Privacy Policy

Last Updated: May 10, 2026

At VendorFlow, we are committed to protecting your business data and your consumers' privacy. This policy outlines how we handle information across our nationwide solar CRM platform.

1. Information We Collect

To provide a seamless experience, we collect the following types of information:

• Business Information: Company name, GSTIN, business address, and contact details for profile setup.
• Staff Data: Names, contact details, and attendance logs for the Workspace Staff module.
• Consumer Data: Project addresses, electricity bill details, technical solar specifications, and financial data for document generation.
• Usage Data: Log data, IP addresses, and browser types to improve platform performance and security.

2. Purpose of Data Collection

Your data is used strictly for the following purposes:

• Managing your Solar CRM, lead pipeline, and project lifecycles.
• Automating the generation of Tax Invoices, Quotations, and Solar Annexures.
• Managing workspace staff, attendance tracking, and internal reporting.
• Processing secure token transactions and wallet management.
• Providing technical support and platform updates.

3. Data Security & Storage

We implement industry-standard AES-256 encryption for data at rest and SSL/TLS for data in transit. Your data is stored on secure cloud servers located within Indian data centers to ensure low latency and compliance with local regulations. While we take every precaution, no system is 100% secure, and we encourage users to maintain secure login credentials.

4. Third-Party Sharing

We never sell your data. Sharing only occurs with:

• Payment Gateways: (e.g., Razorpay) for processing subscription and token payments.
• GST Lookup Services: To verify business details during invoicing.
• Cloud Infrastructure: For secure data storage and backup.

5. Compliance with Indian Laws

Our practices are designed to align with the Digital Personal Data Protection (DPDP) Act 2023. You have the right to access, correct, or request the deletion of your personal data stored on our platform.

6. Changes to This Policy

We may update this policy periodically to reflect changes in our services or legal requirements. We will notify you of any significant changes via the dashboard or email.