Your Data Security is Our Priority
Built for professionals who handle sensitive client financial data. Your clients' confidentiality is protected by design.
How We Protect Your Data
Six commitments that every Zortal account gets by default.
Your Data is Yours
We don't read, sell, or use your data for any purpose other than running your account. No ads. No data mining. No third-party access.
Encrypted at Rest and in Transit
AES-256 encryption at rest for all stored data. Every connection uses HTTPS/TLS. Your files and records are never transmitted in plain text.
Isolated Per Firm
Each firm's data is completely separate. Your clients, files, tasks, and records are never mixed with another firm's data.
No Zortal Employee Access
Our team cannot log in and browse your client data. Support access requires your explicit permission and is logged.
Full Audit Trail
Every login, file upload, and action is logged with timestamps and IP addresses. You can see the full history at any time.
Data Portability
Cancel anytime. Request a full export of your data and we'll provide it within 30 days. No lock-in, no hostage data.
Designed for Professional Obligations
CAs and professionals have legal confidentiality duties. Zortal is built to help you meet them.
Clause 1 — Confidentiality
ICAI Code of Ethics
CAs are bound by ICAI's confidentiality obligations. Zortal's per-firm isolation and zero-employee-access policy ensure your compliance is built into the platform, not bolted on.
Information Disclosure
IT Act, Section 138
Section 138 makes unauthorized disclosure of client information a criminal offence. Zortal's audit trail and access controls give you a documented chain of custody for every piece of data.
Digital Personal Data Protection
DPDP Act, 2023
India's data protection law requires purpose limitation and security safeguards. Zortal processes data only for your account operations — nothing more.
Enterprise-Grade Infrastructure
Your data runs on the same infrastructure trusted by Fortune 500 companies.
SOC 2 Type II Database
Certified & Audited
Your data is stored in a SOC 2 Type II certified PostgreSQL database with automatic encryption at rest and point-in-time recovery.
Encrypted File Storage
Server-Side Encryption
All uploaded files are stored with server-side encryption and served via a global edge network with built-in DDoS protection.
Edge Network Hosting
Automatic SSL & Protection
Application hosted on a globally distributed edge network with automatic SSL certificates, DDoS protection, and enterprise-grade uptime.
Security FAQ
Start Your Free Trial With Confidence
Your data is encrypted, isolated, and never shared. Join hundreds of professionals who trust Zortal with their practice.