Terms & Conditions — MyTaxLocker by MaxLeaf

Version 2.1 • Last updated May 2026

Disclaimer — Not Affiliated with Government. MyTaxLocker is an independent software product built by MaxLeaf. We are NOT affiliated with, endorsed by, or acting on behalf of the Income Tax Department of India, the Central Board of Direct Taxes (CBDT), the Ministry of Finance, the Government of India, or any other government entity. MyTaxLocker is a self-help tool that prepares an ITR JSON file from inputs you provide. The final filing must be submitted by you (or your authorised Chartered Accountant) directly to the official Income Tax e-Filing Portal at incometax.gov.in. We do not file returns with the government on your behalf.

      Independence from Government — your acknowledgments. By using MyTaxLocker, you acknowledge that:
      MaxLeaf and MyTaxLocker are private commercial entities, independent of any government authority.
You are responsible for the accuracy of all data you enter, and for the lawful filing of your Income Tax Return through the official government portal.
MyTaxLocker provides software tools only. Use of MyTaxLocker does not constitute legal, financial, or tax advice. For binding advice, consult a qualified Chartered Accountant or tax attorney.
The accuracy of tax computations is dependent on the data you provide. While MyTaxLocker uses CBDT-published rules and validation logic, final compliance with the Income Tax Act and CBDT regulations is your responsibility.
MaxLeaf is not liable for any penalties, interest, or audit consequences arising from incorrect ITR filings. Always review the generated return before submitting it to the IT Department portal.

    

Official sources for government information referenced in this app:

Income Tax e-Filing Portal (Government of India): https://www.incometax.gov.in
Central Board of Direct Taxes (CBDT): https://incometaxindia.gov.in
Digital Personal Data Protection Act, 2023 (MeitY): https://www.meity.gov.in/data-protection-framework

1. About MyTaxLocker & MaxLeaf

These Terms and Conditions govern your use of the MyTaxLocker application and website (mytaxlocker.maxleaf.in), which is operated and owned by MaxLeaf ("Company", "we", "us").

MyTaxLocker ("App") is a personal tax management application that assists Indian taxpayers in preparing ITR-1 (Sahaj) and ITR-4 (Sugam) income tax returns, storing tax documents, and managing tax-related information.

This App is NOT a registered e-filing intermediary. The JSON files generated are for your personal use and must be uploaded to the Income Tax Department portal (incometax.gov.in) by you.

By selecting "Start Tax Filing" or "Consult a CA", you are granting MaxLeaf permission to process your data as outlined in our Privacy Policy.

2. Data We Collect

MaxLeaf, as the Data Fiduciary under the Digital Personal Data Protection Act (DPDPA) 2023, collects the following categories of personal data through the MyTaxLocker app, solely for the purpose of tax return preparation:

Identity Data: PAN, Aadhaar number, name, date of birth, mobile number, email
Financial Data: Salary details (Form 16), deductions, investments, bank account details (account number, IFSC)
Tax Documents: Uploaded PDFs and images (Form 16, rent receipts, investment proofs)
Device Data: Device type, OS version (for crash reporting only)

We do NOT collect passwords, biometric templates, or payment card details.

3. How We Use Your Data

Your data is used exclusively for:

Generating ITR-1 / ITR-4 JSON files for Income Tax filing
Storing your tax documents securely in your personal vault
Auto-filling tax forms across assessment years
Generating PDF documents (Form 12BB, rent receipts, computation sheets)
Tax planning and optimization suggestions

MaxLeaf will NEVER sell, rent, or share your personal data with third parties for marketing purposes.

4. Data Storage & Security

Your data is stored on Amazon Web Services (AWS) servers located in Mumbai, India (ap-south-1 region), fully compliant with RBI data localization requirements.

Security measures implemented by MaxLeaf include:

Field-level encryption (AES-256) for PAN, Aadhaar, and bank details
TLS 1.2+ encryption in transit with certificate pinning
Per-user data isolation — only you can access your files
AWS Cognito authentication with multi-factor support
Biometric login option (Face ID / fingerprint) for convenience
PII access audit logging for compliance

Storage limits: 5 MB per file, 15 documents per assessment year, 50 MB total per user.

5. Data Retention

Your tax documents and filing data are retained for up to 8 years from the date of upload, consistent with Indian income tax record-keeping requirements (6–7 years for ITR records as per the Income Tax Act, 1961).

After 8 years, data is automatically deleted. You may delete your data at any time before this period by using the "Delete Account" option in the App.

6. Your Rights (DPDPA 2023)

Under the Digital Personal Data Protection Act, 2023, MaxLeaf as your Data Fiduciary ensures you have the right to:

Access: View all personal data we hold about you
Correction: Update or correct any inaccurate data
Erasure: Request complete deletion of your data and account
Portability: Export all your data in machine-readable format
Withdraw Consent: Revoke your consent at any time (this will require account deletion as the App cannot function without processing your tax data)

To exercise these rights, use the in-app features or contact our Grievance Officer at support@maxleaf.in.

7. Aadhaar Data Handling

Your Aadhaar number is collected solely for inclusion in ITR JSON files as mandated by the Income Tax Department. It is:

Stored with field-level encryption on AWS servers in India
Masked (showing only last 4 digits) in the App UI
Never shared with any third party
Deleted when you delete your account

MaxLeaf does not authenticate using Aadhaar or access UIDAI services.

8. CA Assignment & Data Sharing

If you opt for CA-assisted filing, your tax filing data may be shared with a Chartered Accountant (CA) assigned through the App. This sharing:

Requires your explicit consent at the time of submission
Is limited to the specific assessment year's filing data
The CA is bound by professional confidentiality obligations under ICAI regulations
You can revoke access by cancelling the filing request

MaxLeaf acts as the Data Fiduciary; the assigned CA acts as a Data Processor for the limited purpose of reviewing and filing your return.

9. Limitation of Liability

MyTaxLocker is a tax preparation tool, not a substitute for professional tax advice. MaxLeaf makes no guarantees regarding:

The accuracy of tax calculations (users must verify before filing)
Acceptance of generated ITR JSON by the Income Tax portal
Tax refund amounts or processing times
Changes in tax laws that may affect calculations

MaxLeaf shall not be liable for any tax penalties, interest, or losses arising from the use of this App. Maximum aggregate liability is limited to the fees paid by you for the service in the relevant assessment year.

10. Grievance Officer & Contact

In compliance with the Digital Personal Data Protection Act, 2023 and the Information Technology Act, 2000:

Company: MaxLeaf
Email: support@maxleaf.in
Website: maxleaf.in
Response time: Within 72 hours of receiving your complaint

You may also contact the Data Protection Board of India if your grievance is not resolved satisfactorily.