Legal
Privacy Policy
Last updated: 27 May 2026 · Turbosoft Technologies
We believe in plain-language privacy policies. This document tells you exactly what we collect, why, and what you can do about it — without burying anything in legalese.
01Overview
Turbosoft Technologies ("we", "us", "our") operates the AutoTally platform — a SaaS product that connects an AI agent to Tally Prime to automate accounting workflows. This Privacy Policy explains what personal data we collect, why we collect it, how we use and protect it, and your rights over it.
By creating an account or using AutoTally, you agree to this policy. If you do not agree, please discontinue use.
02Who We Are
Legal name: Turbosoft Technologies
Registered office: India
Product: AutoTally (autotally.in)
Contact for privacy matters: legal@autotally.in
We operate under Indian law and additionally seek to comply with applicable data protection frameworks in the UAE, GCC region, and other jurisdictions where our users are located.
03Data We Collect
Account data
When you sign up — via email/password or Google OAuth — we collect your name, email address, and authentication credentials (hashed passwords or OAuth tokens). We never see or store your Google account password.
Phone number (verification only)
If you choose to verify your account by phone, we collect your phone number solely to deliver a one-time verification code. Your phone number is not stored on our servers after verification is complete, is not used for marketing, and is not shared with any party other than our messaging service provider for the purpose of OTP delivery.
Documents you upload
When you upload invoices, PDFs, images, Excel or Word files for AI processing, those files are stored on our servers. They are retained so you can view them in the Activity tab as part of your complete audit trail. You may request deletion of specific documents at any time.
Accounting entries & audit log
We retain a record of every voucher created, reversed, or deleted through AutoTally. This includes the ledger names, amounts, voucher type, and the user or AI agent that performed the action. This audit log is core to the product and is not anonymised — it is linked to your account.
AI conversation history
When you use the AI chat assistant, your full conversation history — including your questions and the assistant's responses, which may reference your accounting data — is stored to provide continuity between sessions. Conversation history is retained for the life of your account and deleted within 90 days of account closure.
Accounting knowledge base
To improve AI accuracy for your company, we maintain a summarised knowledge base per company you connect. This includes ledger classifications, recurring accounting patterns, party (debtor/creditor) names and types, and open item summaries. This data is derived from your Tally data and your interactions with the AI assistant. It is stored in our secure cloud infrastructure, used exclusively to provide the Service to you, and deleted within 90 days of account closure.
Tally data (query processing)
When AutoTally fetches data from your local Tally Prime instance via the Bridge App to answer your queries, that data is transmitted to our AI infrastructure for processing. The raw Tally data (ledger masters, balances, transaction history) is not persistently stored in our database beyond the immediate processing window. Summaries and patterns derived from your Tally data may be stored as part of your accounting knowledge base, as described above.
Usage and analytics data
We use an analytics service on our marketing website to understand traffic patterns. This may collect your IP address, browser type, pages visited, and referral source via cookies. You can opt out via your browser's cookie controls or a browser opt-out extension.
Communications
If you contact us or use an in-product feedback form, we collect the content of your message and your email address to respond. We use a third-party email delivery provider to handle these communications.
Billing data
When you subscribe to a paid plan, payment is processed by our payment processor. We do not store your full card number or CVV on our servers. We receive a transaction ID and subscription status from the payment processor.
04How We Use Your Data
We use your data only for the following purposes:
• To provide and operate the AutoTally service — including AI document processing, voucher creation, audit logging, and report generation.
• To authenticate you and maintain the security of your account.
• To display your uploaded documents and accounting history in the Activity tab.
• To process payments and manage your subscription.
• To respond to your support or feedback messages.
• To send transactional emails (account creation, password reset, billing receipts). We do not send promotional emails without your explicit consent.
• To analyse aggregate, anonymised usage of our marketing website via Google Analytics.
• To comply with applicable legal obligations.
05AI Processing
AutoTally uses a proprietary AI pipeline to process your documents and answer accounting queries. When you upload a document or ask a question, the content is transmitted to our AI infrastructure for processing.
We may use different AI infrastructure providers depending on availability and performance requirements. All providers operate under data processing agreements that prohibit use of your data for model training and require equivalent data protection standards.
Your accounting data and uploaded documents are not used to train any AI models by us or any of our infrastructure providers.
AI processing is performed solely to provide the Service to you. Your data may be processed on servers located outside India in connection with this processing. We rely on contractual data protection clauses with all providers to ensure your data is protected.
06Data Storage & Security
Your data is stored on cloud infrastructure with encryption at rest and in transit (TLS 1.2+). We apply role-based access controls, and no employee accesses your accounting data unless required for a verified support request.
Uploaded documents are stored in secure object storage. Audit log entries are stored in an encrypted database.
We implement information security controls aligned with internationally recognised security management standards, including encryption of credentials at rest and in transit, signed software updates, and access control reviews.
Despite our best efforts, no system is completely secure. In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the relevant authorities without undue delay and, where required, within 72 hours of becoming aware of the breach.
07Data Retention
We retain your account data and associated records for as long as your account is active. Upon account closure:
• Account credentials and profile are deleted within 90 days of closure.
• Uploaded documents are deleted within 90 days of closure.
• AI conversation history is deleted within 90 days of closure.
• Accounting knowledge base (derived data) is deleted within 90 days of closure.
• Accounting audit log entries (voucher records) are deleted within 90 days of closure, except where statutory retention is required. Under the GST Act 2017 (CGST Rule 56), Income Tax Act 1961, and Companies Act 2013, we are required to retain financial records for a minimum of 6 to 8 years after the relevant financial period. We will inform you of the applicable statutory retention period when you request deletion.
Tally data used for query processing is not persistently stored in our database beyond the immediate processing window.
08Who We Share Data With
We do not sell your personal data. We do not share your data with advertisers or data brokers.
We share data only with:
• Our AI infrastructure providers — we may use different providers for different processing tasks. All providers are contractually prohibited from using your data for model training and are bound by equivalent data protection obligations.
• Our messaging service provider — for delivering one-time password codes to your phone number where you choose phone verification.
• Our authentication and database infrastructure provider — for secure storage of account data and audit logs.
• Our email delivery provider — for sending transactional messages to our team and to you.
• Our payment processor — for handling subscription payments.
• Our analytics provider — aggregated, anonymised marketing site analytics only.
All third-party providers are contractually bound to protect your data and use it only for the services they provide to us.
09International Users (UAE & Global)
AutoTally is built for global use, with a focus on Indian CAs and businesses in the UAE and wider GCC region. Your data may be stored or processed on servers located outside your country, including in connection with AI processing as described in the "AI Processing" section above.
For Indian users: where your data is transferred outside India for AI processing, we rely on contractual data protection clauses with all providers and your acceptance of this policy as consent to such cross-border processing as permitted under the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules 2011. If you object to your data being processed outside India, contact us at legal@autotally.in to discuss alternatives or to request account closure.
For users in the UAE: we process data in accordance with the UAE Federal Decree-Law No. 45 of 2021 on Personal Data Protection to the extent applicable.
For users in the European Economic Area: we rely on Standard Contractual Clauses (SCCs) for cross-border data transfers where required. This service is designed for businesses and professionals operating primarily under Indian law. If you are located in the EU and believe we hold your personal data, contact us at legal@autotally.in.
We are actively monitoring India's Digital Personal Data Protection (DPDP) Act 2023 implementation and will update our practices accordingly when implementing rules are notified.
10Your Rights
Depending on your jurisdiction, you may have the right to:
• Access the personal data we hold about you.
• Correct inaccurate data.
• Request deletion of your data ("right to be forgotten"), subject to legal retention obligations.
• Restrict or object to certain processing.
• Data portability — receive your audit log and documents in a machine-readable format.
• Withdraw consent for marketing communications at any time.
• Nominate another person to exercise your data rights — in the event of your death or incapacity, you may nominate a person to exercise these rights on your behalf.
To exercise any of these rights, email us at legal@autotally.in. We will respond within 30 days.
11Cookies
Our marketing website uses:
• Essential cookies — required for authentication and session management.
• Analytics cookies — to understand site traffic patterns. These are non-essential and you may opt out via your browser settings.
The AutoTally web application uses session cookies for authentication only. We do not use advertising or tracking cookies inside the product.
12Children
AutoTally is a professional accounting tool intended for use by businesses and accounting professionals. You must be at least 18 years of age to create an account. We do not knowingly collect personal data from individuals under 18. If you believe a minor has created an account, contact us at legal@autotally.in and we will delete the account promptly.
13Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page and, for material changes, notify you by email. Continued use of AutoTally after a change constitutes acceptance of the updated policy.
14Grievance Officer
In accordance with the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules 2011, we have designated a Grievance Officer for privacy-related complaints.
Designation: Grievance Officer
Organisation: Turbosoft Technologies
Email: support@autotally.in (Subject line: Privacy Grievance)
We will acknowledge your grievance within 7 days of receipt and endeavour to resolve it within 30 days. If you are not satisfied with our resolution, you may raise the matter with the relevant data protection authority.