0 Overview
RozBill ("we", "our", or "us") is a mobile billing application for small businesses, developed and operated in India. This Privacy Policy describes how we collect, use, store, and protect information about you when you use the RozBill Android application and our associated cloud sync service (collectively, the "Service").
Short version: RozBill is a business tool — we only collect the minimum information needed to run the app. We do not sell your data, show you ads, or share your business information with third parties.
By downloading or using RozBill, you agree to the practices described in this policy. If you do not agree, please uninstall the application and discontinue use of the Service.
1 Data We Collect
We collect only the information necessary to provide the billing and sync features of RozBill.
1.1 Account Information
- Your mobile phone number — used as your unique account identifier
- Your chosen 4-digit PIN — stored locally in encrypted form; never transmitted in plain text
- Your business name — displayed on generated invoices
1.2 Business Data You Enter
All business content you create within the app is considered your data. This includes, but is not limited to:
| Data type | Examples | Where stored |
|---|---|---|
| Contacts / Customers | Name, phone number | On-device + cloud (when synced) |
| Products / Inventory | Item name, price, unit, GST rate | On-device + cloud (when synced) |
| Bills / Invoices | Items, amounts, dates, payment status | On-device + cloud (when synced) |
1.3 Device & Technical Information
- A randomly generated device ID — used to attribute sync operations to your device
- App version number — used for compatibility checks during sync
- Crash reports and error logs — collected only when a crash occurs, contain no personal business data
1.4 Data We Do NOT Collect
- Payment card or bank details (RozBill does not process payments)
- Location data
- Camera, microphone, or media access
- Contacts from your phone's address book
- Browsing history or activity in other apps
- Advertising identifiers
2 How We Use Your Data
We use your information for the following purposes only:
- Providing the Service — authenticating your account, generating invoices, and displaying your business dashboard
- Cloud Sync — backing up and synchronising your bills, contacts, and products across
devices you own, using the sync API at
api.rozbill.in - Improving reliability — analysing anonymised crash reports to fix bugs and improve app stability
- Security — detecting and preventing unauthorised access to your account
We do not use your data for advertising, profiling, or any purpose beyond operating and improving the RozBill service.
3 Data Sharing
We do not sell, rent, or trade your personal information or business data to any third party. We may share data only in the following limited circumstances:
3.1 Service Providers
We use a small number of trusted service providers who process data on our behalf under strict data processing agreements. This currently includes our cloud infrastructure provider who hosts the sync backend. These providers are contractually prohibited from using your data for any purpose beyond providing their service to us.
3.2 Legal Obligations
We may disclose your information if required to do so by law, court order, or at the request of a government authority in India, to the extent permitted under applicable law.
3.3 Business Transfer
If RozBill is acquired or merged with another company, your data may be transferred as part of that transaction. We will notify you before your data is transferred and becomes subject to a different privacy policy.
3.4 With Your Consent
We may share your data for any other purpose with your explicit prior consent.
4 Storage & Security
4.1 On-Device Storage
All your bills, contacts, and products are saved first to a local SQLite database on your Android device. This database is stored in the app's private, sandboxed storage directory and is not accessible to other apps.
4.2 Cloud Storage
When your device is online, the app syncs your data to our secure backend server hosted in India. Data in transit is encrypted using HTTPS/TLS. Data at rest on our servers is stored in an encrypted PostgreSQL database.
4.3 Authentication Security
- Your PIN is never stored or transmitted in plain text
- API access uses short-lived JWT tokens; refresh tokens expire after 7 days of inactivity
- Tokens are stored in the app's secure private storage, inaccessible to other apps
4.4 Limitations
No system is completely secure. While we take reasonable and industry-standard measures to protect your data, we cannot guarantee absolute security. We encourage you to use a strong, private PIN and to keep your device software up to date.
5 Data Retention
We retain your data for as long as you maintain an active RozBill account.
- On-device data — retained until you uninstall the app or clear its storage
- Cloud sync data — retained until you request account deletion
- Crash logs — retained for up to 90 days, then permanently deleted
You may request deletion of your account and all associated cloud data at any time by contacting us at the address below. Account deletion is processed within 30 days.
6 Your Rights
You have the following rights with respect to your data:
- Access — request a copy of all personal data we hold about you
- Correction — ask us to correct inaccurate personal information
- Deletion — request deletion of your account and all cloud-stored data
- Portability — request your business data in a machine-readable format
- Restriction — ask us to stop processing your data in certain circumstances
- Opt-out of sync — you may use RozBill in fully offline mode at any time; your data will only reside on your device
To exercise any of these rights, please contact us using the details in Section 11. We will respond within 30 days.
7 Children's Privacy
RozBill is a business tool intended for adults and business owners only. The Service is not directed at, and is not intended for use by, children under the age of 13 (or the applicable age of digital consent in your jurisdiction).
We do not knowingly collect personal information from children under 13. The app requires users to provide a business name and mobile number during registration — indicators that users are adults running a business.
If you are a parent or guardian and believe that a child under 13 has provided us with personal information, please contact us immediately at the address in Section 11. We will promptly delete such information from our servers.
8 Third-Party Services
RozBill may use the following third-party libraries and services. These operate within the app's scope and do not independently collect your personal or business data:
- Google Play Services — required for app distribution on Android; governed by Google's Privacy Policy
- Inter font (Google Fonts) — loaded at runtime for typography; no personal data is shared
The app does not integrate any advertising SDKs, analytics platforms (e.g. Firebase Analytics, Mixpanel), or social login providers.
9 Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons.
When we make material changes, we will:
- Update the "Last updated" date at the top of this page
- Display an in-app notification the next time you open RozBill
Your continued use of RozBill after a change takes effect constitutes your acceptance of the revised policy. If you do not agree to the revised policy, please stop using the app and request account deletion.
10 Governing Law
This Privacy Policy is governed by and construed in accordance with the laws of India, including the Information Technology Act, 2000 and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011.
Any disputes arising out of or in connection with this policy shall be subject to the exclusive jurisdiction of the courts of India.
11 Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please reach out to us: