Privacy Policy

Privacy Policy

Last updated: 8 May 2026

RudraTech ("KhataPro", "we", "us", "our") operates the KhataPro

mobile application and related websites at khata.arkbytetech.com (the

"Service"). This policy explains what we collect, how we use it, and the

rights you have. KhataPro is built specifically for businesses operating

in India and complies with:

Under the DPDP Act, you (the user) are the Data Principal, and KhataPro

/ RudraTech is the Data Fiduciary.

1. Information we collect

Account information. When you sign up we collect your phone number (for

OTP login), your name, your email address (required for email + password

login and account recovery, optional for OTP / Google sign-ins), a bcrypt

hash of your password if you choose email + password login, your preferred

language, and the device identifier required for multi-device sign-in.

You can sign in with any of three methods — phone OTP, Google Sign-In, or

email + password (with a "forgot password" reset link delivered by email).

Business information. Information you enter about your businesses,

customers, suppliers, staff, inventory, ledger transactions, invoices,

attendance, and salary payments.

Photos / receipts (ON-DEVICE ONLY). When you attach a photo to a ledger

entry, invoice, or business profile, the image is stored **on your phone

only** under the app's private documents folder

(<ApplicationDocumentsDirectory>/attachments/). The KhataPro server

stores nothing more than a relative file path string for that attachment —

we do not retain or process your captured images on our servers, and

photos are never uploaded to Vercel Blob, Neon, or any third-party

processor. If you uninstall the app or wipe the device, the photos go with

it.

Backups (you control where they go). KhataPro lets you create a ZIP

archive of your on-device attachments from **Settings → Backup → Export

attachments**, and share it to Google Drive, your own email, USB storage,

or any other destination of your choice. The backup never touches our

servers — it goes directly from your phone to the destination you pick.

You are responsible for keeping that backup secure.

Transactional information. When you collect a payment via UPI QR through

the app, the payment is settled directly between your customer's UPI app

and your linked bank account; KhataPro itself does not handle the

money. The app records only what the user enters (amount, party, optional

UTR you paste in).

Device information. App version, OS version, device model, crash logs,

the FCM token used to send notifications, and the resettable Android

Advertising ID used by Google AdMob (with your consent).

Usage information. Anonymised events about which features are used so we

can fix bugs and improve the product.

2. Permissions we request

KhataPro requests only the Android permissions necessary for its core

features. We never request location, contacts, call logs, or SMS read

access. Each permission is described below so you know exactly why it is

asked for and what it controls.

| Permission | Why KhataPro asks for it | Optional? |

|------------|--------------------------|-----------|

| Camera (android.permission.CAMERA) | (a) To capture a photo of a receipt or invoice and attach it to a ledger entry, and (b) to scan barcodes when adding inventory items. The camera is opened only after you tap Attach photo or the Scan barcode button — never silently in the background. Captured images are stored on your phone only (see §1, Photos / receipts) and are never uploaded to our servers. | Yes — you can use KhataPro without granting Camera. Photo attachment and barcode scanning are simply unavailable until you grant it. |

| Internet (INTERNET) and Network state (ACCESS_NETWORK_STATE) | Required for ledger sync, login, OTP delivery, and software updates. | No — without internet, the app cannot sync. |

| Notifications (POST_NOTIFICATIONS, Android 13+) | Used to deliver overdue-customer reminders, sync status, and product announcements. | Yes — the app works fully without notifications. |

| Biometric (USE_BIOMETRIC) | Used only by Settings → Security → App lock to unlock the app with your fingerprint or face. Biometric data never leaves the device — Android handles the matching. | Yes — App lock can also use a 4-digit PIN, or be turned off entirely. |

| Storage / files (WRITE_EXTERNAL_STORAGE, scoped) | Needed only when you tap Settings → Backup → Export attachments to write the user-controlled ZIP backup to a folder you pick. We do not scan your files. | Yes — backup export requires it; the rest of the app does not. |

| Advertising ID (com.google.android.gms.permission.AD_ID) | Used by Google AdMob to show non-personalised or (with your UMP consent) personalised ads. Android lets you reset or block this ID at any time from system settings. | Partial — you can decline personalised ads via the in-app consent screen and at OS level. |

The list above is exhaustive — KhataPro does not request any permission

beyond these.

3. How we use your information

We do not sell your data, ever.

4. Lawful basis (DPDP Act § 6)

We process personal data on the lawful basis of your explicit consent,

which we collect through an in-app notice the first time you launch the app

and again whenever this policy materially changes. You may withdraw consent

at any time from Settings → Privacy → Delete my account or by emailing

rudratech97@gmail.com. Withdrawal will not affect the lawfulness of

processing based on consent before its withdrawal.

For limited operational purposes — fraud prevention, security incident

response, statutory tax record-keeping — we additionally rely on the

"legitimate uses" recognised under § 7 of the DPDP Act.

5. Sharing of information

We share data only with the following processors (Data Processors under the

DPDP Act), each bound by a written data-processing agreement:

| Processor | Purpose | Data hosting region |

|-----------|---------|---------------------|

| Vercel (Next.js hosting) | Application hosting; API functions colocated in syd1 (Sydney) for low-latency access to Neon. No user photos are stored on Vercel — photos remain on-device. | Asia-Pacific |

| Neon (managed Postgres) | Primary database (text data only — no images) | AWS Asia-Pacific (Sydney) |

| Resend | Transactional email delivery (OTP, password reset, deletion, invoice send) | EU + US |

| Firebase Cloud Messaging (Google) | Push notifications + (where wired) Crashlytics | Global |

| Google AdMob (Google) | Advertising — banner, interstitial, native, and rewarded video; UMP consent-gated | Global |

| Google Sign-In (Google Identity) | Optional Google login | Global |

We do not share your customer phone numbers or transactional data with

any party for marketing, profiling, or aggregation purposes. **Reminders

sent to your customers are composed and dispatched from your own device's

messaging app — KhataPro does not operate as an SMS or WhatsApp

gateway in v1.** See Section 8.

We may disclose information to government authorities when legally

compelled (e.g. CrPC / IT Act § 91 notice, court order). We notify users of

such requests where the law allows.

6. Cross-border transfer

The DPDP Act allows transfers of personal data outside India to any country

not specifically restricted by the Central Government. As of the date of

this policy, no countries are restricted. Where we transfer data to

Resend (EU / US) or Google services (global), we rely on each processor's

Standard Contractual Clauses or equivalent safeguard.

7. Data retention

| Category | Retention |

|----------|-----------|

| Active account & ledger data (text) | While your account is active |

| Photos / receipts | Stored only on your device; we hold none. The relative path string in our DB is overwritten / nulled when the entry is edited or deleted. |

| User-controlled backup ZIPs | Wherever you exported them — we have no copy and no access |

| Personal identifiers post-deletion request | Hard-deleted from primary storage within 30 days |

| Encrypted DB backups | Purged within 30 days of primary deletion |

| Anonymised audit-log entries (GST law mandate) | Up to 8 years |

| Aggregated analytics with no personal identifier | Indefinite |

8. Reminder messaging — sent from your device

When you tap "Send WhatsApp reminder" or "Send SMS reminder" on a customer,

the app opens your phone's own WhatsApp / SMS app with a pre-filled

message via standard wa.me and sms: deep-links. The message is sent

from your phone, by you, using your number. KhataPro:

You remain the legal sender for the purposes of TRAI / DLT regulations and

the WhatsApp Business policy. Your customers' phone numbers stay on your

device for the WhatsApp / SMS share — they only travel to our servers as

part of the ledger entry that you choose to sync.

9. Advertising (Google AdMob)

KhataPro is offered free of charge and is monetised through Google

AdMob. Ads are shown in the following formats and placements:

For users in the EEA, the UK, and California, KhataPro presents

the Google User Messaging Platform (UMP) consent flow on first launch.

You may freely accept or decline personalised ads. Non-personalised ads

will still be shown to keep the app free; you can revisit your choice at

any time from Settings → Privacy → Ad personalisation. Outside those

jurisdictions, you may also opt out of ad personalisation from the same

screen and reset your Android Advertising ID via Android Settings →

Privacy → Ads.

We share with AdMob only the resettable Android Advertising ID and the

ad-request context (app, country, ad slot). We do not share your ledger,

your customers, your photos, or any business data with AdMob or any other

ad network.

10. Your rights as a Data Principal (DPDP § 11–14)

You can:

11. Data security and breach notification

We use TLS 1.2+ for all transport, encrypt data at rest with AES-256 in our

managed Postgres host (Neon), bcrypt-hash passwords (when you choose email +

password login), single-use email reset tokens with short expiry for

"forgot password" flows, and rotate JWT signing keys quarterly. Access to

production data is limited to a small set of named employees with audited

logins. Photos never reach the server, so no cloud-side photo breach is

possible.

If we become aware of a personal-data breach, we will notify the Data

Protection Board of India and affected users within 72 hours, in line

with § 8(6) of the DPDP Act and the form prescribed thereunder.

12. Children

KhataPro is intended for adult business owners in India. The DPDP Act

defines a "child" as anyone under 18; we do not knowingly process data of

children. We collect a self-attested age confirmation at first launch, and

will erase any account we discover to be operated by a minor. Parental

consent for minors will only be implemented if KhataPro is ever

re-positioned as a consumer-facing app — at which point a verifiable

parental consent flow will be added.

13. Account suspension

We may suspend an account where we have reasonable grounds to believe the

account is being used to violate our Terms — including spam, harassment,

fraud, attempting to circumvent platform security, or repeated abuse of

WhatsApp / SMS deep-links to send unsolicited messages. A suspension

records suspendedAt and suspendedReason against your account; the

auth middleware will then reject API calls with **HTTP 403

account_suspended** and the app will show a friendly notice with the

reason. You may appeal a suspension by emailing rudratech97@gmail.com or

by writing to the Grievance Officer (Section 14). We aim to review

appeals within 7 business days.

14. Grievance Officer (IT Rules 2021, Rule 4)

In compliance with Rule 4(2) of the Intermediary Guidelines, we maintain a

Grievance Officer:

If you are dissatisfied with the resolution, you may escalate to the

Grievance Appellate Committee under Section 28A of the IT Rules.

15. Cookies (web app)

The web companion at khata.arkbytetech.com uses **strictly necessary

cookies** to remember your sign-in (kp_admin, kp_user) and language

(kp_lang). We do not use third-party advertising cookies on the web.

Mobile-only users are unaffected.

16. Changes to this policy

We will notify you in-app and via email at least 14 days before any

material change to this policy. The mobile app re-prompts for consent

whenever the policy version stored on your device differs from the

current published version.

17. Contact