Privacy Policy

LabelERP Technologies Pvt. Ltd. ("LabelERP," "we," "us," or "our") operates the website at labelerp.co.in and the SaaS application at app.labelerp.co.in. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our services.

1. Data We Collect

We collect the following categories of information:

a) Account Information

When you register for an account, we collect your name, email address, phone number, business name, and billing address. This information is necessary to create and maintain your account and provide our services.

b) Usage Data

We automatically collect information about how you interact with our platform, including pages visited, features used, session duration, browser type, device information, IP address, and referring URLs. This data helps us improve the performance and usability of our product.

c) Business Data

Data you enter into the platform — such as product catalogues, inventory records, customer orders, financial entries, and team member details — is stored securely and treated as confidential. We do not access this data except as required to provide the service or when legally compelled to do so.

d) Cookies and Tracking Technologies

We use cookies and similar technologies to maintain your session, remember your preferences, and gather analytics. Please see our Cookie Policy for full details.

2. How We Use Your Data

We use the data we collect for the following purposes:

• Service delivery: To create your account, process orders, manage your subscription, and provide customer support.
• Product improvement: To analyse usage patterns, identify issues, and develop new features.
• Communication: To send transactional emails (e.g., invoices, password resets), product updates, and, with your consent, marketing communications.
• Security: To detect, prevent, and respond to fraud, abuse, or security incidents.
• Legal compliance: To fulfil our obligations under applicable Indian laws, including the Digital Personal Data Protection Act, 2023.

3. Data Sharing

We do not sell, rent, or trade your personal data. We may share your data only in the following circumstances:

• Service providers: We work with trusted third-party providers for cloud hosting, email delivery, payment processing, and analytics. These providers are contractually bound to use your data solely for delivering their services to us.
• Legal requirements: We may disclose data if required by law, court order, or government authority.
• Business transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of the transaction, subject to the same privacy protections.

4. Data Retention

We retain your personal data for as long as your account is active or as needed to provide our services. If you close your account, we will delete your personal data within 90 days, except where retention is required for legal, accounting, or regulatory purposes. Business data associated with your account will be permanently deleted upon account closure, following a 30-day grace period during which you may export your data.

5. Data Security

We implement industry-standard security measures to protect your data, including encryption in transit (TLS 1.2+) and at rest (AES-256), regular security audits, access controls, and secure development practices. For more details, please visit our Security page.

6. Your Rights Under the DPDP Act

Under the Digital Personal Data Protection Act, 2023, you have the following rights as a Data Principal:

• Right to access: You may request a summary of the personal data we hold about you and how it is being processed.
• Right to correction: You may request correction of inaccurate or incomplete personal data.
• Right to erasure: You may request deletion of your personal data, subject to applicable legal obligations.
• Right to grievance redressal: You may raise a complaint with our Grievance Officer if you believe your data has been mishandled.
• Right to nominate: You may nominate another individual to exercise your rights on your behalf in the event of your death or incapacity.

For more details on how we comply with the DPDP Act, please visit our DPDP Compliance page.

7. Children's Privacy

Our services are designed for businesses and are not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected data from a minor, we will delete it promptly.

8. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. We will notify you of any material changes by posting the updated policy on our website and, where appropriate, by email. Your continued use of our services after such changes constitutes your acceptance of the updated policy.

9. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data rights, please contact us at: