Openedze Solutions — business consultancy, GST, compliance & funding
Call
Trust & Privacy

How we protect your data

We handle KYC documents, business records, and personal information every day. This page describes our safeguards — written in plain English, aligned to the Digital Personal Data Protection Act 2023 (DPDP).

Encrypted in transit and at rest

All traffic to and from the site runs over HTTPS with HSTS preload. Documents and personal data stored in our database are encrypted at rest by the cloud provider. Sensitive credentials are hashed with industry-standard algorithms (bcrypt for passwords).

Strict access control

Only Openedze CA/CS staff working on your engagement can access your data, and only the fields they need. Authentication uses HttpOnly + Secure + SameSite cookies. Admin actions are role-gated server-side.

Minimum data collection

We collect only what's needed to deliver your service — name, phone, email, business details, and the documents required for filing. We do not sell, rent, or share your data with third parties for marketing.

Hosted in regulated infrastructure

Application + database run on cloud infrastructure (Vercel + Supabase) located in AP-Southeast region. Backups are encrypted and rotated. Rate limiting prevents brute-force attempts on auth endpoints.

Transparent analytics

We use Google Analytics 4 and Microsoft Clarity. Both load only after you accept cookies via the consent banner. We use Google Consent Mode v2 to honour your choice across page loads. No ad-tracking pixels.

Document handling

Documents you share for filings are used solely for the engagement, retained for the period required by Indian compliance law (typically 6 years for tax records), and securely deleted thereafter on request.

Your rights

You stay in control of your data

Under the DPDP Act, you are the “data principal” — meaning these rights are yours by law.

Access

Request a copy of the personal data we hold about you.

Correction

Ask us to fix data that is incomplete or inaccurate.

Erasure

Request deletion once retention obligations no longer apply.

Withdrawal

Withdraw consent for marketing emails at any time.

Grievance

Raise concerns to our Grievance Officer (contact below).

Grievance Officer

Have a question about your data?

Email info@openedzesolutions.com with the subject “DPDP request” and we will respond within 7 working days. You can also WhatsApp us at +91 63780 07154.

Read the full Privacy Policy