Why trust BenefitStack?
Our business model is aligned with yours, not against it. We charge a flat fee for work performed — filing assistance, document review, CA assignment. We do not earn a percentage of whatever you receive. We do not earn anything by selling or sharing your data. There is no financial incentive for us to misuse what you share.
We are an incorporated entity with legal accountability. BenefitStack is operated by Ventuno Technologies (P) Ltd., a company registered in Chennai, Tamil Nadu under the Companies Act. We are subject to Indian law including the Information Technology Act, GST regulations, and applicable data protection requirements. Our legal contact is public and reachable.
Our infrastructure partners have independent, audited certifications. We do not build our own data centre or write our own authentication system. We use Supabase and Vercel — both of which hold SOC 2 Type II certifications issued by independent auditors. You inherit those guarantees.
We are transparent about what we collect and why. This page and our Privacy Policy explain in plain language exactly what data is collected, where it goes, who can see it, and how long we keep it. If anything here is unclear, email us at legal@benefitstack.in.
What we collect and why
We collect only what is necessary to match your business against government scheme eligibility criteria. Nothing more.
- —Company name, type, stage
- —GSTIN, CIN, Udyam / PAN
- —State, sector, employee count
- —Revenue band
- —Founder names and roles
- —Email address for account login
- —Phone for OTP verification
- —GST certificate, ITR
- —Incorporation certificate
- —Audited financials
- —Bank account or card numbers
- —Cap table or equity details
- —Employee salary data
- —Passwords (hashed by auth layer)
Who can see your data
By default, only you. Access is extended to others only with your explicit action.
How data is stored and protected
BenefitStack is built on infrastructure that holds its own independent security certifications. You inherit those guarantees without taking our word for it.
If you recommend BenefitStack to a client, here is what they are agreeing to.
Your client creates an account, fills in their business profile, and gets a free eligibility report. That is the extent of what BenefitStack does without further action. No one at BenefitStack calls them. Their data is not shared with anyone.
If they engage a CA through the platform (which could be you), they explicitly confirm which CA is assigned to their case. The CA receives access only to what is needed for that specific scheme — not the whole account. That access is scoped and revocable.
You as a CA firm are not given a master view of all the clients you have helped. Each engagement is separate. Client A cannot see Client B's information even if you are the CA on both cases.
If a client asks "is my data safe on this platform?" you can share this page with them. If they have questions this page does not answer, we will respond directly at legal@benefitstack.in.
Common questions
We will answer directly,
not with a template.
If you are a CA firm evaluating BenefitStack for your clients, or a company with specific questions about how your data is handled, email us. We respond to every question personally within 2 business days.