1. Who we are
HisaabNow (also referred to as "we", "us", or "the app") is a daily business management app for Indian shopkeepers and small businesses. It provides billing, udhaar (credit) tracking, inventory management, and AI-assisted business insights.
HisaabNow is operated by Prashant Sharda, sole proprietor, based at Prateek Wisteria, H-404, Sector 77, Noida, Uttar Pradesh 201301, India.
2. Data we collect
2.1 Data you give us directly
- Phone number — required for account authentication via OTP.
- Shop profile — your shop name, owner name, WhatsApp number, UPI ID, shop logo, GSTIN (optional).
- Business records — products, sales, purchases, expenses, customer names and phone numbers (when you add them to udhaar), supplier records, staff records and attendance (if used).
- Voice input — when you use voice billing, your device's speech recognition converts speech to text on-device. Voice recordings are not transmitted to our servers.
- Questions to Munim AI — when you use the Munim AI assistant, your questions and relevant business context are sent to our servers for processing.
2.2 Data collected automatically
- Device and app usage data — anonymous usage logs, error reports, app version, device type, approximate location derived from IP address. Used only for diagnosing bugs and improving stability.
- Session recordings — we record masked sessions for bug diagnosis. All user-typed text, customer names, amounts, and screenshots are automatically masked before being recorded.
2.3 Data we do NOT collect
- Your contacts, SMS, or call logs.
- Your precise GPS location.
- Your photos or camera, except a shop logo that you explicitly upload.
- Voice recordings. Voice is processed on your device only.
- Any data about your customers beyond what you choose to enter in your ledger.
3. How we use your data
- To provide the app's core functionality — authentication, sync across devices, bill generation, reports.
- To diagnose errors and improve the app — via error tracking and masked session replays.
- To process AI responses — Munim AI sends your question and relevant business context to OpenAI to generate the response.
- To prevent fraud and abuse — via bot detection (reCAPTCHA) and rate limiting.
- To communicate with you — service announcements, security alerts, and responses to your queries.
We do not use your data for advertising, profiling, or sale to third parties.
4. Data sharing and third-party services
Your data is shared with the following infrastructure providers, each of which acts as our data processor under contractual obligation to process data only for the purposes we define:
| Service | Purpose | Location |
|---|---|---|
| Google Firebase (Authentication, Firestore, Cloud Functions, App Check, Hosting) | Core app infrastructure | United States |
| Google reCAPTCHA v3 | Bot and abuse prevention | United States |
| Google Cloud Text-to-Speech | Voice output for AI responses | United States |
| OpenAI | Munim AI assistant response generation | United States |
| Sentry | Error diagnosis and masked session replay | United States or European Union |
We do not sell your data. We do not share data with advertisers or data brokers.
5. Data location and cross-border transfer
Your data is currently stored on Google Firebase servers located in the United States (us-central1 region). By using HisaabNow, you consent to this cross-border transfer of your personal data. We plan to migrate to an Indian region (asia-south1) when commercially feasible. This is not a committed timeline.
6. Your rights under the Digital Personal Data Protection Act, 2023 (DPDP)
As a user in India, you have the following rights under DPDP:
- Right to access — request a copy of the personal data we hold about you.
- Right to correction — ask us to correct inaccurate data. Most fields (shop name, phone, UPI ID) are editable directly in the app.
- Right to erasure — delete your account and all associated data. See Section 7 below.
- Right to grievance redressal — file a complaint regarding our handling of your data.
- Right to nominate — appoint another individual to exercise these rights on your behalf in case of death or incapacity.
To exercise any of these rights, email us at privacy@hisaabnow.com. We will respond within 30 days as required by law.
7. Account deletion
You can permanently delete your account and all associated data from within the app:
- Open the app and go to Settings.
- Scroll to the "Danger Zone" section and tap Delete My Account.
- Type the confirmation phrase shown and confirm deletion.
Alternatively, you can request deletion by emailing privacy@hisaabnow.com from the phone number registered with your account. See our Delete Account guide for full instructions.
Data retention after deletion. When you delete your account, your shop data (bills, customers, udhaar, products, expenses) and your account itself are permanently erased from our active databases within 24 hours. However, automated backups maintained by our infrastructure provider (Google Firebase) may retain copies for up to 7 days, after which they are automatically purged. We do not access these backups except in emergency data recovery scenarios. Anonymised audit logs recording that a deletion occurred are retained for 5 years as required under applicable Indian tax and accounting law.
8. How we protect your data
- Encryption in transit — all communication between your device and our servers is encrypted using HTTPS/TLS.
- Encryption at rest — Firebase encrypts stored data using AES-256.
- Access control — only the account owner can access their shop's data. Firestore security rules enforce per-user data isolation.
- Bot and abuse protection — reCAPTCHA and Firebase App Check validate that requests come from legitimate users.
- Session token persistence — you stay logged in on trusted devices to reduce OTP-related friction and SMS costs.
No system is perfectly secure. If a data breach occurs that affects your personal data, we will notify you and the Data Protection Board of India within 72 hours of discovery, as required by law.
9. Children's data
HisaabNow is intended for users aged 18 and above who operate or manage a business. We do not knowingly collect data from individuals under 18. If you believe a minor has created an account, email privacy@hisaabnow.com and we will delete the account.
10. Your customers' data
When you add customer names and phone numbers to the udhaar (credit) ledger, you are acting as the data controller for those customers. HisaabNow acts as a data processor, storing that data on your behalf under your instructions.
As the data controller, you are responsible for:
- Obtaining your customers' consent to hold their information.
- Responding to your customers' access, correction, and erasure requests.
- Complying with applicable data protection laws in your business's jurisdiction.
When you delete your account, your customers' data stored in your ledger is deleted along with yours. Note that the same customer's phone number may still exist in another shop's ledger; we do not maintain a cross-shop index of customer data.
11. Changes to this policy
We may update this policy from time to time. Material changes will be notified via an in-app banner at least 7 days before they take effect. The "Last updated" date at the top of this page always reflects the most recent revision. Your continued use of the app after the effective date constitutes acceptance of the revised policy.
12. Grievance Officer
In accordance with the Digital Personal Data Protection Act, 2023 and the Information Technology Act, 2000, we have appointed a Grievance Officer to address your concerns regarding the processing of your personal data:
Data Protection Officer / Grievance Officer
HisaabNow
Email: privacy@hisaabnow.com
Address: Prateek Wisteria, H-404, Sector 77, Noida, Uttar Pradesh 201301, India
Response time: within 30 days of receipt of your complaint.
13. Contact us
For general privacy questions: privacy@hisaabnow.com
For support queries: support@hisaabnow.com
For legal notices: legal@hisaabnow.com