Security & Trust

Your data, handled with the care it deserves.

Recovering your travel GST means trusting us with sensitive financial information, GSTINs, invoices, travel records. We treat that as the foundation of the engagement, not a compliance checkbox.

Encryption Access control Retention & deletion
Your GSTINs &
travel data
the centre of the perimeter
The perimeter

Three layers, one centre.

Everything we run, every ingest, every match, every report, happens inside these layers. There is no version of the work that steps outside them.

Encryption protects your data as it moves and as it rests. Access control means only the people working your account can see it. Retention and deletion mean it stays exactly as long as agreed, and no longer.

The safeguards

Plainly, what we do.

No aspirational language, no roadmap dressed up as reality, the practices below are how your data is handled today.

Encrypted in transit and at rest

Your data is encrypted as it travels to us and while it's stored with us, the standard your bank holds itself to, applied to your invoices and filings.

Access limited to your account team

Only the people actually working your reconciliation can see your data, access is role-based, granted per engagement, and revoked when it's no longer needed.

Retained as agreed, deleted on request

Your data is kept only for the period the engagement requires. When you ask for it to be deleted, it is, and we confirm when it's done.

An NDA before a single invoice moves

Confidentiality is contractual from the first conversation, signed before you share anything, standard on every engagement.

Purpose, limited

Your data does one job here.

The clearest security promise isn't technical, it's about intent. Here is the complete list of things we do with your data.

01

We reconcile and recover your travel GST

That's the list. Your invoices, filings and travel records are used to find and recover your credit, the service you engaged us for.

02

We never sell it, share it, or mine it

Not to advertisers, not to "partners", not as anonymised trends. Your data isn't a second revenue line, and it never will be.

03

We answer questions before you commit

Your security or IT team wants to review how we work? Good. We'll walk them through it, in whatever depth they need, before any data moves.

Start to finish

The life of your data with us.

01 · Received

Encrypted on arrival

Data reaches us over encrypted channels and is stored encrypted from the first moment.

02 · Worked

Touched only by your team

Reconciliation happens inside the perimeter, by the named people on your account.

03 · Retained

Kept as agreed

Held for the engagement period you've agreed, supporting your audit trail, nothing else.

04 · Deleted

Gone when you say

On request or at engagement end, deleted, with confirmation to you when complete.

Trust in this business isn't won with a certifications wall. It's won the slow way: by handling data carefully, cycle after cycle, and being easy to question. Ask us anything, before you share a thing.

Put your security team on the call.

We're glad to walk them through everything on this page, in depth, before any engagement.