BillBooks Inc. ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how your personal information is collected, used, and disclosed by BillBooks. By accessing or using our Service, you signify that you have read, understood, and agree to our collection, storage, use, and disclosure of your personal information as described in this Privacy Policy and our Terms of Service.
1. Information We Collect
We collect only the information necessary to provide the Billing Service:
- Account Data: Name, Email Address, Phone Number (for authentication).
- Business Data: Business Name, GSTIN, Address, Logo, and Signature (for invoice generation).
- Transaction Data: Details of invoices, quotations, clients, and inventory items you create.
- Technical Data: IP address, browser type, and device information (for security and debugging).
2. Where Your Data Lives (Architecture)
Hybrid Storage Model
BillBooks uses an "Offline-First" approach. Your financial data is primarily stored locally on your device (IndexedDB) for instant access. It is then securely synced to Google Cloud Firestore (encrypted at rest) to prevent data loss if you switch devices. We do not mine, sell, or analyze your transaction history for advertising purposes.
3. Third-Party Services
We use trusted third-party providers to operate specific features. We do not control these services, and they adhere to their own privacy policies:
- Google Firebase: For authentication, database hosting, and analytics.
- Razorpay: For processing premium subscription payments. We never store your credit card or bank account details on our servers. All payment data is handled directly by Razorpay's PCI-DSS compliant infrastructure.
- WhatsApp API: If you use the "Share via WhatsApp" feature, data is passed to the WhatsApp application installed on your device.
4. Cookies & Local Storage
We use "Local Storage" and "Cookies" strictly for essential functionality, such as keeping you logged in and remembering your theme preferences (Dark/Light mode). We do not use third-party tracking cookies for cross-site retargeting.
5. Data Security
We implement industry-standard security measures, including TLS 1.3 Encryption for data in transit and AES-256 Encryption for data at rest on Google Cloud. However, no method of transmission over the Internet is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
6. Your Rights & Data Deletion
You own your data. You have the right to:
- Access the personal data we hold about you.
- Request correction of inaccurate data (via Profile Settings).
- Request Deletion: You may request the permanent deletion of your account and all associated data by contacting support. Once deleted, this data cannot be recovered.
7. Contact Us
If you have any questions about this Privacy Policy, please contact our Data Protection Officer at amaanmansuri143@gmail.com.