We are constantly evolving in order to provide the best possible experience for you. These terms are important for you to understand and acknowledge to best set the expectations for using our GSP (GST Suvidha Provider) services. These terms broadly include:
Using our Services
Expectations
Log Retention & Data Usage
Data Privacy and Security
Liability and Governing Laws
Modifications
Contact Us
By accepting electronically (for example, clicking "I Agree"), installing, accessing, or using the GSP Services, you agree to these terms.
We also have a {Privacy Policy}, which we encourage you to read to understand how your data is used and protected.
USING OUR SERVICES
Before using Quicko’s GSP services, please be aware of the following:
Term modifications:
We would like to keep you up to date with our terms, so when we update them, we will alert you by putting the last updated date on this page.
Service Provider:
You are contracting with Quicko Infosoft Private Limited (“Quicko”, “we”, “our”, or “us”), an authorized GSP recognized by the Goods and Services Tax Network (GSTN).
Our business is based in India.
Age Requirement:
You must be at least 18 years or above to enjoy our services.
WHAT YOU CAN EXPECT FROM US
We are dedicated to delivering a secure, reliable, and compliant GSP infrastructure to support your GST compliance journey with confidence and ease.
Services Offered:
Quicko provides secure access to GST APIs to facilitate tax compliance.
The services support GST return filing, taxpayer data exchange, and other GST-related functions.
APIs are designed to integrate with your systems or third-party platforms for seamless compliance and automation.
Permitted Use of Services:
You may use Quicko’s GSP services only for lawful purposes aligned with the objectives of the GST regime.
You must not misuse the services, including:
Reverse engineering the APIs
Tampering with or bypassing authentication or security protocols
You are responsible for ensuring compliance with:
Applicable laws and regulations
GSTN guidelines
Data protection frameworks such as the IT Act, 2000 and CERT-In guidelines.
You are expected to protect access credentials, safeguard taxpayer data, and maintain the integrity of your use of the services.
WHAT WE EXPECT FROM YOU
To ensure a secure and compliant ecosystem, we expect you to:
Use the GSP services only via the license or sub-license keys provided by us.
Not engage in data scraping, API misuse, or unauthorized data access.
Ensure that taxpayer data is not retained or disclosed except as permitted by law or with express consent.
Avoid engaging in reselling, sublicensing, or anti-competitive practices without prior written approval from Quicko.
Immediately report any security breaches or incidents to Quicko.
LOG RETENTION & DATA USAGE
We retain logs only for as long as required by applicable laws and regulatory guidelines to ensure transparency, auditability, and ongoing compliance.
GSP Log Retention – 7 Years (As per GSTN Requirements):
In accordance with GSTN mandates, we maintain comprehensive audit and transaction logs for all API requests and responses processed through our GSP infrastructure. These logs capture:
HTTP headers
Request and response timestamps
Status indicators (e.g., success, failure)
Application ID
License or sub-license keys
API type and request origin
These logs are securely stored for a minimum of seven (7) years. Access to these logs is strictly limited to authorized personnel and only under lawful circumstances, including audits, investigations, or as directed by regulatory authorities.
ICT System Logs – 180 Days (CERT-In Compliance):
To comply with CERT-In guidelines, we also maintain logs of our internal Information and Communication Technology (ICT) systems for 180 days. These logs cover:
Access and authentication records
System and configuration changes
Administrative activity
System-level audit trails
All ICT logs are securely retained within India and are made available to authorized entities on formal request or in the event of a security incident.
Data Deletion Post-Retention Period:
Once the mandated retention period ends, we ensure that data is either securely deleted or anonymized using industry standard techniques, unless we are legally required to retain it for a longer period.
This practice guarantees that your data is no longer accessible, recoverable, or susceptible to unauthorized use after the end of its lifecycle.
DATA PRIVACY & SECURITY
We are deeply committed to protecting the privacy, integrity, and confidentiality of taxpayer data.
No Unauthorised Access or Use: We do not access, use, or share taxpayer data except as required by law or explicitly authorised by the taxpayer.
No Data Storage in API-Only Use: When Quicko facilitates API access (without hosting the taxpayer-facing application), we do not store any taxpayer data.
Secure Data Transmission: All data is encrypted and transmitted securely over protected channels, as mandated by GSTN specifications.
Privacy Policy: Our Privacy Policy is reviewed and updated regularly to reflect evolving legal, regulatory, and GSTN compliance standards.
Security and System Access:
Protecting your data and systems is our top priority.
CERT-In Security Audits: Quicko conducts annual security audits of its infrastructure and GSP Application by CERT-In empanelled auditors, adhering to ISO 27001:2013 standards.
Vulnerability Resolution: Any issues identified in these audits are addressed immediately before continued operation of services.
Secure API Access: All access to APIs is strictly managed via secure license keys and time-bound session tokens.
Enforcement Measures: Any instance of unauthorised access, tampering, or misuse of the system may result in immediate suspension or termination of access rights.
Incident Reporting & CERT-In Compliance:
Quicko has established processes to detect, report, and respond to cybersecurity incidents in compliance with government mandates.
Real-Time Monitoring: Our systems are continuously monitored for any abnormal or unauthorised activity.
CERT-In Notification: In the event of a notifiable security incident, we will:
Inform CERT-In within the legally prescribed timelines.
Retain all relevant logs for a minimum of 180 days.
Fully cooperate with investigation and remediation efforts.
Partner Obligations: All users, partners, and third-party developers must promptly report any suspected or known security breaches to Quicko.
Restrictions on Use
To maintain the security and fairness of the GSP ecosystem, users must strictly avoid the following:
Reverse engineering or tampering with the API infrastructure
Storing or disclosing taxpayer data without legal authority or consent
Reselling or sublicensing Quicko’s APIs or services without prior written approval
Practices that restrict or deny equitable access to GST APIs for other legitimate users
Bypassing or interfering with system security controls that protect taxpayer data
SUSPENSION AND TERMINATION
Quicko may suspend or permanently revoke your access if:
You breach any of the terms of use.
You compromise the integrity or security of our systems.
You misuse taxpayer data or credentials.
You fail to resolve compliance issues after repeated notices.
LIMITATION OF LIABILITY
While we strive to maintain high standards of service, performance, and security, certain events or circumstances may be beyond our control. Therefore, our liability is limited in the following ways:
Third-Party Dependencies:
Quicko provides GSP services in collaboration with the Goods and Services Tax Network (GSTN) and relies on various third-party infrastructure components. As such:
Quicko shall not be held responsible for any errors, unavailability, delays, or disruptions originating from the GSTN system, its infrastructure, or scheduled downtimes.
We are also not liable for failures or issues caused by factors outside our control such as:
Internet outages, unstable network connections, or latency issues.
Hardware, software, or device level malfunctions on your or your service provider’s systems.
Force majeure events including but not limited to natural disasters, government actions, cyberattacks, or acts of war.
Unauthorized Use or Compromise:
You are responsible for safeguarding the credentials (e.g., license keys, access tokens) provided for API access.
Quicko shall not be liable for any unauthorized activities or damages arising from the use of your credentials by third parties, whether due to negligence, compromise, or failure to maintain adequate security on your part.
Limit on Damages:
To the maximum extent permitted by law:
Quicko’s liability, if established in any legal or administrative proceeding, will be strictly limited to direct damages caused solely by our proven negligence or willful misconduct.
We do not accept any liability for indirect, incidental, punitive, or consequential damages, including but not limited to:
Loss of profits or anticipated revenue
Business interruption
Loss of goodwill or data
Penalties or interest imposed by tax or regulatory authorities
Technology failure or data corruption
Indemnification:
You agree to indemnify, defend, and hold harmless Quicko and its affiliates from and against any third-party claims, damages, liabilities, or costs (including reasonable legal fees) arising from:
Your misuse of the GSP services
Breach of these Terms or applicable laws
Any violation of intellectual property, privacy, or data protection rights
Negligent acts, omissions, or misconduct by you or your authorised users
In the event of such legal claims:
Both parties agree to notify each other within five (5) business days of becoming aware of the dispute.
Each party reserves the right to participate in the legal proceedings and defend its interests independently or jointly.
This indemnity obligation survives the termination or expiration of your use of Quicko’s services. However, no indemnity claims can be brought later than 30 days after service termination.
Compliance with Applicable Law:
All data accessed, processed, or shared via the GSP services must comply with applicable laws, regulations, and consent frameworks, including but not limited to the:
Information Technology Act, 2000
GSTN guidelines and GSP Agreement
CERT-In directives and applicable data protection standards
Quicko will act in accordance with any lawfully issued orders from courts, regulatory authorities, or government bodies in relation to data access, retention, or deletion.
GRIEVANCE AND RESOLUTION
You are entitled to receive services of a certain standard and quality, and you have the right and remedies to resolve any issues if things do not go as expected under these terms.
Disclaimer:
As our services are provided on an AS-IS and AS-AVAILABLE BASIS, we can only commit to our services.
Your use of our Services is at your own risk.
We make no warranties about the accuracy or completeness of the content or linked websites.
We are not liable for errors, personal injury, unauthorized access, interruptions, or transmission issues.
We are not responsible for any viruses, third-party products, or advertised services.
We do take any responsibility for hyperlinked websites or featured advertisements.
Governing Laws and Jurisdiction
These Terms are governed by the Laws of India.
The exclusive jurisdiction lies with the courts in Ahmedabad, India.
Disputes may also be resolved via alternative dispute resolution methods (e.g., mediation or arbitration), in accordance with applicable laws.
Action:
We may terminate your access to our services at any time if we see any suspicion of fraud, hacking, phishing, harassment, spamming, misleading others, unauthorized content scraping, illegal activity, unauthorized access, or non-compliance with these terms.
It is required to comply with a legal requirement or court order.
MODIFICATIONS
We may modify or update these terms periodically.
We will indicate the date of the latest update on this page.
Continued use of the GSP services after such changes implies your acceptance.
CONTACT US
If you face any difficulties or require assistance, feel free to contact us via email at gsp@quicko.com.