Login to BillVeda

Forgot password?
Don't have an account?

Start Your Free Trial Now

Secure
Trusted
24/7 Support
BillVeda Logo

GDPR Compliance

Last Updated: April 14, 2025

Home / GDPR Compliance

At BillVeda, we are committed to ensuring the privacy and protection of your personal data in compliance with the General Data Protection Regulation (GDPR). This page outlines our approach to GDPR Compliance and your rights under this regulation.

Our Commitment to GDPR

The GDPR is a regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area. It also addresses the export of personal data outside the EU and EEA areas. Although BillVeda is primarily focused on serving Indian businesses, we recognize that our services may be used by individuals and businesses in the EU, and we are committed to complying with the GDPR.

Data Controller and Data Processor

Under the GDPR, BillVeda acts as both a data controller and a data processor. We are a data controller for the personal information we collect about our users for account management, billing, and marketing purposes. We are a data processor for the information our users input into our system about their clients and business operations.

Legal Basis for Processing

We process personal data on the following legal bases:

  • Contractual Necessity: Processing is necessary for the performance of a contract to which the data subject is party or to take steps at the request of the data subject prior to entering into a contract.
  • Legitimate Interests: Processing is necessary for the purposes of the legitimate interests pursued by BillVeda or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject.
  • Consent: The data subject has given consent to the processing of their personal data for one or more specific purposes.
  • Legal Obligation: Processing is necessary for compliance with a legal obligation to which BillVeda is subject.

Your Rights Under GDPR

Under the GDPR, you have the following rights:

  • Right to Access: You have the right to request a copy of the personal data we hold about you.
  • Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.
  • Right to Erasure (Right to be Forgotten): You have the right to request that we delete your personal data in certain circumstances.
  • Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data in certain circumstances.
  • Right to Data Portability: You have the right to request that we transfer your personal data to another service provider in a structured, commonly used, and machine-readable format.
  • Right to Object: You have the right to object to the processing of your personal data in certain circumstances, including for direct marketing purposes.
  • Rights Related to Automated Decision Making and Profiling: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

Data Protection Measures

We have implemented appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

  • Encryption of personal data
  • Regular testing, assessing, and evaluating the effectiveness of technical and organizational measures
  • Measures to ensure the ongoing confidentiality, integrity, availability, and resilience of processing systems and services
  • Measures to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident
  • Staff training on data protection and security

Data Breach Notification

In the event of a personal data breach, we will notify the relevant supervisory authority without undue delay and, where feasible, not later than 72 hours after having become aware of it, unless the breach is unlikely to result in a risk to the rights and freedoms of natural persons. We will also notify affected data subjects without undue delay when the personal data breach is likely to result in a high risk to their rights and freedoms.

International Data Transfers

BillVeda may transfer personal data to countries outside the European Economic Area (EEA). When we do so, we ensure that appropriate safeguards are in place to protect your personal data, such as Standard Contractual Clauses approved by the European Commission.

Data Protection Officer

We have appointed a Data Protection Officer (DPO) who is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact our DPO using the details set out below.

How to Exercise Your Rights

To exercise any of your rights under the GDPR, please contact us at GDPR Compliance. We will respond to your request within one month. This period may be extended by two further months where necessary, taking into account the complexity and number of the requests.

Complaints

If you have any concerns about our use of your personal data, you can make a complaint to us at support@billveda.code4utech.com. You also have the right to lodge a complaint with the supervisory authority in the EU member state where you reside, work, or where the alleged infringement of data protection laws occurred.

Contact Us

If you have any questions about our GDPR Compliance, please contact us at:

Email: support@billveda.code4utech.com

Phone: +91 85957 37067

Address: Block RZ, Sagar Pur, Delhi, India - 110046