This Privacy Policy ("Policy") governs the collection, use, and protection of personal information by Arka Associates ("we," "us," or "our"), a business advisory and compliance services firm based in Hyderabad, Telangana, India.
By using our website or engaging our services, you agree to the practices described in this Policy. If you disagree with any part of this Policy, please discontinue use of our website and services.
1. Introduction
Arka Associates is committed to maintaining the trust and confidence of all visitors to our website and clients who use our services. We adhere to applicable Indian data protection laws and best practices to ensure your personal data is handled responsibly.
This Policy applies to all personal information we collect through our website, email communications, phone interactions, physical office visits, and any other channels through which you interact with us. It does not apply to third-party websites linked from our site.
Scope: This Policy applies to all individuals whose personal information we process, including website visitors, prospective clients, active clients, and former clients, regardless of how they interact with us.
2. Information We Collect
We collect different categories of personal information depending on how you interact with us. The types of information we may collect include:
| Category | Examples | Source |
|---|---|---|
| Identity Data | Full name, PAN, Aadhaar number, date of birth, gender | Provided by you |
| Contact Data | Email address, phone number, postal address | Provided by you |
| Financial Data | Bank details, income information, GST number, loan details | Provided by you for service delivery |
| Business Data | Company name, registration number, directors info, business documents | Provided by you |
| Technical Data | IP address, browser type, device info, pages visited, time spent | Automatically collected |
| Communication Data | Emails sent to us, form submissions, chat messages | Provided by you |
We do not knowingly collect sensitive personal information such as biometric data, caste, religion, or political opinions unless strictly required for a specific government filing or compliance purpose, and only with your explicit consent.
3. How We Use Your Data
We use your personal information only for legitimate business purposes. The primary purposes for which we process your data include:
- Service Delivery: To provide company registration, tax filing, compliance, trademark, licensing, and advisory services you have engaged us for.
- Government Filings: To prepare and submit applications to MCA, GST portal, Income Tax, DGFT, FSSAI, and other regulatory authorities on your behalf.
- Communication: To respond to your enquiries, send service updates, share filing confirmations, and provide ongoing support.
- Billing & Invoicing: To raise invoices, process payments, and maintain financial records as required by law.
- Legal Compliance: To comply with applicable laws, court orders, regulatory requirements, or government authority requests.
- Website Improvement: To analyse website usage patterns and improve the content, design, and functionality of our website.
- Marketing: To send you relevant updates, new service offerings, or newsletters — only if you have opted in to receive such communications.
Legal Basis: We process your data either because it is necessary to perform a contract with you, because we have a legitimate business interest, because you have given us your consent, or because we are required to do so by law.
4. Data Sharing & Disclosure
We do not sell, rent, or trade your personal information to any third party for commercial purposes. We may share your data only in the following limited and necessary circumstances:
- Government Authorities: Regulatory bodies such as MCA, GSTN, Income Tax Department, DGFT, FSSAI, IRDAI, and others as required for service delivery and compliance filings.
- Financial Institutions: Banks and NBFCs when facilitating business loans, CMA reports, or DPR submissions on your behalf.
- Professional Advisors: Lawyers, chartered accountants, or auditors engaged to assist in delivering specific professional services.
- Technology Service Providers: Cloud hosting providers, email platforms, and CRM tools — all bound by confidentiality agreements and data protection obligations.
- Legal Requirements: When required by law, court order, or governmental authority, we may disclose your information to comply with legal obligations.
In all cases where we share data with third parties, we take reasonable steps to ensure appropriate data protection measures are in place.
5. Cookies & Tracking
Our website uses cookies and similar tracking technologies to improve your browsing experience, analyse site traffic, and understand how visitors interact with our content.
| Cookie Type | Purpose | Can Be Disabled? |
|---|---|---|
| Essential Cookies | Required for the website to function properly (session management, form submissions) | No — necessary for site operation |
| Analytics Cookies | Help us understand visitor behaviour, page views, and traffic sources | Yes — via browser settings |
| Preference Cookies | Remember your settings and preferences for a personalised experience | Yes — via browser settings |
| Marketing Cookies | Track visits across sites to display relevant advertisements | Yes — via browser settings or opt-out |
You can control or delete cookies through your browser settings at any time. Please note that disabling certain cookies may affect the functionality of our website.
6. Data Security
We implement appropriate technical and organisational security measures to protect your personal information from unauthorised access, accidental loss, destruction, or disclosure. Our security practices include:
- SSL/TLS encryption for all data transmitted through our website
- Access controls ensuring only authorised personnel can access client data
- Secure cloud storage with password protection and two-factor authentication
- Regular software updates and security patches on all systems
- Staff training on data protection and confidentiality obligations
- Physical security measures at our office premises in Hyderabad
Important: While we take all reasonable precautions, no method of data transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but commit to following industry best practices at all times.
7. Data Retention
We retain your personal information only for as long as necessary to fulfil the purposes for which it was collected, including satisfying any legal, accounting, or reporting obligations.
| Data Type | Retention Period |
|---|---|
| Client service records & documents | 8 years from the end of the engagement (as per Income Tax Act requirements) |
| Financial and billing records | 8 years from the date of transaction |
| Website enquiry & contact form data | 2 years from the date of submission |
| Marketing consent records | Until you withdraw consent or 3 years of inactivity |
| Website analytics data (cookies) | Up to 26 months |
After the applicable retention period, we securely delete or anonymise your personal data so it can no longer be associated with you.
8. Your Rights
You have the following rights with respect to your personal data that we hold. You may exercise any of these rights by contacting us using the details provided at the end of this Policy.
Right to Access
Request a copy of the personal data we hold about you and how it is being used.
Right to Rectification
Ask us to correct any inaccurate or incomplete personal information we hold.
Right to Erasure
Request deletion of your personal data where it is no longer needed or lawful to process.
Right to Object
Object to processing of your data for direct marketing or based on legitimate interests.
Right to Restrict
Ask us to restrict processing of your data in certain circumstances while a concern is resolved.
Right to Withdraw Consent
Withdraw any consent previously given for marketing or optional data processing at any time.
We will respond to all valid rights requests within 30 days. In some cases, we may be unable to comply due to legal obligations, in which case we will explain the reason.
9. Third-Party Links
Our website may contain links to third-party websites, including government portals (MCA21, GST portal, Income Tax India), partner platforms, and social media networks. These links are provided for your convenience.
Once you click on a link to a third-party website, our Privacy Policy no longer applies. We are not responsible for the privacy practices or content of those external sites. We encourage you to review the privacy policy of every website you visit.
10. Children's Privacy
Our website and services are not directed at children under the age of 18. We do not knowingly collect personal information from minors. If you believe we have inadvertently collected data from a person under 18, please contact us immediately and we will delete it promptly.
11. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our services, technology, legal requirements, or business practices. When we make significant changes, we will update the "Last Updated" date at the top of this page.
We encourage you to review this Policy periodically. Your continued use of our website or services after any changes constitutes your acceptance of the updated Policy. For material changes, we may also notify you via email if you have provided us with your contact details.
12. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, please contact our Data Protection Officer using the details below:
Arka Associates
Plot no 33, 2nd Floor, MBR Complex, Vanasthalipuram, Hyderabad - 500070, Telangana
Response Time
We respond to all privacy queries within 5 business days.