RECONDESK

Last updated: May 2026

Privacy Policy

1. Introduction

ReconDesk is an online GST reconciliation software-as-a-service that helps Chartered Accountant (CA) firms in India compare GSTR-2B data against purchase registers and identify invoice-level matches and mismatches. The service is operated by Omkar Rajendra Kadam as a sole proprietorship, with operations registered in Hadapsar, Pune, Maharashtra.

This Privacy Policy applies to the website recondesk.in and all related websites, applications, and services offered by ReconDesk ("ReconDesk", "we", "us", or "our"). By using ReconDesk, you acknowledge that you have read this policy.

2. Information We Collect

  • Account information: name, email address, firm name, phone number, and similar profile details you provide when registering or updating your account.
  • GST and reconciliation data: GSTR-2B JSON files, purchase register files (including Excel or CSV exports from tools such as Tally or Busy), client GSTINs, and derived reconciliation outputs (match/mismatch results, summaries, and audit-related metadata associated with runs you initiate).
  • Usage data: reconciliation runs you create, timestamps of logins and material actions, and audit logs we maintain for security and compliance.
  • Payment data: payments for subscriptions are processed by Razorpay. We do not store full payment card numbers or CVV on ReconDesk systems; such data is handled according to Razorpay's standards and policies.

3. How We Use Your Information

  • To perform GSTR-2B versus purchase register reconciliation and generate results for your firm.
  • To create and manage your account, team access, and subscription or entitlements.
  • To send transactional communications (for example, run completion or billing-related notices).
  • To maintain security, prevent abuse, and comply with applicable law.

We do not sell your personal information. We do not share your client or reconciliation data with third parties for their marketing purposes.

4. File Handling & Data Retention

  • Uploaded source files (such as GSTR-2B JSON and purchase register exports) are processed to complete reconciliation and are deleted after processing is complete, in line with our product design and security practices.
  • Reconciliation results, mismatch records, and related account data that you keep in your workspace are retained in your account until you delete them or until account closure, subject to backups and legal holds.
  • After account closure, we may retain certain information (including account and transactional records) for three (3) years where required for legal, regulatory, tax, or dispute-resolution purposes.

5. Data Security

  • We use industry-standard protections including encryption of data at rest (AES-256) and in transit (TLS 1.2+), implemented via our cloud providers.
  • Access within your firm is constrained by product controls (for example, staff may only access clients or data assigned or permitted under your workspace rules).
  • We maintain audit logs for sensitive actions appropriate to a B2B reconciliation product serving CA firms.

6. Your Rights (DPDP Act, 2023)

Where the Digital Personal Data Protection Act, 2023 and applicable rules apply, you may have rights including:

  • Right to access personal data we process about you in connection with ReconDesk.
  • Right to request correction of inaccurate or incomplete personal data.
  • Right to request erasure, including through account deletion, subject to legal retention.
  • Right to grievance redressal as described under applicable law.

To exercise these rights or raise a concern, email contact@recondesk.in. We may need to verify your identity before fulfilling certain requests.

7. Third-Party Services

ReconDesk relies on carefully selected processors, including:

  • Supabase — database, authentication, and related infrastructure. Their handling of data is governed by their documentation and terms.
  • Razorpay — payment acceptance and related payment flows. Payment data is subject to Razorpay's privacy policy and security programme.
  • Cloudflare R2 — temporary storage for uploaded files during processing, where configured for your deployment.

We encourage you to review the privacy policies of these providers for details on their subprocessors and regions.

8. Cookies

We use essential cookies and similar technologies needed to maintain authentication sessions and core security. We do not use advertising or third-party tracking cookies for profiling visitors across unrelated sites.

9. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify registered users by email to the address associated with their account and update the "Last updated" date at the top of this page.

10. Contact

Email: contact@recondesk.in

Address: Hadapsar, Pune, Maharashtra, India

Effective date: May 2026

← Back to home