Legal

Privacy Policy

This Privacy Policy describes how Lexmify Technologies Pvt Ltd ("Lexmify", "we", "us", or "our") collects, uses, stores, and protects your personal information when you access and use our enterprise governance platform.

Effective Date: 1 January 2026·Last Updated: 1 March 2026
1

Information We Collect

We collect information you provide directly to us, such as when you create an account, use our services, or contact us for support. This includes:

Account Information: Name, email address, phone number, firm name, GST number, PAN, and other professional identification details.
Usage Data: Information on how you interact with our platform, including pages viewed, features used, compliance tasks created, and documents uploaded.
Financial Information: Billing details, invoicing data, and transaction records processed through our payment gateway (Razorpay). We do not store raw card data.
Documents and Files: Compliance forms, board meeting documents, MCA filings, and other files you upload to our platform.
Device and Log Data: IP addresses, browser information, operating system, and access timestamps for security and troubleshooting purposes.
2

How We Use Your Information

We use collected information for the following purposes:

Service Delivery: To provide, operate, and maintain our enterprise governance and compliance platform.
Compliance Automation: To generate compliance calendars, send deadline reminders, and auto-fill statutory forms using your company data.
AI Features: To power the Lexmify AI Secretary, Copilot, and report generation features. AI processing is done securely via OpenAI APIs with your data treated as confidential.
Security: To detect fraud, abuse, and unauthorized access to protect your account and your clients' data.
Customer Support: To respond to your inquiries, resolve disputes, and improve our services.
Product Improvement: To analyze usage patterns and improve platform features (using anonymized, aggregated data only).
Legal Obligations: To comply with applicable Indian laws including the Digital Personal Data Protection Act, 2023 (DPDPA), Companies Act 2013, and Income Tax regulations.
3

Data Storage and Security

We take data security extremely seriously and employ industry-leading measures to protect your information:

Encryption: All data is encrypted at rest using AES-256 and in transit using TLS 1.3.
Infrastructure: Data is hosted on AWS Mumbai region (ap-south-1) with multi-AZ redundancy and automated daily backups.
Access Controls: Strict role-based access controls (RBAC) ensure only authorized personnel within your firm can access client data.
Audit Logs: Every action on the platform is logged with user, timestamp, and IP address for complete auditability.
Compliance: Lexmify is designed to comply with SOC 2 principles and the Indian DPDPA 2023.
Penetration Testing: Our infrastructure undergoes quarterly security assessments by certified professionals.
4

Data Sharing and Third Parties

We do not sell your personal data. We share information only in the following circumstances:

Service Providers: With trusted third-party vendors who assist us in operating our platform, such as AWS (cloud hosting), OpenAI (AI features), Razorpay (payments), Twilio (SMS notifications), and eMudhra (digital signatures). All vendors are contractually bound to appropriate data protection standards.
Government Portals: When you initiate MCA, GST, or Income Tax filings, data is transmitted directly to the respective government portals (MCA21, GSTN, IT e-File) as per your instructions.
Legal Requirements: When required by Indian law, court order, or regulatory authority — such as SEBI, MCA, Income Tax Department, or law enforcement agencies with valid legal process.
Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred with appropriate notice and protections.
5

Your Rights Under DPDPA 2023

Under the Digital Personal Data Protection Act, 2023 (India), you have the following rights:

Right of Access: You may request a summary of your personal data processed by us.
Right to Correction: You may request correction of inaccurate or incomplete personal data.
Right to Erasure: You may request erasure of personal data that is no longer necessary (subject to legal retention requirements).
Right to Grievance Redressal: You may raise a complaint with our Data Protection Officer if you believe your rights are being violated.
Right to Nominate: You may nominate a person to exercise your data rights on your behalf in the event of death or incapacity.

To exercise any of these rights, please contact us at: privacy@Lexmify.com

6

Data Retention

We retain your personal data as long as necessary to provide our services, comply with legal obligations, resolve disputes, and enforce agreements:

Active Account Data: Retained for the duration of your subscription plus 2 years.
Compliance Documents: Retained for 8 years from the date of filing, in accordance with the Companies Act 2013 and Income Tax Act requirements.
Financial Records: Retained for 7 years as per Indian accounting standards.
Audit Logs: Retained for 5 years.
Deleted Accounts: Upon account closure, personal data is anonymized or securely deleted within 90 days, except where legally mandated to retain.
7

Cookies and Tracking

Lexmify uses cookies and similar technologies to enhance your experience:

Essential Cookies: Required for platform functionality such as authentication sessions and security tokens.
Analytics Cookies: Used to understand how users interact with our platform to improve features (anonymized).
Preference Cookies: To remember your display settings and notification preferences.

You can manage cookie preferences in your browser settings. Disabling essential cookies may affect platform functionality.

8

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or applicable law. When we make material changes:

We will notify you via email at least 14 days before changes take effect.
We will display a prominent notice within the Lexmify platform.
The updated "Last Updated" date at the top of this policy will be revised accordingly.

Your continued use of the platform after the effective date constitutes acceptance of the updated policy.

9

Contact Us

For any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact:

Data Protection Officer

Lexmify Technologies Pvt Ltd

Mumbai · Delhi · Bengaluru

📧 Email: privacy@Lexmify.com

📧 Support: support@Lexmify.com

📞 Phone: +91 98765 43210

🕐 Business Hours: Monday–Friday, 9:00 AM – 6:00 PM IST

We will respond to all privacy-related requests within 30 days.

© 2026 Lexmify Technologies Pvt Ltd. All rights reserved.
Privacy PolicyTerms of ServiceBack to Home