Privacy Policy

1. Introduction

This Privacy Policy explains how [Your Legal Entity Name] ("Hierly", "we", "us", "our") collects, uses, discloses, and safeguards personal data when you use the Hierly customer-relationship platform and related services (the "Service"). It is written to be consistent with India's Digital Personal Data Protection Act, 2023 ("DPDP Act") and the Information Technology Act, 2000 and rules made under it.

By creating an account or using the Service, you acknowledge that you have read and understood this Policy. If you do not agree, please do not use the Service.

2. Our two roles (important)

Personal data flows through the Service in two distinct ways, and our legal role differs for each.

Account data — we are the Data Fiduciary. When you and your colleagues sign up for and use a workspace, we determine the purposes and means of processing that account data, and this Policy governs it.

Prospect data — we are a Data Processor. Your organisation (the 'Tenant') uses the Service to record information about prospects — members of the public your field team meets. For that data the Tenant is the Data Fiduciary and decides the purpose and means; we only store and process it on the Tenant's documented instructions. The Tenant is responsible for having a lawful basis (typically the prospect's consent) before collecting it. See section 12.

3. Personal data we collect

Account & user data: name, mobile number (your login identity), employee ID, optional email, city/state, your level/role in the workspace hierarchy, and who you report to. Passwords are stored only as a salted bcrypt hash — never in plain text.

Prospect data (processed for the Tenant): prospect name, phone, address, city, state, visit date, interest status, remarks, and any Tenant-defined custom fields, which may include GPS location captured on a device and photographs.

Usage & technical data: a single essential session cookie (a signed token) to keep you logged in, plus standard server logs (IP address, device/browser information, timestamps, and request metadata) retained for security and troubleshooting.

Activity records: actions taken in the Service (sign-ins, creating or updating records) with timestamps, for security and audit.

We do not knowingly collect special-category or sensitive personal data beyond what is described above, and we do not require it.

4. How and why we use personal data

To provide, maintain, and secure the Service and your account; to authenticate sign-ins; to operate the workspace hierarchy and reporting; to provide support; to prevent fraud, abuse, and security incidents; to comply with law; and to communicate service and billing notices.

Legal bases under the DPDP Act: your consent (given at sign-up and when you submit data), the necessity of providing a service you have requested, and certain legitimate uses such as security and the prevention of fraud.

We do not sell personal data. We do not use it for third-party advertising, and we do not carry out automated decision-making that produces legal or similarly significant effects on you.

5. Cookies

The Service uses one essential cookie — the session cookie described above — which is httpOnly, SameSite=Lax, and Secure in production. It is strictly necessary to keep you signed in and is not used for advertising or cross-site tracking. We do not set non-essential or third-party analytics cookies in the core application. [Update this section if you later add analytics.]

6. How we share data (sub-processors)

We host on reputable third-party infrastructure and share personal data only as needed to run the Service or as required by law. We do not otherwise disclose it.

Current sub-processors: MongoDB Atlas (database hosting), Vercel (application hosting and serverless compute), and Vercel Blob (storage for uploaded prospect photos, in the Mumbai region). [Confirm each provider's region and that a Data Processing Agreement is in place.]

We may disclose data to comply with a valid legal request, to enforce our Terms, or to protect the rights, safety, and property of users or the public.

7. International transfers & data localisation

We aim to store personal data in India. Uploaded prospect photos are stored in the Mumbai (India) region. If any sub-processor processes data outside India, we rely on appropriate safeguards and on the DPDP Act, which permits transfers except to countries the Government of India restricts. [Confirm the regions of Atlas and Vercel compute.]

8. Data retention & deletion

We retain personal data only for as long as necessary for the purposes described here or as required by law. Account data is kept while your workspace is active and for a limited period after closure. Prospect data is retained per the Tenant's configuration and is deleted on the Tenant's instruction.

Deleting a prospect also removes its associated photos from storage. Deleting an organisation permanently erases all of its users, prospects, activity logs, custom-field definitions, and uploaded photos. Our internal retention schedule is documented separately.

9. How we protect data

We apply reasonable technical and organisational measures: strict tenant isolation (one organisation cannot access another's data, enforced in code and covered by automated tests), bcrypt-hashed passwords, signed httpOnly session cookies, transport encryption (HTTPS), a strict Content-Security-Policy, and role-based access controls by hierarchy level. No method of transmission or storage is perfectly secure, but we work to protect your data and to address vulnerabilities responsibly.

10. Personal data breach

In the event of a personal data breach, we will take reasonable steps to contain and assess it and will notify the Data Protection Board of India and affected Data Principals in the manner and within the timelines prescribed under the DPDP Act and its rules. [Confirm current timelines with counsel.]

11. Your rights as a Data Principal

Subject to the DPDP Act, you may: obtain a summary of the personal data we process about you and how; request correction, completion, or updating of inaccurate data; request erasure of your data, subject to legal retention requirements; nominate another individual to exercise your rights in the event of death or incapacity; and raise a grievance with us.

For account data (where we are the Fiduciary), contact our Grievance Officer (section 14). For prospect data, the prospect should contact the Tenant organisation that collected it; we will assist the Tenant in responding.

You may withdraw consent at any time; this will not affect processing carried out before withdrawal, and may affect our ability to provide the Service.

12. Tenant responsibilities

If you use the Service to collect prospect data, you are the Data Fiduciary for that data. You must obtain a valid lawful basis (typically the prospect's consent) before collecting their details, location, or photograph; provide them appropriate notice; honour their rights; and instruct us on retention and deletion. The Service provides consent-capture tooling and deletion controls; the lawful basis and compliance are your responsibility.

13. Children

The Service is a workplace tool intended for users aged 18 and above and is not directed at children. We do not knowingly collect a child's personal data for account purposes. Where prospect data could relate to a minor, the Tenant is responsible for the DPDP Act's requirements regarding children, including verifiable parental consent where applicable.

14. Grievance Officer & contact

Grievance Officer: [Grievance Officer Name]. Email: support@hierly.app. Address: [Registered address, India]. We will acknowledge and respond to grievances within the timelines prescribed by law.

15. Changes to this Policy

We may update this Policy from time to time. Material changes will be notified in-app or by email, and the 'Effective date' will reflect the latest version. Your continued use of the Service after changes take effect constitutes acceptance.