Audex

Privacy Policy

Last updated: June 12, 2026

Audex (“we”, “us”) provides an all-in-one platform for Chartered Accountant firms in India. This policy explains what data we collect, why we collect it, and the choices you have. It is written to align with the Digital Personal Data Protection Act, 2023 (DPDP Act) and the Information Technology Act, 2000.

1. Data we collect

  • Account data - your name, email, phone number and firm details when you register.
  • Client data you enter - names, PAN, GSTIN, contact details, documents, transactions and invoices of your firm’s clients. Your firm is the data fiduciary for this data; Audex processes it on your instructions.
  • Usage data - log records (IP address, timestamps, actions) kept for security auditing.
  • Payment data - subscription payments are processed by Razorpay; we never see or store your card or UPI credentials.

2. How we use it

  • To provide and improve the service (document collection, deadline alerts, billing).
  • To send transactional notifications you or your firm configured (email, in-app).
  • To respond to support requests.
  • We do not sell personal data, and we do not use your clients’ financial data for advertising.

3. Storage and security

Data is hosted on servers located in India where feasible. In transit, data is protected with TLS; passwords are stored as salted bcrypt hashes; access tokens are short-lived and revocable. Uploaded documents are access-controlled per firm and per client - cross-tenant access is technically isolated.

4. Retention

We retain firm and client records for as long as your account is active, and for up to 7 years thereafter, in line with record-keeping expectations applicable to accounting professionals in India (including ICAI guidance and tax-law limitation periods). You may request earlier deletion of personal data where law permits.

5. Sub-processors

  • Razorpay - subscription payment processing.
  • Email delivery provider - transactional email (as configured by your firm).

6. Cookies and analytics

The product uses only functional storage (your session). The marketing site may use privacy-respecting, aggregate analytics. We do not run third-party advertising trackers.

7. Your rights

Under the DPDP Act you may request access, correction, or erasure of your personal data, and you may withdraw consent where processing is based on consent. Firms can export their data (CSV) from inside the product at any time.

8. Grievance officer

For privacy concerns or grievances, contact our grievance officer at grievance@audex.in. We aim to acknowledge complaints within 72 hours and resolve them within 30 days.

9. Changes

We will notify account administrators by email of material changes to this policy before they take effect.