๐ Privacy & Data Protection
Your data,
your control.
We built Sarasnidhi on a simple principle โ your financial data belongs to you. Here's exactly what we collect, why, and how we protect it.
๐
Effective: May 2, 2026๐ข Tapa Retail (OPC) Pvt. Ltd.๐ง cc@taparetail.in
This Privacy Policy explains how Tapa Retail (OPC) Private Limited (CIN: U52390OR2022OPC040121, Startup India: DIPP125574) operating as Sarasnidhi collects, uses, and protects your personal information when you use our platform at sarasnidhi.in. By using Sarasnidhi, you agree to this policy.
Account Information
Email address, name, and password when you create an account.
Broker Data
Portfolio holdings, transaction history, and P&L data fetched via Zerodha Kite Connect OAuth. We never store your broker password.
KYC Data
PAN number (verified via Setu/NSDL). We store only your PAN and verified name โ never raw Aadhaar data.
Usage Data
Pages visited, features used, and device/browser information to improve the product.
Portfolio Intelligence
To provide AI-powered analysis, tax calculations, and investment insights personalised to your holdings.
Tax Reporting
STCG/LTCG calculations use your Zerodha trade history. Reports are generated on-demand and not stored permanently.
Service Improvement
Usage analytics help us improve features. We never sell your data to advertisers.
Communication
Important account updates, OTP emails, and billing notifications via Resend (noreply@sarasnidhi.in).
Zerodha Kite Connect
OAuth token used to fetch your portfolio. Your Kite credentials are never shared with us.
Setu (NSDL)
PAN verification API. Only the verification result is stored โ not the raw API response.
Razorpay
Payment processing. We store only your subscription status, not card details.
Supabase
Authentication and database (EU/US servers). Data encrypted at rest and in transit.
No Sale of Data
We never sell, rent, or share your personal data with third-party advertisers or data brokers.
Encryption
All data transmitted over TLS 1.3. Broker access tokens encrypted at rest using AES-256.
Access Control
Role-based admin access with TOTP 2FA. Audit logs maintained for all admin actions.
Session Security
Supabase ECC P-256 JWTs with short expiry. Sessions invalidated on sign-out.
No Password Storage
Zerodha login via OAuth โ we never receive or store your broker password.
Access
Request a copy of all personal data we hold about you.
Deletion
Request deletion of your account and all associated data. Email cc@taparetail.in.
Correction
Update incorrect personal information via Settings or by contacting us.
Portability
Export your portfolio data and tax reports at any time from the dashboard.