Privacy Policy
Last updated: 15 May 2026
Note: This privacy policy is a template and should be reviewed by legal counsel before production use.
1. Information We Collect
Account data: Name, email address, phone number, business name, GSTIN, and address provided during registration.
Business data: Invoices, payments, parties, items, expenses, and financial records you create in the Service.
Usage data: IP address, browser type, pages visited, feature usage patterns (collected for analytics and security).
We do NOT collect: Aadhaar numbers, bank passwords, credit card numbers (payments are handled by Razorpay).
2. How We Use Your Information
We use your data to: (a) provide and improve the Service; (b) generate invoices and reports; (c) send transactional emails (password resets, invoice delivery); (d) detect and prevent fraud; (e) comply with legal obligations (GST record keeping).
We do NOT sell your data. We do NOT use your business data for advertising.
3. Data Storage & Security
Your data is stored on encrypted servers hosted by Neon (PostgreSQL) and Vercel (application). Files are stored on Cloudflare R2 with encryption at rest. All data transfers use TLS 1.3 encryption.
Access to production systems is restricted to authorized personnel with multi-factor authentication.
4. Data Retention
We retain your data for as long as your account is active. Indian tax law requires businesses to maintain financial records for 8 years — we recommend you maintain your own backups.
Upon account deletion, your data is permanently removed within 30 days. Backups are purged within 90 days.
5. Third-Party Services
We use the following third-party services:
• Razorpay — Payment processing (subject to Razorpay Privacy Policy)
• Resend — Transactional email delivery
• Sentry — Error monitoring (no PII transmitted)
• WhatsApp Business API — Invoice delivery (when enabled by you)
• Google Cloud Vision — Bill scanning OCR (image processed, not stored)
We do not share your financial data with any of these providers beyond what is necessary for their specific function.
6. Your Rights
You have the right to: (a) access all your data via the Export feature; (b) correct inaccurate information; (c) delete your account and data; (d) restrict processing.
To exercise these rights, contact us at privacy@finqure.in or use the in-app settings.
7. Cookies
We use essential cookies for authentication (session tokens). We do NOT use advertising or tracking cookies. No third-party analytics cookies are loaded.
8. Children
The Service is not intended for use by anyone under 18 years of age. We do not knowingly collect data from minors.
9. Changes to This Policy
We will notify you of material changes via email or in-app notification at least 15 days before they take effect.
10. Grievance Officer
In accordance with the Information Technology Act, 2000 and rules made thereunder, the Grievance Officer can be contacted at:
Email: grievance@finqure.in
Response time: Within 24 hours of receipt.