← Back to AgentBooks

Privacy Policy

Effective date: March 19, 2026 · Last updated: March 19, 2026

1. Who We Are

AgentBooks ("we", "our", "us") is a financial management platform operated by AgentBooks Technologies Pvt. Ltd., registered in India. We provide GST filing, invoicing, payroll, and AI-powered financial tools to Indian businesses and CA/CS professionals. Our registered address and Data Protection Officer contact: privacy@agentbooks.in.

2. Data We Collect

  • Identity data: name, email address, WhatsApp/mobile number, PAN, GSTIN
  • Business data: invoices, transactions, GST returns, payroll records, bank statements
  • OAuth profile data: name, email, profile picture from Google or Microsoft when you sign in via those providers
  • Usage data: pages visited, features used, IP address, browser type, device identifiers
  • Communications: support tickets, WhatsApp messages, feedback

3. How We Use Your Data

  • Provide and operate the AgentBooks platform and all its features
  • Authenticate your identity via email/password, Google OAuth, Microsoft OAuth, or WhatsApp OTP
  • File GST returns, generate e-invoices, and submit compliance data to government portals on your behalf
  • Send transactional notifications via email and WhatsApp (OTPs, invoice alerts, compliance reminders)
  • Improve our AI CFO and financial intelligence features using anonymised, aggregated data
  • Comply with Indian tax laws, RBI regulations, and other applicable legal obligations

4. OAuth Sign-In (Google & Microsoft)

When you choose to sign in with Google or Microsoft, we receive your name, email address, and profile picture from those providers under their respective OAuth 2.0 flows. We do not receive your Google or Microsoft passwords. The data shared is governed by:

We use this data solely to create or identify your AgentBooks account. You may revoke access at any time from your Google or Microsoft account settings.

5. WhatsApp OTP Authentication

When you choose WhatsApp OTP login, we send a one-time password to your registered WhatsApp number via the Meta WhatsApp Business API. Your phone number is used only for authentication and transactional notifications. We do not use it for marketing without your explicit consent. WhatsApp data handling is subject to WhatsApp's Privacy Policy.

6. Data Storage & Security

All data is stored on AWS RDS (PostgreSQL) servers located in the ap-south-1 (Mumbai) region. We implement:
  • AES-256 encryption at rest for all database storage
  • TLS 1.3 encryption in transit for all API communications
  • bcrypt password hashing (never stored in plaintext)
  • JWT-based session tokens with 7-day expiry
  • SOC 2 Type II compliant infrastructure controls
  • Role-based access control (RBAC) for all internal systems

7. Data Sharing

We do not sell your personal data. We share data only with:
  • Government portals (GSTN, MCA, IT Department) as required for compliance filings you initiate
  • Payment processors for subscription billing (no financial transaction data is shared)
  • Infrastructure providers (AWS, Vercel) under strict data processing agreements
  • Your authorised CA/CS professional if you grant them access to your account

8. Your Rights (DPDP Act 2023)

Under India's Digital Personal Data Protection Act 2023, you have the right to:
  • Access the personal data we hold about you
  • Correct inaccurate or incomplete personal data
  • Erase your personal data (subject to legal retention requirements)
  • Withdraw consent for data processing at any time
  • Nominate a person to exercise these rights on your behalf
To exercise any right, email privacy@agentbooks.in. We will respond within 30 days.

9. Data Retention

We retain your data for as long as your account is active. Financial records (invoices, GST returns, payroll) are retained for 8 years as required by Indian tax law. After account deletion, personal data is purged within 90 days except where legal retention applies.

10. Cookies

We use essential session cookies (httpOnly, secure) for authentication. We do not use third-party advertising cookies. You can disable cookies in your browser but this will prevent login.

11. Children's Privacy

AgentBooks is a business platform intended for users 18 years and older. We do not knowingly collect data from minors.

12. Changes to This Policy

We may update this policy periodically. We will notify you via email and an in-app banner at least 14 days before material changes take effect.

13. Contact Us

AgentBooks Technologies Pvt. Ltd.
Email: privacy@agentbooks.in
Grievance Officer: Available at agentbooks.in/contact

Privacy Policy — AgentBooks | AgentBooks