purposes
Usage Analytics 2 years from collection Service improvement

Frequently Asked Privacy Questions

Contact Our Data Protection Officer

Priya Sharma

Data Protection Officer

CIPP/E Certified Privacy Professional

Email

privacy@sharemyca.com

Direct Phone

+91 261 402 8686

Response Time

Within 48 hours

Available for:

  • • Privacy rights requests
  • • Data protection concerns
  • • Compliance questions
  • • Privacy policy clarifications

Quick Privacy Inquiry

Secure Communication

All privacy inquiries are handled through encrypted channels and treated with highest confidentiality.

Legal Compliance & Certifications

Share My CA adheres to the highest standards of data protection and privacy compliance.

GDPR Compliant

Full compliance with European data protection regulations

ICAI Guidelines

Adherence to Institute of Chartered Accountants of India standards

PCI DSS

Payment Card Industry Data Security Standards certified

ISO 27001

Information security management system certified

Policy Updates & Changes

How We Handle Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or business operations. When we make significant changes, we will notify you through:

  • Email notification to registered users
  • In-app notifications when you next log in
  • Prominent notice on our website
  • For material changes, we may require your explicit consent

Current Version: 2.1 (Effective January 1, 2025)
Previous Update: December 1, 2024 - Enhanced GDPR compliance and client rights clarification
Next Review: June 1, 2025