B
Brihat Books
Brihat Books

Effective Date: June 09, 2026

Privacy Policy

This Privacy Policy (“Policy”) governs how Brihat Infotech Private Limited (“Company,” “we,” “us,” “our,” or “Brihat Infotech”) collects, uses, discloses, and otherwise processes personal information through our website (www.brihatbooks.com), mobile applications (iOS and Android), and associated services (collectively, “Services”).

Please read this Privacy Policy carefully. By accessing or using Brihat Books (“Product” or “Services”), you acknowledge that you have read, understood, and agree to be bound by the terms of this Privacy Policy. If you do not agree with any part of this Policy, please do not use our Services.

1. Information We Collect

1.1 Information You Provide Directly

(a) Account Registration Information

When you create an account or sign up for a free trial on Brihat Books, we collect:

  • Mobile phone number (for OTP-based authentication)
  • Business name
  • Business email address
  • Full name of the business owner/authorized user
  • Business type/industry category
  • Business location/address
  • GST Registration Number (GSTIN), if available
  • Bank account details (for payment settlement, if applicable)
  • Profile photo/business logo (optional)

(b) Transactional Data

When you use Brihat Books to manage your business, we collect and store:

  • Invoices (customer details, items sold, amounts, dates)
  • Customer information (names, phone numbers, email addresses, addresses)
  • Vendor/supplier information (names, contact details, payment histories)
  • Purchase orders and purchase invoices
  • Stock/inventory data (product names, SKUs, quantities, prices)
  • Payment records (amount paid, payment method, date)
  • Bank statements and reconciliation data
  • GST return data and tax-related information
  • Batch and expiry information for products
  • Bill images uploaded for OCR scanning
  • POS transaction records
  • Cheque details and status

(c) Communication Information

  • Messages and inquiries sent to our customer support team
  • WhatsApp conversations (if you use our WhatsApp integration)
  • Email correspondence
  • Chat/feedback submitted through the app or website

(d) Billing and Payment Information

  • Billing address
  • Payment method details (credit/debit card, UPI, bank transfer)
  • Subscription plan selected
  • Invoice history
  • Refund requests and disputes

(e) OCR Bill Scanning Data

  • Images of vendor bills or invoices you upload
  • Extracted data from these images (vendor name, bill number, amounts, etc.)
  • Corrections and edits you make to extracted data

(f) CA Portal Information

  • CA's ICAI registration number
  • CA's professional details
  • Documents and annotations shared with the CA
  • CA's access logs and activities

(g) Multi-Device and Storefront Data

  • Customer orders placed through your online storefront
  • Customer delivery addresses for storefront orders
  • Public store URL analytics and traffic data

1.2 Information Collected Automatically

(a) Device and Browser Information

Device type, model, manufacturer, operating system, browser type, IP address, and network details.

(b) Usage Data

Features accessed, frequency, screens viewed, session duration, clicks, interactions, and crash reports.

(c) Location Data

GPS coordinates (only with consent) and city/state derived from IP address.

(d) Cookies and Tracking

Session cookies, persistent cookies, web beacons, and local storage elements.

(e) Communication Metadata

WhatsApp timestamps, delivery status, email open rates, and SMS delivery confirmations.

1.3 Information from Third Parties

  • Payment Gateway: Razorpay transaction statuses, amounts, and payment methods.
  • GST Portal Integration: NIC e-invoice generation IRNs, filing statuses, and portal acknowledgments.
  • Banking Partners: Transaction data and statements through official secure APIs.
  • Public Records: GST registration details or ROC business info.
  • Referrals: Affiliates and CAs referral statistics.

2. How We Use Your Information

2.1 Core Service Delivery

We use your information to operate accounts, process invoices, automate GST calculations, manage inventory, coordinate POS sales, deliver WhatsApp notifications, process OCR bill scans, and generate business metrics.

2.2 Payment Processing

To manage Razorpay subscriptions, generate tax invoices, process refunds, and secure transactions against fraud.

2.3 GST Compliance and Tax Filing

Auto-generating GSTR-1, GSTR-3B, GSTR-2B, and GSTR-9 returns, calculating Input Tax Credit (ITC), tracking TDS, and producing IRN e-invoices directly with government portals.

2.4 Communication

Sending OTP credentials, payment updates, filing notifications, deadline reminders, and responding to helpdesk requests.

2.5 AI Assistant and OCR

Processing natural language queries via Claude AI (Anthropic) for business insights and extracting text from uploaded vendor bill snapshots.

2.6 Infrastructure Security

Monitoring systems for intrusion, protecting user accounts, checking error logs, and maintaining system health.

3. How We Share Your Information

We do NOT share personal or business data except:

  • With Your Authorization: Sharing with your Chartered Accountant (CA) or staff users whom you invite to your organization.
  • With Key Processors: Razorpay (payments), AWS ap-south-1 (hosting in India), Anthropic (Claude AI for assistant & OCR scanning), MSG91/WhatsApp APIs (notifications), and GSTN/NIC (government reporting).
  • Legal Requirements: Disclosures required under Indian law (Income Tax, GST audits, RBI inquiries, court orders).
  • Business Transfers: Transfer in connection with a merger, acquisition, or asset sale, subject to prior notice and data deletion choices.

4. Data Retention and Deletion

  • Active Accounts: We store all billing records and files for the lifetime of your active subscription.
  • Statutory Requirements: Following account closure, transactional and compliance data is retained for 7 to 10 years as mandated by Indian GST and Income Tax laws.
  • OCR Bill Images: Uploaded raw snapshots are permanently deleted from systems within 30 days.
  • Conversations: WhatsApp bot transaction logs are retained for 1 year before deletion.
  • Deletion Requests: You can request complete account closure and profile deletion by emailing info@brihatinfotech.com. Requests are resolved within 15 days.

5. Security of Your Information

We deploy safeguards to protect your business records:

  • Encryption: TLS 1.3 for data in transit and AES-256 for databases and backups at rest.
  • Data Localization: Hosted on AWS in ap-south-1 (Mumbai, India region) to comply with local regulations.
  • Access Protection: Secure OTP-based authentication alongside Role-Based Access Control (RBAC).
  • Incident Response: Regular third-party penetration testing and 72-hour notifications in the event of an identified breach.

6. Cookies and Tracking Technologies

We use cookies to manage sessions and preferences:

  • Session Token: Keeps you authenticated.
  • Locale: Retains your Hinglish/Hindi/English choices.
  • Analytics: Google Analytics trackers to monitor system issues and load times.

7. Your Privacy Rights and Choices

You have complete authority over your personal information:

  • Access & Export: Download your invoices and logs in CSV/JSON directly from settings at any time.
  • Correction & Deletion: Modify business details in the app or trigger account closure.
  • Opt-Out: Turn off marketing emails or WhatsApp alerts via settings or unsubscribe links.

8. Children's Privacy

Our services are directed exclusively at business operators aged 18 and older. We do not knowingly compile records on minors. If we identify that a minor's details have been collected, they are immediately expunged from our servers.

9. International Data Transfers

We process data primarily inside India. External processors (such as Anthropic for Claude AI and AWS global security configurations) process queries under strict, encrypted Data Processing Agreements aligned with GDPR/localization principles.

11. California and US Privacy Laws

If you operate from US states with dedicated privacy acts (like CCPA), you hold additional rights to request disclosure of, access, or delete the data we hold. Direct your queries with the subject “US Privacy Request” to info@brihatinfotech.com.

12. Changes to This Privacy Policy

We update this statement periodically to accommodate new features or statutory shifts. Material changes will be communicated via email or an dashboard alert 30 days before they take effect.

13. Contact Us

For privacy enquiries or data requests, reach out to our privacy officer:

Brihat Infotech Private Limited

Attention: Privacy Officer

Email: info@brihatinfotech.com

Website: www.brihatbooks.com

14. Dispute Resolution

We attempt to resolve all data concerns informally. Please send an explanation to info@brihatinfotech.com. If unresolved within 30 days, disputes shall be arbitrated under Indian law.

15. Definitions

  • Controller: Brihat Infotech, which directs user data processing.
  • Processor: Service providers executing tasks under a DPA.
  • Personal Information: Any details identifying an individual user.

Questions? Contact us at info@brihatinfotech.com

Chat with us