Last updated · April 19, 2026
Privacy Policy
This policy explains what data CA Manager collects when you and your team use the service, why we collect it, who we share it with, and the choices you have. We wrote it in plain language on purpose — the more you understand, the better you can decide whether we are the right fit for your practice.
1. Who we are
CA Manager (“we”, “us”, “the service”) is a software-as-a-service platform for Indian Chartered Accountants and their firms. We help practices manage clients, collect records over WhatsApp, issue invoices, assign tasks to teammates, and track work. You can reach us at hello@camanager.in.
2. Information we collect
2.1 Information you give us directly
- Account details: firm name, your name, email address, phone number, GSTIN (optional), and a password you set. For team members you add, the same fields plus their assigned role.
- Client (party) details:names, mobile numbers, email addresses, PAN / GSTIN, addresses, and authorised persons your clients nominate. You are the controller of this data — we process it on your behalf.
- Records and documents:files you or your clients upload — invoices, bank statements, Form 16s, ITR copies, balance sheets, and any other documents you choose to store.
- Billing information:invoice numbers, amounts billed, payments recorded against invoices. We do NOT store your debit/credit card or UPI details — those go directly to our payment processor (see Section 5).
- Support correspondence: emails, chat messages or tickets you send us.
2.2 Information we collect automatically
- Usage data: pages you view, features you click, and approximate timing. Used to improve the product and spot bugs.
- Device and log data: IP address, browser type and version, operating system, and the URL that referred you.
- Cookies: a small number of essential cookies to keep you signed in. We do not use advertising or cross-site tracking cookies.
3. How we use your information
- Provide, maintain and improve the service.
- Authenticate you, your teammates, and your clients when they access shared record requests.
- Send WhatsApp messages on your behalf to clients you have added to your firm, containing requests for specific records.
- Generate invoices, receipts, and reminders for amounts owed to your firm.
- Process subscription payments for your CA Manager plan.
- Send operational emails (password resets, invoice receipts, plan changes). We do not send marketing emails without your consent.
- Comply with applicable laws and respond to lawful requests from authorities.
4. Lawful basis for processing
We process your data to perform the contract between you and CA Manager (your subscription) and, where applicable, to comply with legal obligations. For client records you upload, you act as data controller and we act as data processor — you are responsible for telling your clients their data is stored with us.
5. Third-party services (data processors)
We rely on a small set of trusted vendors to run the service. Each of them processes a specific slice of data and is bound by confidentiality and security obligations.
| Vendor | Purpose | Data shared |
|---|---|---|
| Cloudflare R2 | Object storage for uploaded records | Files you upload; file metadata |
| Meta (WhatsApp Cloud API) | Send record requests to your clients | Client name, mobile number, message body, requested record name |
| Razorpay | Process your subscription payments | Your name, email, amount, payment method details (handled entirely by Razorpay) |
| Brevo (Sendinblue) | Transactional email (password reset, receipts, invites) | Email address, message body |
| Hosting infrastructure | Run the application and database | All application data, encrypted at rest |
We do not sell your data or share it with advertisers. We do not share your clients' information with anyone outside the vendors listed above, except to comply with a binding legal order.
6. How we protect your data
- Encryption in transit: every connection to CA Manager is over HTTPS/TLS 1.2+.
- Encryption at rest: files and database records are encrypted on disk by our storage providers.
- Sensitive credentials: integration secrets you store in your firm settings (e.g. WhatsApp access tokens) are encrypted with an application-level key before being written to the database.
- Access control:only you and the team members you invite can see your firm's data. Our staff access production systems only when strictly necessary (e.g. to respond to a support request) and each access is logged.
- Backups: we take routine encrypted infrastructure backups for disaster recovery only. Backups are not accessed for any other purpose.
No service on the internet is 100% secure. If you believe your account has been compromised, email us immediately at hello@camanager.in.
7. How long we keep your data
- While your subscription is active: we keep your data to provide the service.
- When you delete your account or cancel:we delete your data from our systems promptly. We do not retain copies for reactivation — please export anything you want to keep before cancelling.
- Invoices we issued to you: copies of invoices and payment records that we issued to you are kept for the period required by Indian tax and accounting law. These contain only your billing details, not your parties or their records.
8. Your rights
Under applicable Indian data protection laws you can:
- Ask for a copy of the personal data we hold about you.
- Ask us to correct any data that is inaccurate.
- Ask us to delete your account and your firm's data.
- Ask us to stop sending you a particular type of email.
- Export your records and client list at any time.
To exercise any of these rights, email us at hello@camanager.in from the address associated with your account. We will respond within 30 days.
9. Data stored about your clients
When you add a party to CA Manager and upload their records, you are processing their personal data under your own professional obligations as a Chartered Accountant. You are responsible for telling your clients that their records are stored with CA Manager and for obtaining any consent their situation requires. We will process that data only on your documented instructions and only for the purposes set out in this policy.
10. Children
CA Manager is for professional use by Chartered Accountants and their firms. The service is not directed at children under 18. We do not knowingly collect personal data from anyone under 18.
11. Changes to this policy
We will update this page when our practices change. The “Last updated” date at the top of this page will reflect when any change is made. If a change is material (for example, a new type of data we collect, or a new vendor), we will also email all active account owners at least 14 days before the change takes effect.
12. Contact
Questions about this policy or how we handle your data? hello@camanager.in is the fastest way to reach us.