← Back to Home

Privacy Policy

Last Updated: November 5, 2025

Effective Date: November 5, 2025

1. Introduction

Welcome to Paisa Advisor. We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform.

Who We Are: Paisa Advisor is a personal finance tracking and analytics platform that helps you monitor your expenses and investment portfolios. We are a data visualization and information tool - we do not execute financial transactions, provide investment advice, or handle your money.

Important: By using Paisa Advisor, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our service.

2. Information We Collect

2.1 Personal Information You Provide

When you create an account and use our service, we collect:

  • Account Information: Name, email address, phone number, password
  • Profile Information: Age, occupation, financial goals (optional)
  • Expense Data: Expense entries, categories, amounts, dates, notes you manually enter
  • Portfolio Data: Investment holdings, mutual fund units, stock quantities, purchase prices, dates you manually enter or import
  • Family Account Data: Information about family members added to your account (Phase 3)

2.2 Automatically Collected Information

  • Usage Data: Pages visited, features used, time spent on platform, click patterns
  • Device Information: IP address, browser type, operating system, device identifiers
  • Log Data: Access times, error logs, performance metrics
  • Cookies & Similar Technologies: Session tokens, preferences, analytics data

2.3 Information from Third-Party Sources

  • Market Data: Mutual fund NAVs, stock prices from public data sources (AMFI, BSE, NSE)
  • Authentication Services: If you sign in using Google/Apple/other providers

2.4 What We DON'T Collect

  • ❌ Payment card details (credit/debit card numbers, CVV)
  • ❌ Bank account passwords or login credentials
  • ❌ Transaction data from your bank (we don't connect to your bank)
  • ❌ Sensitive personal data like health records, biometric data

3. How We Use Your Information

3.1 Primary Uses

  • Provide Services: Display your expense tracking, portfolio analytics, charts, and reports
  • Data Visualization: Create graphs, breakdowns, performance metrics from your data
  • Account Management: Manage your account, authenticate login, provide customer support
  • AI Insights (Phase 4): Generate informational patterns and observations from your data using AI/ML models
  • Family Features (Phase 3): Enable multi-user tracking and consolidated family views

3.2 Service Improvement

  • Improve platform features and user experience
  • Develop new features based on usage patterns
  • Fix bugs and optimize performance
  • Conduct anonymized analytics and research

3.3 Communication

  • Send service-related notifications (account updates, security alerts)
  • Respond to your inquiries and support requests
  • Send updates about new features (you can opt-out)
  • Request feedback and reviews

3.4 Security & Compliance

  • Detect and prevent fraud, abuse, or security incidents
  • Comply with legal obligations and government requests
  • Enforce our Terms of Service
  • Protect our rights and those of our users

What We DON'T Do: We DO NOT sell your personal data to third parties. We DO NOT use your data for targeted advertising. We DO NOT provide investment advice or recommendations.

4. Legal Basis for Processing (DPDP Act Compliance)

We process your personal data based on:

  • Consent: You explicitly agree to our data collection when you sign up
  • Contractual Necessity: Processing is necessary to provide you the service
  • Legitimate Interests: Improving our service, preventing fraud, ensuring security
  • Legal Obligations: Compliance with applicable laws and regulations

5. How We Share Your Information

5.1 We DO NOT Sell Your Data

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

5.2 Service Providers

We may share your data with trusted third-party service providers who assist us in operating our platform:

  • Cloud Hosting: AWS (or other cloud providers) for data storage and hosting
  • Analytics: Google Analytics or similar for usage analytics (anonymized)
  • Email Services: For sending notifications and support emails
  • Customer Support: Help desk software for managing support tickets

All service providers are bound by strict data processing agreements and can only use your data to perform services for us.

5.3 Legal Requirements

We may disclose your information if required by law:

  • In response to court orders, subpoenas, or legal processes
  • To comply with government or regulatory requests
  • To protect our rights, property, or safety
  • To prevent fraud or illegal activities

5.4 Business Transfers

If Paisa Advisor is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your data is transferred and becomes subject to a different privacy policy.

5.5 Aggregated & Anonymized Data

We may share aggregated, anonymized data that cannot identify you personally (e.g., "60% of users track groceries as their top expense category").

6. Data Security

We implement industry-standard security measures to protect your data:

6.1 Encryption

  • In Transit: TLS 1.3 encryption for all data transmitted between your device and our servers
  • At Rest: AES-256 encryption for data stored in our databases
  • Passwords: Hashed using bcrypt/Argon2 (never stored in plain text)

6.2 Access Controls

  • Strict employee access controls (need-to-know basis)
  • Multi-factor authentication for admin access
  • Regular access reviews and audits
  • Background checks for employees with data access

6.3 Infrastructure Security

  • Regular security audits and vulnerability assessments
  • Firewalls and intrusion detection systems
  • Regular backups with geographic redundancy
  • Incident response and disaster recovery procedures

Security Notice: While we implement robust security measures, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security. Please use strong passwords and enable two-factor authentication (when available).

7. Data Retention & Deletion

7.1 How Long We Keep Your Data

  • Active Accounts: We retain your data as long as your account is active
  • Inactive Accounts: Data retained for up to 2 years after last login
  • Deleted Accounts: Personal data deleted within 7 days of account deletion request
  • Legal Requirements: Some data may be retained longer if required by law (e.g., financial records, audit logs)

7.2 Data Deletion Process

Upon your request to delete your account:

  1. We will delete your personal information within 7 days
  2. Backup copies will be deleted within 30 days
  3. Some anonymized data may be retained for analytics
  4. Legal/compliance data may be retained as required by law

7.3 How to Request Deletion

To delete your account and data:

8. Your Rights (DPDP Act 2023)

Under India's Digital Personal Data Protection Act, 2023, you have the following rights:

8.1 Right to Access

You can request a copy of all personal data we hold about you.

8.2 Right to Correction

You can request correction of inaccurate or incomplete data.

8.3 Right to Deletion

You can request deletion of your personal data (within 7 days).

8.4 Right to Data Portability

You can export your data in machine-readable format (CSV, JSON).

8.5 Right to Withdraw Consent

You can withdraw your consent for data processing at any time by deleting your account.

8.6 Right to Nominate

You can nominate another individual to exercise your rights in case of death or incapacity.

8.7 Right to Grievance Redressal

You can file a complaint with our Grievance Officer (details below).

How to Exercise Your Rights: Email grievance@paisaadvisor.com with your request. We will respond within 7-14 business days.

9. Cookies & Tracking Technologies

9.1 What We Use

  • Essential Cookies: Required for login, session management, security
  • Analytics Cookies: Google Analytics for usage statistics (anonymized)
  • Preference Cookies: Remember your settings and preferences

9.2 Third-Party Cookies

We use Google Analytics. You can opt-out using browser settings or Google's opt-out tool.

9.3 Managing Cookies

You can disable cookies in your browser settings. Note that essential cookies are required for the service to function.

10. International Data Transfers

Data Storage Location: Your data is stored on cloud servers (AWS or similar) in regions optimized for cost and performance. This may include regions outside India.

Safeguards: If your data is transferred outside India, we ensure:

  • Adequate data protection measures equivalent to Indian standards
  • Encryption in transit and at rest
  • Contractual obligations with cloud providers
  • You can request data location details by contacting us

Note: We do NOT store payment data (as we don't process payments), so RBI data localization rules do not apply.

11. Children's Privacy

Age Restriction: Paisa Advisor is intended for users aged 18 and above. We do not knowingly collect personal information from children under 18.

If we discover that we have collected data from a child under 18, we will delete it immediately. If you believe a child has provided us with personal information, please contact us at grievance@paisaadvisor.com.

12. AI & Machine Learning (Phase 4)

When we introduce AI-powered insights:

12.1 How AI Uses Your Data

  • Your financial data is analyzed using machine learning models to identify patterns and trends
  • AI generates informational observations about your spending habits and portfolio allocation
  • Data may be anonymized and aggregated to train models
  • AI insights are NOT investment advice or recommendations

12.2 Transparency

  • We will clearly label AI-generated content
  • You can opt-out of AI insights at any time
  • Your data is never shared with third-party AI providers without consent

Important: AI insights are informational only and based on historical patterns. They are NOT financial advice. Always consult a qualified financial advisor for investment decisions.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements.

13.1 Notification Process

  • We will update the "Last Updated" date at the top of this page
  • For material changes, we will notify you via email or in-app notification
  • You will have 30 days to review changes before they take effect
  • Continued use after the effective date means you accept the changes

13.2 Your Rights Regarding Changes

If you disagree with the updated policy, you may delete your account before the effective date.

14. Company Information

Paisa Advisor is a product owned and operated by:

Company Details

Legal Entity: Hardcode Consulting Private Limited

Corporate Identity Number (CIN): U58200OD2024PTC047252

PAN: AAHCH6087L

GSTIN: 19AAHCH6087L1ZH

Date of Incorporation: November 9, 2024

Registered Office Address

Hardcode Consulting Private Limited
House No. 102, Ward B
Sagara, Block Bamra
Govindpur, Sambalpur - 768224
Odisha, India

Principal Place of Business

Kamdhenu Building, 3rd Floor
3/4, 75C Park Street
Kolkata - 700016
West Bengal, India

15. Contact Us & Grievance Redressal

Grievance Officer

For complaints, data subject requests, or grievances under DPDP Act 2023:

Company: Hardcode Consulting Private Limited

Email: grievance@paisaadvisor.com

Response Time: We aim to respond to all grievances within 7-14 business days.

General Privacy Inquiries

Email: privacy@paisaadvisor.com

Data Subject Requests

For access, correction, deletion, or portability requests:

Email: grievance@paisaadvisor.com

Subject Line: "Data Subject Request - [Your Name]"

16. Regulatory Compliance

This Privacy Policy complies with:

  • Digital Personal Data Protection Act, 2023 (DPDP Act)
  • Information Technology Act, 2000
  • Sensitive Personal Data or Information Rules, 2011

As regulations evolve, we will update our practices and this policy to maintain compliance.

17. Governing Law

This Privacy Policy is governed by the laws of India. Any disputes will be subject to the exclusive jurisdiction of courts in Kolkata, India.

Note: This jurisdiction is subject to change based on company registration location.

Back to Home Terms of Service Security