Privacy Policy
How we collect, use, and protect your data.
1. Information We Collect
Account Information: When you register, we collect your name, email address, company name, and GSTIN (optional). Passwords are hashed using bcrypt and never stored in plain text.
Product Data: Product names, descriptions, categories, SKUs, and brand information you enter into the platform.
Label Images: Product label images (JPG, PNG, PDF) you upload for compliance analysis. These are stored securely and processed by our AI extraction engine.
Usage Data: We log page views, feature usage, and compliance check activity for platform improvement and analytics. This includes IP addresses, browser type, and timestamps.
Payment Data: Payment processing is handled by Razorpay. We store Razorpay order and payment IDs but never store credit card numbers, UPI PINs, or bank credentials.
2. How We Use Your Data
- To provide compliance analysis and generate reports for your products
- To send label images to Google Gemini Vision API for text extraction
- To process payments and manage subscriptions via Razorpay
- To send transactional emails (alerts, reports, license reminders) via Brevo SMTP
- To improve our compliance rules, AI models, and platform features
- To respond to support requests and communications
3. Third-Party Services
We use the following third-party services to operate the platform:
- Google Gemini API — for AI-powered label extraction and compliance analysis
- Razorpay — for payment processing (subject to Razorpay's Privacy Policy)
- Brevo (Sendinblue) — for transactional email delivery
- Railway — for application hosting and database services
Label images sent to Google Gemini are processed for text extraction only and are not used to train Google's AI models.
4. Data Storage & Security
- All data is stored in encrypted PostgreSQL databases hosted on Railway
- All connections use HTTPS/TLS encryption
- Passwords are hashed with bcrypt (never stored in plain text)
- API keys are hashed; only the prefix is visible in the UI
- Shared reports use time-expiring tokens for access control
5. Data Retention
Your data is retained for as long as your account is active. If you delete your account:
- Account data is marked for deletion immediately
- Product data, labels, and reports are permanently deleted within 30 days
- Anonymized usage analytics may be retained for platform improvement
6. Your Rights
You have the right to:
- Access your personal data stored on the platform
- Correct inaccurate data via the Settings page
- Export your product and compliance data
- Delete your account and all associated data
- Withdraw consent for optional data processing
7. Cookies
We use essential cookies for authentication (JWT session tokens). We do not use third-party tracking cookies or advertising pixels.
8. Children's Privacy
RegBite is a B2B platform and is not directed at individuals under 18. We do not knowingly collect data from minors.
9. Changes to This Policy
We may update this privacy policy from time to time. We will notify registered users of material changes via email. Continued use of the Service after changes constitutes acceptance.
10. Contact
For privacy-related questions or data requests, contact us at privacy@regbite.in.