Privacy Policy

1. Who We Are

• Company: Meru Technosoft Pvt. Ltd. (HelloBooks)
• Representatives: Rushabh Shah & Harnish Shah
• Contact Email: hello@merufintech.com
• Address: 402 & 403 Aarya Arcade, Above Passport Seva Kendra, Near Mithakhali Six Road, Navrangpura, Ahmedabad, Gujarat 380009, India
• Website: Visit the HelloBooks.ai website

2. Information We Collect

We collect information in three ways: (A) information you provide, (B) information collected automatically, and (C) information from optional device permissions.

2.1 Information You Provide

Account Signup / Profile:

When you create an account, we may collect: name, email address, phone number; password (stored securely using hashing; we do not store readable passwords).

Business & Entity Information:

If you use HelloBooks for your business, we may collect: company name, business address, tax registration numbers (e.g., GST or other local tax IDs).

Financial & Accounting Data You Enter:

Depending on features you use, this may include: invoices, bills, expenses, transactions, tax calculations and related accounting records.

Customer/Vendor Data:

If you add contacts, we may collect customer/vendor names, contact details, and transaction context.

Communications & Support:

If you contact us (email, chat, in-app support), we store message content, metadata, and attachments you provide.

Billing Information:

If you purchase services, we may collect billing details you submit (e.g., billing address and invoice details). We do not store your full payment card details; payments are processed by third-party payment processors (see Section 6).

2.2 Information Collected Automatically

When you use our website/app, we may automatically collect: IP address; browser type (website) / device type (app); operating system, app version; referring/exit pages (website); date/time stamps; basic diagnostic logs; features used, pages visited, session duration, interaction patterns, performance metrics; crash dumps, error events, and diagnostics; device tokens for push notifications; approximate location (from IP or device settings if enabled) to personalize experience and/or apply region-specific defaults (e.g., tax region).

2.3 Cookies & Tracking Technologies

Our website at hellobooks.ai may use cookies, pixel tags, web beacons, and similar technologies for session management, remembering preferences, improving usability, and understanding traffic and usage patterns. You can disable cookies in your browser settings, but parts of the website may not function properly. Our mobile apps do not use browser cookies but may use device tokens and analytics identifiers for push notifications and app performance monitoring.

2.4 Camera, Photos, Files (App Permissions)

HelloBooks may request access to: Camera — to scan bills and invoices (capture images for extraction) and scan QR codes; Photo Gallery / File Storage — to upload documents and images. Uploaded/scanned images and documents are stored on our servers and linked to your account and may be processed by AI or OCR for your accounting workflows. You can refuse these permissions, but related features (like scanning) may not work.

2.5 Location (Permission-Based)

If you enable location permissions, HelloBooks may collect approximate location to auto-detect business region and apply correct tax defaults. You can turn this off anytime in device settings.

4. How We Use Your Information

We process information based on contractual necessity, consent, legal obligations, and legitimate business interests, including to: create and manage your account; provide, operate, maintain, and improve HelloBooks; process invoices, bills, transactions, and accounting records; enable scanning, extraction, and document storage; power Munim Ji AI functionality (if you use it); communicate with you (support, billing, service updates); send push notifications (reminders, alerts, updates); detect/prevent fraud and unauthorized access; comply with legal/tax requirements and enforce rights.

We do not sell your personal data.

5. Sharing Your Information

We share information only as needed.

5.1 Service Providers: We may share data with vendors who help us operate the Services (e.g., hosting, AI processing, analytics, error monitoring, payments). These providers may only use data to provide services to us.

5.2 Legal & Safety: We may disclose information if required to comply with law, regulation, or legal process; protect our rights, users, and the public; investigate fraud/security issues.

5.3 Business Transfers: If we're involved in a merger, acquisition, restructuring, or sale, user information may be transferred as part of that transaction.

6. Third-Party Services We Use

We do not sell your data to any of these providers. They only receive what is necessary to perform their function.

7. Payment Information

Payments are handled by third-party processors. We do not store full payment card details on our servers.

8. SMS Messaging Program (If Offered)

If you opt into SMS, we may collect your mobile number to send booking confirmations, alerts, reminders, offers (as applicable). Key terms: you provide explicit consent before receiving texts (opt-in checkbox or keyword); message frequency may vary; standard message/data rates may apply; reply STOP or UNSUBSCRIBE to opt out; reply HELP for help. We do not share or sell your mobile number or SMS opt-in consent data to third parties or affiliates for marketing purposes, except service providers required to deliver SMS.

9. Sensitive Data

We do not intentionally collect sensitive categories of personal data (e.g., health data, race/ethnicity, religion, political opinions). Please do not submit such data through the Services.

10. Third-Party Links

Our Services may contain links to third-party websites/services. We are not responsible for their privacy practices. Please review their policies before submitting personal data.

11. Data Retention

We retain data only as long as necessary for the purposes described, unless a longer retention is required or permitted by law.

• Account info + business/entity data: Deleted immediately upon account deletion.
• Munim Ji chat history + scanned documents: Deleted automatically after 30 days.
• Crash/performance logs: Deleted after 90 days.
• Financial records: Upon deletion, personal identifiers are removed and records are anonymized. Anonymized financial numbers may be retained up to 8 years for legal/tax requirements, then deleted.

In short — when you delete your account, your identity is gone immediately. Only anonymized financial numbers are kept for legal reasons, and those are eventually deleted too.

12. Account Deletion

You can delete your account in the app: Open HelloBooks → Go to Settings → Tap Delete Account → Type "DELETE" to confirm.

Effects of deletion: Personal data is deleted immediately; entity/org data is deleted immediately; Munim Ji chat history is deleted immediately; financial records are anonymized and retained up to 8 years (legal/tax), then deleted.

You may also request deletion by emailing hello@merufintech.com (in-app deletion is fastest).

13. Security

We use appropriate technical and organizational measures including: TLS 1.2+ encryption in transit; AES-256 encryption at rest; role-based access controls; optional multi-factor authentication (where available); secure third-party payment processing. No system is completely secure. Use caution when transmitting sensitive information.

14. What Happens If There Is a Data Breach

If we discover that your personal data has been accessed, stolen, or exposed without authorization, we will: (1) investigate immediately to determine what happened, what data was affected, and how many users are impacted; (2) notify you within 72 hours by email or in-app notification if the breach puts your data at risk, including what type of data was affected, what we are doing to fix the problem, and what steps you can take to protect yourself; (3) report to authorities where required by law (e.g., Data Protection Board of India, ICO in the UK, OAIC in Australia); (4) take action to prevent future breaches.

15. Children's Privacy

HelloBooks is not directed to anyone under 18. We do not knowingly collect data from minors. If we learn we have, we will delete it promptly.

16. International Transfers & Data Location

Your data may be stored/processed in the United States: account and financial data on AWS; AI-related data processed by OpenAI when you use Munim Ji; push notifications via Firebase (Google). If you are outside the US, your data may be transferred internationally with appropriate safeguards and encryption.

By region: India — in accordance with the Digital Personal Data Protection (DPDP) Act, 2023; United Kingdom / Europe — we rely on appropriate safeguards; Australia — in accordance with the Australian Privacy Act.

17. Your Privacy Rights by Country

Depending on your jurisdiction, you may have specific rights. Summary by region:

• India (DPDP Act 2023): Access, correct, delete personal data; nominate someone for your data rights; file a complaint with the Data Protection Board of India.
• United States (CCPA): Know what we collect and why; request a copy or deletion; opt out of sale (we do not sell); no discrimination for exercising rights.
• UK (UK GDPR): Access, correct, delete, restrict processing, data portability, object, file a complaint with the ICO.
• Australia: Access, request correction, complain to the OAIC.
• Singapore (PDPA): Access, correct, withdraw consent, complain to the PDPC.
• UAE (Federal Decree-Law No. 45 of 2021): Access, correct or delete, restrict processing, request a copy in readable format.
• New Zealand (Privacy Act 2020): Access, request correction, file a complaint with the Office of the Privacy Commissioner.
• Canada (PIPEDA): Know what we hold, access, challenge accuracy and have corrected, withdraw consent (where applicable), file a complaint with the Office of the Privacy Commissioner of Canada.

How to Exercise Your Rights:

Use the Settings section in the HelloBooks app or email us at hello@merufintech.com. We will respond within 30 days (or let you know if we need more time).

18. Policy Updates

We may update this Policy from time to time. We will post updates here with a revised Effective Date and provide additional notice for material changes (email or in-app notification where appropriate).