Your privacy is fundamental to how we operate. At RVA, we handle some of the most sensitive personal and financial information a person can share. We take that responsibility seriously. This Policy explains exactly what we collect, why we collect it, and what we do — and don't do — with it.
Who We Are
RV and Associates ("RVA", "we", "us", "our") is a Partnership Firm registered in India, providing online consultation services in cybercrime (specifically frozen bank account resolution) and tax compliance (GST, income tax, ROC). Our registered contact details are:
WhatsApp / Phone: +91 73827 41666
Email: rvavja@gmail.com
Website: rvandassociates.com
For the purposes of this Privacy Policy, RVA is the Data Fiduciary as defined under the Digital Personal Data Protection Act, 2023 (DPDPA) and associated rules.
What This Policy Covers
This Privacy Policy applies to all personal data collected by RVA through:
Our website at rvandassociates.com and any associated subpages
WhatsApp communications initiated by or with prospective or active clients
Email correspondence
Telephone calls
Physical or digital documents submitted by clients during consultation engagements
It does not apply to third-party websites or platforms that may be linked from our website. We encourage you to review the privacy policies of any third-party services you interact with.
This Policy should be read alongside our Terms of Service.
Information We Collect
The personal data we collect depends on whether you are a visitor to our website or an engaged client. The table below summarises the categories of data we may collect:
Category | Specific Data Points | Source |
|---|---|---|
Identity Data | Full name, date of birth (where required) | Provided directly by client |
KYC Documents | Aadhaar card, PAN card, passport-size photograph | Provided directly by client |
Financial Data | Bank statements of the frozen account, bank account details (number, IFSC, branch) | Provided directly by client |
Case Documentation | Cybercrime acknowledgement letter from the bank, written declaration from the client, screenshots and transaction histories relevant to the case | Provided directly by client |
Contact Data | WhatsApp number, phone number, email address | Provided directly by client |
Communication Data | Contents of WhatsApp messages, emails, and call notes relevant to your case | Collected during correspondence |
Tax & Business Data | GSTIN, income details, TDS certificates, business registration documents (for tax consultation clients) | Provided directly by client |
Website Usage Data | IP address, browser type, pages visited, time on site (collected via cookies and analytics tools) | Collected automatically |
Sensitive Personal Data: Aadhaar numbers, PAN, bank account details, and financial information constitute sensitive personal data under Indian law. We collect this data only where strictly necessary for the purpose of resolving your case and with your informed consent.
We do not collect data that is unnecessary for the purposes stated in this Policy. We do not collect biometric data, medical data, or political/religious affiliation data.
How We Use Your Information
Your personal data is used strictly for the following purposes:
Case Assessment: To evaluate your situation during the initial free consultation and determine whether RVA can assist you
Consultation Delivery: To provide the consultation services you have engaged us for, including document preparation, case strategy formulation, and police station representation
Document Preparation: To prepare declarations, representations, NOC application documents, and other materials required for your case
Regulatory Submission: To submit necessary documents to relevant police authorities, banks, or regulatory bodies on your behalf, as directed by you
Tax Filing & Compliance: To file GST returns, income tax returns, TDS returns, ROC documents, and respond to notices on your behalf (for tax consultation clients)
Communication: To contact you regarding your case, request additional documents, provide updates, and answer queries
Fee Processing: To record and acknowledge payments made for our services
Legal Compliance: To comply with applicable laws, court orders, or regulatory directions
Service Improvement: Aggregate, anonymised, non-identifiable data may be used to improve our consultation processes and understand general case patterns
We do not use your personal data for marketing, profiling, advertising, or any purpose outside those listed above without your explicit consent.
Legal Basis for Processing Your Data
Under the Digital Personal Data Protection Act, 2023 (DPDPA) and applicable Indian law, RVA processes your personal data on the following legal bases:
Consent: You provide explicit consent when you engage with our services and submit your personal documents and information. You have the right to withdraw this consent at any time (see Section 10).
Contractual Necessity: Processing is necessary to fulfil our obligations under the consultation engagement you have entered into with us.
Legitimate Interests: RVA has a legitimate interest in maintaining records of engagements for quality assurance and case management purposes, where such interests are not overridden by your data protection rights.
Legal Obligation: We may process and retain data where required to comply with applicable Indian law, including tax laws, anti-money laundering regulations, and orders of competent courts or authorities.
How We Share Your Information
RVA does not sell, rent, trade, or otherwise commercially disclose your personal data to any third party. We may share your information only in the following strictly limited circumstances:
Relevant Authorities (with your direction): Police stations, cybercrime cells, banks, GST authorities, income tax departments, the Ministry of Corporate Affairs (ROC), or other regulatory bodies — solely for the purpose of resolving your case
Legal Obligations: Where required by a court order, summons, or direction from a competent government authority under Indian law
Professional Advisors: In rare circumstances, confidential information may be shared with licensed legal professionals assisting RVA in complex case matters, bound by professional confidentiality obligations
With Your Explicit Consent: Any other sharing will only occur with your prior written consent
When sharing data with authorities, RVA shares only the minimum information necessary for the specific purpose, and only to the extent authorised by you as part of your engagement.
All parties with whom RVA shares data are required to handle it with equivalent standards of confidentiality and security.
WhatsApp & Digital Communications
RVA uses WhatsApp as its primary channel of client communication. By initiating contact with RVA via WhatsApp, you acknowledge the following:
WhatsApp is a third-party platform operated by Meta Platforms, Inc. and is subject to Meta's own privacy policies and terms. RVA has no control over WhatsApp's data handling practices.
Messages exchanged on WhatsApp are end-to-end encrypted by default (for personal chats). However, we recommend that you exercise caution when sharing highly sensitive documents over any digital channel.
RVA retains records of WhatsApp correspondence relevant to your case for internal case management and documentation purposes.
RVA representatives will only contact you from the registered number +91 73827 41666. If you receive messages claiming to be from RVA from any other number, please verify with us directly before responding.
RVA will never request your bank passwords, OTPs, or net banking credentials via WhatsApp or any other channel.
Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, subject to any overriding legal retention requirements:
Active Engagement Records: Retained throughout the duration of your consultation engagement
Post-Engagement Records: Case files and relevant correspondence are retained for a period of 5 (five) years following the conclusion of your engagement. This is to comply with applicable Indian regulatory and tax record-keeping requirements, and to address any future queries regarding resolved matters.
Tax Filing Records: Retained for a minimum of 7 (seven) years from the date of filing, as required under the Income Tax Act, 1961 and GST legislation
Website Usage Data: Retained for a period of up to 12 months from collection
Initial Consultation Data (Non-Engaged): If you contacted RVA but did not proceed with formal engagement, your contact information and initial case details are retained for no more than 90 days and then securely deleted
Upon expiry of the applicable retention period, personal data is securely deleted or anonymised so that it can no longer be linked to any individual.
Data Security
RVA implements reasonable and appropriate technical and organisational measures to protect your personal data from unauthorised access, disclosure, alteration, loss, or destruction. Our security practices include:
Access to client case files is restricted to RVA partners and authorised personnel directly involved in your case
Sensitive documents are stored in access-controlled digital environments
All personnel handling client data are bound by confidentiality obligations
Physical documents, where applicable, are stored securely and disposed of by secure means when no longer required
While we strive to protect your personal data, no method of digital transmission or storage is 100% secure. You share your information with us at your own risk, and we cannot guarantee absolute security. However, in the event of a data breach that poses a risk to your rights and interests, RVA will notify you and the relevant data protection authority as required under the DPDPA.
Your Rights as a Data Principal
Under the Digital Personal Data Protection Act, 2023, you have the following rights in relation to your personal data held by RVA:
Right | Description |
|---|---|
Right to Access | Request a summary of the personal data we hold about you and the purposes for which it is being processed. |
Right to Correction | Request correction of any inaccurate or incomplete personal data we hold about you. |
Right to Erasure | Request deletion of your personal data, subject to any legal obligations that require us to retain it. |
Right to Withdraw Consent | Withdraw your consent to data processing at any time. Withdrawal may affect our ability to continue providing services to you. |
Right to Grievance Redressal | Lodge a complaint with RVA's designated Grievance Officer if you believe your data rights have been violated. |
Right to Nominate | Nominate another individual to exercise your data rights in the event of your death or incapacitation. |
To exercise any of these rights, please contact us at rvavja@gmail.com or via WhatsApp at +91 73827 41666. We will respond to your request within a reasonable timeframe and no later than the period prescribed under applicable law.
If you are dissatisfied with our response, you may escalate your complaint to the Data Protection Board of India once it is constituted under the DPDPA.
Cookies & Website Data
Our website may use cookies and similar tracking technologies to improve your browsing experience and understand how visitors use our site. The types of data we may collect automatically include:
Browser type and version
Pages visited and time spent on each page
Referring URL (how you arrived at our site)
General geographic location (at city or region level, not precise)
Device type (desktop, mobile, tablet)
This data is collected in aggregate and anonymised form and is used solely to understand website performance and improve user experience. It is not linked to your identity.
You may disable cookies through your browser settings at any time. Please note that disabling cookies may affect the functionality of certain features on our website.
RVA does not use retargeting cookies, advertising cookies, or behavioural tracking for marketing purposes.
Minors
RVA's services are intended for individuals aged 18 years and above. We do not knowingly collect personal data from children under the age of 18 without the verifiable consent of a parent or legal guardian.
If you believe that a minor has provided personal information to RVA without appropriate parental consent, please contact us immediately at rvavja@gmail.com and we will take prompt steps to delete such information from our records.
In cases where a minor's account or interest is the subject of a consultation (e.g., a parent acting on a minor's behalf), we require the parent or guardian to be the primary point of contact and to consent to our Privacy Policy on the minor's behalf.
Changes to This Privacy Policy
RVA may update this Privacy Policy from time to time to reflect changes in our practices, applicable law, or regulatory requirements. Any updates will be published on this page with the revised effective date.
For material changes that affect how we process your personal data, we will endeavour to notify active clients via WhatsApp or email prior to the change taking effect.
Your continued engagement with RVA following a revision to this Policy constitutes your acceptance of the updated terms. We recommend reviewing this Policy periodically.
Contact Us & Grievance Officer
For any privacy-related queries, requests to exercise your data rights, or complaints regarding how your personal data is handled, please contact:
Grievance Officer — RV and Associates
Name: Ramsai Varma (Founder)
Email: rvavja@gmail.com
WhatsApp: +91 73827 41666
Phone: +91 73827 41666
We are committed to resolving all privacy-related concerns promptly. You will receive acknowledgement of your complaint within 48 hours, and a substantive response within the timeframe prescribed by applicable Indian law.
Regulatory Authority: Once constituted under the Digital Personal Data Protection Act, 2023, the Data Protection Board of India will serve as the regulatory authority for data protection matters in India. If you are not satisfied with our response to your complaint, you may approach the Board.
