Privacy Policy
Last Updated: 17 May 2026
1. Introduction
VJR Advisory Group ("we", "our", "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, disclose, and protect your personal data when you visit our website vjradvisorygroup.com ("Website") and use our services.
By accessing our Website or submitting any information to us, you consent to the practices described in this Privacy Policy. If you do not agree, please do not use our Website or provide any personal information.
2. Information We Collect
We collect different categories of personal information depending on how you interact with us:
2.1 Information You Provide Directly
- Identity Data: Full Name (Collected via Contact Form, ITR Checkout) to identify you and address you in communications.
- Contact Data: Email Address, Phone Number (Collected via Contact Form, ITR Checkout) to contact you regarding your enquiry or service.
- Financial Identifiers: PAN - Permanent Account Number (Collected via ITR Filing Checkout) to process your income tax return filing.
- Financial Documents: Form 16, Bank Statements, Salary Slips, Form 26AS, AIS/TIS reports, Investment proofs in PDF, JPG, PNG formats (Collected via ITR Filing optional upload) to prepare and file your income tax return.
- Service Preferences: Service type selected like ITR Filing, GST Registration, Audit (Collected via Consultation Form) to route your enquiry to the appropriate expert.
- Communications: Messages/notes submitted (Collected via Consultation Form - optional) to understand your specific requirements.
2.2 Information Collected Automatically
- Device & Browser Data: IP address, browser type & version, operating system, screen resolution (Website analytics and performance monitoring).
- Usage Data: Pages visited, time spent, click patterns, referral source (Improving user experience and website content).
- Cookies & Tracking: Google Tag Manager / GTM-W4VQZRV7 (Measuring website traffic and marketing effectiveness).
2.3 Payment Information
We use Razorpay as our payment gateway for ITR filing services. When you make a payment:
- Your card details, UPI ID, or bank account information are entered directly on Razorpay's secure checkout interface.
- We do not store, process, or have access to your full payment card details. Razorpay is a PCI-DSS compliant payment processor.
- We receive only a transaction confirmation (payment ID, order ID, and payment status) from Razorpay to confirm your order.
3. Sensitive Personal Data
Under the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, we recognise that certain data we collect qualifies as Sensitive Personal Data or Information (SPDI), including:
- PAN (Permanent Account Number) – a financial identifier
- Financial documents – Form 16, bank statements, salary slips, Form 26AS, AIS/TIS reports, investment proofs, and other income-related documents
- Payment-related information – processed exclusively via Razorpay
We handle all SPDI with the highest level of care and in compliance with applicable Indian data protection laws. We collect such data only with your explicit consent and solely for the purpose of delivering the specific service you have engaged us for.
4. How We Use Your Information
We use the information collected for the following purposes:
- Service Delivery – To process your ITR filing, GST registration, audit, or other advisory services.
- Communication – To respond to your enquiries, provide service updates, and share relevant information about your engagement.
- Payment Processing – To create and verify payment orders via Razorpay for paid services.
- Document Handling – To securely receive, review, and process the financial documents you upload for your tax filing.
- Lead Management – To track and manage consultation requests submitted through our website forms.
- Analytics & Improvement – To understand how visitors use our website and improve its content, layout, and performance.
- Legal Compliance – To comply with applicable tax laws, regulatory requirements, and professional obligations.
We do not use your data for:
- Unsolicited marketing or promotional emails without your consent
- Selling, renting, or trading your personal data to third parties
- Automated decision-making or profiling that produces legal effects
5. How We Share Your Information
We may share your information only in the following limited circumstances:
| Recipient | Data Shared | Purpose |
|---|---|---|
| Income Tax Department / GST Authority | PAN, financial documents, return data | Filing tax returns and registrations on your behalf |
| Our Professional Team | All information relevant to your case | Chartered Accountants and advisors assigned to your engagement |
| Razorpay (Payment Gateway) | Name, Email, Phone, Payment details | Processing payments for ITR filing services |
6. Data Storage & Security
6.1 Where We Store Your Data
- Website Hosting: Vercel (TLS/SSL encrypted in transit)
- Database: Neon PostgreSQL (cloud-hosted, encrypted at rest)
- Document Storage: Cloudflare R2 (encrypted object storage)
6.2 Security Measures
We implement reasonable security practices and procedures consistent with the IT Act, 2000 and its associated rules, including:
- Encryption: All data transmitted between your browser and our servers is encrypted using HTTPS/TLS (TLS 1.2+) and at rest.
- Access Control: Only authorised personnel (assigned CAs and support staff) have access to your personal and financial data.
- Payment Security: Payment processing is handled entirely by Razorpay, a PCI-DSS Level 1 certified processor. We never store card numbers, CVVs, or banking credentials.
- Document Handling: Uploaded documents are stored in encrypted cloud storage and are accessed only by your assigned professional.
6.3 Data Retention
- Consultation enquiries (leads): 2 years from submission, or until service engagement concludes
- ITR filing records: 8 years from the relevant Assessment Year (as required by Indian tax law)
- GST registration records: 6 years from the date of service
- Payment transaction records: 8 years (as per financial record-keeping requirements)
- Website analytics data: 26 months (Google Analytics default)
After the retention period, data is securely deleted or anonymised.
8. Your Rights
Under applicable Indian laws, you have the following rights:
- Right to Access – You may request a copy of the personal data we hold about you.
- Right to Correction – You may request correction of inaccurate or incomplete data.
- Right to Withdrawal of Consent – You may withdraw your consent to the processing of your SPDI at any time by writing to us. However, withdrawal may affect our ability to deliver ongoing services.
- Right to Grievance Redressal – You may raise a complaint about data handling practices.
To exercise any of these rights, please email us at contact@vjradvisorygroup.com with the subject line "Privacy Request".
9. Withdraw Your Consent
You have the right to withdraw your consent to the processing of your personal data at any time. Under the Digital Personal Data Protection Act, 2023, withdrawing consent is meant to be as easy as giving it.
To withdraw, email us at contact@vjradvisorygroup.com with the subject line "Withdraw Consent" and include:
- Your full name
- The email address or phone number associated with your account or enquiry
- The specific consent you wish to withdraw (e.g., marketing communications, data processing for ITR filing)
9.1 What Happens After You Withdraw
- We will process your request within 7 business days.
- Withdrawing consent for an active service engagement may affect our ability to deliver that service.
- Certain data may be retained as required by law — for example, ITR records for 8 years under Indian tax regulations — even after consent withdrawal.
- Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.
9.2 Grievance Officer for Data-Rights Questions
If you have any questions about your data rights or the withdrawal process, contact our Grievance Officer:
Name: Vijayaraj HKEmail: contact@vjradvisorygroup.com
Phone: +91-8197181031
10. Third-Party Links
Our Website may contain links to third-party websites (e.g., WhatsApp, social media profiles, Razorpay). We are not responsible for the privacy practices or content of these external sites. We encourage you to read their privacy policies before sharing any information.
11. Children's Privacy
Our services are not directed at individuals under the age of 18. We do not knowingly collect personal data from minors. If we learn that we have collected data from a child under 18, we will take steps to delete it promptly.
12. Grievance Officer
In accordance with the Information Technology Act, 2000 and the rules made thereunder, the contact details of the Grievance Officer are:
Name: Vijayaraj HKDesignation: Founder & CEO, VJR Advisory Group
Email: contact@vjradvisorygroup.com
Phone: +91-8197181031
Address: No. 20, 1st Floor, 1st Cross, Sampige Road, Malleshwaram, Bangalore – 560003
The Grievance Officer shall address your concerns within 30 days of receipt of a written complaint.
13. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. The updated version will be posted on this page with a revised "Last Updated" date. We encourage you to review this page periodically. Material changes will be communicated via email (if you are an existing client) or through a prominent notice on our Website.
14. Governing Law
This Privacy Policy is governed by and construed in accordance with the laws of India. Any disputes arising from or in connection with this policy shall be subject to the exclusive jurisdiction of the courts in Bangalore, Karnataka.
15. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
VJR Advisory Group
No. 20, 1st Floor, 1st Cross, Sampige Road, Malleshwaram, Bangalore – 560003
Phone: +91-8197181031 | Office: 080-43780484
Email: contact@vjradvisorygroup.com
Website: vjradvisorygroup.com