Privacy Policy

1. Introduction

Welcome to Khatapata ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our business management platform and services.

By accessing or using Khatapata, you agree to the terms of this Privacy Policy. If you do not agree with the practices described in this policy, please do not use our services.

2. Information We Collect

2.1 Personal Information

When you create an account or use our services, we may collect:

• Full name
• Email address
• Phone number (for subscription requests)
• Password (stored securely using encryption)

2.2 Business Data

To provide our services, we collect and store your business information:

• Product information (names, descriptions, prices, stock levels, images)
• Sales records (transactions, quantities, dates, customer names)
• Expense records (amounts, descriptions, payment details)
• Order information (customer details, delivery addresses)
• Seller/supplier contact information

2.3 Usage Data

We automatically collect certain information when you use our platform:

• Device information (browser type, operating system)
• IP address
• Pages visited and features used
• Date and time of access
• Referring website addresses

3. How We Use Your Information

We use the collected information for the following purposes:

• Provide Services: To operate and maintain your account, process your business data, and deliver the features you request
• Improve Our Platform: To analyze usage patterns, fix bugs, and enhance user experience
• Communication: To send you important updates, security alerts, and support messages
• Subscription Management: To process subscription requests and manage your plan
• Analytics: To generate aggregated, anonymized statistics about platform usage
• Legal Compliance: To comply with applicable laws, regulations, and legal processes

4. Data Storage and Security

4.1 Data Storage

Your data is stored securely using Supabase, a trusted cloud database provider. Our servers are located in secure data centers with industry-standard physical and digital security measures.

4.2 Security Measures

We implement appropriate technical and organizational measures to protect your data:

• Encryption of data in transit (HTTPS/TLS)
• Secure password hashing
• Row-Level Security (RLS) ensuring users can only access their own data
• Regular security audits and updates
• Access controls and authentication mechanisms

4.3 Data Isolation

Each user's data is isolated and protected. You can only access your own products, sales, expenses, orders, and seller information. No other user can view or modify your business data.

5. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

• Service Providers: With trusted third-party services that help us operate our platform (e.g., cloud hosting, authentication services)
• Legal Requirements: When required by law, court order, or government request
• Protection of Rights: To protect our rights, privacy, safety, or property, and that of our users
• Business Transfers: In connection with a merger, acquisition, or sale of assets (with notice to users)
• With Your Consent: When you explicitly authorize us to share your information

6. Your Rights

You have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you
• Correction: Request correction of inaccurate or incomplete data
• Deletion: Request deletion of your account and associated data
• Data Portability: Request your data in a portable format (available in Silver and Gold plans)
• Withdraw Consent: Withdraw consent for data processing where applicable
• Opt-out: Opt-out of marketing communications at any time

To exercise any of these rights, please contact us using the information provided below.

7. Cookies and Tracking

We use essential cookies and similar technologies to:

• Maintain your login session
• Remember your preferences (such as currency settings)
• Ensure security and prevent fraud
• Analyze platform performance

You can control cookie settings through your browser preferences. However, disabling essential cookies may affect the functionality of our platform.

8. Data Retention

We retain your data for as long as your account is active or as needed to provide our services. If you delete your account:

• Your personal data will be deleted within 30 days
• Your business data (products, sales, expenses, etc.) will be permanently removed
• Some data may be retained for legal compliance purposes (e.g., transaction records for tax purposes)
• Anonymized, aggregated data may be retained for analytics

9. Children's Privacy

Khatapata is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child without parental consent, we will take steps to delete that information.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. We ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. We will notify you of any material changes by:

• Posting the updated policy on our website
• Updating the "Last updated" date
• Sending an email notification for significant changes

Your continued use of Khatapata after any changes indicates your acceptance of the updated Privacy Policy.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: