Privacy Policy

Effective Date: April 1st, 2025
Company Name: SP Digicloud Private Limited

1. Introduction

SP Digicloud Private Limited ("we", "our", "us", or the "Company") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our services, including our WhatsApp Business Messaging Tech Provider Platform, Invoice and Inventory Management System, Restaurant POS System, and B2C Mobile App (collectively referred to as the "Services").

This Privacy Policy applies to all visitors, users, and others who access or use our Services. By using our Services, you agree to the collection and use of information in accordance with this policy.

2. What is SP Digicloud

SP Digicloud is a Software-as-a-Service (SaaS) platform that provides businesses with integrated solutions for messaging, inventory management, point-of-sale operations, and customer engagement. Our services help businesses streamline operations, enhance customer communication, and manage their operations efficiently.

We are committed to protecting the personal data of our users and customers. This Privacy Policy outlines our practices regarding the collection, use, and protection of personal information.

3. Collection and Use of Personal Data

3.1 Purposes for Data Collection

We collect and use personal data for the following purposes:

• Providing and managing the Service: To deliver our services, process transactions, and maintain your account
• Internal business purposes: For data analysis, research, and product development
• Communicating with users and marketing: To send service-related notifications, updates, and promotional materials (with your consent)
• Recruiting and managing personnel: For employment-related purposes when you apply for a position with us
• Collecting payment for the Service: To process payments and manage billing
• Understanding and improving Service and Website: To analyze usage patterns and enhance our offerings

3.2 Types of Data Collected

We collect various types of information depending on how you interact with our Services:

• Account Information: Name, email address, phone number, business name, address, GSTIN, PAN, or similar business identifiers
• Business Data: Inventory details, invoices, billing information, product data, transaction history, POS sales and order details
• Usage Information: IP address, device and browser type, pages visited, timestamps of activity
• Communication Data: Messages sent and received through our platform, contact lists, and communication preferences
• Device Information: Device identifiers, mobile device information, and technical data
• KYC Documents: Identification documents required for verification purposes

3.3 Third-Party Service Integrations

Our Services integrate with various third-party platforms, including but not limited to:

• Payment Gateways: Razorpay for processing payments
• Messaging Platforms: WhatsApp for communication services
• Cloud Services: Google Cloud Platform for data storage and processing
• Analytics Tools: Google Analytics for usage analysis

When you use these integrations, their respective privacy policies also apply to your use of those services.

3.4 Cloud API Message Handling

For our WhatsApp Business Messaging service, we act as a technology provider that facilitates communication between businesses and their customers. We process messages through WhatsApp's Business API in accordance with their terms and policies. We do not access or read the content of your messages except as necessary to provide the service.

3.5 Data Categories

• Service Data: Data you provide to us through our Services, including business information and customer data
• Account Information: Data used to create and maintain your account with us
• Service Usage Information: Data about how you use our Services, including interactions and preferences

4. Disclosure of Personal Data

4.1 Service Provider Arrangements

We may share your personal data with trusted third-party service providers who assist us in operating our Services, conducting our business, or serving our users. These service providers are contractually obligated to protect your personal data and use it only for the purposes for which it was disclosed.

4.2 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your personal data may be transferred to the acquiring entity. We will notify you via email or a prominent notice on our website of any change in ownership or uses of your personal data.

4.3 Legal Compliance

We may disclose your personal data if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).

4.4 Protection of Rights

We may disclose personal data where we believe it is necessary to:

• Protect our rights, property, or safety, or that of our users or the public
• Prevent fraud or other illegal activities
• Respond to claims or legal processes

5. Your Rights

As a user of our Services, you have certain rights regarding your personal data:

5.1 Data Subject Rights

• Right of Access: You have the right to obtain confirmation as to whether or not personal data concerning you is being processed, and, where that is the case, access the personal data.
• Right to Rectification: You have the right to obtain rectification of inaccurate personal data concerning you.
• Right to Erasure: You have the right to obtain the erasure of personal data concerning you in certain circumstances.
• Right to Restriction of Processing: You have the right to obtain restriction of processing in certain circumstances.
• Right to Data Portability: You have the right to receive the personal data concerning you in a structured, commonly used, and machine-readable format.
• Right to Object: You have the right to object to processing based on legitimate interests or the performance of a task in the public interest.
• Right to Withdraw Consent: Where processing is based on consent, you have the right to withdraw your consent at any time.

5.2 Exercising Your Rights

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days. In some cases, we may need to verify your identity before fulfilling your request.

Please note that in certain circumstances, we may be unable to comply with your request, for example, if it would incur disproportionate cost or effort, or if there are overriding legal reasons.

6. How We Protect Personal Data

We implement appropriate technical and organizational measures to protect your personal data against unauthorized or unlawful processing and against accidental loss, destruction, or damage.

Our security measures include:

• Encryption of data in transit and at rest
• Access controls and authentication mechanisms
• Regular security assessments and audits
• Employee training on data protection
• Incident response procedures

While we strive to protect your personal data, please be aware that no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, we cannot guarantee absolute security.

7. Cookie Policy

7.1 What Are Cookies

We use cookies and similar tracking technologies to track activity on our Services and store certain information. Cookies are files with a small amount of data which may include an anonymous unique identifier.

7.2 Types of Cookies We Use

• Session Cookies: We use Session Cookies to operate our Service.
• Preference Cookies: We use Preference Cookies to remember your preferences and various settings.
• Security Cookies: We use Security Cookies for security purposes.

7.3 Third-Party Cookies

We may use third-party service providers for analytics and other purposes, such as:

• Google Analytics: A web analytics service provided by Google that tracks and reports website traffic.

7.4 Do Not Track Signals

We do not support Do Not Track ("DNT") signals. However, you can configure your browser to reject cookies or to indicate when a cookie is being sent.

8. Mobile App Privacy Statement

Our mobile applications may access certain features of your device, including:

• Contacts: To facilitate communication features
• Camera: To scan QR codes and capture images
• Storage: To access and save files
• Location: To provide location-based services

We collect mobile analytics data to understand how users interact with our apps and improve functionality. You can manage app permissions through your device settings.

9. Data Retention

We retain your personal data for as long as necessary to provide our Services and fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

The criteria we use to determine retention periods include:

• The length of time we have an ongoing relationship with you
• Whether there is a legal obligation to retain the data
• Whether retention is needed for the establishment, exercise or defense of legal claims

When personal data is no longer required, we securely delete it in accordance with our data retention and destruction policies.

10. International Data Transfers

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction.

If you are located outside India and choose to provide information to us, please note that we transfer the data, including Personal Data, to India and process it there.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

11. Children's Privacy

Our Services do not address anyone under the age of 18 ("Children"). We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from anyone under the age of 18 without verification of parental consent, we take steps to remove that information from our servers.

12. Updates to Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Effective Date" at the top.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

13. Contact Information

If you have any questions about this Privacy Policy or our privacy practices, please contact us:

SP Digicloud Private Limited
Tiruchirappalli, Tamil Nadu, Pin : 620102
Email: [email protected]
Phone: +91 9363 789 103

13.1 Grievance Redressal (For Indian Users)

In compliance with the Information Technology Act, 2000 and rules made thereunder, the name and contact details of the Grievance Officer are:

Grievance Officer: Sathish Mohan
Email: [email protected]

If you have a concern about our processing of your personal data that we have not addressed satisfactorily, you have the right to lodge a complaint with a data protection authority.