Smart Sales Ledger - Privacy Policy

1. Introduction

GENIO INDIA SOFTWARE PRIVATE LIMITED ("we", "our", "us", or "Company") operates the mobile application Smart Sales Ledger (the "App" or "Service"), available on Google Play Store and Apple App Store for Android and iOS devices.

This Privacy Policy explains how we collect, use, disclose, store, and protect your information when you use Smart Sales Ledger. It also describes your rights and choices regarding your personal information.

By downloading, installing, accessing, or using the App, you acknowledge that you have read and understood this Privacy Policy and agree to the practices described herein. If you do not agree with any part of this policy, please do not use the App.

This policy complies with applicable data protection laws including, but not limited to:

The Digital Personal Data Protection Act, 2023 (DPDP Act) of India
The General Data Protection Regulation (GDPR) for users in the European Economic Area (EEA)
The California Consumer Privacy Act (CCPA/CPRA) for users in California, USA
Google Play Developer Program Policies and Google Play Data Safety requirements
Apple App Store Review Guidelines and Apple App Privacy requirements
The Children's Online Privacy Protection Act (COPPA) of the United States

2. About the App

Smart Sales Ledger is a business productivity application that helps small businesses, shopkeepers, retailers, and service providers manage their customer records, sales transactions, payments, and ledger entries on their mobile devices.

The App offers both Free and Paid (Subscription) tiers:

Free Plan: Users can register and manage up to 50 customer records at no cost.
Paid Plan: Users who wish to register more than 50 customer records must purchase a subscription through in-app purchase.

3. Information We Collect

We collect the following categories of information to operate and improve the App.

3.1 Information You Provide Directly

a) Account Information

Full name
Email address
Mobile phone number
Business name (optional)
Login credentials (password stored in encrypted/hashed form)
Profile photo (optional)

b) Business and Customer Data Entered by You

Customer names, phone numbers, addresses, and email addresses
Sales transactions, invoices, and receipts
Payment records (cash, credit, due amounts)
Inventory or product details (if entered)
Ledger entries and notes
Any other business records you choose to enter

Important: This data is entered by you (the user) about your own customers/business contacts. You are the data controller for this information, and we act as a data processor on your behalf.

c) Communication Information

Messages, feedback, or support requests you send to us
Survey responses (if you choose to participate)

3.2 Information Collected Automatically

a) Device Information

Device model, manufacturer, and operating system version
Unique device identifiers (e.g., Android Advertising ID, Apple IDFA — only if permitted by you)
Mobile network information and carrier
Device language, time zone, and screen resolution

b) App Usage Information

Features used within the App
Date and time of access
Crash logs and error reports
App performance and diagnostic data
Approximate location derived from IP address (NOT precise GPS location)

c) Log Data

IP address, access timestamps, pages or screens viewed within the App

3.3 Payment Information

For subscription purchases, payments are processed exclusively through Google Play Billing (Android) or Apple In-App Purchase / StoreKit (iOS).

We do NOT collect, store, or have access to your credit card, debit card, UPI, or banking details. All payment information is handled directly by Google or Apple. We only receive a confirmation of subscription status (active/expired) and a transaction identifier.

3.4 Information We Do NOT Collect

We do not collect precise (GPS) location data.
We do not access your contacts, photos, microphone, or camera unless you explicitly grant permission for a specific feature.
We do not collect biometric data, health, financial account, or government ID data.
We do not knowingly collect data from children under 13 (or the applicable age of digital consent in your jurisdiction).

4. How We Use Your Information

We use the information we collect only for the following purposes:

Purpose	Legal Basis (GDPR)
To create and manage your account	Contract performance
To provide core App functionality (storing and displaying your business records)	Contract performance
To process subscription purchases and manage billing status	Contract performance
To provide customer support and respond to inquiries	Legitimate interest / Contract
To send service-related notifications (e.g., subscription expiry, important updates)	Legitimate interest
To detect, prevent, and address fraud, abuse, or technical issues	Legitimate interest / Legal obligation
To improve App performance, fix bugs, and develop new features	Legitimate interest
To comply with legal obligations	Legal obligation
To enforce our Terms of Service	Legitimate interest

We do NOT use your data for: advertising or behavioral profiling, selling to third parties, or training artificial intelligence models without your explicit consent.

5. Subscription and In-App Purchases

5.1 Free Tier Limits

Free users may register up to 50 customer records. Once the 50-record limit is reached, the user must subscribe to a paid plan to add more records.

5.2 Paid Subscription

Subscription plans, pricing, billing cycles, and renewal terms are displayed within the App before purchase.
Subscriptions are sold and managed through Google Play Billing (Android) or Apple In-App Purchase (iOS).
Subscriptions auto-renew unless cancelled at least 24 hours before the end of the current billing period.
You can manage, cancel, or refund subscriptions through your Google Play or Apple App Store account settings.

5.3 Behavior After Subscription Expiry

If a paid subscription expires and is not renewed:

The App will restrict accessible customer records to a maximum of 50 records, determined in ascending order of registration date.
Records beyond the 50-record limit will not be deleted immediately but will become inaccessible until the subscription is renewed.
Upon renewal, full access to all records will be restored, provided the data has not been deleted under the Data Retention Policy (Section 7).

6. How We Share Your Information

We do not sell, rent, or trade your personal information. We share information only in the limited circumstances described below.

6.1 Service Providers (Data Processors)

Provider	Purpose	Data Shared
Google Play Billing	Payment processing for Android	Transaction ID, subscription status
Apple In-App Purchase	Payment processing for iOS	Transaction ID, subscription status
Cloud hosting (e.g., AWS / Google Cloud)	Secure data storage and backup	Encrypted user data
Firebase Crashlytics / Google Analytics	App stability and performance monitoring	Device info, crash logs, anonymised usage data
Google Play Billing	In-app purchase and subscription processing	Transaction details, purchase token

6.2 Legal Requirements

We may disclose your information if required by law, regulation, court order, or governmental request, or to protect the rights, property, or safety of our Company, users, or others, or to investigate and prevent fraud, abuse, or violations of our Terms.

6.3 Business Transfers

If we are involved in a merger, acquisition, reorganisation, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change via the App or email, and the receiving party will be obligated to honour this Privacy Policy.

6.4 With Your Consent

We may share your information for any other purpose disclosed to you and with your explicit consent.

7. Data Retention

Your account and business data are retained for as long as your account is active or as needed to provide you the Service.
Data inactive or unused for more than 2 (two) years may be automatically deleted, after which it cannot be recovered.
We will make reasonable efforts to notify you via email or in-app notification before any automated deletion.
Users are solely responsible for backing up important business data. We provide export functionality within the App for this purpose.
After account deletion or retention expiry, we may retain certain information for a limited period to comply with legal, accounting, or fraud-prevention obligations.
Anonymised and aggregated data (which cannot identify you) may be retained indefinitely for analytical purposes.

8. Data Security

We take the security of your data seriously and implement industry-standard technical and organisational safeguards, including:

Encryption in transit using HTTPS/TLS for all communications between the App and our servers
Encryption at rest for sensitive data stored on our servers
Hashed and salted password storage (we never store passwords in plain text)
Access controls restricting employee access to user data on a need-to-know basis
Regular security audits, vulnerability scans, and software updates
Secure backup and disaster recovery procedures

Despite our efforts, no method of electronic transmission or storage is 100% secure. In the event of a data breach affecting your personal information, we will notify affected users and applicable regulatory authorities in accordance with applicable law.

9. Your Rights and Choices

9.1 Universal Rights (All Users)

Access — Request a copy of the personal information we hold about you.
Correction — Request that we correct inaccurate or incomplete information.
Deletion — Request that we delete your account and personal information.
Export / Portability — Request your data in a portable, machine-readable format.
Withdraw Consent — Withdraw consent for processing where consent is the legal basis (this may affect the App's functionality).

9.2 Additional Rights Under GDPR (EEA Users)

Right to restriction of processing
Right to object to processing
Right to lodge a complaint with a supervisory authority (e.g., your national Data Protection Authority)

9.3 Additional Rights Under CCPA/CPRA (California Users)

Right to know what personal information is collected, used, shared, or sold
Right to opt out of the sale or sharing of personal information (we do not sell or share personal information)
Right to non-discrimination for exercising your privacy rights
Right to limit the use of sensitive personal information

9.4 Rights Under India's DPDP Act, 2023

Right to access, correct, update, and erase personal data
Right to grievance redressal (see Section 14)
Right to nominate another individual to exercise your rights in case of incapacity or death

9.5 How to Exercise Your Rights

To exercise any of these rights:

Use the in-app account deletion / data export feature (available in Settings)
Email us at [Insert Contact Email]

We will respond to verified requests within 30 days (or sooner if required by applicable law).

9.6 Account and Data Deletion

In compliance with Google Play's Data Deletion requirement, users can request account and data deletion through:

In-app option: Settings → Account → Delete Account
Web-based form: [Insert URL to data deletion request page]
Email request: [Insert Contact Email]

Once you submit a deletion request, your account and associated data will be deleted within 30 days, except for any information we are required to retain by law.

10. Children's Privacy

Smart Sales Ledger is not intended for use by children under the age of 13 (or the equivalent minimum digital consent age in your jurisdiction, e.g., 16 in some EU member states, 18 in India under the DPDP Act for certain processing).

We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at [Insert Contact Email], and we will take steps to delete such information promptly.

11. International Data Transfers

Our servers may be located in India or other countries. If you are accessing the App from outside India, please be aware that your information may be transferred to, stored in, and processed in India or other countries where data protection laws may differ from those in your jurisdiction.

By using the App, you consent to such transfers. Where required by law (e.g., GDPR), we implement appropriate safeguards such as Standard Contractual Clauses (SCCs) to protect your data during international transfers.

12. Permissions Requested by the App

Smart Sales Ledger requests only the minimum permissions necessary for its functionality:

Permission	Purpose	Required / Optional
Internet access	To sync data with our servers and process subscriptions	Required
Network state	To detect connection availability for syncing	Required
Storage (read/write)	To export data, save backups, attach receipts	Optional
Camera	To scan receipts or capture customer photos	Optional
Notifications	To send subscription and service alerts	Optional
Billing (com.android.vending.BILLING)	To enable in-app subscription purchases	Required for paid features

You can revoke optional permissions at any time through your device settings.

13. Third-Party Links and Services

The App may contain links to third-party websites or services (e.g., Google Play, Apple App Store, payment provider pages). We are not responsible for the privacy practices or content of these third parties. We encourage you to review their privacy policies before sharing any information with them.

14. Grievance Officer / Data Protection Contact

In compliance with the Information Technology Act, 2000, the IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the Digital Personal Data Protection Act, 2023 of India:

Name: [Insert Name]
Designation: Grievance Officer / Data Protection Officer
Company: GENIO INDIA SOFTWARE PRIVATE LIMITED
Email: [Insert Email]
Address: [Insert Full Postal Address]
Phone: [Insert Phone Number]
Response Time: Within 30 days of receiving a verified complaint

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. When we make material changes, we will:

Update the "Last Updated" date at the top of this policy
Notify users via in-app notification or email at least 7 days before the changes take effect
Where required by law, obtain your consent to the updated policy

Your continued use of the App after the effective date of the revised Privacy Policy constitutes your acceptance of the changes.

16. Governing Law and Jurisdiction

This Privacy Policy is governed by the laws of India, without regard to its conflict of law principles. Any disputes arising out of or relating to this Privacy Policy shall be subject to the exclusive jurisdiction of the courts located in [Insert City, India].

For users in the EEA, UK, or California, applicable local privacy laws may grant you additional rights, which are not affected by this clause.

17. Contact Us

If you have any questions, concerns, or complaints about this Privacy Policy or our data practices, please contact us:

GENIO INDIA SOFTWARE PRIVATE LIMITED
Email: [Insert Contact Email]
Phone: [Insert Phone Number]
Registered Address: [Insert Full Postal Address]
Website: www.genioindia.co.in

This Privacy Policy was last updated on [Insert Date]. By using Smart Sales Ledger, you acknowledge that you have read and understood this policy.