Privacy Policy โ
Validraft.in
How Validraft collects, processes, stores, and protects your personal data. Governed by Indian law and crafted to meet the highest standards of corporate transparency.
Applicable Law: This Privacy Policy is governed by the Information Technology Act, 2000 (as amended in 2008), the IT (Reasonable Security Practices and Sensitive Personal Data or Information) Rules, 2011, and the Digital Personal Data Protection Act, 2023 (DPDP Act).
1 ๐ข Who We Are
Validraft (operating as validraft.in) is India's premier legal fintech platform providing end-to-end business registration, GST services, trademark filing, ROC compliance, licences and registrations, and business closure services. We operate through a curated panel of Chartered Accountants, Company Secretaries, and Corporate Lawyers.
Data Fiduciary (Data Controller)
๐ Entity: Validraft (validraft.in)
๐๏ธ Corporate Office: Siliguri, West Bengal โ 734003
๐๏ธ Registered Office: Gopalganj, Bihar โ 841428
๐ Phone: +91 70618 60313
โ๏ธ Email: validraft@gmail.com
๐ Website: https://validraft.in
By accessing or using validraft.in, you ("User" / "Data Principal") consent to the collection and use of your personal data as described in this Privacy Policy. If you do not agree, please discontinue use of our platform immediately.
2 ๐ฅ Information We Collect
We collect only the information necessary to deliver our legal and compliance services across three broad categories:
| Category | Data Points Collected | Collection Method |
|---|---|---|
| Identity Data | Full name, date of birth, PAN, Aadhaar number, director identification | Contact forms, onboarding documents |
| Contact Data | Email address, mobile number, business address, state/district | Registration forms, WhatsApp enquiries |
| Business Data | Company name, proposed business activity, sector, shareholding structure | Service intake forms |
| Financial Data | Service fee payments, GST invoicing details (no card/bank data stored by us) | Payment gateway (third-party processed) |
| Document Data | Uploaded KYC documents, MOA/AOA drafts, DSC applications, incorporation certificates | Secure document upload portal |
| Usage Data | IP address, browser type, pages visited, session duration, referral source | Cookies, Google Analytics |
| Communication Data | Emails, WhatsApp messages, support ticket content | Direct communication with our team |
โน๏ธ Sensitive Personal Data (SPDI): Aadhaar numbers, PAN cards, and financial documents are classified as Sensitive Personal Data under IT (SPDI) Rules, 2011. These are collected solely for statutory compliance filings and handled with heightened security protocols.
โ ๏ธ We do not collect: credit/debit card numbers, bank account credentials, biometric data, health data, or passwords. Payment transactions are processed exclusively through PCI-DSS compliant third-party gateways.
3 โ๏ธ How We Use Your Information
Your data is used for specific, lawful purposes only. Validraft does not engage in data profiling for advertising or sell data to third parties.
- โService Delivery: Filing MCA forms, GST applications, trademark applications, and ROC compliance documents on your behalf with government portals.
- โProfessional Coordination: Sharing relevant data with the assigned CA, CS, or Lawyer from our verified partner network to complete your engagement.
- โCommunication: Sending service updates, document requests, filing status alerts, and compliance reminders via email/WhatsApp.
- โBilling & Invoicing: Generating GST-compliant invoices and processing refunds per our Refund Policy.
- โLegal Compliance: Responding to court orders or regulatory authority requests (MCA, GSTIN, IPAB) under Indian law.
- โPlatform Improvement: Analysing anonymised usage data to improve website performance and service quality.
- โWe do NOT sell, rent, or trade your personal data to third-party advertisers, data brokers, or marketing companies โ ever.
- โWe do NOT use your data for automated decision-making that produces legal effects concerning you.
4 โ๏ธ Legal Basis for Processing
Under the Digital Personal Data Protection Act, 2023, Validraft processes your personal data on the following lawful grounds:
| Processing Activity | Legal Basis (DPDP Act 2023) |
|---|---|
| Collecting contact and identity data for onboarding | Consent โ explicit consent given via our intake form |
| Filing MCA / GST / Trademark documents | Contractual Necessity โ required to fulfil the service contract |
| Sharing with CA/CS/Lawyer on your file | Legitimate Interest โ necessary to deliver the service |
| Responding to government authority requests | Legal Obligation โ compliance with Indian law |
| Website analytics and usage tracking | Consent โ cookie consent obtained on first visit |
| Retaining completed engagement records | Legal Obligation โ statutory record-keeping requirements |
Consent Withdrawal: Where processing is based on consent, you may withdraw consent at any time by writing to our Grievance Officer (Section 13). Withdrawal does not affect the lawfulness of processing carried out before withdrawal, nor processing necessary to complete a service already initiated.
5 ๐ค Data Sharing & Disclosure
Validraft operates as an intermediary between you and licensed professionals. Data sharing is limited, purposeful, and governed by contractual obligations.
| Recipient | What Is Shared | Purpose |
|---|---|---|
| Verified CA / CS / Lawyers | KYC documents, business details, engagement specifics | Processing and filing your service request |
| Government Portals (MCA, GSTN, IP India) | All statutory data required by the specific portal | Mandatory regulatory filing |
| Payment Gateway | Transaction amount, invoice reference only | Payment processing โ no card/bank data shared by us |
| Email / Communication Service | Name, email address, message content | Sending transactional emails and service updates |
| Google Analytics | Anonymised IP, device type, pages visited | Website performance analytics |
| Law Enforcement / Courts | Data as mandated by the order or summons | Legal compliance under Indian law |
All third-party partners engaged by Validraft are bound by confidentiality obligations. We do not permit them to use your data for their own marketing or any purpose beyond the engagement scope.
6 ๐ Data Security
Validraft implements reasonable security practices and procedures as mandated under Rule 8 of the IT (SPDI) Rules, 2011, aligned with ISO/IEC 27001 information security standards.
โ ๏ธ No transmission over the internet is 100% secure. While we implement industry-standard protections, we cannot guarantee absolute security. Report suspected security vulnerabilities to our Grievance Officer immediately.
7 ๐ช Cookies & Tracking Technologies
Validraft.in uses cookies and similar tracking technologies to improve user experience and understand platform usage. By using our website, you consent to cookie use as described below.
| Cookie Type | Purpose | Duration |
|---|---|---|
| Essential Cookies | Enable core website functionality โ navigation, form submission, security tokens. Cannot be disabled. | Session |
| Analytics Cookies | Google Analytics โ tracks page views, session duration, bounce rate. Anonymised IP. | Up to 2 years |
| Preference Cookies | Stores user preferences such as language and region settings. | Up to 1 year |
| Marketing Cookies | Currently not deployed. Validraft does not run retargeting ad campaigns. | N/A |
You may disable non-essential cookies through your browser settings at any time. This will not affect service delivery. You can also opt out of Google Analytics tracking at tools.google.com/dlpage/gaoptout.
8 ๐๏ธ Data Retention
We retain personal data only for as long as is necessary for the purpose it was collected, or as required by applicable Indian law.
| Data Type | Retention Period | Statutory Basis |
|---|---|---|
| KYC Documents (PAN, Aadhaar) | 8 years post-engagement | Anti-Money Laundering Act requirements |
| Incorporation / ROC Filing Records | Indefinite (or as long as company exists) | MCA records โ permanent legal obligation |
| GST Registration Records | 6 years from date of filing | GST Act, 2017 โ Section 36 |
| Trademark Application Records | 10 years (term of trademark) | Trade Marks Act, 1999 |
| General Contact / Enquiry Data | 2 years from last interaction | Business operations and follow-up |
| Payment & Invoice Records | 7 years | Income Tax Act, 1961 โ Section 44AA |
| Website Analytics Data | 26 months (Google Analytics default) | Platform analytics โ anonymised |
Upon expiry of the retention period, data is securely deleted or anonymised in a manner that prevents reconstruction of personal identity.
9 ๐ก๏ธ Your Rights Under DPDP Act 2023
As a Data Principal under the Digital Personal Data Protection Act, 2023, you have the following rights with respect to your personal data processed by Validraft:
โน๏ธ How to Exercise Your Rights: Email validraft@gmail.com with the subject line "DPDP Rights Request โ [Your Name]". We will acknowledge within 5 business days and respond fully within 30 days. Identity verification may be required.
Limitation: Rights to erasure and consent withdrawal cannot override our statutory obligations. Where Indian law requires data retention (MCA/GST filings, AML records), erasure is not applicable until the statutory period expires.
10 ๐ถ Children's Privacy
Validraft's services are exclusively directed at adults aged 18 years and above. We do not knowingly collect personal data from persons under 18 years of age.
Under the DPDP Act, 2023, a "child" is defined as any individual under 18 years. Processing of children's data requires verifiable parental consent, which our current service model does not accommodate. If you believe a minor has submitted data to our platform, contact our Grievance Officer immediately for deletion.
11 ๐ Third-Party Services & Links
Our website may contain links to external platforms including government portals (mca.gov.in, gst.gov.in, ipindia.gov.in) and our sister platform dailybusinessnews.in.
โ ๏ธ Validraft is not responsible for the privacy practices of third-party websites. Once you click an external link, you are subject to that site's own privacy policy. Read external privacy policies before submitting personal data.
Third-party tools currently integrated on validraft.in:
- Google Analytics 4 โ Website usage analytics (Google LLC, USA)
- WordPress (Self-Hosted) โ Content management platform
- Elementor โ Page builder plugin
- WhatsApp Business โ Client communication channel
12 ๐ Changes to This Privacy Policy
Validraft reserves the right to update this Privacy Policy at any time to reflect changes in applicable law, our service offerings, or operational practices. The updated policy will be published on this page with a revised "Last Updated" date.
For material changes that significantly affect your rights or how we use your data, we will provide notice via email or a prominent website notification at least 14 days before the changes take effect.
โน๏ธ Your continued use of validraft.in after the effective date of any policy update constitutes acceptance of the revised Privacy Policy. If you do not agree to the updated terms, you must discontinue use of our services.
13 ๐ฌ Grievance Officer & Contact
As required under Rule 5(9) of the IT (SPDI) Rules, 2011 and the DPDP Act, 2023, Validraft has designated a Grievance Officer to address all privacy-related complaints and data requests.
โ๏ธ Grievance Officer
Name: Validraft Compliance Team
Designation: Data Protection Officer
Email: validraft@gmail.com
Phone: +91 70618 60313
Response Time: Within 30 days of receipt
๐ข Registered Address
Corporate Office:
Validraft
Siliguri, West Bengal โ 734003
Registered Office:
Validraft
Gopalganj, Bihar โ 841428
Contact Page:
validraft.in/contact-us
If your grievance is not resolved within 30 days, you may escalate to the Data Protection Board of India once constituted under the DPDP Act, 2023, or approach a court of competent jurisdiction in India.
Questions About Your Privacy?
Our compliance team responds to all data-related queries within 5 business days.
We are committed to your right to know, correct, and control your data.
๐ฌ Contact Our Team โ View Our Services