logo
icons

OAuth-Based Email Integrations in TallyPrime

Effective Date: May 14, 2026   |   Last Updated: May 15, 2026

"TallyPrime" means the business management software developed and owned by Tally Solutions Private Limited ("Tally"), deployed locally by users to manage accounting, compliance, inventory, and financial operations.

TallyPrime utilizes industry-standard OAuth 2.0 authentication protocol to securely send business documents, such as invoices and reports, directly from your application. This secure method allows TallyPrime to connect to your email provider without accessing, requesting, or storing your account password.

1. Provider-Specific Disclosures (Privacy & Data Handling)

This section outlines our commitment to data privacy and security for specific email providers.

A. Google API Services (Gmail)

  • Limited Use Disclosure: TallyPrime's use and transfer of information received through Google APIs to any other application will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
  • Scope of Access: TallyPrime utilizes the "https://www.googleapis.com/auth/gmail.send" scope solely to facilitate user-initiated email transmission via the Gmail API.
  • Data Minimization: TallyPrime does not access, read, store, delete, or share your mailbox content, personal messages, or attachments.
  • Data Transience: All email data is processed in real-time; TallyPrime does not cache or store the body or attachments of your emails on our servers or infrastructure.

B. Microsoft Graph API (Outlook / Office 365)

  • Scope of Access: TallyPrime utilizes the "Mail.Send" permission via the Microsoft Graph API.
  • Usage Intent: This permission is used exclusively to allow you to send business communications directly from the TallyPrime interface.
  • Privacy Commitment: TallyPrime does not access, read, store, delete or share your inbox content, calendar, or contacts associated with your Microsoft account.

2. Common Technical & Legal Standards (Terms of Service)

The following supplemental terms and technical standards apply to all OAuth-based email integrations within TallyPrime:

  • Credential Security: Your OAuth refresh tokens are stored locally on your system and are encrypted at rest within your TallyPrime environment.
  • Third-Party Compliance: By utilizing these features, you authorise the integration and agree to comply with the respective Terms of Service of your chosen provider, including the Google Terms of Service and Microsoft Service Agreement.
  • User Responsibility: You are solely responsible for the accuracy, content, and legality of all messages sent through the integration.
  • Service Limitations: TallyPrime is not liable for delivery failures, rate-limiting, or service outages caused by any reasons beyond our reasonable control including the third-party email API providers.
  • Access Revocation: You maintain full control over these connections. You may revoke access at any time through your email provider settings (Google Security Settings or Microsoft Account Permissions).

You may refer to the TallyPrime Policies for further information: