🔒 Privacy Policy

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

• Email Address: Used for account creation and authentication
• Business Information: Business name, address, phone number, email address
• Account Credentials: Encrypted password and authentication tokens

1.2 Business Data

The App stores your business-related information in our secure cloud database:

• Product Information: Product names, categories, prices, stock levels, tax rates, descriptions
• Customer Data: Customer names, contact information, addresses (as entered by you)
• Order Records: Order details, line items, order status, dates, totals
• Invoice Data: Invoice numbers, amounts, payment status, tax calculations
• App Settings: Currency preferences, tax configurations, business setup information

1.3 Device Data

We access limited device information only when necessary for App functionality:

• Device Type: iOS or Android device model for compatibility
• App Version: To ensure you’re using the latest features
• Network Status: To manage offline/online functionality
• Device Storage: For temporary caching and invoice PDF downloads

2. Device Permissions

2.1 Photo Library/Gallery Access

Why We Need It: To let you select existing photos for product images

How It’s Used: You can choose photos from your gallery to use as product images. The App only accesses images you specifically select.

2.2 File System Access

Why We Need It: For importing product data from CSV/Excel files and saving PDF invoices

How It’s Used:

• Import products from Excel or CSV files you choose
• Save generated PDF invoices to your device for sharing
• Temporary caching of app data for better performance

2.3 Network Access

Why We Need It: To sync your data with our secure cloud database

How It’s Used: All business data is stored in the cloud for accessibility across devices and backup security.

3. How We Store and Use Your Data

3.1 Cloud Storage with Supabase

Your business data is securely stored using Supabase, a trusted cloud infrastructure provider:

• Database: All business information stored in encrypted PostgreSQL database
• Authentication: Secure user authentication with encrypted passwords
• File Storage: Product images stored in secure cloud storage with user-specific access
• Data Isolation: Your data is completely separated from other users through Row Level Security
• Geographic Location: Data stored in secure data centers with industry-standard security measures

3.2 Local Caching

For better performance, the App temporarily caches some data on your device:

• Duration: Cache expires every 30 seconds to 1 minute
• Purpose: Faster app loading and offline viewing of recently accessed data
• Content: Recently viewed products, orders, and app settings only
• Security: No sensitive data permanently stored on device

3.3 How We Use Your Information

• App Functionality: Provide core features like inventory management, order processing, and invoice generation
• Data Synchronization: Keep your business data consistent across devices
• Customer Support: Help resolve technical issues or answer questions about your account
• App Improvements: Identify and fix bugs, improve performance and user experience

4. Data Sharing and Third Parties

4.1 We Do NOT Share Your Business Data

4.2 Service Providers

We work with the following trusted service provider to operate the App:

• Supabase: Provides secure cloud database and authentication services
  • Data Processing Agreement in place
  • GDPR compliant infrastructure
  • Industry-standard security certifications
  • No access to your business data beyond technical infrastructure needs

4.3 Legal Requirements Only

We may disclose your information only when:

• Required by law or valid legal process
• Necessary to protect our legal rights or safety
• To prevent fraud or security threats

5. Data Security

5.1 Technical Security Measures

• Encryption in Transit: All data transmission protected by HTTPS/TLS encryption
• Encryption at Rest: Database and file storage encrypted using industry-standard methods
• Access Controls: Strict authentication required for all data access
• Row Level Security: Database-level isolation ensures your data is accessible only to you
• Secure Authentication: Password requirements and secure session management

5.2 Operational Security

• Regular Updates: App security patches delivered through official app stores
• Monitoring: 24/7 monitoring of infrastructure for security threats
• Backup: Regular automated backups of your data with encryption
• Incident Response: Established procedures for handling any security incidents

6. Your Rights and Control

6.1 Data Access and Management

You have complete control over your business data:

• View All Data: Access all your information through the App interface
• Edit Information: Update, modify, or correct any business data at any time
• Export Data: Download your complete business data in standard formats
• Delete Data: Remove specific records or your entire account

6.2 Account Management

• Account Deletion: Permanently delete your account and all associated data
• Access Restriction: Control what information is stored in the App

6.3 Contact for Data Requests

To exercise any of these rights, contact us at vegixstore@gmail.com with your request. We will respond within 30 days.

7. Data Retention

We retain your data according to the following schedule:

• Active Account: Data retained as long as your account is active
• Account Deletion: All data is permanently deleted immediately when you confirm account deletion through the App
• Cache Data: Device cache automatically cleared every 30 seconds to 1 minute

8. International Data Transfers

Your data is stored on Supabase’s secure cloud infrastructure. Supabase maintains data centers in multiple regions with appropriate security safeguards:

• Data transfer protection through encryption and secure protocols
• Compliance with applicable data protection regulations
• Standard contractual clauses for international transfers where applicable
• You can contact us to inquire about data location preferences

9. Children’s Privacy

The Veena Import App is designed for business use and is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us immediately and we will delete such information.

10. Changes to This Privacy Policy

We may update this Privacy Policy to reflect:

• New App features or functionality changes
• Legal or regulatory requirements
• Security improvements or infrastructure changes
• User feedback and privacy best practices

11. Offline Functionality

The App is designed with offline capabilities for business continuity:

• Network Detection: App automatically detects connection status
• Cached Access: Recently viewed data available offline for short periods
• Retry Queue: Actions performed offline are automatically synced when connection returns
• No Permanent Offline Storage: Critical business data requires internet connection for security and backup

12. File and Invoice Management

12.1 PDF Invoice Generation

• Local Generation: Invoices created on your device using your business data
• Device Sharing: PDFs are generated and shared using your device’s native sharing capabilities
• iOS: You can save invoices directly to your device, Files app, or share with other apps
• Android: Invoices can be shared with other apps and may be temporarily stored depending on your device’s sharing mechanism
• No Cloud Storage: Currently invoice PDFs are not permanently stored in our cloud systems
• Your Control: You decide where to save and how to share generated invoices through your device’s sharing options

12.2 Data Import Functionality

• CSV/Excel Processing: Files processed locally on your device
• No File Upload: Import files are not uploaded to our servers
• Data Extraction Only: Only the business data you choose to import is saved to your account
• Secure Processing: Import files are processed and then discarded from temporary memory

13. Legal Compliance

This Privacy Policy complies with applicable privacy regulations including:

• GDPR (General Data Protection Regulation) – for users in the European Union
• CCPA (California Consumer Privacy Act) – for California residents
• PIPEDA (Personal Information Protection and Electronic Documents Act) – for Canadian users
• Apple App Store and Google Play Store privacy requirements

If you are a resident of the EU, California, or another region with specific privacy rights, you may have additional rights under local law. Please contact us for more information about your specific rights.

14. Contact Us