In plain language (the short version)
This summary is for quick understanding only. The full policy below is the legally binding version.
- What the app is. Biteaze Billing is an offline-first point-of-sale and billing app for small businesses in India. You run your shop with it — sales, stock, expenses, suppliers, quotations, service job cards, customer credit (udhaar), staff and reports.
- Your data lives on your device first. Everything works offline. If you sign in and have an active plan with cloud backup, a copy is securely synced to your private, owner-only space on Google Firebase.
- Voice billing sends text, not audio. Your phone's own Google speech feature turns your speech into text. Only that text (plus your item list) is sent to our server, and on to Google's Gemini AI, to understand the order. We never upload your raw microphone audio. The mic is used only while you actively use voice billing — never in the background.
- We do not sell your data. No advertising, no ad targeting, no data brokers. We share data only with Google (Firebase / Gemini) to make the app work, and where the law requires.
- We never ask for location, camera, contacts, photos, SMS or call logs.
- Your data may be stored on Google servers outside India. Our cloud runs on Google Cloud / Firebase, and some Google data centres are located outside India. See Section 13.
- One anti-fraud marker is kept even after you delete your account. To stop people farming free trials, we keep a one-way, non-reversible hash. It is the only thing retained for that purpose. See Section 14.
- You're in control. You can delete your account and cloud data from inside the app, or by email. See Section 14.
- Your customers' data. When you type your own customers' or staff details into the app, you are responsible for that data and we simply process it for you, under a contract. See Section 6.
Biteaze Solutions LLP ("Biteaze", "we", "us", "our") respects your privacy and is committed to protecting personal data. This Privacy Policy explains what personal data the Biteaze Billing Android app (Play Store application ID com.aistudio.voicebillingpos.jyxqwt) collects, how and why we use it, who we share it with, how long we keep it, how we protect it, and the rights and choices you have. It is published in compliance with India's Digital Personal Data Protection Act, 2023 (the "DPDP Act"), the Digital Personal Data Protection Rules, 2025 (the "DPDP Rules"), and the Information Technology Act, 2000 (Section 43A) and the SPDI Rules, 2011. Together with the consent screens shown inside the app, this policy is also intended to serve as the notice required under Section 5 of the DPDP Act (see Section 7).
1. Who we are & how to contact us
The app is published, and your personal data is controlled, by:
Biteaze Solutions LLP
For any privacy question, request or complaint, contact our Grievance Officer (see Section 16) at [email protected].
2. Scope of this policy
This policy applies to the Biteaze Billing Android app, the cloud backend that supports it (built on Google Firebase / Google Cloud), and the related account-management and support services we provide.
Biteaze Billing is a business (B2B) tool. It is used by a business owner, manager or cashier (referred to in this policy as "you", the "user", or the "Data Principal") to run a shop or service business — typically a kirana/grocery store, a food & beverage outlet, or a salon/services business. Through the app you enter data both about your own business and about your customers and staff. The way this policy treats each kind of data differs; see Section 6.
The app is supported on Android 7.0 (API level 24) and above.
3. Key terms
| Term | Meaning |
|---|---|
| Personal data | Any data about an identifiable individual (e.g. a name, phone number, email). Data that can still be used to single out an individual — even in pseudonymised or hashed form — may be personal data. |
| Data Principal | The individual to whom personal data relates (under the DPDP Act). When you sign up, you are a Data Principal. |
| Data Fiduciary | The person who decides the purpose and means of processing personal data (the "controller"). See Section 6 for who is the Fiduciary in different situations. |
| Data Processor | A person who processes personal data on behalf of, and on the instructions of, a Data Fiduciary, under a valid contract. |
| SPDI | "Sensitive personal data or information" under the SPDI Rules, 2011 — includes passwords and financial information such as payment-instrument details. |
| Processing | Any operation performed on personal data — collecting, storing, using, sharing, erasing, etc. |
| The Board | The Data Protection Board of India, established under the DPDP Act. |
4. What data we collect
We collect only what is needed to run the app and provide the service. The table below itemises every category, what it includes, and where it is stored. "On device" means it is stored locally in the app's encrypted database; "Cloud" means it is also synced to your private Firebase space when cloud backup is enabled (see Sections 10–11).
| Category | Examples of what is included | Stored |
|---|---|---|
| Account & authentication | Your sign-in email address and password, or your Google account email if you use Google Sign-In; a user account identifier (owner_uid); phone number if you provide one for sign-in. |
Cloud (Firebase Authentication) |
| Subscription & entitlement | Your plan (30-day trial, 1-year, 5-year, or lifetime), trial/subscription status and dates, and a locally cached entitlement token. | On device + Cloud |
| Catalog / inventory (your business data) | Product and service names, prices, SKUs, HSN tax codes, stock levels, categories, add-ons, variations, voice aliases, inventory ledger movements. | On device + Cloud |
| Sales & orders (your business data) | Order amounts (subtotal, tax, discount, total), payment method, order status, table/staff references, timestamps, and order line items. | On device + Cloud |
| Expenses (your business data) | Expense title, amount, category, note and date. | On device + Cloud |
| Your customers' data (entered by you) | Customer name, phone number, optional address, and outstanding credit balance (udhaar). The address, when you enter one, is stored, synced, and printed on the customer's receipt. The app does not collect a customer email today. | On device + Cloud |
| Your staff data (entered by you) | Staff name, role, and active/inactive flag. | On device + Cloud |
| Suppliers & purchases (your business data) | Supplier name, phone number, GSTIN, and outstanding payable (udhaar) balance, together with the purchase and payable-ledger records you record against a supplier. | On device + Cloud |
| Quotations (your business data) | Draft quotations/estimates you prepare — the customer or recipient name and phone number you address them to, and the quoted items, prices and totals. | On device + Cloud |
| Service / repair job tickets (your business data) | Repair/service job cards you log — the customer's name and phone number, plus the item/job description and its status. | On device + Cloud |
| Voice billing text | The text transcript of what you say while using the voice feature, plus your own product/service item list to help match items. The text you speak may include a person's name (for example, "add two milk for Ramesh"). We do not upload raw audio (see Section 8). | Transient (sent for processing; not stored by Biteaze) |
| Business metadata | Your business category and related settings. | On device + Cloud |
| Diagnostics & analytics | App-usage/interaction events, crash stack traces and non-fatal errors, device model, OS version and app version (see Section 19). | Cloud (Firebase Analytics, Crashlytics) |
| Device & SDK identifiers | Firebase Installation ID, Analytics app-instance ID, App Check tokens, the Android Advertising ID (collected by the Google Analytics for Firebase SDK), and the transient IP address inherent to delivering any network request (see Section 19). | Cloud (Google/Firebase) |
| Anti-abuse identity hash | A one-way hash derived from sign-up identity, kept in a trial-history ledger to prevent trial-farming. We cannot reverse it to recover your underlying identifiers; we treat it as personal data held in pseudonymised form (see Sections 14 and 19). | Cloud |
5. Where the data comes from
- Directly from you — when you create an account, set up your business, add products, ring up sales, record expenses, or use voice billing.
- Generated by the app — timestamps, order IDs, your account identifier, and computed totals.
- Entered by you about other people — your customers' names/phone numbers/credit balances and your staff details. This is personal data about individuals other than you; see Section 6 for your responsibilities.
- Automatically, for diagnostics — usage events, crash/error reports, device characteristics and identifiers collected by the Google/Firebase SDKs bundled in the app (Section 19).
- From Google sign-in — if you choose Google Sign-In, we receive your basic Google account email to create/authenticate your account.
6. Roles: who is responsible for what
Biteaze plays two different legal roles depending on the kind of data:
6.1 Your own account & business data — Biteaze is the Data Fiduciary
For your sign-in details (email, password, phone), your subscription and billing data, your diagnostics, and the identifiers we collect to run the app, Biteaze Solutions LLP is the Data Fiduciary (controller). We decide the purpose and means of that processing and are accountable for it under the DPDP Act and the IT Act / SPDI Rules.
6.2 Your customers' and staff data — you are the Data Fiduciary, we are your Data Processor
When you enter personal data about your own customers or staff (names, phone numbers, credit balances, roles), you decide the purpose and means of that processing for your business. Under the DPDP Act, you are the Data Fiduciary for that data and Biteaze acts only as your Data Processor. As required by the DPDP Act, Biteaze processes this data only under a valid contract with you — your acceptance of our Terms of Service forms that processing contract — and only to provide the app's features to you.
- You are responsible for having a valid lawful basis (such as notice and consent, where required) to collect and use your customers'/staff personal data, and for giving them any privacy notice the law requires.
- You should only enter data you are entitled to enter, and keep it accurate.
- You must not enter the personal data of a person under 18 without the consent the DPDP Act requires (see Section 17).
- We process your customers'/staff data only on your instructions and only to provide the service.
- We assist you with security, with deletion when you delete your account, and with responding to rights requests that reach us about your customers — which we route to you as the responsible Fiduciary.
- We return or delete this data on termination of your account, except for anything the law requires us to keep.
- We do not use your customers' or staff data for our own purposes, and we do not sell or advertise against it.
7. Why we use your data, legal bases & consent
We process personal data only for the specific, itemised purposes in the table below. Under the DPDP Act our lawful basis is either:
- Your consent — which you give through the in-app consent screens when you sign up, and again when you turn on optional features such as voice billing or cloud backup (DPDP s.6); or
- A "legitimate use" enumerated in Section 7 of the DPDP Act — limited to the specific situations that section permits, such as personal data you voluntarily provide for a specified purpose, and our compliance with a legal obligation.
Unlike some other regimes, the DPDP Act does not have an open-ended "legitimate interest" basis. We therefore rely on your consent for service delivery, optional features, support and service improvement, and rely on a Section 7 legitimate use or a legal obligation only where that section actually applies.
| Purpose | Data used | Legal basis |
|---|---|---|
| Create and authenticate your account | Email/phone, password or Google sign-in, account ID | Consent (s.6) |
| Provide core POS features (sales, inventory, expenses, customer credit, staff, reports) | Catalog, sales, expenses, customers, staff, business metadata | Consent (s.6); data you voluntarily provide for the requested service (s.7(a)) |
| Voice billing (optional) | Voice-derived text + your item list | Consent — feature-triggered (s.6) |
| Cloud backup & sync (optional) | Your on-device data mirrored to your private cloud space | Consent (s.6) |
| Receipt printing (optional) | Bluetooth connection to your paired printer; order data printed | Consent (s.6) |
| Subscription, trial & billing management | Subscription/entitlement data, anti-abuse hash | Consent (s.6); for the anti-abuse hash, the basis described in Section 14.3 |
| Customer support | Account and relevant account data you ask us to look into | Consent (s.6) |
| Security, integrity & fraud/abuse prevention | App Check tokens, identifiers, anti-abuse hash, audit logs | Consent (s.6) and, where applicable, compliance with legal obligation (s.7) |
| Reliability, stability & service improvement | Diagnostics, crash reports, aggregated analytics | Consent (s.6) |
| Legal & tax compliance | Records the law requires us to keep | Legal obligation (s.7) |
7.1 The consent flow & how to withdraw
At sign-up, and before you turn on each optional feature, the app shows a clear notice describing the personal data involved and the purpose, and asks for your consent for that itemised purpose. You can withdraw consent at any time, and withdrawal is as easy as giving it (DPDP s.6(4)–(6)):
- Voice billing — simply stop using the feature; you can also decline the microphone permission.
- Cloud backup & sync — turn off cloud backup, or delete your account to remove the cloud copy.
- Receipt printing / Bluetooth — disconnect or unpair your printer, or revoke the Bluetooth permission in Android settings.
- Diagnostics/analytics — these run as part of operating and improving the app and are not currently individually toggleable inside the app; if you wish to object, contact our Grievance Officer (Section 16). You can also limit ad-identifier use via your Android device's "Privacy → Ads" settings.
Withdrawing consent stops the related processing going forward, but does not affect (a) the lawfulness of processing already carried out before withdrawal, (b) any processing carried out under a "legitimate use" (s.7) or a legal obligation, or (c) features that depend on the data you withdraw — those features may stop working. If you withdraw consent, we will, within a reasonable time, cease processing unless another lawful ground applies. The manner of withdrawing consent and of raising a grievance is set out in Section 7.1 and Section 16; the manner of complaining to the Board is set out in Section 16.
We compute aggregated analytics (for example total sales value, order counts, tax totals, payment-method split, top items and expenses) per account and across our user base, to operate, secure and improve the service. We do not use these analytics for advertising.
Languages. On request, we will make this notice available in English and in any language specified in the Eighth Schedule to the Constitution of India, as contemplated by Section 5(3) of the DPDP Act. Write to [email protected].
8. How voice billing works (exactly)
Voice billing is optional. It lets you ring up sales by speaking (for example, "add two milk"). Here is precisely what happens, step by step:
- You tap the microphone button. The microphone is only ever active in the foreground while you are using this feature. There is no background or continuous listening.
- Your phone's own Google speech feature converts your speech to text. The app uses Android's built-in
SpeechRecognizer, which is a Google system component on your device. Depending on your device and Android version, Google's speech service may process the audio on your device or transmit it to Google's servers. This is Google's system component, governed by Google's terms — it is not something Biteaze operates or controls. Biteaze itself does not collect or store your raw audio. - Only the resulting text is sent to us — never the raw audio. The text transcript, together with your own product/service item list (to help match what you said to your catalog), is sent over an encrypted HTTPS connection to a Biteaze Cloud Function. Because you are speaking a real order, this text may include a person's name (for example, a customer's first name).
- The Cloud Function asks Google's Gemini AI to understand the text. It sends the text to the Google Gemini API, which parses it into a structured billing command (for example, item + quantity) and returns the result to the app. The Gemini API key is held only on our server as a Cloud Functions secret — it is never on your device. This text is processed to return the parsed result and is not retained by Biteaze as a standing record.
On a paid Gemini project such as ours, Google states that it does not use the prompts or responses to train its models. Google retains limited abuse-detection logs under its own policies. We do not make automated decisions that produce legal or similarly significant effects on you using this feature — it simply turns your words into a draft bill that you confirm. You can choose not to use voice billing at all.
8.1 Voice appointments & bookings
Some business types can also create an appointment or booking by voice (for example, "book a haircut for Ramesh at 4 pm with Asha"). This works exactly like voice billing above, with the same safeguards: your device's Google speech service turns your speech into text, and only that text — never raw audio — is sent over an encrypted HTTPS connection to a Biteaze Cloud Function and on to the Google Gemini API, which parses it into a structured booking (client name, date, time, service, and staff member). So that Gemini can match the service and person you name, the request also includes your own services list and staff list (their names). As with voice billing, the spoken text may include a customer's name, the Gemini API key stays only on our server, the text is processed to return the parsed result and is not retained by Biteaze as a standing record, and you can choose not to use the feature.
9. App permissions & what we do NOT collect
The app declares only the following Android permissions, each for a single, narrow purpose:
| Permission | Why it is used |
|---|---|
RECORD_AUDIO | Only while you are actively using voice billing (foreground, after you tap the mic). There is no background or continuous recording. You are asked for runtime consent before the mic is used. See Section 8 for how the audio is handled by the device's Google speech service. |
INTERNET, ACCESS_NETWORK_STATE | Networking and connectivity checks, for cloud sync and online features. |
BLUETOOTH_CONNECT, BLUETOOTH_SCAN (flagged "never for location"), legacy BLUETOOTH / BLUETOOTH_ADMIN | Only to connect to a thermal 58 mm ESC/POS receipt printer that you have paired. Bluetooth is never used to derive your location. Printing is optional. |
The Google Analytics for Firebase SDK also declares the Android Advertising ID permission (com.google.android.gms.permission.AD_ID); we use the resulting identifier for analytics only, never for advertising (see Section 19).
The app also uses a secure FileProvider so that you can share or save your own exported reports (PDF/CSV) via a content link. This needs no external storage permission and does not give us access to your files.
10. Local storage & the backup exclusion
Biteaze Billing is offline-first. Your data is stored primarily in a local database on your device (built with Room). Android encrypts this storage at rest using its file-based encryption.
To protect your business and your customers' data, we deliberately exclude the local database and the draft-cart preferences (which can hold a customer name/phone) from Android's Google Drive auto-backup and cloud device-transfer (configured via the app's backup and data-extraction rules). This means your local data is not silently copied to Google Drive. The only cloud copy of your data is the Firebase sync you control (see Section 11). Local device-to-device transfer of the database is permitted (no third party receives a copy).
When you sign out or switch accounts, the local database is wiped from the device to keep accounts isolated.
11. Cloud sync, isolation, lifecycle & security
If you are signed in and have an active entitlement with cloud backup enabled, your local data is mirrored to Cloud Firestore (part of Google Firebase) in your own private space at users/{your-account-id}/… (products, orders and line items, expenses, customers, suppliers, staff, add-ons, variations, inventory ledger, quotations, purchase/payable records, and service job tickets).
- Owner-scoped isolation. Our Firestore security rules default to "deny" and are strictly owner-scoped — you can only ever read or write data under your own account ID. You cannot access another user's data, and other users cannot access yours.
- Client integrity. Firebase App Check (Play Integrity) rejects requests from non-genuine app clients.
- Encryption. Data is encrypted in transit using HTTPS/TLS and at rest using Google Cloud's server-side encryption (note: this is encryption with Google-managed keys, not end-to-end encryption).
- Operator access. Biteaze operates a secure super-admin back-office portal (used only by authorised Biteaze staff, gated by a server-side custom claim) to run the service — for example, to provide support, manage subscriptions and billing, and monitor reliability and backup freshness. Administrative actions are recorded in audit logs. Our backend also computes the aggregated analytics described in Section 7.
11.1 Subscription, grace & what happens to your cloud data
To make the lifecycle of your cloud data clear:
- While your subscription is active — your local data is mirrored to the cloud and you can read and write freely.
- After your subscription expires — uploading new data to the cloud is paused (it requires an active subscription), but your existing cloud data is retained and you can still read/pull it during a 90-day post-expiry grace window. Your on-device data is unaffected and remains on your device.
- After the grace window and on prolonged inactivity — your cloud data is retained but frozen (read paused) unless you renew. We do not silently delete your business records the moment a subscription lapses. If we ever determine that an account is dormant and the purpose for holding the cloud data is no longer served, we will give you the advance notice required by the DPDP Rules before erasing it on inactivity grounds (see Section 14.1), after which we keep only what the law requires.
- If you delete your account — your cloud data is erased as described in Section 14.2, regardless of subscription status.
12. Who we share data with (processors & sub-processors)
We do not sell personal data and do not share it with advertisers or data brokers. We share data only with the service providers below, who act as our processors/sub-processors to run the app, and with authorities only where the law requires.
| Provider | Services used | What they handle |
|---|---|---|
| Google — Firebase / Google Cloud (project androidbilling-f801b) |
Authentication, Cloud Firestore, Cloud Functions, Firebase Analytics (Google Analytics for Firebase), Crashlytics, App Check (Play Integrity), Remote Config, Firebase Installations. | Account credentials and identifiers, your synced business/customer data, diagnostics and crash data, installation/analytics identifiers (including the Advertising ID), app-integrity tokens, configuration flags. |
| Google — Gemini API | Server-side AI parsing of voice-billing and voice-appointment/booking text (called only from our Cloud Functions). | The transcribed text plus your item list and, for a voice appointment/booking, your services and staff list (staff names) — the text may include a customer's name (never raw audio). See Section 8. |
| Google — Play Services / Sign-In | Optional Google account sign-in. | Your basic Google account email for authentication. |
Google — Android system speech (SpeechRecognizer) |
On-device/system speech-to-text used by the voice feature. | Your spoken audio is processed by Google's system component (on-device or on Google's servers, depending on your device). Governed by Google's terms; not operated by Biteaze. |
Google processes this data as our processor/sub-processor under its own privacy and security commitments. Google's privacy information is available at https://policies.google.com/privacy and Firebase's privacy and security documentation at https://firebase.google.com/support/privacy. Google's relevant services hold ISO/IEC 27001 and SOC 1/2/3 certifications and encrypt data in transit and at rest.
We may also disclose data where required by a valid legal process, to comply with the law, to enforce our Terms of Service, or to protect the rights, safety and security of our users, the public or Biteaze.
13. International data transfers
Your data is processed on Google Cloud (Firebase) infrastructure. Some Google data centres are located outside India, which means your personal data may be transferred across borders to Google as a processor in order to run the app.
Under the DPDP Act (Section 16), transfers of personal data outside India are permitted to any country except those the Central Government may restrict by notification. We will honour any such restriction if and when notified.
For information classified as SPDI under the SPDI Rules (such as passwords and payment-related data), any transfer outside India is made only to recipients that ensure the same level of data protection that the SPDI Rules require, and only where the transfer is necessary for performance of the service or where you have consented to it (Rule 7 of the SPDI Rules). We will also comply with any sector-specific law that requires higher protection or local storage of payment-related data.
Wherever your data is processed, the protections described in this policy and our providers' contractual safeguards continue to apply.
14. Data retention & deletion
14.1 How long we keep data
We keep personal data only as long as needed for the purpose it was collected, or as long as the law requires. Where the DPDP Rules require us to erase data after a defined period of non-use, we will do so, and — where the Rules require it — we will give you the prescribed advance notice before erasing data on inactivity grounds so that you have the chance to keep your account active.
| Data | Retention |
|---|---|
| Your account, business, customer, staff and cloud-synced data | Kept while your account is active. If your account remains inactive for a sustained period (we currently use an inactivity threshold of 24 months of no sign-in or use), we may erase it after giving you the advance notice the DPDP Rules require. Erased earlier if you delete your account (see 14.2). We keep only what the law then requires. |
| On-device local data | On your device until you delete it, sign out, or switch accounts (sign-out/switch wipes it for isolation). |
| Voice-billing text | Processed transiently to return the parsed result; not retained by Biteaze as a standing record. Google's limited abuse-detection logs are subject to Google's policies. |
| Diagnostics / crash data | Retained for a limited period in line with Google's Firebase Analytics and Crashlytics retention policies. |
Anti-abuse identity hash (trial_history) | Deliberately retained even after account deletion — see 14.3. |
| Records required by law (e.g. tax/financial) | Kept only for as long as the applicable law requires. |
14.2 How to delete your account & data
You can delete your account and your cloud data in any of these ways:
- In the app: go to More → Profile → Delete Account, then type
DELETEto confirm. This calls ourdeleteAccountCloud Function, which erases your Firebase Authentication account and all of your cloud data (yourusers/{uid}records and subcollections, and your subscription document). - Without the app: visit https://biteaze.com/account-deletion for step-by-step instructions on requesting deletion by email. You do not need to install or sign in to the app to do this.
- By email: write to [email protected] from your registered email address; after we verify your identity, we process the deletion.
14.3 What is retained after deletion (and why)
- The anti-abuse identity hash. To prevent abuse of our free trial (trial-farming), we keep a one-way hashed record in our
trial_historyledger. We cannot reverse this hash to recover your underlying identity, and we do not use it to contact you or build a profile; we use it solely to detect and block repeated trial sign-ups. We treat it as personal data held in pseudonymised form, processed to protect the integrity and security of our service. It is intentionally not deleted when you delete your account. - Records the law requires us to keep — for example certain tax or financial records — kept only for as long as the law requires.
15. Your rights & how to exercise them
As a Data Principal under the DPDP Act, you have the following rights with respect to your own personal data:
- Right to access (Section 11) — to obtain a summary of the personal data we process about you and the processing activities we undertake on it; and the identities of all other Data Fiduciaries and Data Processors with whom we have shared your personal data, together with a description of the personal data so shared.
- Right to correction & erasure (Section 12) — to correct, complete, update or erase your personal data. Much of this you can do directly in the app; for the rest, contact us.
- Right to grievance redressal (Section 13) — to a readily-available means of raising a grievance with us (see Section 16).
- Right to nominate (Section 14) — to nominate another individual to exercise your rights in the event of your death or incapacity.
- Right to withdraw consent (Section 6(4)–(6)) — withdrawal is as easy as giving consent and we will stop the related processing. Withdrawal applies to consent-based processing only; it does not affect processing carried out under a "legitimate use" (Section 7) or a legal obligation, nor the lawfulness of processing carried out before withdrawal. See Section 7.1 for how to withdraw each consent.
Where the SPDI Rules apply, you also have the right to be informed of, and to opt out of, the collection of sensitive personal information, and to withdraw consent.
How to exercise your rights: use the in-app controls where available, or contact our Grievance Officer at [email protected] from your registered email. We may need to verify your identity. We will respond within the timelines in Section 16.
16. Grievance Officer & the Data Protection Board
In accordance with Section 13 (right to grievance redressal) and Section 8(9) (publication of the contact details of a person able to answer questions on behalf of the Data Fiduciary) of the DPDP Act, and Rule 5(9) of the SPDI Rules, 2011, we have designated a Grievance Officer to address your privacy questions, requests and complaints:
Grievance Officer — Biteaze Solutions LLP
Escalating to the Board. If you are not satisfied with our response — or if we do not respond within the time above — you may make a complaint to the Data Protection Board of India. The Board is being operationalised under the DPDP Act and the DPDP Rules, 2025; complaints are to be made in the form and manner prescribed by the Board (including through any official portal the Board notifies for this purpose). We will provide reasonable assistance to identify the correct route on request.
17. Children's data
Biteaze Billing is a business tool intended for businesses and adults (18 years and older). It is not directed to, or intended for use by, children. Under the DPDP Act, a "child" is anyone under 18.
We do not knowingly process the personal data of a child except with the verifiable consent of a parent or lawful guardian as required by Section 9 of the DPDP Act, obtained through the verifiable-consent mechanism prescribed by the DPDP Rules. We do not carry out tracking, behavioural monitoring or targeted advertising directed at children (Section 9(3)) — the app contains no advertising of any kind. We rely on the adult-only nature of the service and on age-affirmation at sign-up by the account holder.
The realistic child-data scenario for a point-of-sale app is a merchant entering a customer or staff member who is under 18. In that case the merchant is the Data Fiduciary (see Section 6) and must not enter that person's data without the consent the DPDP Act requires; Biteaze does not knowingly process such data as a Processor. If you believe a child's data has been provided to us, please contact our Grievance Officer so we can take appropriate action.
18. Security practices
We maintain reasonable security safeguards aligned with the DPDP Rules, 2025 and the "reasonable security practices and procedures" standard under the IT Act / SPDI Rules, for which IS/ISO/IEC 27001 is the recognised benchmark. We align our own practices with ISO/IEC 27001 principles; Biteaze is not itself ISO/IEC 27001 certified (our infrastructure provider, Google, is). Our measures include:
- Encryption of personal data in transit (HTTPS/TLS) and at rest (Google Cloud server-side encryption); the local on-device database is protected by Android's file-based encryption, and the cached entitlement token is protected using Android Keystore-backed encryption.
- Strict access control — default-deny, owner-scoped Firestore rules; administrative access limited to authorised staff via server-side custom claims.
- Client integrity — App Check (Play Integrity) to reject non-genuine clients.
- Logging & monitoring — audit logs of administrative actions and operational monitoring of reliability and backup freshness.
- Backups of cloud data and a documented incident-response process.
- Processor safeguards — we rely on providers (Google/Firebase) that maintain ISO/IEC 27001 and SOC 1/2/3 controls.
19. Diagnostics, analytics & identifiers
To keep the app reliable and to understand and improve how features are used, the bundled Google/Firebase SDKs process:
- Firebase Analytics (Google Analytics for Firebase) — app interaction/usage events, plus device and installation identifiers (such as the Firebase Installation ID and an app-instance ID). The SDK also collects the Android Advertising ID (and declares the corresponding
AD_IDpermission). We use these to understand feature usage and improve the app — not for advertising, ad targeting or profiling. You can reset or limit the Advertising ID in your Android device's "Privacy → Ads" settings. - Crashlytics — crash stack traces, non-fatal error reports, device model, OS version and app version, to diagnose and fix stability problems.
- Remote Config — used for a force-update / kill-switch (a minimum-supported-version flag). Configuration is pulled to the app; no personal data is sent for this.
- App Check & Installations — short-lived integrity tokens and Firebase Installation IDs used for security and to operate the services.
These SDK identifiers function similarly to cookies on the web. We use no third-party analytics beyond Firebase, and no advertising SDKs or ad networks.
Anti-abuse hash: as noted in Section 14.3, we keep a one-way hashed identity record in trial_history to prevent trial abuse. We cannot reverse it to identify you; we treat it as personal data held in pseudonymised form and retain it even after account deletion to protect the integrity of our trial system.
20. Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in the app, our practices, or the law. When we make material changes, we will update the "Last updated" date at the top and, where appropriate, notify you in the app or by email. The current version is always available at https://biteaze.com/app-privacy; previous versions are available on request from [email protected].
For changes that simply clarify or improve this policy, your continued use of the app after the update means you accept the revised policy. However, where a change introduces a new purpose for processing that requires your consent under the DPDP Act, we will ask for your fresh consent rather than rely on continued use.
Effective date: 26 June 2026 · Last updated: 26 June 2026.
21. Governing law & jurisdiction
This Privacy Policy is governed by the laws of India. Any dispute arising in connection with it is subject to the exclusive jurisdiction of the competent courts at Banaskantha, Gujarat, India, without prejudice to your rights under the DPDP Act, including the right to approach the Data Protection Board of India.
22. Contact summary
Biteaze Solutions LLP — Data Fiduciary
com.aistudio.voicebillingpos.jyxqwt