Privacy Policy

# Privacy Policy for ApniDukaan

---

## 1. Introduction

Welcome to ApniDukaan ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal and business information. This Privacy Policy explains how we collect, use, store, share, and protect your information when you use our mobile application ("App").

By using ApniDukaan, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our App.

---

## 2. Information We Collect

### 2.1 Account Information

When you create an account or sign in, we collect:

- **Email Address** - Used for account identification and communication

- **Google Account Information** - If you sign in with Google, we collect your Google email and basic profile information (name, profile picture)

- **Business Name** - Your shop or business name as provided by you

- **Phone Number** - Your contact phone number (optional, editable)

- **User ID** - A unique identifier assigned to your account

- **Authentication Tokens** - Secure tokens for maintaining your login session

### 2.2 Customer and Transaction Data

To provide ledger functionality, we collect and store:

- **Customer Information:**

  - Customer/supplier names

  - Phone numbers

  - Transaction history

  - Balance information (receivables/payables)

  - Last reminder timestamps

- **Transaction/Ledger Data:**

  - Transaction amounts

  - Transaction dates and times

  - Transaction types (credit/debit)

  - Due dates (if applicable)

  - Notes and descriptions

  - Attachments (images, PDFs) - stored securely in Firebase Storage

  - Reminder status (WhatsApp/SMS sent indicators)

### 2.3 App Usage and Preferences

- **Reminder Preferences:**

  - Reminder frequency settings (daily, weekly, bi-weekly, monthly)

  - Reminder time preferences

  - Notification channel preferences

- **App Settings:**

  - Language preferences

  - Display preferences

  - Other user-configured settings

### 2.4 Device and Technical Information

- **Device Information:**

  - Device type (Android/iOS)

  - Operating system version

  - App version

  - Device identifiers (for analytics and error tracking)

- **Push Notification Tokens:**

  - Firebase Cloud Messaging (FCM) tokens for sending push notifications

- **Network Information:**

  - Internet connectivity status (to enable offline functionality)

  - IP address (collected automatically by Firebase services)

### 2.5 Contacts Information (Optional)

If you grant permission, we may access your device contacts to:

- Import customer information

- Pre-fill customer details when adding new customers

**Note:** We only access contacts when you explicitly grant permission and use this information solely for the import feature. We do not store your entire contact list on our servers.

### 2.6 Analytics and Error Tracking

- **Usage Analytics:**

  - App features used

  - Session duration

  - User interactions (collected anonymously through Firebase Analytics)

- **Error Reports:**

  - Crash logs and error information (collected through Firebase Crashlytics)

  - Device information related to errors

  - This helps us improve app stability and fix bugs

### 2.7 Collaboration Data

If you use collaboration features:

- **Collaborator Information:**

  - Email addresses of invited collaborators

  - Invitation status (pending, accepted, rejected)

  - Access permissions and timestamps

---

## 3. How We Use Your Information

We use the collected information for the following purposes:

### 3.1 Core App Functionality

- **Ledger Management:** Store and manage your customer and transaction data

- **Balance Calculations:** Automatically calculate receivables and payables

- **Data Synchronization:** Sync your data across devices when you're online

- **Offline Functionality:** Store data locally so you can use the app without internet

### 3.2 Reminders and Notifications

- **Automated Reminders:** Send push notifications about pending collections based on your preferences

- **Collaboration Notifications:** Notify you when collaborators accept invitations

- **Service Updates:** Send important app updates and service notifications

### 3.3 Collaboration Features

- **Multi-User Access:** Enable collaborators to access shared ledger data

- **Invitation Management:** Process and manage collaborator invitations

- **Access Control:** Enforce permissions and access restrictions

### 3.4 App Improvement

- **Analytics:** Understand how users interact with the app to improve features

- **Error Tracking:** Identify and fix bugs and crashes

- **Performance Monitoring:** Monitor app performance and optimize functionality

### 3.5 Communication

- **Support:** Respond to your inquiries and provide customer support

- **Service Updates:** Inform you about changes to our services or policies

### 3.6 Legal Compliance

- **Legal Obligations:** Comply with applicable laws and regulations

- **Fraud Prevention:** Detect and prevent fraudulent activities

- **Security:** Protect the security and integrity of our services

---

## 4. Data Storage and Security

### 4.1 Where We Store Your Data

**Cloud Storage (Firebase):**

- **Firebase Firestore:** Your account information, customers, transactions, and app settings are stored in Google's Firebase Firestore database

- **Firebase Storage:** Attachments (images, PDFs) are stored in Firebase Storage

- **Firebase Authentication:** Authentication credentials are managed by Firebase Authentication service

**Local Storage:**

- **Hive Database:** Data is cached locally on your device using Hive for offline functionality

- **Device Storage:** Backup files and exported data may be stored on your device

**Third-Party Services:**

- **Google Services:** If you sign in with Google, your authentication is handled by Google's services

- **Firebase Services:** Various Firebase services (Analytics, Crashlytics, Cloud Messaging) process data as part of app functionality

### 4.2 Data Security Measures

We implement industry-standard security measures to protect your data:

- **Encryption:** Data in transit is encrypted using SSL/TLS protocols

- **Authentication:** Secure authentication through Firebase Authentication

- **Access Controls:** Firestore security rules ensure users can only access their own data

- **Secure Storage:** Firebase services use Google's secure infrastructure

- **Regular Updates:** We regularly update our app and security measures

**However, no method of transmission over the internet or electronic storage is 100% secure.** While we strive to use commercially acceptable means to protect your data, we cannot guarantee absolute security.

### 4.3 Data Retention

- **Active Accounts:** We retain your data as long as your account is active

- **Deleted Accounts:** When you delete your account, we will delete your data within 30 days, except:

  - Data required for legal compliance

  - Anonymized analytics data

  - Backup data (which will be deleted in subsequent backup cycles)

- **Local Data:** Data stored locally on your device remains until you uninstall the app or clear app data

---

## 5. Data Sharing and Disclosure

### 5.1 With Collaborators

If you invite collaborators:

- **Shared Data:** Collaborators you invite can access the ledger data you grant them permission to view

- **Access Control:** You control what data collaborators can access

- **Revocation:** You can revoke collaborator access at any time

### 5.2 With Service Providers

We use third-party services that may have access to your data:

- **Google Firebase:** All cloud data is stored and processed by Google Firebase services

- **Google Analytics:** Anonymous usage analytics are processed by Google Analytics

- **Google Cloud:** Infrastructure services provided by Google Cloud Platform

These service providers are bound by their own privacy policies and data processing agreements.

### 5.3 Legal Requirements

We may disclose your information if required by law or in response to:

- Legal processes (subpoenas, court orders)

- Government requests

- Protection of rights, property, or safety

- Prevention of fraud or security threats

### 5.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity, subject to the same privacy protections.

### 5.5 What We Don't Do

- **We do NOT sell your data** to third parties

- **We do NOT share your data** with advertisers

- **We do NOT use your data** for marketing purposes without your consent

- **We do NOT access your data** except as necessary to provide our services

---

## 6. Your Rights and Choices

### 6.1 Access and Update

- **View Your Data:** You can view all your data within the app

- **Update Information:** You can update your profile, business name, and other information at any time

- **Export Data:** You can export all your data (customers, transactions, profile) as a JSON file

### 6.2 Data Deletion

- **Delete Transactions:** You can delete individual transactions

- **Delete Customers:** You can delete customer records

- **Delete Account:** You can delete your entire account, which will delete all associated data

**To delete your account:**

1. Go to Profile/Settings in the app

2. Select "Delete Account" or "Logout"

3. Confirm deletion

4. Your data will be permanently deleted within 30 days

### 6.3 Permissions

You can control app permissions through your device settings:

- **Contacts:** Revoke contact access if you no longer want to import contacts

- **Storage:** Control storage access for attachments and backups

- **Notifications:** Disable push notifications in device settings or app settings

### 6.4 Reminder Preferences

- **Disable Reminders:** You can disable automated reminders in app settings

- **Customize Frequency:** Adjust reminder frequency and timing

- **Opt-Out:** You can opt out of push notifications while still using the app

### 6.5 Collaboration

- **Remove Collaborators:** You can remove collaborator access at any time

- **Revoke Invitations:** Cancel pending invitations

---

## 7. Third-Party Services

### 7.1 Google Services

Our app uses several Google services:

- **Firebase Authentication:** For user authentication

- **Cloud Firestore:** For data storage

- **Firebase Storage:** For file storage

- **Firebase Cloud Messaging:** For push notifications

- **Firebase Analytics:** For app analytics

- **Firebase Crashlytics:** For error tracking

- **Google Sign-In:** For Google account authentication

**Google's Privacy Policy:** https://policies.google.com/privacy

### 7.2 Other Services

- **WhatsApp/SMS:** When you use reminder features, the app opens WhatsApp or SMS apps on your device. We do not have access to your WhatsApp or SMS data.

- **File System:** The app accesses your device's file system to save backups and attachments (with your permission).

---

## 8. Children's Privacy

ApniDukaan is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. If we discover that we have collected information from a child under 13, we will delete that information promptly.

---

## 9. International Data Transfers

Your data may be stored and processed on servers located outside India, including in the United States and other countries where Google Firebase operates. By using our App, you consent to the transfer of your data to these locations. We ensure that appropriate safeguards are in place to protect your data in accordance with this Privacy Policy.

---

## 10. Offline Functionality

ApniDukaan works offline and stores data locally on your device:

- **Local Storage:** Data is cached locally using Hive database

- **Offline Operations:** You can add, edit, and delete data without internet

- **Automatic Sync:** When you reconnect to the internet, changes are automatically synced to the cloud

- **Data Control:** You have full control over your local data

---

## 11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

- **In-App Notification:** Posting a notice in the app

- **Email:** Sending an email to your registered email address (if significant changes)

- **Updated Date:** Updating the "Last Updated" date at the top of this policy

**Continued use of the App after changes constitutes acceptance of the updated policy.**

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

---

## 12. Your Consent

By using ApniDukaan, you consent to:

- The collection and use of information as described in this Privacy Policy

- The storage of your data on Firebase servers

- The processing of your data for app functionality

- Receiving push notifications (if enabled)

You can withdraw your consent at any time by:

- Disabling specific features in app settings

- Revoking app permissions in device settings

- Deleting your account

---

## 13. Data Breach Notification

In the event of a data breach that may affect your personal information, we will:

- **Notify You:** Inform you via email or in-app notification within 72 hours

- **Describe the Breach:** Explain what information may have been affected

- **Provide Guidance:** Offer steps you can take to protect yourself

- **Report to Authorities:** Comply with applicable data breach notification laws

---

## 14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your data, please contact us:

**Email:** [Your Support Email]  

**App Support:** Through the in-app support feature  

**Address:** [Your Business Address, if applicable]

**Response Time:** We aim to respond to privacy-related inquiries within 7 business days.

---

## 15. Governing Law

This Privacy Policy is governed by the laws of India. Any disputes arising from this policy will be subject to the jurisdiction of Indian courts.

---

## 16. Additional Information for Indian Users

### 16.1 Compliance with Indian Laws

We comply with applicable Indian data protection laws and regulations, including:

- Information Technology Act, 2000

- Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011

- Any other applicable data protection regulations

### 16.2 Grievance Officer

As required by Indian law, we have appointed a Grievance Officer to address your concerns:

**Name:** [Grievance Officer Name]  

**Email:** [Grievance Officer Email]  

**Address:** [Grievance Officer Address]

You can contact the Grievance Officer for any privacy-related grievances or complaints.

---

## 17. Summary

**In simple terms:**

- We collect data necessary to provide ledger functionality

- Your data is stored securely on Firebase (Google's cloud services)

- We use your data only to provide app features and improve the app

- We don't sell or share your data with advertisers

- You can access, update, export, or delete your data anytime

- You control who can access your data through collaboration features

- We use industry-standard security measures to protect your data

---

**Thank you for trusting ApniDukaan with your business data. We are committed to protecting your privacy and providing you with a secure, reliable digital ledger solution.**

---

*This Privacy Policy is effective as of the date stated above and applies to all users of the ApniDukaan mobile application.*

For any queries: mail us at ashurajput7017@gmail.com