Security & Trust
Your clients' data is not our product
Finkr handles confidential income tax documents for thousands of CA clients. We take that responsibility seriously — here is exactly how we protect your data.
At a glance
Security specifications
Encryption at Rest & in Transit
All data stored on Finkr is encrypted with AES-256. Every connection between your browser and our servers uses TLS 1.2 or higher — no plain-text data ever leaves your device.
India Data Residency
Your data and your clients' tax documents are stored exclusively on Microsoft Azure servers located in India. We do not transfer personal data offshore, except for AI inference which is covered under Azure's enterprise data residency commitments.
No Training on Your Data
Client tax documents, ITRs, notices, and demand orders uploaded to Finkr are never used to train or fine-tune AI models. Your clients' data is used solely to generate the compliance assistance you requested — nothing else.
Access Controls & Audit Trails
Role-based access controls ensure each team member sees only what they need to. Every action in Finkr — document uploads, notice responses, client record changes — is logged with a timestamped audit trail you can review.
DPDP Act 2023 Compliance
Finkr is designed in accordance with India's Digital Personal Data Protection (DPDP) Act, 2023. We uphold your rights as a Data Principal — access, correction, erasure, and grievance redressal — with a dedicated Grievance Officer.
Incident Response
In the event of a security incident affecting your data, we will notify you within 72 hours of becoming aware of it — in line with DPDP Act requirements. We maintain an internal incident response playbook and conduct periodic security reviews.
Questions about security?
If you have a security concern, found a vulnerability, or want to discuss our data handling practices, reach out directly.
contact@finkr.ai