BillRaja ("we", "our", or "us") is a business management application designed to help small businesses in India with billing, invoicing, employee attendance tracking, team management, membership management, inventory, GST compliance, and business reporting. This Privacy Policy explains how we collect, use, store, share, and protect your information when you use our app.
By using BillRaja, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the app.
1. Information We Collect
a) Account & Sign-In Information
Depending on how you sign in, we may collect:
Unique user identifier (UID)
Your name, email address, and Google profile photo URL when you use Google Sign-In
Your phone number when you use phone number verification (OTP)
b) Business Profile Information
To generate invoices and comply with GST requirements, you may provide:
Business/store name, address, and state
Phone number and email
GSTIN (GST Identification Number)
Business logo (uploaded image)
Bank account details (account holder name, account number, IFSC code, bank name)
UPI ID for payment collection
Invoice number prefix and payment terms
Digital signature (captured in-app or uploaded)
c) Customer Data & Contact Import
Customer name, phone number, email, and address
Customer GSTIN
Customer group classifications and notes
Outstanding balance and payment history
If you choose to import a customer from your address book, we access the selected contact details so you can save them into the app.
d) Invoice & Financial Data
Invoice numbers, dates, and due dates
Line items: descriptions, quantities, prices, HSN codes, units
GST rates and tax calculations (CGST, SGST, IGST)
Discounts (percentage or flat amount)
Payment status (paid, pending, overdue, partially paid)
Amount received and payment method (Cash, UPI, Bank Transfer, Cheque)
Invoice notes and terms
Creator signature (name, UID, and signature URL) when invoices are created by team members
e) Product & Inventory Data
Product names, descriptions, categories, SKUs, and prices
Stock levels and stock movement history (purchase, sale, manual adjustment, return)
HSN codes for GST compliance
f) Purchase Order Data
Vendor/supplier information
Purchase order line items, quantities, and costs
PO status (draft, confirmed, received, cancelled)
g) Team & Collaboration Data
If you create or join a team workspace, we collect and store:
Team membership details (your role: Owner, Manager, or Staff)
Permission settings and overrides per team member
Team invitations (email, status, timestamps)
Creator attribution on invoices (which team member created each invoice)
Team owners and managers can view all team data. Your business data created under a team workspace is accessible to other team members based on their role and permissions.
h) Attendance & Location Data
If your team uses attendance features, we collect:
Check-in and check-out timestamps
QR code attendance scans
Precise GPS location (latitude and longitude) at the time of check-in/check-out for geo-fenced attendance
Distance from configured office location
Hours worked, on-time status, and attendance statistics
Location is collected only in the foreground when you actively open the Attendance screen and tap Check In or Check Out. We do not track your location in the background or when the app is closed.
Your attendance and location data is visible to your team owner/manager for verification purposes.
i) Membership & Subscription Plan Data
Membership plans you create (name, duration, pricing, benefits, GST settings)
Member records (linked to plans, payment history, status, expiry dates)
Membership invoices and renewal tracking
j) Subscription & Payment Data
Your BillRaja subscription plan (Free, Pro, Enterprise)
Billing cycle (monthly or annual) and subscription status
Razorpay payment, subscription, and customer IDs
Subscription period dates (start, end, grace period)
Note: We do NOT store your credit/debit card numbers or banking credentials. All payment processing is handled securely by Razorpay.
Provide and maintain all app features — billing, invoicing, team management, attendance, membership, inventory, GST reports, and purchase orders
Authenticate your identity and secure your account
Enforce single active session per account
Process subscription payments through Razorpay
Send push notifications (overdue reminders, team updates)
Generate PDF invoices with your business branding and signatures
Enable invoice sharing via WhatsApp, SMS, email, and direct links
Calculate and display GST reports and GSTR-3B data
Enforce plan limits and track feature usage
Manage team workspaces, roles, and permission-based access
Record and display employee attendance and location verification
Manage membership plans, member records, and renewals
Improve app performance, fix bugs, and prevent abuse
Comply with legal obligations
3. Data Storage & Security
Your data is stored using Google Firebase services:
Cloud Firestore: Business profile, invoices, customers, products, teams, attendance, memberships, and subscription data — stored on Google's secure cloud infrastructure with automatic encryption at rest.
Firebase Storage: Business logos, invoice PDFs for sharing, and signature images.
Local Cache: Up to 100 MB cached on your device for offline access. Syncs automatically when connected.
Security measures:
Firestore security rules enforce account ownership and role-based team access
While we take reasonable measures to protect your data, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.
We do NOT sell, trade, or rent your personal information to third parties.
Your data may be shared only in these circumstances:
With Razorpay: To process subscription payments.
With Google/Firebase: For authentication, data storage, analytics, and push notifications.
Invoice and payment sharing: When YOU choose to share invoices or payment requests via WhatsApp, SMS, email, or public links, the invoice data is made available through those channels.
With your team: If you are part of a team workspace, your attendance records, invoices, and business data may be visible to team owners and managers based on role permissions.
Legal compliance: If required by law, regulation, or valid legal process.
6. Data Retention
We retain your data for as long as your account is active. If you delete your account:
Your business profile, invoices, customers, products, purchase orders, membership plans, members, team data, attendance records, and analytics are deleted from our backend systems.
Uploaded assets (business logo, signature images, shared invoice PDFs) are deleted from storage.
Active subscriptions may be cancelled as part of the deletion flow.
If you are a team owner, your team workspace and all associated team member relationships are affected.
Local cached data on your device continues to exist until app data is cleared or the app is uninstalled.
Payment records maintained by Razorpay are subject to Razorpay's own retention policies.
We may retain limited records as required by Indian tax and business regulations.
7. Your Rights
Access: View all your data within the app at any time.
Export: Export invoices, customers, and products as CSV files (Pro and Enterprise plans).
Correction: Update your business profile, customer, product, and team information anytime.
Withdraw Consent: Stop using the app and sign out at any time.
8. Children's Privacy
BillRaja is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected data from a minor, please contact us at contact@billraja.com and we will promptly delete it.
9. Permissions
Internet: Required for syncing data, authentication, and processing payments.
Notifications: For invoice reminders, overdue alerts, and team updates.
Contacts: If you choose to import customer details from your address book.
Photo/Media Picker: If you choose to upload a business logo.
Camera: For QR code attendance check-in scanning.
Location (ACCESS_FINE_LOCATION): Used only for geo-fenced attendance. Collected in the foreground when you check in or check out. Not collected in the background.
Vibration: To support notification delivery on supported devices.
Optional permissions are requested only when you trigger the related feature.
10. Data Breach Notification
In the event of a data breach that affects your personal or business data, we will:
Notify affected users via email and/or in-app notification without unreasonable delay.
Provide details of the nature of the breach, the data affected, and the steps we are taking.
Report the breach to relevant authorities as required under the Digital Personal Data Protection Act (DPDPA) 2023 and other applicable Indian laws.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes through the app or via email. Continued use of the app after changes constitutes acceptance of the updated policy.
12. Grievance Officer
In accordance with the Information Technology Act, 2000 and the rules made thereunder: