Privacy Policy

Last updated: June 2026  ·  Effective immediately

1. Introduction

PayMyGST ("we", "our", or "us") is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your data when you use our platform.

By using PayMyGST, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

We collect the following types of information:

• Account information: Name, email address, mobile number, and firm/business name provided during registration
• Gmail access: Read-only access to your Gmail account, strictly limited to identifying and reading GST portal OTP emails
• Usage data: Log data, IP addresses, browser type, pages visited, and timestamps
• GST data: GSTIN numbers and associated OTP activity for the purpose of filing assistance

3. How We Use Your Information

• To capture and display GST portal OTPs to your authorised Chartered Accountant
• To create and manage your account on the PayMyGST platform
• To communicate with you about your account and our services
• To improve, personalise, and expand our services
• To comply with legal obligations applicable in India

4. Gmail Access — Scope and Limitations

PayMyGST uses Google OAuth 2.0 to request read-only access to your Gmail account. This access is strictly scoped to identifying emails from the GST portal that contain OTP codes.

• We do not read, store, or process any non-GST emails
• We do not send emails on your behalf
• We do not delete or modify any emails
• You can revoke this access at any time via your Google Account settings

Our use of Gmail data complies with Google's API Services User Data Policy, including the Limited Use requirements.

5. Data Sharing

We do not sell, trade, or rent your personal data to third parties. We may share data only in the following limited circumstances:

• With your authorised CA who manages your GST filings through PayMyGST
• With service providers who assist in operating our platform (under strict confidentiality agreements)
• When required by law, court order, or governmental authority in India

6. Data Security

We implement industry-standard security measures including encryption in transit (TLS), access controls, and regular security audits. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide our services. OTP data is automatically purged after use. You may request deletion of your account and associated data by contacting us at karthik@vectra-pay.com.

8. Your Rights

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your account and data
• Withdraw Gmail access at any time
• Lodge a complaint with relevant data protection authorities

9. Children's Privacy

PayMyGST is not directed to individuals under the age of 18. We do not knowingly collect personal data from minors.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new policy on this page and updating the "Last updated" date.

11. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Email: karthik@vectra-pay.com