Bill-O-Bill Shastra Solutions
Back to Pricing

Privacy Policy

Last Updated: 19-06-2026

This Privacy Policy describes how Shastra Solutions Private Limited ("we," "us," or "our") collects, uses, stores, processes, protects and shares your personal information when you visit and use our website / payment page, payments.shastra-solutions.com/bill-o-bill (the "Platform" / "Bill-o-Bill").

By using our Platform, you consent to the practices described in this Privacy Policy. This document is published in compliance with the Information Technology Act, 2000, and rules made thereunder, including the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011.

If you do not agree with this Privacy Policy, you must not proceed or use the website, payment page or Bill-o-Bill platform.

1. Company Information

Company Name: Shastra Solutions Private Limited
Product Name: Bill-o-Bill
Website / Payment Page: payments.shastra-solutions.com/bill-o-bill
Registered Office: 201, Jura Palace,. Liberty Garden, Road No. 3, Malad (West), Mumbai 400064, Maharashtra, India.
Email: billobill.accounts@shastra-solutions.com
Phone: 8369927836
CIN: U62020MH2025PTC451953
GSTIN: 27ABQCS6833D1ZZ

2. About Bill-o-Bill

Bill-o-Bill is a digital accounting automation and compliance workflow platform designed for Chartered Accountants, accounting firms, MSMEs, businesses, finance teams and professionals involved in accounting, taxation, reporting, compliance and financial operations.

The platform may include features such as invoicing, expense management, document processing, accounting workflows, reconciliation, compliance support, dashboards, reports, automation tools, AI-assisted suggestions and other related business/accounting tools.

Because of the nature of the platform, users may upload or process business, financial, accounting, tax, client, vendor, employee and compliance-related information through Bill-o-Bill.

3. Scope of this Privacy Policy

This Privacy Policy applies to information collected through:

  • The Bill-o-Bill payment page.
  • The Bill-o-Bill website or landing page.
  • The Bill-o-Bill platform, application, dashboard or software.
  • Payment forms, enquiry forms, onboarding forms and registration forms.
  • Email, phone, WhatsApp, support tickets, demos or business communication.
  • Invoices, proposals, contracts and commercial communications.
  • Product usage, support interactions and platform activity.
  • This Privacy Policy does not apply to third-party websites, applications, platforms or services that are not owned or controlled by Shastra Solutions Private Limited.

4. Information We Collect

We collect information to provide and improve our services to you. The types of information we collect include:

A. Personal Information (PI)

This includes data that can be used to identify you directly. We collect this when you register, place an order, or contact us.

  • Identity Data: Name, date of birth, and gender.
  • Contact Data: Email address, mobile number, and billing/shipping address.
  • Account Data: Username and password (stored encrypted), designation, firm/company name, business name, user role, login credentials, and communication details.
B. Financial and Transaction Data

We collect necessary financial information to complete transactions.

  • Payment Data: Details required to process payments (e.g., credit/debit card details, UPI ID). Note: We do not store full credit card details on our servers; this data is securely handled by third-party payment gateways.
  • Transaction Data: Details about payments to and from you, and other details of products/services you have purchased from us (including Billing name, Billing address, GSTIN, PAN, CIN, Plan selected, Invoice details, and Order ID).
C. Technical and Usage Data

This information is collected automatically when you use the Platform.

  • Technical Data: Internet Protocol (IP) address, browser type and version, time zone setting and location, operating system, and other technology on the devices you use to access the Platform.
  • Usage Data: Information about how you use our Platform, including clickstream data, login activity, page response times, and pages you viewed or searched for.
D. Uploaded Business, Financial and Accounting Data

Depending on your use of the platform, you may upload or process:

  • Invoices, Bills, Receipts.
  • Bank statements, Ledgers, Trial balances, Accounting records.
  • GST data, TDS data, Tax-related documents.
  • PAN or GSTIN details, Client records, Vendor records, Employee records, Expense data, Inventory data, Payroll-related data.
  • Reports, Documents, PDFs, spreadsheets, images and other files.
E. Communication and Support Information

We may collect information when you communicate with us through email, phone, WhatsApp, support tickets, demos, onboarding calls, or feedback/contact forms. This includes queries, requests, feedback, complaints, attachments, screenshots, and communication history.

5. Purpose of Collection and Use

We use the information we collect for various business purposes, mapped as follows:

Purpose Type of Data Used / Description
Service Delivery Process and deliver your orders, manage payments, refunds, and collections.
Communication Send order updates, confirmation, shipping notifications, and respond to your inquiries.
Marketing & Promotions Send promotional emails about new products, special offers, or updates (You can opt-out at any time).
Platform Improvement Analyze Usage Data to improve our website design, product offerings, and user experience.
Security & Legal Protect the Platform from fraud, unauthorized transactions, and ensure compliance with legal obligations.

In addition, we collect and use information for lawful, specific and legitimate purposes, including:

  • Creating and managing user accounts.
  • Processing payments.
  • Issuing invoices and receipts.
  • Activating product access.
  • Providing Bill-o-Bill services.
  • Completing onboarding and setup.
  • Providing customer support.
  • Managing subscriptions, renewals and billing.
  • Enabling accounting, invoicing, expense, reporting and compliance workflows.
  • Processing uploaded documents and business records.
  • Enabling automation, OCR, AI-assisted categorisation, reconciliation and reporting.
  • Improving product accuracy, performance, security and reliability.
  • Maintaining audit logs and security records.
  • Sending service updates and important notifications.
  • Responding to queries, support requests and grievances.
  • Preventing fraud, misuse, unauthorised access and security threats.
  • Complying with applicable laws, tax obligations, accounting requirements, regulatory requests, court orders or legal processes.
  • Enforcing our Terms & Conditions, Refund Policy and other agreements.

Where applicable law requires consent, we process personal data based on consent provided by the user.

By providing information, making payment, creating an account, uploading data or using Bill-o-Bill, you confirm that you have the authority and consent required to provide such information to Shastra Solutions Private Limited.

Where you upload or process data belonging to clients, employees, vendors, customers or third parties, you are responsible for ensuring that you have obtained all necessary consents, approvals, authorisations and legal permissions.

You may withdraw consent by contacting us at billobill.grievance@shastra-solutions.com. However, withdrawal of consent may affect our ability to provide access to Bill-o-Bill or certain features.

Even after withdrawal of consent, we may retain or process certain information where required for legal, tax, accounting, compliance, billing, security, dispute resolution, fraud prevention or legitimate business purposes.

7. Data Ownership

All business data, accounting data, financial data, tax data, uploaded documents, invoices, bank statements, ledgers, reports, prompts, outputs, client records and other information uploaded or processed through Bill-o-Bill shall remain the property of the user or the respective lawful owner of such data.

Shastra Solutions Private Limited does not claim ownership over user data or customer business data uploaded to Bill-o-Bill.

The user grants Shastra Solutions Private Limited a limited right to process such data only for the purpose of providing, operating, securing, supporting and improving Bill-o-Bill and related services.

8. No Sale of Data

Shastra Solutions Private Limited will never sell, rent, trade, license, monetise or commercially exploit user data, customer data, business data, financial data, accounting data, tax data, uploaded documents, prompts or AI outputs to any third party for advertising, marketing, profiling, resale, model resale, third-party training or any unrelated commercial purpose.

We do not sell customer financial, accounting, tax, business or uploaded document data to third parties.

Where third-party service providers are used for hosting, payment processing, communication, infrastructure, analytics, support, security or other service delivery purposes, such providers shall be permitted to process data only to the extent necessary to provide the relevant service.

Such third-party providers are not permitted to use Bill-o-Bill user data for their own independent commercial purposes.

9. AI, Automation and Data Processing

Bill-o-Bill may use automation, OCR, rule-based processing, AI-assisted categorisation, reconciliation logic, document extraction, report generation, workflow automation and other intelligent features.

These features may process uploaded business, financial, accounting, tax and document data to provide platform functionality.

Data may be used to:

  • Extract information from documents.
  • Categorise transactions.
  • Match invoices, bills, bank entries or ledger records.
  • Generate reports.
  • Identify inconsistencies or mismatches.
  • Suggest classifications.
  • Improve workflow accuracy.
  • Improve security and product reliability.

Shastra Solutions Private Limited does not use user data, customer data, uploaded documents, prompts or AI outputs for third-party advertising, third-party profiling, resale or unrelated third-party AI training.

Bill-o-Bill may use aggregated, anonymised or de-identified operational data to improve product performance, workflow accuracy, automation quality, reliability and security, provided such data does not identify a specific user, business, client, GSTIN, PAN, transaction, document or individual.

10. Sharing of Information

We do not sell, rent, or trade your Personal Information. We only share data when necessary for business operations or legal requirements:

  • Service Providers: We share necessary data with third parties who perform services on our behalf, such as payment processors (including PhonePe), courier/logistics providers for order fulfillment, hosting, cloud infrastructure, email/SMS/WhatsApp communication service providers, and IT service providers.
  • Legal Compliance: We may disclose your information if required by law, court order, regulatory request, or governmental regulation, or if we believe such action is necessary to protect and defend the rights or safety of our company, our users, or the public.
  • Business Transfers: In the event of a merger, acquisition, restructuring, investment, or sale of assets, your information may be transferred to the new entity.

We may also share information with professional advisors (such as legal, tax, accounting, audit or compliance consultants) and authorised users within the same account based on user-allocated access permissions.

We do not share information for unauthorised commercial exploitation.

11. Third-Party Services

Bill-o-Bill may rely on third-party service providers for payment processing, hosting, cloud infrastructure, servers, email, SMS, WhatsApp communication, analytics, customer support, security, backups or other operational requirements.

Third-party service providers may process limited information only to the extent required for providing their services.

Third-party websites, payment gateways, integrations or platforms may have their own privacy policies and terms.

Shastra Solutions Private Limited is not responsible for the privacy practices, security practices, policies or actions of third-party websites, gateways or services that are not owned or controlled by us.

Users are advised to review the privacy policies of such third-party service providers where applicable.

12. Data Security

We implement appropriate technical and organizational security measures to protect your Personal Information from unauthorized access, disclosure, alteration, and destruction. These measures include:

  • Encryption (SSL/TLS): Encryption for data transmission.
  • Database Security: Restricted access to our databases for employees and server/application security controls.
  • Administrative Protections: Role-based permissions, password protection, secure transmission protocols, audit logs, monitoring, backups, and regular security reviews.

However, no electronic transmission over the internet or information storage technology can be guaranteed to be 100% secure.

Users are responsible for:

  • Maintaining strong passwords.
  • Keeping login credentials confidential.
  • Restricting internal account access.
  • Using trusted devices and networks.
  • Logging out from shared systems.
  • Ensuring that employees, staff, consultants, clients or representatives use the platform responsibly.
  • Immediately reporting suspected unauthorised access or security incidents.

13. Data Retention

We retain information for as long as necessary to provide services, maintain accounts, process payments, issue invoices, provide support, comply with laws, resolve disputes, maintain business records and enforce agreements.

Certain records may be retained for longer periods where required for:

  • Tax compliance.
  • Accounting records.
  • Audit requirements.
  • Legal obligations.
  • Regulatory requirements.
  • Security logs.
  • Dispute resolution.
  • Fraud prevention.
  • Backup and disaster recovery.

When information is no longer required, we may delete, anonymise, archive or securely restrict access to it in accordance with applicable law and internal policies.

14. User Rights

Under applicable law, you have the right to:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of any inaccurate or incomplete data we hold about you.
  • Deletion: Request the deletion of your personal data, subject to legal retention requirements.
  • Withdraw Consent: Withdraw your consent to the processing of your data at any time (where consent is the basis for processing).

In addition, users may request updating of personal data, information about how personal data is processed, grievance redressal, and nomination of another person to exercise rights where permitted by law.

To exercise any of these rights, please contact us at billobill.grievance@shastra-solutions.com.

We may verify the identity and authority of the person making the request before acting on it.

Some requests may be refused, limited or delayed where retention or processing is required for legal, tax, accounting, compliance, security, dispute resolution or legitimate business purposes.

15. Correction and Updating of Information

Users are responsible for ensuring that the information provided to us is accurate and updated.

If your account information, billing details, contact information, firm details, GSTIN, PAN or other details change, you should update the information or contact us for assistance.

Shastra Solutions Private Limited shall not be responsible for issues arising from incorrect, outdated, incomplete or false information provided by the user.

16. Deletion Requests

Users may request deletion of eligible personal data by contacting us.

Deletion may not be possible where data is required for:

  • Legal compliance.
  • Tax and accounting records.
  • Payment records.
  • Fraud prevention.
  • Security purposes.
  • Dispute resolution.
  • Contractual obligations.
  • Backup and recovery systems.
  • Regulatory requirements.

Where deletion is not immediately possible, we may restrict, archive or retain the data only for necessary purposes.

17. Cookies and Similar Technologies

The website, payment page or platform may use cookies, pixels, local storage, session identifiers or similar technologies.

These may be used to:

  • Maintain user sessions.
  • Improve website performance.
  • Remember preferences.
  • Enable login functionality.
  • Analyse usage.
  • Improve product experience.
  • Track payment flow performance.
  • Improve security.

Users may disable cookies through browser settings. However, disabling cookies may affect website or platform functionality.

18. Children’s Data

Bill-o-Bill is intended for business and professional use and is not directed at children.

Users must not knowingly upload or process personal data of children unless they have lawful authority, valid consent from a parent or lawful guardian where required, and a legitimate business or legal purpose.

If we become aware that children’s personal data has been provided without lawful basis, we may delete or restrict such information.

19. Data of Clients, Employees, Vendors and Third Parties

Users may upload or process data relating to their clients, employees, vendors, customers, consultants or other third parties.

The user is responsible for ensuring that such data is collected, shared and processed lawfully.

The user must ensure that necessary consent, notice, authority and legal basis exist before uploading or processing third-party data through Bill-o-Bill.

Shastra Solutions Private Limited processes such data only as required to provide the platform and related services.

20. Cross-Border Processing

Depending on the services, infrastructure, hosting provider, payment gateway, support tools or communication tools used, data may be processed in India or other jurisdictions.

Where cross-border processing or transfer is applicable, Shastra Solutions Private Limited will take reasonable steps to ensure that such processing is carried out in accordance with applicable law.

Certain categories of data may be stored or processed in India where required by law, contractual obligation or platform policy.

21. Data Breach and Security Incident Communication

If Shastra Solutions Private Limited becomes aware of a personal data breach or security incident affecting user information, we will take reasonable steps to assess, contain and address the incident.

Where required by applicable law, we may notify affected users, regulators, authorities or other relevant parties.

Such communication may include information about the nature of the incident, possible impact, steps taken and contact details for assistance.

Users must immediately inform us if they become aware of any unauthorised access, data breach, credential compromise, suspicious activity or misuse of their Bill-o-Bill account.

22. Marketing Communications

We may send service-related communications such as payment confirmations, invoices, account updates, onboarding messages, product updates, security alerts, support messages, renewal reminders and policy updates.

We may also send marketing, promotional or educational communication where permitted by law or with user consent.

Users may opt out of marketing communication where applicable.

Opting out of marketing communication will not affect important service-related, transactional, legal or security communications.

23. Confidentiality of Business Data

We understand that users may upload sensitive business, financial, accounting, tax and client-related information.

Shastra Solutions Private Limited will take reasonable measures to maintain confidentiality of such information.

Access to user data within our organisation will be restricted to authorised personnel, contractors, vendors or service providers who require access for service delivery, support, security, development, maintenance, compliance or operational purposes.

Such persons may be bound by confidentiality or internal data protection obligations.

24. Aggregated and Anonymised Data

We may use aggregated, anonymised or de-identified data for:

  • Product improvement.
  • Performance analysis.
  • Workflow improvement.
  • Security monitoring.
  • Error detection.
  • Usage trends.
  • Business analytics.
  • Research and development.
  • Automation improvement.

Such data will not identify a specific user, business, client, GSTIN, PAN, document, transaction or individual.

The website, payment page or platform may contain links to third-party websites, payment gateways, service providers, integrations or external resources.

We are not responsible for the content, privacy practices, security practices or policies of such third-party websites or services.

Users should review the applicable privacy policies and terms of those third-party services before using them.

26. Business Transfers

If Shastra Solutions Private Limited is involved in a merger, acquisition, restructuring, investment, sale of assets, business transfer or similar transaction, user information may be transferred as part of that transaction.

In such cases, reasonable steps will be taken to ensure that the recipient handles the information in accordance with applicable confidentiality and data protection obligations.

27. Limitation

While we take reasonable steps to protect information, Shastra Solutions Private Limited shall not be liable for unauthorised access, disclosure, loss or misuse of data caused by:

  • User negligence.
  • Weak passwords.
  • Credential sharing.
  • Compromised devices.
  • Unauthorised internal access by the user’s employees or representatives.
  • Third-party failures.
  • Payment gateway issues.
  • Internet or telecom failures.
  • Force majeure events.
  • Cyberattacks despite reasonable safeguards.
  • Events beyond reasonable control.

28. Grievance Redressal & Contact Us

For any questions, concerns, requests, or grievances regarding this Privacy Policy or your personal data, please contact us at:

Shastra Solutions Private Limited
Email: billobill.accounts@shastra-solutions.com
Phone: 8369927836
Address: 201, Jura Palace, Liberty Garden, Road No. 3, Malad (West), Mumbai 400064, Maharashtra, India.

Grievance Officer Email: billobill.grievance@shastra-solutions.com
Working Hours: Monday to Friday 10:30 AM to 06:30 PM

We will make reasonable efforts to respond to genuine privacy-related requests and grievances within the timeframe required under applicable law or within a reasonable period.

29. Updates to this Privacy Policy

Shastra Solutions Private Limited may update this Privacy Policy from time to time.

The updated version will be posted on the website, payment page or platform with the revised “Last Updated” date.

Continued use of Bill-o-Bill after updates to this Privacy Policy shall mean that you have read and accepted the updated Privacy Policy.

30. Payment Page Privacy Declaration

By proceeding with payment or using Bill-o-Bill, you confirm that:

  • You have read and understood this Privacy Policy.
  • You consent to the collection and processing of your information for the purposes described in this Privacy Policy.
  • You have authority to provide any business, client, accounting, financial, tax or third-party data uploaded or submitted through Bill-o-Bill.
  • You understand that Bill-o-Bill may use automation and AI-assisted processing to provide platform features.
  • You understand that Shastra Solutions Private Limited will never sell, rent, trade, license, monetise or commercially exploit your business data, financial data, accounting data, tax data, uploaded documents, prompts or AI outputs to any third party for any purpose unrelated to providing the platform.
Contact Us | Terms & Conditions | Privacy Policy | Refund & Cancellation
© 2026 Shastra Solutions Private Limited. All rights reserved.