Privacy Policy for Erela Sales Superapp

Effective Date: January 1, 2025
Last Updated: July 23, 2025

Introduction

Erela ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Erela Sales Superapp mobile application (the "App"). By using our App, you consent to the data practices described in this policy.

Information We Collect

Personal Information

We may collect the following types of personal information:

Account Information:

• Name, email address, phone number

• Company name and position

• Profile photo (optional)

• Username and encrypted password

Business Data:

• Customer contact information and details

• Sales orders and transaction data

• Product catalogs and pricing information

• Visit reports and sales activities

• Notes and comments related to business activities

Location Information:

• GPS coordinates for route tracking and optimization

• Check-in/check-out locations at customer sites

• Territory and geographic area data

• Travel routes and distances

Biometric Data:

• Fingerprint templates for authentication (stored locally on device)

• Face recognition data for login (processed locally)

• Biometric authentication patterns

Device Information:

• Device model, operating system version

• Unique device identifiers

• App version and usage statistics

• Network connection information

• Device settings and preferences

Analytics Data:

• App usage patterns and feature interactions

• Performance metrics and crash reports

• Session duration and frequency

• User behavior within the app

How We Collect Information

Direct Collection

• Information you provide when creating an account

• Data entered while using app features

• Customer and order information you input

• Photos and documents you upload

Automatic Collection

• Location data through GPS services

• Device information and identifiers

• Usage analytics and performance data

• Crash logs and error reports

Third-Party Sources

• Integration with CRM systems (with your consent)

• Calendar synchronization data

• Contact imports from your device (with permission)

How We Use Your Information

Primary Purposes

Business Operations:

• Manage your sales activities and customer relationships

• Process and track orders and transactions

• Generate reports and analytics

• Provide route optimization and GPS navigation

• Synchronize data across devices

Authentication and Security:

• Verify your identity using biometric data

• Secure access to your account and data

• Detect and prevent unauthorized access

• Monitor for suspicious activities

App Functionality:

• Provide core app features and services

• Sync data between mobile and web platforms

• Enable offline functionality

• Send push notifications and alerts

Secondary Purposes

Improvement and Development:

• Analyze usage patterns to improve app features

• Conduct research and development

• Test new features and functionality

• Optimize app performance

Communication:

• Send important updates and notifications

• Provide customer support

• Share relevant business insights

• Deliver promotional content (with consent)

Data Sharing and Disclosure

We Do Not Sell Personal Information

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

Authorized Sharing

We may share your information in the following circumstances:

With Your Consent:

• Third-party integrations you authorize

• Data exports you request

• Sharing with team members or supervisors

Service Providers:

• Cloud hosting and storage services

• Analytics and performance monitoring

• Push notification services

• Customer support platforms

Legal Requirements:

• Compliance with applicable laws and regulations

• Response to legal processes and government requests

• Protection of our rights and property

• Investigation of fraud or security incidents

Business Transfers:

• In connection with mergers, acquisitions, or sales

• During corporate restructuring or bankruptcy proceedings

Data Security

Security Measures

We implement comprehensive security measures to protect your information:

Technical Safeguards:

• End-to-end encryption for data transmission

• AES-256 encryption for data storage

• Secure authentication protocols

• Regular security updates and patches

Physical Safeguards:

• Secure data centers with access controls

• Environmental protection systems

• Backup and disaster recovery procedures

Administrative Safeguards:

• Employee training on data protection

• Access controls and authorization procedures

• Regular security audits and assessments

• Incident response procedures

Biometric Data Security

• Biometric templates are stored locally on your device

• Biometric data is never transmitted to our servers

• Data is encrypted using device-level security features

• Templates are automatically deleted if you uninstall the app

Data Retention

Retention Periods

Account Data: Retained while your account is active and for up to 3 years after account closure Business Data: Retained according to business needs and legal requirements (typically 7 years) Location Data: Retained for up to 2 years for business purposes Analytics Data: Aggregated data may be retained indefinitely Biometric Data: Stored locally on device only, deleted when app is removed

Data Deletion

You can request deletion of your personal data at any time. We will process deletion requests within 30 days, subject to legal and business requirements.

Your Privacy Rights

Access and Control

You have the right to:

• Access your personal information

• Correct inaccurate or incomplete data

• Delete your personal information

• Export your data in a portable format

• Restrict processing of your information

• Object to certain data processing activities

Privacy Settings

The app provides various privacy controls:

• Location sharing preferences

• Notification settings

• Data synchronization options

• Biometric authentication settings

• Analytics participation choices

Exercising Your Rights

To exercise your privacy rights, contact us at:

• Email: privacy@erela.com

• In-app support feature

• Written request to our business address

Location Data and GPS Tracking

Location Collection

We collect location data to provide:

• Route optimization and navigation

• Check-in/check-out at customer locations

• Territory management and reporting

• Mileage tracking for expense reports

Location Controls

You can control location sharing through:

• Device-level location permissions

• App-specific location settings

• Granular location sharing preferences

• Temporary location sharing options

Location Data Retention

• Precise location data: Retained for up to 2 years

• Aggregated location analytics: May be retained longer

• Route history: Available for 1 year in your account

Third-Party Services

Integrated Services

Our app may integrate with:

• Google Maps for navigation and mapping

• Firebase for analytics and messaging

• Cloud storage providers

• Calendar and contact applications

Third-Party Privacy

Each integrated service has its own privacy policy. We recommend reviewing their policies to understand how they handle your data.

Children's Privacy

Our app is not intended for children under 16 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will take steps to delete it promptly.

International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for international transfers, including:

• Standard contractual clauses

• Adequacy decisions by privacy authorities

• Certification schemes and codes of conduct

Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will notify you of material changes through:

• In-app notifications

• Email communications

• Updates posted in the app

• Website announcements

Continued use of the app after changes constitutes acceptance of the updated policy.

California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

• Right to know what personal information is collected

• Right to delete personal information

• Right to opt-out of sale of personal information

• Right to non-discrimination for exercising privacy rights

European Privacy Rights (GDPR)

If you are in the European Economic Area, you have rights under the General Data Protection Regulation:

• Right to access your personal data

• Right to rectification of inaccurate data

• Right to erasure ("right to be forgotten")

• Right to restrict processing

• Right to data portability

• Right to object to processing

• Rights related to automated decision making

Legal Basis for Processing

We process your data based on:

• Contract performance (providing app services)

• Legitimate interests (business operations, security)

• Legal compliance (regulatory requirements)

• Consent (marketing communications, optional features)

Data Protection Officer

For privacy-related inquiries, you can contact our Data Protection Officer at:

• Email: iterela2020@gmail.com

• Phone: +62 811-2970-560

• Address: Murbei No.2, Sumurboto, Kec. Banyumanik, Kota Semarang, Jawa Tengah 50269

Contact Information

For questions about this Privacy Policy or our privacy practices, contact us:

Erela Sales Solutions

• Website: www.erela.com

• Email: iterela2020@gmail.com

• Support: iterela2020@gmail.com

• Phone: +62 811-2970-560

• Address: Murbei No.2, Sumurboto, Kec. Banyumanik, Kota Semarang, Jawa Tengah 50269

Compliance Certifications

We maintain compliance with:

• SOC 2 Type II certification

• ISO 27001 information security standards

• Privacy Shield principles (where applicable)

• Industry-specific regulations

Note: This Privacy Policy is effective as of the date stated above. Your continued use of the Erela Sales Superapp constitutes acceptance of this policy and any updates.

Document Version: 1.0
Policy ID: ERELA-PP-2025-001