Privacy Policy

This Privacy Policy explains how Storepilot (operated by Dixigen, "we", "us", "our") collects, uses, stores and shares information when you use the Storepilot mobile app, the storepilot.tech website and the public invoice / ledger viewer pages (the "Service"). By using the Service you agree to this policy.

1. Information we collect

a) Account & identity

• Mobile phone number – required to sign in via one-time password (OTP) sent over WhatsApp.
• Display name – optional, used inside the app and on invoices.
• Device label – e.g. "Pixel 7", to help you manage logged-in devices.
• Google account (optional, only if you enable Google Drive backup) – when you tap "Connect Google Drive" inside the app, we use Google Sign-In purely to obtain a drive.file scope token. With this scope Google only allows the app to read or write files that the app itself has created — i.e. the encrypted Storepilot backup ZIP. We cannot see, list, or download any of your other Google Drive files, photos, Gmail, contacts or Google account data. We store your Google email and Google user-ID only to identify which account the backup belongs to. You can disconnect at any time from Settings → Backup → Disconnect Google Drive, which revokes the token and stops further backups.

b) Photos & camera (only when you tap "Add Photo")

• To attach a logo, product image or invoice photo, the app asks for one-time permission to your camera or photo library.
• We only read the specific image you pick — we never scan or upload your full gallery.
• The image is stored on your device and uploaded to our encrypted object storage only when you save the related record (product, invoice, business profile).
• You can revoke this permission anytime from your phone's system Settings → Storepilot → Permissions.

c) Contacts (only when you tap "Import from contacts")

• If you choose "Import customer from contacts", the app requests one-time access to your address book and shows you a picker.
• Only the contact you tap is imported (name + phone). We do not silently sync, upload or back up your full contact list.

d) Business data you create

• Business profile: name, address, GSTIN, logo, currency, category.
• Products and categories (name, price, stock, photos).
• Parties (customers & suppliers): name, phone, address, opening balance.
• Invoices & purchase bills (line items, totals, taxes, attached photos).
• Ledger entries, payments and cash-book transactions.
• Expenses, payment reminders and notes you record.

e) Technical & usage data

• App version, OS, device model and a randomly generated device ID.
• Crash logs and basic event logs (e.g. "login succeeded", "sync completed").
• IP address and timestamps when the app talks to api.storepilot.tech.

f) What we do not collect

• We do not ask for or store your bank account, card number or UPI PIN.
• We do not read your SMS, full contact list, call logs, location, microphone audio, gallery contents or files outside what you explicitly choose to share with the app.
• We do not read any Google Drive file, Gmail message or other Google account data — only the encrypted backup ZIPs that the Storepilot app itself creates.
• We do not sell or rent personal information to third parties.

2. How we store your data

• On-device first. The app keeps a complete copy of your business data in a local encrypted SQLite database on your phone (using expo-sqlite). The app is fully usable offline.
• Secure tokens. Login tokens and sensitive keys are stored in the OS-level Keystore via expo-secure-store — they cannot be read by other apps.
• Cloud sync. When the device has internet, data is synced to our servers (FastAPI on Indian VPS, PostgreSQL database) so you can restore on a new phone.
• Image uploads. Logos, invoice attachments and product photos are uploaded to encrypted object storage (Amazon S3, Asia region).
• PDF generation. Invoice/receipt PDFs are generated on your device (expo-print) and stored in the app's private folder; they leave your device only when you tap Share.
• Optional Google Drive backup. If you turn this on, an encrypted ZIP of your data is written to your own Google Drive using the drive.file scope (app-created files only). We never read or list any of your other Drive files.

3. How we use your data

• To run the Service: authenticate you, sync your data, generate invoices, process backups.
• To send WhatsApp OTPs and payment reminders on your behalf via our partner MSG91. Reminder content is composed and triggered by you.
• To create public payment links (/i/{token} and /p/{token}) when you explicitly tap "Share" on an invoice or ledger.
• To improve the app: aggregate, anonymous usage trends, crash diagnostics.
• To comply with applicable laws and respond to lawful requests.

4. Sharing & third parties

We share data only with the processors required to run the Service:

• MSG91 – sends WhatsApp/SMS messages (phone number + message body).
• Amazon Web Services (S3, EC2) – hosting and image storage.
• Google Play Billing – if you purchase Pro on Android.
• Google Sign-In & Google Drive API – only when you choose to connect Google Drive backup. Use is governed by Google's Privacy Policy and the Limited Use requirements — Storepilot's use of information from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
• UPI apps – we generate the UPI deep link on your invoice; the actual payment is handled by your customer's UPI app (Google Pay, PhonePe, Paytm, etc.). We do not see, route or settle the money.

We never sell personal data or share it for advertising.

5. Public payment / ledger links

When you tap "Share" on an invoice or party ledger inside the app, we generate a permanent 16-character token. Anyone with that link (e.g. storepilot.tech/i/AbVeIu46qWiXDbVu) can view the invoice or ledger until you revoke it from the app. Treat the link like a password — share it only with the customer it's meant for.

6. Security

• Transport: all traffic between the app and our API is over HTTPS (TLS 1.2+).
• Auth: short-lived JWT access tokens + rotating refresh tokens; tokens are stored in the device Keystore / Secure Enclave.
• Storage: server-side passwords/secrets are hashed; backups are encrypted at rest.
• Access: production database access is restricted to a small ops team and audited.

No system is 100% secure. If you suspect unauthorised access, contact us immediately at care@storepilot.tech.

7. Your rights

You have the following rights over your personal data, in line with India's Digital Personal Data Protection Act, 2023 (DPDP Act):

• Access & export – the entire database lives on your phone; you can also email us for a JSON export of your cloud-side data.
• Correction – edit any record inside the app or email us for fields you cannot change yourself.
• Erasure / delete account – Settings → Account → Delete. We erase your cloud copy within 30 days. The on-device copy is removed when you uninstall.
• Withdraw consent – at any time, with the same ease as it was given:
  • WhatsApp reminders – disable in Settings, or reply STOP to any message.
  • Google Drive backup – Settings → Backup → Disconnect (this revokes the Drive token).
  • Photo / camera / contacts permissions – revoke any time from your phone's system Settings.
• Grievance redressal – contact our Grievance Officer (see Section 13). If you are not satisfied with our response, you may complain to the Data Protection Board of India once it is constituted.
• Nominate – you may nominate another person to exercise your rights in the event of your death or incapacity (write to us with the nominee's details).

8. Children

Storepilot is intended for business owners aged 18 or above. Under the DPDP Act, we do not knowingly process the personal data of children (anyone under 18) and we do not perform tracking, behavioural monitoring or targeted advertising to children. If you believe a child has signed up, please write to us and we will delete the account.

9. Data retention

We keep your cloud data while your account is active. After account deletion, backups are purged within 30 days. WhatsApp message logs are retained by MSG91 per their policy (typically 90 days). Some financial / invoice records may be retained for up to 7 years where Indian tax law requires it.

10. International transfers

Data is primarily stored in India (AWS Mumbai) with limited failover to Singapore (AWS). Transfers happen only to the extent permitted under Indian law, including the DPDP Act. By using the Service you consent to this.

11. Data breach notification

In the unlikely event of a personal data breach that materially affects you, we will notify you and the Data Protection Board of India without undue delay (and within the timelines required under the DPDP Act and its rules), with details of the breach and the steps we are taking.

12. Changes to this policy

We may update this policy. Material changes will be announced inside the app and on this page with a new "Last updated" date.

13. Grievance Officer (DPDP Act, 2023)

In line with the DPDP Act, 2023 and the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, the Grievance Officer / Data Protection Contact for Storepilot is:

• Name: Mehedi Hassain
• Designation: Founder & Grievance Officer, Storepilot (Dixigen)
• Email: care@storepilot.tech (subject line: Grievance – Storepilot)
• WhatsApp: +91 92390 48715
• Response time: we acknowledge grievances within 72 hours and aim to resolve them within 15 days of receipt.

14. Contact us

For any questions or requests about this policy:
Email: care@storepilot.tech
WhatsApp: +91 92390 48715