← Back to home

Privacy Policy

Effective 2026-04-16. Governed by India's Digital Personal Data Protection Act, 2023.

Who we are

BillForge is operated by StartupTalky (data fiduciary under DPDP Act, 2023). Contact: support@billforge.in.

What we collect

  • Account data — name, email, phone, hashed password.
  • Business data you enter — clients, vendors, invoices, payments, expenses, and team members. This is your data; we store it to let you retrieve and use it.
  • Operational logs — IP, user agent, timestamps of API calls. Used only for security + debugging.
  • Payment data — handled by Razorpay; we only store plan + subscription status. We do not store card numbers.

We do not collect biometric, location, children's, or political data.

How we use it

  • To run the features you asked for — invoicing, GST filing, reports.
  • To email you system notifications (password reset, invoice reminders you enabled).
  • To secure the service (rate limiting, anomaly detection, audit trail).

We do not sell your data. We do not use it to train AI models.

Who we share it with

  • Infrastructure: AWS (Mumbai region) — hosting + backups. Data stays in India.
  • Payments: Razorpay — subscription processing only.
  • AI invoice OCR (optional, opt-in per call): Anthropic API to extract fields from vendor invoice images you upload to Expenses. Images are sent at request time; we don't send data for model training.
  • Law enforcement: only on a valid written order from an Indian authority of competent jurisdiction.

Your rights under DPDP

  • Access — download a JSON export of everything we have on you. In app: Settings → My Data → Export all data. Endpoint: GET /api/me/export.
  • Correction — edit any field directly in the app.
  • Erasure — delete your account + all your org's data. In app: Settings → My Data → Delete account. A 30-day recovery window applies (you can cancel); after that it's permanent and irreversible.
  • Grievance — email support@billforge.in. We'll respond within 7 working days.

Retention

We keep your data as long as your account is active. On deletion:

  • Account-level records (email, password hash, sessions) are purged after the 30-day recovery window.
  • Anonymised audit + transaction data may be retained for 8 years as required by the Companies Act and Income Tax Act.
  • Postgres backups older than 90 days are permanently deleted from S3.

Security

  • HTTPS everywhere, HSTS enabled on billforge.in.
  • Passwords stored as bcrypt hashes (cost 10). JWTs in httpOnly cookies.
  • Multi-tenant isolation: every query scoped by org_id.
  • Nightly encrypted DB backups.
  • Rate limiting on auth + public endpoints.
  • Error monitoring via Sentry (source data scrubbed).

Changes to this policy

We'll email you and show an in-app banner if we make a material change. The "Effective" date above always reflects the current version.

Contact

For any privacy question or to exercise your rights: support@billforge.in.