Information We Collect
When you use our website, contact us for a consultation, or engage our professional services, we may collect the following categories of information:
Personal Identity
Full name, date of birth, PAN, Aadhaar number, passport details, and photograph where required for compliance.
Contact Details
Mobile number, email address, residential and business address, and PIN code.
Financial Information
Income details, bank account particulars, investment records, GST registration data, and tax filing history — solely for delivering our CA services.
Technical Data
IP address, browser type, device information, pages visited, referring URLs, and session duration via cookies.
Communication Data
Messages submitted via our contact form, WhatsApp, email enquiries, and records of calls for service quality.
Uploaded Documents
Tax documents, financial statements, government-issued certificates, and other files uploaded for professional processing.
🔵 Sensitive Personal Data: Financial records, PAN, Aadhaar, and income details are classified as sensitive personal data under India's DPDP Act, 2023. We collect these only with your explicit consent and solely for the purpose of delivering contracted professional services.
How We Use Your Information
We process your information only for specific, lawful purposes. Below is a complete account of how we use your data:
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Filing ITR, GST Returns, Tax Audits | PAN, income data, financial statements | Contractual obligation |
| Statutory audit & ROC compliance | Company documents, financial records | Legal compliance |
| Bank/NBFC loan processing | Income, bank details, CIBIL-linked data | Consent |
| DPIIT / Startup India registration | Company details, director information | Consent |
| Responding to your enquiries | Name, email, phone, message content | Legitimate interest |
| Sending tax deadline reminders | Email, name, service type | Consent (opt-in) |
| Improving our website & services | Anonymised analytics data | Legitimate interest |
| Legal compliance & fraud prevention | Identity data, transaction history | Legal obligation |
✅ We do not use your personal data for unsolicited marketing, sell it to advertisers, or use it to build profiling databases. All data processing is tied strictly to the service you engage us for.
Data Sharing & Disclosure
We treat your information with the utmost confidentiality. We do not sell, rent, or trade your personal data. Disclosure is limited strictly to the following circumstances:
- Government Portals & Regulatory Authorities: Income Tax Department (ITD), GST portal (GSTN), Ministry of Corporate Affairs (MCA/ROC), DPIIT, RBI, SEBI — only to the extent required to fulfil your service mandate.
- Banking & Financial Institutions: For processing loan applications, CMA data submission, or working capital proposals — only with your explicit written/digital consent.
- Affiliated Professional Partners: Registered CAs, CS, legal advisors engaged under strict non-disclosure agreements to co-service complex client mandates.
- Technology Service Providers: Cloud storage, secure email, and accounting software providers bound by data processing agreements with adequate security standards.
- Law Enforcement & Legal Process: When required by a valid court order, statutory authority, or Indian law — and only to the minimum extent required.
⚠️ International Transfers: Some cloud services we use may store data on servers outside India. Where applicable, we ensure adequate protections are in place per the DPDP Act, 2023 and applicable IT Rules.
Data Security
We implement industry-standard technical and organisational measures to protect your personal and financial information against unauthorised access, alteration, disclosure, or destruction:
- SSL/TLS encryption on all web communications (HTTPS)
- Password-protected, role-based access controls for client files
- Regular security reviews and access audits of internal systems
- Physical security measures at our Jaipur office premises
- Encrypted file sharing for sensitive documents and tax data
- Staff trained on data handling and confidentiality obligations
⚠️ Important: While we take every reasonable precaution, no internet transmission or electronic storage is 100% secure. We encourage you to safeguard your own login credentials and report any suspected unauthorised access immediately to support@onewaytaxsolutions.com.
Cookies & Tracking
Our website uses cookies and similar technologies to improve your browsing experience and analyse website traffic. Here is what we use and why:
| Cookie Type | Purpose | Duration |
|---|---|---|
| Essential Cookies | Required for the website to function correctly (navigation, form submissions) | Session |
| Analytics Cookies | Understand visitor behaviour (via Google Analytics — anonymised) | Up to 2 years |
| Preference Cookies | Remember your language or region preference | 1 year |
| Marketing Cookies | We do not use third-party marketing or retargeting cookies | N/A |
You can manage or disable cookies through your browser settings. Note that disabling essential cookies may affect website functionality.
Your Rights as a Data Principal
Under India's Digital Personal Data Protection (DPDP) Act, 2023, you have the following rights regarding your personal data:
- Right to Access: Request a copy of the personal data we hold about you.
- Right to Correction: Request correction of inaccurate or incomplete personal data.
- Right to Erasure: Request removal of your data where it is no longer necessary for the purpose it was collected.
- Right to Withdraw Consent: Withdraw consent at any time for data processed on that basis — this will not affect prior processing.
- Right to Grievance Redressal: Raise a complaint with our Data Protection Officer (DPO) if you believe your rights have been violated.
- Right to Nominate: Nominate another individual to exercise your rights in the event of death or incapacity.
📧 To exercise any of the above rights, write to us at support@onewaytaxsolutions.com with the subject line "Data Rights Request – [Your Name]". We will respond within 30 days of receipt.
Third-Party Links
Our website may contain links to government portals (incometax.gov.in, gst.gov.in, mca.gov.in), banking websites, and external resources. Once you navigate to a third-party site, this Privacy Policy no longer applies. We encourage you to review the privacy policies of all external websites you visit. We are not responsible for the privacy practices or content of linked third-party sites.
Children's Privacy
Our services are directed exclusively at individuals aged 18 years and above, or minors represented by their legal guardian for statutory purposes (such as minor PAN registration or succession matters). We do not knowingly collect personal data from children under 18 without explicit parental or guardian consent. If you believe a minor's data has been submitted without consent, please contact us immediately at support@onewaytaxsolutions.com and we will address it promptly.
Changes to This Policy
We may update this Privacy Policy periodically to reflect changes in our practices, services, or applicable laws. When we make material changes, we will:
- Update the "Last Updated" date at the top of this page
- Post a notice on our website homepage for 30 days
- Send an email notification to active clients where appropriate
Continued use of our services following the effective date of any update constitutes your acceptance of the revised policy. We encourage you to periodically review this page.
Contact & Grievance Officer
For any questions, concerns, or requests relating to this Privacy Policy or your personal data, please reach out to our designated Data Protection Officer:
🏢 OneWay Tax Solutions LLP
📍 Jaipur, Rajasthan, India
📞 +91-89630 85785
✉️ support@onewaytaxsolutions.com
🌐 www.onewaytax.in
⏱️ Response Timelines
General enquiries: 2 business days
Data access requests: 30 days
Grievances: 15 business days
✅ If you are not satisfied with our response, you may approach the Data Protection Board of India (once operationalised under the DPDP Act, 2023) or seek remedies under applicable Indian law.