Privacy Policy | SSRA

Privacy Policy

Last Updated: May 14, 2026

This Privacy Policy applies only to the following interconnected SSRA Platforms:

  • blog.ssraca.com
  • tools.ssraca.com
  • insights.ssraca.com
  • office.ssraca.com
  • client.ssraca.com
  • reset.ssraca.com

This comprehensive policy transparently explains how data, inputs, and analytical information are safely handled when users interact with these websites, financial tools, secure portals, and digital resources.

We are fully committed to protecting your privacy. This Privacy Policy is meticulously designed to align, where applicable, with the core principles of the Indian Digital Personal Data Protection Act, 2023 (“DPDP Act”), ensuring modern data rights and secure digital infrastructure.

1. Minimal Data Collection Policy

Our digital infrastructure is built upon a Privacy-First philosophy and a strict Minimal-Data Approach. We believe you should have access to high-quality financial utilities without sacrificing personal anonymity.

As part of this commitment, most public pages, calculators, and open resources available across these websites:

  • Do not require user registration or account creation
  • Do not intentionally collect, track, or harvest personal identity data
  • Do not save or log user-entered financial, income, or tax information
  • Process calculator and form data directly at the user interface level (browser-side)

Where technically feasible, sensitive numerical information entered into our financial tools Remains Entirely On The User’s Own Device and is never transmitted to, or stored upon, our centralized servers.

2. Personal Data We May Process

In certain scenarios, limited personal data may be processed, but Only Where Voluntarily Provided by users seeking specific services. This information may include:

  • Full name and professional titles
  • Email address and alternate contact details
  • Phone numbers (for urgent client communications)
  • Business specifics (e.g., GSTIN, PAN, Entity Type) when accessing client portals
  • Communication records and inquiry histories
  • Official documents securely shared through verified client interactions

This voluntary processing typically only occurs when users actively:

  • Initiate contact with our support or consulting teams
  • Request specialized accounting or tax services
  • Authenticate to access restricted, secure client features
  • Willfully submit form information for newsletters or insights

3. Purpose of Processing

We respect the trust you place in us. Any personal information processed by our systems will be utilized exclusively for explicitly stated, Legitimate Purposes, which primarily include:

  • Promptly responding to user inquiries and consultation requests
  • Executing and delivering the professional services requested
  • Maintaining clear, ongoing client communication
  • Facilitating secure account authentication or client portal access
  • Generating accurate invoices and managing payment processing
  • Ensuring strict legal, statutory, and regulatory compliance
  • Optimizing website functionality, user experience, and platform security

We maintain a zero-tolerance policy for data brokering. We Do Not Sell Personal Data To Third Parties under any circumstances.

4. Client-Side Processing Architecture

To maximize your security, a significant majority of the tools and calculators hosted on our platforms are engineered utilizing Browser-Side Processing (Client-Side logic).

Because of this advanced architectural choice:

  • Your financial and numerical inputs remain locked within your active browser session
  • Generated tax or compliance outputs are calculated locally and are not transmitted to our backend
  • Our administrators and servers generally have absolute zero visibility into the specifics entered into these tools

Disclaimer: While we strive for accuracy, users should always independently verify mathematical outputs with a professional before relying on them for finalized legal, financial, tax filing, or compliance decisions.

5. Technical Logs & Infrastructure Analytics

To ensure our platforms remain stable and secure against cyber threats, limited technical metadata may be automatically generated and temporarily logged by our secure systems or cloud hosting providers. This includes:

  • Masked or anonymized IP addresses
  • Browser types, versions, and viewport sizes
  • Operating system environments
  • Basic device categorization (Mobile, Tablet, Desktop)
  • Secure access timestamps and server response times
  • Error tracking and diagnostic crash logs

This purely technical information is heavily restricted and used solely for:

  • Defending against DDoS attacks and maintaining website security
  • Aggregated, anonymous traffic analytics
  • Fraud prevention and identifying malicious bot traffic
  • Performance monitoring and load balancing
  • Continuous service and UI/UX improvement

6. Cookie Policy & Usage

To make our digital platforms function efficiently, we employ cookies or similar localized tracking technologies. We divide these into distinct functional categories:

  • Essential Functionality: Navigational state tracking and layout preferences
  • Session Management: Keeping you securely logged into the client portal
  • Analytics: Understanding general page popularity (anonymized)
  • Authentication: Verifying user identity during secure interactions
  • Security: Generating tokens to prevent Cross-Site Request Forgery (CSRF)

Users maintain full control over this and may clear, block, or selectively disable non-essential cookies directly through their modern browser settings.

7. Integration with Third-Party Services

To provide enterprise-grade reliability, certain underlying infrastructure or operational services must be facilitated through vetted third-party vendors. These may include:

  • Encrypted cloud hosting and CDN providers
  • Aggregated web analytics platforms
  • Secure payment gateway processors
  • Identity and authentication services (e.g., OAuth providers)
  • Email delivery and communication infrastructure

While we carefully select our partners, such third parties may process limited technical routing information according to their own stringent, legally compliant privacy policies.

8. Data Retention Guidelines

We do not hoard information. Where personal data is legitimately processed, it is subject to strict life-cycle management and retained only for as long as reasonably necessary to fulfill:

  • Active service delivery and client mandate fulfillment
  • Mandatory statutory and tax compliance obligations
  • Potential legal dispute resolution scenarios
  • Standard audit and accounting record requirements
  • Ongoing security investigations and fraud prevention

Once the retention period expires, sensitive data is systematically scheduled to be deleted, permanently anonymized, or securely disposed of following industry best practices.

9. Your Data Rights

We believe in user empowerment. Subject to the applicable legal frameworks (such as the DPDP Act), verified users hold the right to request:

  • Transparent access to the personal data we currently hold about them
  • Immediate correction or updating of demonstrably inaccurate information
  • Complete withdrawal of previously granted consent for processing
  • Erasure or deletion of personal data (The "Right to be Forgotten")
  • Formal grievance redressal through our designated channels

Please note that fulfillment of certain requests may be subject to review against overriding legal, regulatory, anti-money laundering (AML), and professional retention obligations.

10. Data Security Measures

Protecting your information is paramount. We implement commercially reasonable, modern technical and organizational safeguards—such as SSL/TLS encryption for data in transit and restricted access protocols—designed to protect against:

  • Unauthorized platform access or database breaches
  • Internal misuse or accidental mishandling
  • Unlawful external disclosure
  • Malicious alteration or injection attacks
  • Accidental destruction or data loss

However, as the internet is an inherently open platform, no online platform, cloud database, or transmission method can be guaranteed 100% immune to advanced persistent threats.

11. External Links & Scope

Our educational articles and resource pages may contain outgoing links to external websites, governmental portals, or third-party platforms for your convenience.

We explicitly state that we are not responsible for:

  • The accuracy or safety of third-party content
  • The external privacy practices or tracking mechanics utilized by those sites
  • The independent terms and policies governing linked web services

Users are strongly encouraged to review external privacy policies independently upon leaving the SSRA Platform.

12. Protection of Minors

Our professional compliance and tax resources are exclusively intended for adults and registered business entities over the age of 18.

We do not actively target, nor do we knowingly collect, process, or store personal identity data from minors under any circumstance.

13. Modifications to This Policy

To keep pace with evolving legal frameworks, changing technologies, and new platform features, this Privacy Policy may be updated or amended periodically.

All updated iterations will be published directly to this page, prominently featuring a revised “Last Updated” date at the top of the document.

Your continued navigation and use of the websites following any updates constitutes your informed acknowledgment and acceptance of the revised terms.

14. Contact Information

If you have any privacy-related concerns, require clarification on data practices, or wish to exercise your user rights, please reach out through our official channels:

S S Rawat & Associates

Website: SSRA Platform

SSRA Connect | Privacy Policy | Disclaimer