Privacy Policy — CA Kedia Client Portal

Effective date: 16 June 2026
App name: CA Kedia — Client Portal
Developer: Aayush Kedia & Company, Chartered Accountants
Contact: info@cakedia.com

1. Who We Are

CA Kedia is the client and staff portal application of Aayush Kedia & Company, a Chartered Accountancy firm registered under the Institute of Chartered Accountants of India (ICAI FRN 157551W), with its registered office at 1013 Ground Floor, Ambaji Textile Market, Near Kamela Darwaja, Ring Road, Surat 395002, Gujarat, India.

The app serves two types of users: clients (who manage documents, KYC, invoices, deadlines and messages) and staff members of the firm (who additionally use attendance and HR features). The data accessed differs by user type, as described below.

2. Data We Access and Collect

We collect only the data necessary to provide the portal service. The categories below comprehensively describe all data the app accesses or collects, why, and when.

Data typeWhy we access / collect itWhen
Location (precise GPS) Accessed only by staff members to mark attendance (check-in / check-out). We capture the device's GPS coordinates to confirm the staff member is physically at the designated work location, measure the distance from the office, and detect mock / spoofed GPS to prevent fraudulent attendance. Coordinates are converted to a readable "Area, City" label for display. Location is not collected in the background, is not used for advertising or tracking, and is not collected for client users or on the web version of the app. Foreground only, at the moment a staff member taps Check-in or Check-out.
Camera & face data Staff attendance uses the front camera for face verification, with a blink/liveness check to confirm a live person. A numeric face representation is compared on the device to verify identity. The camera is also used by clients and staff to scan and photograph documents for KYC and uploads. We do not sell or share biometric data. Foreground only, during attendance face verification or document scanning.
Identity & KYC documents For clients who choose to complete KYC: identity documents and their numbers (e.g. PAN, Aadhaar) and financial documents you upload, used to provide chartered-accountancy services. Document numbers are masked in the interface. KYC is gated behind an explicit, recorded consent screen that you may decline. Only when you choose to upload them.
Account information Email address and password (stored securely via Firebase Authentication), and your name and client reference, used to authenticate you and provide secure access. At sign-up, login and profile updates.
Files & documents Documents, invoices, photos and files uploaded by you or by the firm for your review, stored securely and accessible only to you and the firm. When uploaded.
Device & security information Device push token (for notifications), device identifiers/fingerprint and OS/app version, used for push delivery, security (administrator device binding, mock-GPS/fraud detection) and crash diagnostics. During use of the app.
Microphone Optional voice-to-text input for search/notes, used only if you actively use that feature. Only while you use voice input.
Usage & crash data Session duration, feature usage and anonymised crash reports (Firebase Crashlytics), used to maintain and improve the app. During use of the app.

3. App Permissions

You may deny or revoke any permission in your device settings; the related feature will simply be unavailable, and the rest of the app will continue to work.

4. How We Use Your Data

We do not sell, rent, or share your data with any third party for marketing or advertising purposes.

5. Data Storage, Sharing and Security

Data is stored on Google Firebase infrastructure and is encrypted in transit (TLS) and at rest. Access is restricted by authentication and server-side security rules enforcing least-privilege access. Location coordinates collected for attendance are stored in the firm's attendance records and are visible only to the relevant staff member and authorised administrators — never to advertisers or unrelated third parties. Biometric face verification is processed on your device.

We use the following trusted processors solely to operate the app:

6. Data Retention

Your data is retained for as long as you have an active relationship with Aayush Kedia & Company. Upon written request to info@cakedia.com, we will delete your account and associated data within 30 days, except where retention is required by law (e.g. the Income Tax Act requires financial records to be maintained for a minimum of 6 years).

7. Your Rights and Account Deletion

You have the right to:

To exercise these rights or request account deletion, email info@cakedia.com from your registered address.

8. Children's Privacy

This app is intended for adults (18+) with an existing engagement with the firm, and for the firm's staff. We do not knowingly collect data from children under 18. If you believe a child has provided personal data, contact us immediately.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will reflect significant changes by updating the effective date above and, where appropriate, notifying you via the app or by email.

10. Contact

For any privacy-related queries:
Aayush Kedia & Company
1013 Ground Floor, Ambaji Textile Market, Near Kamela Darwaja, Ring Road, Surat 395002
Email: info@cakedia.com
Phone: 0261 3517354