Privacy Policy

We collect information in the following ways:

Information you provide to us

• Identity and contact details such as your name, email address, and phone or WhatsApp number.
• Business information such as company name, business address, and GST Identification Number (GSTIN).
• Account credentials, billing details, and payment information processed through our payment partners.
• The content of your messages, support tickets, demo requests, and any other communications you send us.

Business data you process through our software

When you use our products, you may upload or generate operational data — for example accounting records, invoices, inventory lists, customer and contact details, tax-filing data, and WhatsApp message content and contacts. We process this data on your behalf to provide the relevant functionality.

Information collected automatically

• Device and technical data including IP address, browser type, operating system, and device identifiers.
• Usage data such as pages visited, features used, and timestamps, gathered through log files and similar technologies.

Information from third parties

We may receive information from service providers that support our operations, such as Meta Platforms (for WhatsApp Business API), payment processors, and analytics providers.

We use the information we collect to:

• Provide, operate, maintain, and customize our software and services.
• Set up and manage your WhatsApp Business API integration and AI chatbots.
• Process transactions, generate invoices, and manage billing.
• Provide 24/7 support and respond to your inquiries, demo requests, and feedback.
• Improve our products, troubleshoot issues, and develop new features.
• Send service-related communications such as technical notices, updates, and security alerts.
• Send promotional or marketing messages where you have consented, with an option to opt out at any time.
• Detect, prevent, and address fraud, abuse, and security incidents, and comply with our legal and tax obligations.

For users in regions where it applies (such as the EU/EEA and UK), we process personal data on the legal bases of performing our contract with you, your consent, our legitimate business interests, and compliance with legal obligations.

Our website uses cookies and similar technologies to keep the site functioning, remember your preferences, and understand how the site is used so we can improve it. You can control or disable cookies through your browser settings, although some features of the site may not work properly as a result. Where required by law, we request your consent before placing non-essential cookies.

We do not sell your personal data. We share information only in the limited circumstances described below:

• Service providers and sub-processors: trusted vendors who help us run our business — such as hosting, payment processing, communications, and analytics — and who are bound by confidentiality obligations.
• Meta Platforms, Inc.: where you use our WhatsApp Business API services (see Section 05).
• Legal and regulatory requirements: where disclosure is required by applicable law, a court order, or a lawful request, or to protect our rights, users, and safety.
• Business transfers: in connection with a merger, acquisition, or sale of assets, in which case we will notify affected users.
• With your consent: for any other purpose disclosed to you at the time we collect the information.

Some of our service providers may operate outside India. Where we transfer personal data internationally, we take reasonable steps to ensure it is protected in line with this policy and applicable law.

Certain services rely on the WhatsApp Business Platform (Cloud API) provided by Meta Platforms, Inc. When you use these services, you remain the controller of the messages and contacts associated with your WhatsApp Business account, and IRI Technologies acts as a data processor, handling that data only to provide the integration and chatbot services you have requested.

We use your WhatsApp number to enable the API integration and automated messaging features. We do not use the content of your messages for any purpose other than delivering the service, unless you instruct us to or the law requires it. By using these services, you acknowledge that relevant data is also processed by Meta in accordance with Meta's own terms and privacy policies.

We provide custom AI solutions, AI-powered chatbots, and AI analytics. To deliver these features, the data you provide may be processed by automated and machine-learning systems to generate responses, insights, and predictions.

We do not use your confidential business data to train publicly available or third-party AI models without your consent. Where AI features rely on third-party AI providers, your data is processed under those providers' terms, and we select providers that apply appropriate safeguards.

If an automated process produces a decision that has a significant effect on you, you may contact us to request human review of that decision.

Our accounting, inventory, and GST tools process sensitive business and financial data such as transactions, invoices, GSTIN details, and tax-return information (for example, generating GSTR-1 and GSTR-3B JSON files).

For desktop software that uses local MySQL or Access databases, this data is stored on your own systems and remains under your control; we do not have access to it unless you choose to share it with us, for example while receiving support. For any cloud-hosted or managed services we provide, we apply the security measures described in Section 08 and process such data only to deliver the requested functionality and to meet applicable financial and tax-law requirements.

We take reasonable technical and organizational measures to protect your information from loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction. These include industry-standard encryption for data in transit (TLS) and, where applicable, at rest, along with access controls and internal safeguards.

No method of transmission or storage is completely secure, so while we work hard to protect your data we cannot guarantee absolute security. In the event of a data breach affecting your personal data, we will notify you and the relevant authorities as required by applicable law.

We retain personal and business data only for as long as necessary to provide our services and fulfil the purposes set out in this policy, including to comply with our legal, accounting, and tax obligations (for example, retaining financial records for the periods required under Indian law), to resolve disputes, and to enforce our agreements. When data is no longer needed, we delete or anonymize it.

Our website and services are intended for businesses and adults and are not directed to children under the age of 18. We do not knowingly collect personal data from children. Under India's Digital Personal Data Protection Act, 2023, processing a child's personal data requires verifiable consent from a parent or legal guardian. If we become aware that we have collected a child's data without such consent, we will take steps to delete it promptly.

Subject to applicable law, you have the right to:

• Access the personal data we hold about you and request a copy of it.
• Correct or update inaccurate or incomplete information.
• Request deletion of your personal data.
• Withdraw your consent at any time, where processing is based on consent.
• Raise a grievance with our Grievance Officer (see Section 13) and nominate another individual to exercise your rights, as provided under the Digital Personal Data Protection Act, 2023.

If you are located in the EU/EEA or UK, you also have rights under the GDPR / UK GDPR, including rights to restriction, data portability, objection to processing, and rights relating to automated decision-making, as well as the right to lodge a complaint with your local data-protection authority.

To exercise any of these rights, contact us using the details in Section 13. We will respond within the timeframes required by applicable law.

We may update this Privacy Policy from time to time. If we make changes, we will revise the "Last updated" date at the top of this document and, where the changes are material, provide additional notice through our website or by contacting you directly. Your continued use of our website and services after an update means you accept the revised policy.

If you have any questions about this Privacy Policy, or wish to exercise your rights or raise a grievance, please contact us. Our Grievance Officer for the purposes of the Digital Personal Data Protection Act, 2023 and applicable IT rules is Anshu Vishwakarma, who can be reached at the details below.