Privacy Policy

1. Information We Collect

We collect the following types of information to provide our field staff tracking service:

• Account Information: Name, email address, phone number, company details, and GST number during registration.
• Location Data: GPS coordinates and location accuracy from field staff devices during check-ins and active tracking sessions.
• Photographs: Selfie images captured during customer check-ins for visit verification purposes.
• Device Information: Device ID, battery level, operating system version, and mock location detection status.
• Transaction Data: Payment amounts, payment methods, invoice details, and EMI schedule information.
• Usage Data: App usage patterns, feature interactions, and session information.

2. How We Use Your Information

Your information is used to:

• Provide real-time field staff tracking and management services
• Process and record payment collections and EMI transactions
• Generate business analytics, reports, and insights
• Verify customer visits through selfie and GPS check-in data
• Send notifications about overdue EMI payments and important alerts
• Improve our Service and develop new features
• Communicate service updates and support information

3. GPS & Location Data

Location tracking is a core feature of our Service. GPS data is collected only during customer check-in events and is associated with the staff member's account. We also detect mock/spoofed GPS signals to ensure data integrity. Business owners can view location data of their staff through the dashboard. Location data is retained for the duration of the business account and can be exported or deleted upon request.

4. Selfie & Photo Data

Selfie photographs are captured during customer check-ins for verification purposes. Images are compressed on the device before upload to minimize data usage. Photos are stored securely in cloud storage with signed URLs and are accessible only to the business owner through the dashboard. Receipt photos may also be captured during payment collection.

5. Data Storage & Security

Your data is stored on secure cloud infrastructure. We implement industry-standard security measures including encrypted data transmission (TLS/SSL), row-level security policies for database access, secure authentication with session management, and encrypted storage for sensitive data. We use Supabase as our backend infrastructure provider, which maintains SOC 2 Type II compliance.

6. Data Sharing & Third Parties

We do not sell your personal data to third parties. We may share data with: (a) cloud infrastructure providers for hosting and storage; (b) push notification services for delivery of alerts; (c) analytics services for improving our platform (aggregated, non-personal data only). We may disclose data if required by law, court order, or government regulation applicable in India.

7. Offline Data & Synchronization

Our mobile app stores data locally on the device when offline (SQLite database). This includes queued check-ins, payments, and orders. When internet connectivity is restored, data is automatically synchronized with our servers. Local data is encrypted and cleared upon logout or account removal.

8. Your Rights

Under applicable Indian data protection laws, you have the right to:

• Access: Request a copy of your personal data we hold
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your data (subject to legal retention requirements)
• Export: Export your data in a machine-readable format (CSV)
• Withdraw Consent: Withdraw consent for data processing at any time

Business owners are responsible for informing their field staff about data collection and obtaining appropriate consent as required by applicable labor and privacy laws.

9. Data Retention

We retain your data for as long as your account is active. Upon account termination, you have 30 days to export your data. After 30 days, data is permanently deleted from our servers. Backup copies may persist for up to 90 days in our backup systems before being purged.

10. Children's Privacy

Our Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal data, please contact us.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email. The "Last updated" date at the top indicates when this policy was last revised.