Anagha Solutions logo

Legal

Privacy Policy

Last updated: 08 May 2026

This Privacy Policy explains how Anagha Solutions ("we", "us", "our"), the operator of www.vittro.in and the Vittro™ Business Suite ("Vittro", "Service"), collects, uses, stores and discloses personal data of visitors and customers ("you", "user"). It is published in accordance with the Digital Personal Data Protection Act, 2023 ("DPDP Act"), the Information Technology Act, 2000 and the IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011.

1. Data Fiduciary

Anagha Solutions is the Data Fiduciary for personal data processed through Vittro. Registered office, entity type and statutory identifiers are published in the website footer.

2. Personal data we collect

  • Identity & contact data: name, email, phone, company name, GSTIN, designation.
  • Account data: login credentials (password is stored hashed), authentication tokens, role and product entitlements.
  • Service data: data you upload to or generate within Vittro (books, GST data, payroll inputs, client records, documents).
  • Technical data: IP address, browser type, device identifiers, pages visited and timestamps for security and analytics.

3. Purposes & lawful basis

  • Providing and supporting Vittro products you have engaged us for.
  • Account creation, authentication, billing and customer communication.
  • Compliance with applicable Indian laws, including the GST law, Income-tax Act, 1961 and labour statutes, where you instruct us to file or prepare such records on your behalf.
  • Improving the Service, security monitoring and fraud prevention.

Processing is carried out on the basis of your consent and/or legitimate use as permitted under the DPDP Act.

4. Sharing & disclosure

We do not sell personal data. We may share data only with:

  • Sub-processors (cloud hosting, email, payment gateway) bound by confidentiality and data-protection obligations.
  • Statutory authorities, where required by law or a valid legal order.
  • Your authorised users within your organisation.

5. Data retention

We retain personal and service data for as long as your engagement is active and thereafter only for the period needed to comply with statutory record-keeping (e.g. eight years under Sec 36 of the CGST Act, 2017 and Rule 6F of the Income-tax Rules, 1962, where applicable). On expiry, data is deleted or anonymised.

6. Security

We follow reasonable security practices including encryption in transit, role-based access, audit logging and least-privilege principles. No system is, however, immune to all risks; you remain responsible for safeguarding your account credentials.

7. Your rights as a Data Principal

  • Right to access, correct, complete and erase your personal data.
  • Right to nominate a representative to exercise your rights.
  • Right to withdraw consent at any time, subject to legal retention.
  • Right to grievance redressal — see Section 9.

8. Cookies & analytics

We use minimal cookies essential for authentication and session management, and may use privacy-respecting analytics to understand site usage. You may disable cookies in your browser; some features may not work as intended.

9. Grievance Officer

In line with Sec 8(9) of the DPDP Act and Rule 5(9) of the IT Rules, 2011, complaints may be addressed to:

  • Name: [Grievance Officer Name — TBD]
  • Email: Info@vittro.in
  • Phone: +91 63648 76344
  • Address: Anagha Solutions, Bengaluru, Karnataka, India

We will acknowledge complaints within 48 hours and resolve them within 30 days.

10. Changes to this policy

We may update this policy from time to time. The "Last updated" date above reflects the latest revision. Material changes will be notified by email or in-app notice.