Only 12 of 20 founding spots remaining — lock ₹999/month before it fills →
Start free trial

Legal

Privacy Policy

Last updated: 9 April 2026

BizBadhao ("we", "our", or "us") is operated by BizBadhao Internet Private Limited, a company incorporated in India. This Privacy Policy explains how we collect, use, store, and protect your personal data in accordance with the Digital Personal Data Protection Act, 2023 (DPDP Act) and other applicable Indian law.

By creating an account or using our service, you agree to the practices described in this policy. If you do not agree, please do not use BizBadhao.

1. Data we collect

Account data

When you create an account, we collect:

  • Your name and email address
  • Your business name and city
  • A hashed password (we never store plain-text passwords)

Customer data you upload

When you add customers to send review requests, you provide their name and phone number. This data is stored solely to generate the WhatsApp review-request link and to track whether a request was sent. We do not contact your customers directly.

Google Business Profile data

When you connect your Google Business Profile, we receive access to your business listing details and reviews via the Google My Business API. We use this only to display your reviews in your dashboard and to post AI-drafted replies on your behalf when you explicitly click "Post reply".

Billing data

Payments are handled entirely by Razorpay. We do not store your card number, UPI ID, or bank account details. We receive a payment confirmation token and subscription status from Razorpay, which we use to manage your account access.

Usage data

We collect anonymous usage events (e.g. pages visited, features used) via Vercel Analytics to understand how the product is used and to improve it. This data is not linked to your identity.

2. How we use your data

  • To provide and operate the BizBadhao service
  • To send email alerts for low-star reviews (using Resend)
  • To generate AI reply drafts using OpenAI (only review text is sent — no personal data)
  • To process payments and manage your subscription via Razorpay
  • To communicate important service updates or security notices
  • To improve the product using aggregated, anonymous analytics

We do not sell your data to third parties. We do not use your data for advertising.

3. Third-party processors

We share data with the following sub-processors to deliver the service:

  • Supabase — Database and authentication (data stored in AWS, Singapore region)
  • Razorpay — Payment processing (India)
  • Google LLC — Google Business Profile API, Google OAuth login
  • OpenAI — AI reply generation (review text only; no personal data)
  • Resend — Transactional email delivery
  • Vercel — Hosting and anonymous analytics

Each processor is contractually required to protect your data in accordance with applicable law.

4. Data retention

  • Active accounts: data retained for the duration of the subscription.
  • After cancellation or trial expiry: account is paused and data is retained for 30 days, then permanently deleted.
  • You may request immediate deletion at any time (see Section 6).

5. Cookies and local storage

We use a session cookie set by Supabase Auth to keep you logged in. We also store your theme preference (bb-theme) in localStorage in your browser. No third-party tracking cookies are used.

6. Your rights under the DPDP Act, 2023

As a data principal under Indian law, you have the right to:

  • Access — Request a copy of the personal data we hold about you
  • Correction — Ask us to correct inaccurate or incomplete data
  • Erasure — Request deletion of your account and all associated data
  • Grievance redressal — Lodge a complaint with our Data Protection Officer

To exercise any of these rights, email us at privacy@bizbadhao.in. We will respond within 30 days.

7. Data security

All data is encrypted in transit (TLS 1.2+) and at rest. Access to production databases is restricted by role-based access control. We conduct periodic security reviews. Despite these measures, no system is completely secure — please use a strong, unique password for your account.

8. Children

BizBadhao is intended for business owners and is not directed at children under 18. We do not knowingly collect data from minors.

9. Changes to this policy

We may update this policy from time to time. Material changes will be notified via email to registered users at least 14 days before they take effect. The "Last updated" date at the top of this page will always reflect the current version.

10. Contact

For privacy-related questions or requests, contact our Data Protection Officer at privacy@bizbadhao.in.