At eHisab, your privacy matters deeply. This policy explains what data we collect, why we collect it, how we protect it, and the choices you have. We never sell your data to third parties.
1Who We Are
Icreate Solutions ("we", "us", "our") is the data controller responsible for the eHisab cloud ERP platform. We are registered in Kolkata, West Bengal, India.
- Registered Address: 11A, Kalakar Street, Kolkata – 700007, West Bengal, India
- Email: info@icreatesolutions.in
- Phone: +91 89817 74744
This Privacy Policy applies to all users of the eHisab platform, our website, and any related services provided by Icreate Solutions.
2Information We Collect
We collect information in the following categories:
| Category | Examples | Source |
| Account Information | Name, email, phone number, business name, designation | Provided by you at registration |
| Business Data | Invoices, purchase orders, inventory records, accounts, production data | Entered by you or your team into eHisab |
| Payment Information | Transaction IDs, payment method type, billing history | Generated during subscription payment |
| Usage Data | Login timestamps, pages visited, features used, browser type, IP address | Automatically collected when you use the Service |
| Device & Technical Data | Device type, operating system, screen resolution, session duration | Automatically collected |
| Communications | Emails, support tickets, feedback forms | Provided by you when contacting us |
We do not collect sensitive personal data such as Aadhaar numbers, financial account credentials, or health information unless specifically required and consented to.
3How We Use Your Information
We use the information we collect for the following purposes:
- Service Delivery: To provide, operate, maintain, and improve the eHisab platform
- Account Management: To create and manage your account, verify identity, and authenticate logins
- Billing & Payments: To process subscription payments and send invoices
- Customer Support: To respond to your queries, resolve issues, and provide onboarding assistance
- Communications: To send transactional emails, service updates, security alerts, and promotional content (with your consent)
- Analytics & Improvement: To understand how the platform is used and to improve features and performance
- Legal Compliance: To comply with applicable Indian laws, including the Information Technology Act, 2000, and GST regulations
- Security: To detect, prevent, and investigate fraud, unauthorised access, and misuse
4Legal Basis for Processing
We process your personal data on the following legal bases under applicable Indian law:
- Contractual Necessity: Processing required to fulfil our obligations under the subscription agreement
- Consent: Where you have given explicit consent, such as for marketing communications
- Legitimate Interests: For security, fraud prevention, product improvement, and business analytics
- Legal Obligation: Where required by law, regulation, or court order
5Data Sharing & Disclosure
We do not sell, rent, or trade your personal data. We may share your information only in the following limited circumstances:
- Service Providers: Trusted third-party vendors who help us operate the platform (e.g., cloud hosting, email delivery, payment processing) — under strict confidentiality and data processing agreements
- Legal Requirements: When required to comply with a court order, subpoena, government request, or applicable law
- Business Transfer: In the event of a merger, acquisition, or sale of company assets, with prior notice to affected users
- With Your Consent: In any other case, only with your explicit written consent
Our service providers are contractually prohibited from using your data for any purpose other than providing services to us.
6Data Storage & Security
Your data is stored on secure cloud servers located in India. We implement the following security measures:
- 256-bit SSL/TLS encryption for all data in transit
- Encrypted storage for data at rest
- Automated daily backups with point-in-time recovery
- Role-based access controls so staff can only access what they need
- OTP-based two-factor authentication for user logins
- Regular security audits and vulnerability assessments
- Intrusion detection and real-time monitoring
While we take every reasonable precaution, no system is entirely impervious to attack. In the unlikely event of a data breach affecting your personal information, we will notify you as required by applicable law.
7Data Retention
We retain your data for as long as your account remains active or as needed to provide the Service. Specifically:
- Active Accounts: Data is retained throughout the subscription period
- Post-Termination: After account cancellation, we retain your data for 30 days during which you may request an export. After 30 days, data is permanently deleted from our systems
- Legal Obligations: Certain data may be retained longer where required by Indian law (e.g., financial records under the Companies Act or GST regulations)
- Backup Copies: Backup copies may persist for up to 60 days before being permanently purged
8Your Rights
As a user of eHisab, you have the following rights with respect to your personal data:
- Access: Request a copy of the personal data we hold about you
- Correction: Request correction of inaccurate or incomplete data
- Deletion: Request deletion of your personal data, subject to legal retention requirements
- Data Portability: Request your business data in a standard exportable format
- Withdrawal of Consent: Withdraw consent for marketing communications at any time by emailing us or using the unsubscribe link in our emails
- Objection: Object to processing of your data for certain purposes
To exercise any of these rights, please contact us at info@icreatesolutions.in. We will respond within 30 days of receiving your request.
9Cookies & Tracking
eHisab uses cookies and similar technologies to:
- Keep you logged in across sessions (session cookies)
- Remember your preferences and settings
- Analyse usage patterns to improve the platform (analytics cookies)
- Detect and prevent fraudulent activity (security cookies)
Essential cookies are necessary for the platform to function and cannot be disabled. You may control analytics and preference cookies through your browser settings. Disabling cookies may affect the functionality of certain features.
We do not use third-party advertising cookies or sell cookie data to advertisers.
10Children's Privacy
eHisab is a business platform intended for use by adults (18 years and above). We do not knowingly collect personal data from individuals under the age of 18. If you believe a minor has provided us with personal data, please contact us immediately at info@icreatesolutions.in and we will take steps to delete such data.
11Third-Party Links
The eHisab platform or website may contain links to third-party websites or services. We are not responsible for the privacy practices or content of those third parties. We encourage you to review the privacy policies of any third-party sites you visit.
12Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or applicable law. When we do, we will revise the "Last updated" date at the top of this page.
For material changes, we will notify active subscribers via email or in-app notification at least 14 days before the changes take effect. Your continued use of eHisab after the effective date constitutes acceptance of the updated policy.
13Contact & Grievance Officer
For any privacy-related queries, complaints, or to exercise your data rights, please contact our Grievance Officer:
- Name: Grievance Officer, Icreate Solutions
- Address: 11A, Kalakar Street, Kolkata – 700007, West Bengal, India
- Email: info@icreatesolutions.in
- Phone: +91 89817 74744
- Response Time: We aim to acknowledge all requests within 48 hours and resolve them within 30 days
If you are not satisfied with our response, you may approach the appropriate regulatory authority under the Information Technology Act, 2000 and the rules framed thereunder.