Finscriber

Privacy Policy

Last updated: February 2025

At Finscriber, operated by BizHues Private Limited ("Company", "we", "us"), we take your privacy seriously. This Privacy Policy describes how we collect, use, share, and protect your information when you use our Service.

1. Information We Collect

We collect the following types of personal data:

  • Account information — name, email address, phone number, company/firm name.
  • Payment and banking details — billing address, bank account details (for eMandate/NACH authorisation), and transaction records. These are collected and processed securely by our payment processor (Razorpay).
  • Business documents — invoices, receipts, financial documents, and other files you upload.
  • Usage data — features used, pages visited, actions taken within the Service.
  • Device information — browser type, operating system, IP address, and device identifiers.
  • Camera and storage access — with your explicit permission, for document capture and file uploads.

2. How We Collect Information

  • Directly from you — when you register, fill out forms, upload documents, or contact us.
  • Automatically — through cookies, analytics scripts, and server logs when you use the Service.
  • From third parties — payment confirmation data from Razorpay; analytics data from Google Analytics.

3. How We Use Your Information

  • Provide, operate, and improve the Service.
  • Process your documents, invoices, and financial data.
  • Process payments and manage subscriptions (including recurring billing).
  • Send transactional notifications (billing confirmations, mandate alerts, service updates).
  • Respond to your enquiries and provide customer support.
  • Maintain security, prevent fraud, and enforce our Terms.
  • Comply with legal and regulatory obligations.

4. Data Sharing with Third Parties

We do not sell your personal data. We share data only in the following circumstances:

  • Payment processor (Razorpay) — your payment details and bank account information are shared with Razorpay to process transactions, manage subscriptions, and execute eMandate/NACH authorisations. Razorpay is PCI-DSS compliant.
  • Banking partners — bank account details are shared with your bank as required for NACH mandate registration and recurring debit processing.
  • Cloud infrastructure providers — data is stored on enterprise-grade cloud servers with strict access controls.
  • Analytics providers — anonymised usage data may be shared with Google Analytics to improve the Service.
  • Legal requirements — we may disclose information if required by law, regulation, or legal process.

5. Camera and Storage Permissions

We request access to your camera and device storage to enable core features:

  • Camera — used to capture and upload documents such as invoices or receipts.
  • Storage — used to upload files from your device and save scanned images securely.

These permissions are used solely for document processing and never for background tracking or advertising.

6. Data Security

We implement industry-standard security measures to protect your data:

  • AES-256 encryption for data at rest.
  • SSL/TLS encryption for data in transit.
  • Regular security audits and vulnerability assessments.
  • Role-based access controls and multi-factor authentication.

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. After account deletion, we retain data for up to 90 days for backup and compliance purposes, after which it is permanently deleted. Payment transaction records may be retained longer as required by applicable tax and financial regulations.

8. Cookies

We use cookies and similar technologies to:

  • Essential cookies — maintain your session and enable core functionality.
  • Analytics cookies — understand how the Service is used to improve the experience (via Google Analytics).

You can manage cookie preferences through your browser settings. Disabling essential cookies may affect Service functionality.

9. Your Rights

You have the right to:

  • Access — request a copy of the personal data we hold about you.
  • Correction — request correction of inaccurate or incomplete data.
  • Deletion — request deletion of your account and associated data.
  • Withdraw consent — withdraw consent for data processing where consent is the basis.

To exercise any of these rights, email us at [email protected].

10. Account and Data Deletion

You may request deletion of your account and all associated data at any time by emailing [email protected]. We will process your request within 30 days, subject to any legal retention obligations.

11. Legal Compliance

This Privacy Policy is designed to comply with the Information Technology Act, 2000 and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, as well as the Digital Personal Data Protection (DPDP) Act, 2023, to the extent applicable.

12. Grievance Officer

In accordance with applicable regulations, the details of our Grievance Officer are:

  • Name: Vipin Kohli
  • Email: [email protected]
  • Address: BizHues Private Limited, H-187, Sector 63, Noida, Uttar Pradesh, India

Grievances will be acknowledged within 48 hours and resolved within 30 days.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or in-app notification. The latest version will always be available on this page.

14. Contact Us

If you have any questions about this Privacy Policy, please contact us at [email protected] or visit our Contact Us page.