Privacy Policy

AZOLVE INFOTECH PRIVATE LIMITED
Data Controller & Processor — Registered in India under the Companies Act, 2013
Email: connect@azolve.io | Website: azolve.io

This Privacy Policy describes how Azolve Infotech Private Limited ("Azolve", "we", "us", or "our") collects, uses, shares, and protects information about you when you use our platform and services.

1. Information We Collect 2. How We Use Your Information 3. Information Sharing 4. Data Storage & Security 4A. Biometric Face Lock Data 5. Cookies & Tracking 6. Your Rights 7. Data Retention 8. Children's Privacy 9. Changes to This Policy 10. Contact Us

1. Information We Collect

Account Information: When you register, we collect your name, email address, phone number, company name, and password (stored encrypted).

Business Data: Information you enter into the platform including client details, invoices, employee records, products, transactions, and other business data. This data belongs to you.

Payment Information: Payment transactions are processed by Cashfree Payments. We receive transaction confirmations but do not store your card numbers, UPI IDs, or bank details.

Usage Data: We automatically collect log data including IP address, browser type, pages visited, and features used to improve the Service.

Device Information: Device type, operating system, and browser information when you access the platform.

2. How We Use Your Information

To provide, operate, and maintain the Azolve platform
To process payments and manage your subscription
To send transactional emails (invoices, receipts, password resets, account alerts)
To respond to your support requests and communications
To improve our Service through analytics and usage patterns
To detect and prevent fraud, abuse, and security threats
To comply with legal obligations under Indian law
To send product updates and marketing communications (with your consent; you may opt out anytime)

We do not sell, rent, or trade your personal information to third parties. We may share information only in these limited circumstances:

Service Providers: Trusted third parties who assist in operating our platform (e.g., Render for hosting, Cashfree for payments, Brevo for email delivery). These parties are contractually bound to protect your data.
Legal Requirements: When required by Indian law, court orders, or government authorities.
Business Transfer: In the event of a merger, acquisition, or sale of assets, with notice to users.
With Your Consent: Any other sharing will require your explicit consent.

4. Data Storage & Security

Your data is stored on secure cloud servers. We implement the following security measures:

HTTPS encryption for all data in transit
Encrypted storage for sensitive data (passwords, tokens)
JWT-based authentication with secure session management
Regular security audits and vulnerability assessments
Access controls limiting data access to authorized personnel only

            While we implement industry-standard security measures, no method of electronic transmission or storage is 100% secure. We encourage you to use a strong, unique password and enable two-factor authentication when available.
        

4A. Biometric Face Lock Data

If you use Azolve Face Lock, we collect and process biometric-related security information only for identity verification and account protection. This may include camera permission status, face detection results, liveness check results, encrypted mathematical face descriptors/templates, registration timestamps, verification timestamps, failed attempt metadata, and authenticator-app recovery status.

Azolve Face Lock is designed to use browser camera access through your device. The feature attempts to process face detection and comparison in the browser and stores an encrypted face descriptor/template associated with your account or browser profile. A face descriptor is a numerical representation used for comparison; it is not intended to be a public profile image. We do not require ordinary raw camera video to be stored for the Face Lock login flow.

Before Face Lock registration, you are shown a biometric privacy notice and must consent before camera-based registration starts. During registration, Azolve creates an encrypted template and requires authenticator-app recovery setup using a time-based one-time password system compatible with apps such as Google Authenticator or Authy. During login, your password is checked first, then Face Lock verifies your current face against the registered encrypted template. If face verification fails after the allowed retry limit, authenticator-app recovery may be offered where enabled.

Biometric security can be affected by lighting, camera quality, network/model loading, eyewear, face coverings, appearance changes, and device limitations. You may remove and re-register Face Lock from account security settings where available. Workspace administrators may enable or disable Face Lock requirements for their organization. We recommend keeping your authenticator recovery method active to prevent lockout.

We use reasonable technical safeguards, including encryption for stored face templates in the browser profile, access controls, and retry limits. Because biometric data is sensitive, you should only enable Face Lock on trusted devices and should not allow other people to register their face on your account.

5. Cookies & Tracking

We use cookies and similar technologies for:

Essential cookies: Required for login sessions and platform functionality
Analytics cookies: To understand how users interact with our platform (anonymized)
Preference cookies: To remember your settings and preferences

You can control cookies through your browser settings. Disabling essential cookies may affect platform functionality.

6. Your Rights

Under applicable Indian law (Information Technology Act, 2000 and IT (Amendment) Act, 2008), you have the following rights regarding your personal data:

Access: Request a copy of personal data we hold about you
Correction: Request correction of inaccurate or incomplete data
Deletion: Request deletion of your account and associated data
Portability: Export your business data in standard formats (CSV, PDF)
Opt-out: Unsubscribe from marketing communications at any time
Withdraw Consent: Withdraw consent for data processing where consent is the legal basis

To exercise any of these rights, contact us at connect@azolve.io. We will respond within 30 days.

7. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. Specifically:

Active account data: Retained for the duration of your subscription
After account deletion: Data is permanently deleted within 30 days
Payment records: Retained for 7 years as required by Indian tax laws (GST compliance)
Log data: Retained for 90 days for security and debugging purposes

8. Children's Privacy

The Azolve platform is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us at connect@azolve.io and we will promptly delete such information.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by:

Posting the updated policy on this page with a new "Last updated" date
Sending an email notification to your registered email address
Displaying a notice within the platform

Your continued use of the Service after changes are posted constitutes acceptance of the updated policy.

10. Contact Us

For privacy-related questions, data requests, or concerns, please contact our Data Protection Officer:

AZOLVE INFOTECH PRIVATE LIMITED
Attn: Data Protection / Privacy Team
Email: connect@azolve.io
General Support: connect@azolve.io
Website: Contact Form

Table of Contents