Trust & Safety
Your Data is Safer With Us
Bank-grade security, government-authorised processes, and transparent data practices. Here's how we protect our clients' data.
Security Certifications
ISO 27001 Certified
Our information security management system is independently audited and certified to the ISO 27001:2022 standard. Annual surveillance audits ensure continuous compliance.
Authorised ERI
TaxEasyy is an authorised E-Return Intermediary (ERI) registered with the Income Tax Department of India. All ITR filings are transmitted through secured government channels.
256-bit SSL Encryption
All data in transit is protected by TLS 1.3 with 256-bit AES encryption. Data at rest is encrypted using AES-256-GCM with keys managed in AWS KMS.
CERT-In Compliant
We comply with all directives issued by the Indian Computer Emergency Response Team (CERT-In), including incident reporting, vulnerability disclosure, and log retention policies.
Data Practices
Data Residency
All user data is stored exclusively in AWS Mumbai (ap-south-1) region. No data leaves Indian borders. Backups are geo-replicated within India.
Privacy by Design
We collect only the minimum data required for tax filing. PAN numbers and Aadhaar details are tokenised and never stored in plain text. You can request complete data deletion at any time.
Regular Audits
We conduct quarterly vulnerability assessments and annual penetration testing by CERT-In empanelled auditors. Bug bounty programme rewards responsible disclosure.
Regulatory Compliance
Fully compliant with the Digital Personal Data Protection Act (DPDPA) 2023, IT Act 2000, and RBI data localisation norms for financial data.
Compliance at a Glance
For security concerns or vulnerability reports, contact security@taxeasyy.in