Last Updated: 1 January 2025
PROFINO LLP ("we", "our", or "the Firm") is committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or engage our professional services.
1. Information We Collect
1.1 Personal Information
When you contact us, engage our services, or use our website, we may collect:
- Full name, email address, phone number, and postal address
- PAN number, Aadhaar number, GSTIN, and other tax identification numbers
- Company registration details, financial statements, and business documents
- Bank account details (only when necessary for specific service delivery)
- Professional qualifications and employment information
1.2 Automatically Collected Information
When you visit our website, we automatically collect:
- IP address, browser type, and operating system
- Pages visited, time spent, and referring URL
- Cookie and session data (see Section 7)
2. How We Use Your Information
We use your personal information to:
- Provide chartered accountancy, taxation, audit, and financial advisory services
- File returns, documents, and applications with government authorities on your behalf
- Communicate with you about your account, compliance deadlines, and service updates
- Send newsletters and tax updates (with your explicit consent)
- Improve our website and service offerings
- Comply with legal and professional obligations under ICAI Code of Ethics
3. Information Sharing & Disclosure
We do not sell, trade, or rent your personal information to third parties. We may share your information with:
- Government Authorities: Income Tax Department, GST Portal, MCA, SEBI, RBI — only as required for service delivery
- Professional Network: Senior consultants engaged under strict NDA for complex engagements
- Technology Partners: Cloud accounting platforms (Tally, QuickBooks, Zoho) under data processing agreements
- Legal Requirements: When required by court order, ICAI directives, or applicable law
4. Data Security
We implement industry-standard security measures to protect your information:
- AES-256 encryption for data at rest and TLS 1.3 for data in transit
- Role-based access control — only authorized personnel access your specific data
- Regular security audits and penetration testing
- Strict Non-Disclosure Agreements (NDAs) with all team members and partners
- Secure document destruction protocols for physical records
5. Data Retention
We retain your personal and financial data for the periods required by:
| Data Type | Retention Period | Legal Basis |
| Tax Records & Returns | 7 years from assessment year | Income Tax Act 1961 |
| GST Documents | 5 years from filing date | CGST Act 2017 |
| Company Documents | Duration of engagement + 8 years | Companies Act 2013 |
| Audit Working Papers | 7 years | ICAI Standards on Auditing |
| General Correspondence | 3 years | Limitation Act |
6. Your Rights
You have the right to:
- Access: Request a copy of the personal data we hold about you
- Correction: Request correction of inaccurate or incomplete data
- Deletion: Request deletion of your data (subject to legal retention obligations)
- Portability: Request your data in a portable format
- Withdraw Consent: Opt out of marketing communications at any time
- Grievance Redressal: Lodge a complaint with our Data Protection Officer
7. Cookies Policy
Our website uses cookies to enhance your experience. Cookies we use include:
- Essential Cookies: Required for website functionality (session management)
- Analytics Cookies: Google Analytics to understand website usage (anonymized)
- Preference Cookies: To remember your settings and preferences
You can disable non-essential cookies through your browser settings without affecting core website functionality.
8. Third-Party Links
Our website may contain links to third-party websites (government portals, professional bodies). We are not responsible for the privacy practices of these sites and encourage you to review their privacy policies.
9. Children's Privacy
Our services are intended for businesses and individuals aged 18 and above. We do not knowingly collect personal data from children under 18. If you believe we have inadvertently collected such data, please contact us immediately.
10. Changes to This Policy
We may update this Privacy Policy periodically. The "Last Updated" date at the top reflects the most recent revision. Significant changes will be communicated via email to existing clients.
11. Contact Our Data Protection Officer
For any privacy-related queries, requests, or complaints:
- Name: Data Protection Officer, PROFINO LLP
- Email: privacy@profinollp.com
- Address: 12, Business Tower, Nariman Point, Mumbai — 400 021
- Response Time: We will respond to all privacy requests within 30 days
Our Privacy Commitment
PROFINO LLP adheres to the ICAI Code of Ethics regarding client confidentiality, which imposes the highest standards of professional secrecy. Your financial information is treated with the same confidentiality as attorney-client privilege.