Finsys ERP & Mobile App Privacy Policy

Main page :

Effective Date: 1st April 2022

1. Introduction and Scope

Finsys Infotech Limited (“Finsys”, “we”, “our”, “us”) operates the website www.finsys.co.in, the Finsys ERP software (on‑premise and cloud), and related mobile applications for iOS and Android (collectively, the “Services”).( Details at website ) ​

This Privacy Policy explains how we collect, use, share, and protect information about visitors to our website, prospective customers, and authorized users of our ERP and mobile apps.

By using our website or Services, you agree to the practices described in this Privacy Policy, subject to applicable law.

2. Data We Collect

We may collect the following categories of information:

1. Contact and business information
   • Name, company name, designation, email address, phone/mobile number, postal address.
   • Information submitted through enquiry forms, demo requests, exhibition forms, WhatsApp or email communication.​
2. Account and usage information
   • Usernames, roles, and access rights inside Finsys ERP and mobile apps.
   • Login dates and times, IP address, device type, browser/app version, and general usage logs.
3. ERP and transaction data (business data)
   • Master data and transaction data that our customers enter into Finsys ERP (e.g., customers, vendors, inventory, production, purchase, sales, accounts, HR, payroll, etc.).​
   • This data is processed strictly on behalf of our customer and is owned and controlled by that customer.
4. Technical information and cookies
   • Cookies and similar technologies on our website to remember preferences, secure sessions, and analyse website usage.iubenda​
   • Analytics data such as pages visited, referrer URL, time spent, and general location (city/country level).
5. Support and communication data
   • Content of support tickets, emails, feedback forms, training registrations, webinar participation, and survey responses.
6. App‑specific and device information
   • Mobile device model, OS version, app version, crash logs, and performance data.​
   • If the app requests permissions (e.g., camera, photos/files, notifications, location), we collect only the data necessary to provide the respective feature.

We do not intentionally collect information from children under 18 and our Services are intended for business users only.

3. How We Use Information

We may use the above information for the following purposes:​

1. To provide and operate the Services
   • Create and manage user accounts.
   • Configure, implement, customize, and support Finsys ERP and mobile apps for our customers.
   • Process business transactions as instructed by our customers.
2. To communicate with you
   • Respond to enquiries, demo requests, and support tickets.
   • Send operational communications (e.g., maintenance notices, security updates, feature changes).
   • Send newsletters, product updates, and invitations to events or webinars, where permitted.
3. To improve and secure our Services
   • Monitor usage to improve performance, usability, stability, and security.​
   • Detect, prevent, and investigate bugs, errors, fraud, and unauthorized access.
4. To comply with legal obligations
   • Maintain records as required under applicable laws.
   • Respond to lawful requests from government or regulatory authorities.

 

4. Legal Basis (Where Applicable)

Where required by privacy laws, we rely on the following legal bases:​

• Performance of a contract, when processing is necessary to provide ERP and related services to our customers.
• Legitimate interests, such as improving our Services, ensuring security, and growing our business, provided such interests are not overridden by your rights.
• Consent, for specific activities like certain marketing communications or optional cookies and analytics, where required.

5. Role of Finsys: Controller vs. Processor

• For personal data of visitors to our website, prospects, and our own marketing/sales contacts, Finsys generally acts as a data controller.
• For personal data contained within our customers’ ERP databases (e.g., their employees, vendors, and customers), Finsys typically acts as a data processor (or service provider), processing data only on documented instructions of the customer, who is the controller.

6. Sharing of Information

We do not sell your personal data. We may share information only in the following limited circumstances.​

1. With service providers / sub‑processors
   • Hosting providers and data centres (for cloud or remote hosting).
   • Database and infrastructure providers (e.g., Oracle or other platform/infra providers as may be used).​
   • Email, SMS, WhatsApp or other communication service providers.
   • Analytics, error‑tracking, and monitoring tools.
     These service providers are obligated to protect your information and use it only for providing services to us.
2. With customers (our clients)
   • In our role as processor, data is shared within the customer’s organization as configured by their administrators (e.g., between different branches, group companies, or authorised users).
3. For legal reasons
   • When we believe disclosure is reasonably necessary to comply with any applicable law, regulation, legal process, or governmental request.
   • To protect the rights, property, or safety of Finsys, our customers, or others.
4. Business transfers
   • In connection with a merger, acquisition, restructuring, or sale of all or part of our business, your data may be transferred, subject to confidentiality protections.

7. International Data Transfers

Depending on hosting arrangements and service providers used, your information may be stored or processed in countries other than your own.​

Where required by law, we take appropriate safeguards to protect such transfers, such as contractual protections and limiting access to authorised personnel only.

8. Data Retention

We retain personal data for as long as necessary to fulfil the purposes for which it was collected, including to meet legal, accounting, or reporting requirements.​

Indicatively:

• Website and enquiry data: typically retained for the duration of the enquiry/business relationship and for a reasonable period thereafter.
• ERP and business data: retained for the duration of the customer contract and any backup/archival periods agreed with the customer.
• Logs and technical data: retained for a period necessary for security, troubleshooting, and audit purposes.

Upon expiry of retention periods, data is deleted or anonymised, subject to applicable law and contractual obligations.

9. Security Measures

We implement reasonable technical and organisational measures designed to protect information against unauthorised access, alteration, disclosure, or destruction, such as:​

• Role‑based access control and user authentication.
• Encryption of data in transit (e.g., HTTPS, VPN).
• Secure configurations for databases and servers.
• Regular backups, monitoring, and logging.
• Internal policies, training, and restricted access to production systems.

However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

10. Your Rights and Choices

Subject to applicable law and the nature of our role (controller vs. processor), you may have the right to:​

• Access your personal data and receive a copy.
• Request correction or update of inaccurate or incomplete data.
• Request deletion of your data, subject to legal and contractual restrictions.
• Object to or restrict certain processing, including for direct marketing.
• Withdraw consent, where processing is based on consent.

For data that we process on behalf of a customer within their ERP system, you should submit your requests directly to that customer (your employer or service provider). We will support them in responding to your request as required by law and our contract.

To exercise your rights, please contact us using the details in Section 13.

11. Children’s Privacy

Our website, ERP, and mobile apps are intended for use by businesses and adult professionals only and are not directed to children under the age of 18.​

We do not knowingly collect personal data from children. If you believe that a child has provided us with personal data, please contact us so that we can take appropriate steps.

12. Mobile App‑Specific Information (iOS and Android)

For our mobile applications:

1. App permissions
   • If the app requests access to device features (such as camera, photos/files, notifications, or location), this is solely to enable specific functionality requested by the customer or user (for example, scanning barcodes, uploading photos of documents, or sending alerts).
   • You can manage or revoke such permissions in your device settings, but some features may not work without the relevant permission.​
2. Third‑party SDKs
   • We may use third‑party SDKs or libraries for analytics, crash reporting, or push notifications. These may collect limited device and usage information as described above.​
   • Details of the specific SDKs used and their data practices can be provided on request or in the app’s store listing.
3. App Store and Google Play disclosures
   • In line with Apple’s and Google’s policies, we provide app privacy details in the respective store listings, which should be read together with this Privacy Policy.​

13. Grievance Officer and Contact Details

If you have any questions, concerns, or complaints about this Finsys ERP & Mobile App Privacy Policy  or our data practices, or if you wish to exercise your privacy rights, please contact:

Privacy & Data Protection Contact / Grievance Officer
Finsys Infotech Limited
Registered Office Address : TB-06, Crown Plaza Mall, Sector 15A, Faridabad, Haryana , NCR New Delhi, India
Phone: +91‑9015220220
Email: Corporate[at]finsys.in

We will endeavour to respond to your request or complaint within the timelines prescribed by applicable law.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors.​

When we do so, we will revise the “Effective Date” at the top of this page. In case of material changes, we may provide additional notice (for example, by displaying a notice on our website or within our apps). Continued use of our website or Services after such changes will constitute your acknowledgement of the updated Privacy Policy.

For iOS, ensure your final published page URL (e.g., https://www.finsys.co.in/privacy-policy) is added both in your website footer and in App Store Connect under “Privacy Policy URL”, and link to it from inside the app’s settings/about screen.​

1. 1. https://www.finsys.co.in
   2. https://developer.apple.com/app-store/app-privacy-details/
   3. https://developer.apple.com/help/app-store-connect/manage-app-information/manage-app-privacy/

 

Contact us page Click here

 

This was the Finsys ERP & Mobile App Privacy Policy explaining how Finsys Infotech Limited collects, uses, and protects business and user data across its website, ERP software, and iOS/Android mobile applications.