TAXGENIX CONSULTANCY PVT LTD

Menu
Free Consultation

Privacy Policy

TaxGenix Consultancy – Comprehensive Privacy, Data Protection, Security & Risk Management Policy

1. Introduction

This document establishes a comprehensive framework for privacy, data protection, information security, and risk management practices followed by TaxGenix Consultancy. Our objective is to ensure confidentiality, integrity, and availability of all client and business data through structured controls and continuous monitoring.

2. Scope

This policy applies to all employees, consultants, systems, devices, and processes involved in handling client data, financial records, and sensitive business information.

3. Definitions

  • Sensitive Data: Financial, GST, personal, or business-critical information.
  • Authorized Personnel: Individuals granted access based on defined roles.
  • Incident: Any event that compromises data security, confidentiality, or system integrity.

4. Data Collection Principles

We follow data minimization principles and collect only necessary information required for service delivery. Data is collected through secure and authorized channels only.

5. Purpose Limitation

All collected data is used strictly for professional services such as accounting, GST compliance, reconciliation, and advisory. Data is not used beyond its intended purpose.

6. Data Storage & Encryption

  • Password-protected systems
  • Secure cloud storage platforms
  • Encrypted transmission wherever applicable
  • Regular backup procedures to prevent data loss

7. Access Control Framework

  • Role-Based Access Control (RBAC)
  • Least privilege principle
  • Access approval and revocation procedures
  • Periodic review of user access rights

8. Network Security

  • Firewall protection
  • Antivirus and anti-malware tools
  • Secure internet usage practices
  • Prohibition of unsecured public networks for sensitive work

9. System Security & Maintenance

  • Regular system updates and security patches
  • Use of licensed software
  • Endpoint protection measures
  • Device-level security controls

10. Risk Management Framework

We conduct periodic risk assessments to identify potential threats including:

  • Unauthorized access
  • Data breaches
  • System vulnerabilities

Mitigation strategies are implemented and reviewed regularly.

11. Monitoring & Logging

We monitor systems and access activities to detect anomalies. Where applicable, logs are maintained for audit and review purposes.

12. Incident Response Plan

  1. Identification of the incident
  2. Containment to limit impact
  3. Investigation and root cause analysis
  4. Resolution and recovery
  5. Documentation and reporting
  6. Implementation of preventive measures

13. Data Breach Management

  • Immediate containment actions are taken
  • Internal escalation is initiated
  • Impact is assessed
  • Corrective actions are implemented

14. Data Retention & Disposal

Data is retained only for as long as necessary to meet legal and business requirements. Data is securely deleted or destroyed after retention period.

15. Confidentiality Obligations

All employees and associated personnel are bound by confidentiality obligations. Unauthorized disclosure of data is strictly prohibited.

16. Employee Training & Awareness

  • Data protection practices
  • Security awareness
  • Proper handling of sensitive information

17. Third-Party Management

Any third-party tools or services used are evaluated for security standards. Access is granted only where necessary and controlled.

18. Compliance & Legal

We adhere to applicable laws, regulations, and industry best practices related to data protection and privacy.

19. Audit & Review

This policy is reviewed periodically to ensure effectiveness and updated as required.

20. Business Continuity

We maintain backup and recovery processes to ensure continuity of services in case of disruptions.

21. Contact Information

TaxGenix Consultancy
Email: taxgenixconsultancy@gmail.com
Phone: +91 7078888836