Privacy Policy

BrandBot ("we", "us", or "our") respects your privacy. This Privacy Policy explains what personal information we collect, how we use it, who we share it with, and the choices available to you when you use our website, applications, and APIs.

1. Scope

This policy applies to visitors, registered users, employees managed through our attendance and HR features, end customers who interact with your published catalogues or review pages, and resellers or partners using whitelabel instances of our platform.

2. Information we collect

Account and profile data. Name, phone number, email address, business name, role, referral codes, and authentication credentials or OTP verification records.

Business operational data. Branch details, employee records, attendance logs, leave requests, expenses, salary information, form submissions, and customer feedback collected through your configured workflows.

Product usage data. Digital catalogue content, review QR configurations, WhatsApp template usage, API activity, device identifiers, IP addresses, browser type, and log data related to security and performance.

Payment data. Billing name, transaction references, GST details, and subscription history. Payment card or UPI details are processed by third-party payment providers; we do not store full payment instrument numbers on our servers.

3. How we use information

We process personal data to create and manage accounts, deliver subscribed features, send transactional and service messages, generate invoices, provide customer support, improve product reliability, detect fraud, and comply with applicable laws.

4. Legal bases (where applicable)

Depending on your jurisdiction, we rely on contract performance, legitimate interests in operating and securing the service, consent where required (for example marketing communications), and legal obligations such as tax and accounting record-keeping.

5. Sharing and processors

We do not sell personal information. We may disclose data to cloud hosting providers, payment gateways, SMS and messaging gateways, mapping and AI service providers, and professional advisers when necessary to operate the platform. These parties are bound to process data only on our instructions and subject to appropriate safeguards.

6. International transfers

Your data may be stored or processed in India or other countries where our infrastructure or subprocessors operate. We take steps to ensure an adequate level of protection consistent with applicable data protection requirements.

7. Retention

We retain personal information for as long as your account is active, as needed to provide the service, and as required for legal, tax, audit, or dispute resolution purposes. You may request deletion subject to exceptions where retention is mandated by law.

8. Security

We implement administrative, technical, and organizational measures designed to protect personal data against unauthorized access, alteration, disclosure, or destruction. No online service can guarantee absolute security.

9. Your rights

You may have the right to access, correct, delete, restrict, or object to certain processing of your personal data, and to lodge a complaint with a supervisory authority. Submit requests using the contact details below; we will respond within timelines required by applicable law.

10. Children

Our services are intended for businesses and adults. We do not knowingly collect personal information from children without appropriate authorization.

11. Changes

We may update this Privacy Policy from time to time. Material changes will be indicated by updating the date at the top of this page. Continued use after changes constitutes notice of the updated policy.