1. Introduction
Orsale (“we,” “our,” or “us”) is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, and store your information when you use our application and related services (the “Services”). By using our Services, you consent to the data practices described in this policy.
2. Information We Collect
2.1 Personal Information
When you register and use our Services, we collect personal information including your name, email address, phone number, and WhatsApp number. We also collect your profile photograph, city, state, PIN code, and postal address. Additionally, we store your company or organisation name and business details, along with your encrypted passwords and authentication credentials to secure your account.
2.2 Business Data
To provide our order management functionality, we collect and store business-related information. This includes your order information and transaction records, customer contact details, product descriptions, categories, and specifications. We also store order status updates and activity history, payment and subscription information, as well as any custom business fields and metadata that you create within the application.
2.3 Files and Images
We store photographs and images that you upload through our Services, including edited images and design files. We also maintain file metadata such as timestamps, file types, and sizes to properly manage and display your files.
2.4 Device Permissions
Our mobile application may request access to certain device features with your explicit consent. We may access your contacts to facilitate invitations and customer entry, and we may access your camera and photo gallery to enable you to upload images for orders. You may revoke these permissions through your device settings at any time.
3. How We Use Your Information
We use your information solely to provide and improve our Services. Your information enables us to provide and maintain the application functionality, authenticate users, and secure your account. We use your data to process and manage your orders and to store your business data for your access and use. The information allows us to enable communication features and send notifications related to your orders and activities. We process payments and manage subscriptions using your payment information, and we enforce role-based access controls within your organisation to ensure data security. When you request assistance, we use your information to provide customer support. We also use your data to comply with legal obligations and to prevent fraud and unauthorised access to your account. Your data belongs to you, and we store it exclusively for your use and benefit.
4. Data Storage and Security
4.1 Where We Store Your Data
Your data is stored securely in our databases and file storage systems. All information is stored solely for your use when accessing our Services.
4.2 How We Protect Your Data
We implement multiple security measures to protect your information. All data transmissions between your device and our servers are encrypted using HTTPS and WSS protocols. Your passwords are hashed using cryptographic algorithms with unique salts, ensuring that we never store passwords in plain text. We use JWT-based authentication with secure token management to maintain your session security. Role-based access controls restrict data access to authorised users only within your organisation. We implement rate limiting to prevent brute force attacks on user accounts. All uploaded files undergo validation and security scanning to protect against malicious content. We maintain regular database backups to prevent data loss, and our multi-tenant architecture ensures strict data isolation between different organisations.
4.3 Data Retention
We retain your active data whilst your account remains active, giving you full control over your information. Temporary files are automatically deleted after processing to maintain system efficiency. You may request account deletion at any time, and we will promptly remove your data in accordance with applicable laws.
5. Data Sharing and Disclosure
We do not sell, rent, trade, or share your personal data with any third parties. Your data is stored and used exclusively to provide you with our Services. You maintain complete ownership and control of your information.
5.1 Within Your Organisation
Information is shared with authorised members of your company based on assigned roles and permissions that you configure. Our multi-tenant architecture ensures strict data isolation between different organisations, so your data is never visible to users from other organisations.
5.2 Legal Requirements
We may disclose information only when legally required to comply with legal obligations, court orders, or regulatory requirements. We may also disclose information to protect our rights, property, and safety, to prevent fraud or security threats, or to protect user safety and public interest.
5.3 Business Transfers
In the event of a merger, acquisition, or asset sale, your information may be transferred to the acquiring entity, who will be bound by this Privacy Policy and required to protect your data with the same standards.
5.4 With Your Consent
We may share information for other purposes only with your explicit consent, and only in the manner you have authorised.
6. Your Rights
You have complete control over your data. You can access and download your personal data at any time through your account. You can update or correct your information through your account settings whenever needed. You have the right to request deletion of your account and all associated data. You retain full ownership of all data you create and store in our Services. You can withdraw consent for data processing or revoke device permissions at any time through your device settings. You can also manage notification settings and preferences through the application. To exercise your rights or if you need assistance, please contact us using the details provided in Section 9.
7. What We Do NOT Collect
We want to be transparent about what we do not collect. We do not collect or store IP addresses. We do not collect or store device type or operating system information. We do not track your location. We do not maintain activity logs or usage analytics. We do not use third-party tracking or analytics services. We do not use advertising cookies or tracking pixels. Our approach is to collect only the minimum information necessary to provide you with our Services.
8. Cookies and Tracking Technologies
We use minimal technologies solely to operate our Services. We use authentication tokens to maintain secure sessions so you remain logged in whilst using the application. We use local storage to temporarily cache data on your device for improved performance. We do not use cookies for tracking, advertising, or analytics purposes.
9. Children’s Privacy
Our Services are not intended for persons under 18 years of age. We do not knowingly collect information from children. If you believe we have collected data from a child, please contact us immediately, and we will take prompt action to delete such information.
10. Contact Us
For questions, concerns, or requests regarding this Privacy Policy, please contact us at the following:
Email:info@rankbit.tech
Phone: +91 96014 00603
11. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices or for legal reasons. When we make changes, we will notify you through in-app notifications and email notifications where applicable. We will also update the “Last Updated” date at the top of this policy. Your continued use of the Services after changes have been made constitutes your acceptance of the updated policy.
12. Jurisdiction-Specific Rights
12.1 India
We comply with the Information Technology Act, 2000 and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011. Users in India have the right to access and correct their personal information as provided under these regulations.
12.2 European Union
EU residents have additional rights under the General Data Protection Regulation (GDPR). These rights include the right to lodge a complaint with a supervisory authority, the right to data portability, and the right to object to automated decision-making. Our legal basis for processing your data includes performance of contract when we provide our Services to you, consent where you have explicitly agreed to processing, and legal compliance where we are required by law to process your information.
12.3 United Kingdom
UK residents have rights equivalent to GDPR under UK GDPR legislation. You may lodge complaints with the Information Commissioner’s Office (ICO) if you believe your data protection rights have been violated.
12.4 California
California residents have rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA). You have the right to know what personal information is collected about you and the right to delete your personal information. We do not sell personal information. You have the right to non-discrimination for exercising your privacy rights.
13. Data Breach Notification
In the event of a data breach affecting your personal information, we will take immediate action. We will investigate the breach and secure our systems immediately to prevent further unauthorised access. Affected users will be notified within 72 hours or as required by applicable law. We will provide you with details about the nature of the breach and the protective measures you should take. We will also report the breach to relevant authorities as legally required.
14. Your Data, Your Control
We believe in complete transparency and user control over personal information. You own your data, and all information you store in our Services belongs to you. We do not engage in hidden tracking and only store what is necessary to provide our Services. We will never sell your information to anyone. Your data stays with you and your authorised team members and is not shared with external parties. You have full control and can delete your data at any time.
15. Consent
By using Orsale, you acknowledge that you have read, understood, and agree to this Privacy Policy. If you do not agree with this policy, please do not use our Services.