Privacy Policy

1. Introduction

Welcome to Bosla ERP ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal and business information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our cloud-based AI-powered Enterprise Resource Planning (ERP) software-as-a-service platform ("Service").

By accessing or using Bosla ERP, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

2.1 Account and Registration Information

When you register for an account, we collect:

• Company name, business address, and contact information
• Name, email address, phone number, and job title of authorized users
• Billing and payment information (processed securely through third-party payment processors)
• Account credentials and authentication information

2.2 Business Data and Content

Through your use of Bosla ERP, we collect and process business data including:

• Financial and accounting data (invoices, expenses, budgets, financial reports)
• Customer relationship management (CRM) data (contacts, leads, sales records, customer communications)
• Human resources data (employee records, payroll, leave management, performance reviews)
• Product and inventory management data
• Project management and task tracking information
• Internal communications and collaboration data
• Files, documents, and attachments uploaded to the platform

2.3 Data from Integrated Services

Our AI-powered data capture system (The Capturer) may collect data from various sources you connect, including:

• Communication platforms: WhatsApp, Telegram, Instagram, Facebook Messenger
• Video conferencing: Zoom, Google Meet, Microsoft Teams
• Phone calls and voicemail
• Email communications
• Third-party APIs and integrations you authorize
• Forms and web submissions

2.4 Usage and Technical Information

We automatically collect certain information when you use our Service:

• IP address, browser type, device information, and operating system
• Usage patterns, feature interactions, and time spent on the platform
• Log files, error reports, and performance data
• Cookies and similar tracking technologies (see Section 8)

3. How We Use Your Information

We use the collected information for the following purposes:

• Service Delivery: To provide, maintain, and improve our ERP services, including accounting, CRM, HR, project management, and communication features
• AI Processing: To power our AI agents (The Capturer, The Processor, The Tracker, and The Advisor) that capture, validate, process, and analyze your business data to provide insights and automation
• Account Management: To manage your account, process payments, and provide customer support
• Security and Compliance: To detect, prevent, and address security threats, fraud, and unauthorized access
• Communication: To send you service-related notifications, updates, and respond to your inquiries
• Analytics and Improvement: To analyze usage patterns, improve our services, and develop new features
• Legal Compliance: To comply with applicable laws, regulations, and legal processes

4. Data Sharing and Disclosure

We do not sell your personal or business data. We may share information only in the following circumstances:

4.1 Service Providers

We may share data with trusted third-party service providers who assist us in operating our Service, such as:

• Cloud hosting and infrastructure providers
• Payment processors
• Email and communication service providers
• Analytics and monitoring services
• Customer support platforms

These service providers are contractually obligated to protect your data and use it only for the purposes we specify.

4.2 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity, subject to the same privacy protections.

4.3 Legal Requirements

We may disclose information if required by law, court order, or government regulation, or to protect our rights, property, or safety, or that of our users.

4.4 With Your Consent

We may share information with third parties when you explicitly authorize such sharing, such as when you connect third-party integrations.

5. Data Security

We implement industry-standard security measures to protect your data:

• Encryption: Data is encrypted in transit (TLS/SSL) and at rest using strong encryption algorithms
• Access Controls: Role-based access controls and authentication mechanisms to ensure only authorized users can access data
• Network Security: Firewalls, intrusion detection, and regular security audits
• Data Backup: Regular automated backups to prevent data loss
• Employee Training: Our staff are trained on data protection and security best practices
• Compliance Monitoring: Continuous monitoring for security threats and compliance violations

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee absolute security.

6. AI and Automated Processing

Bosla ERP uses artificial intelligence and machine learning to process your business data through our Four Compass AI Agents:

• The Capturer (East): Automatically captures and structures data from various sources
• The Processor (South): Validates, enriches, and classifies data using business logic
• The Tracker (West): Monitors and verifies data processing and delivery
• The Advisor (North): Analyzes data to provide insights, predictions, and recommendations

This automated processing helps improve service efficiency and provides valuable business insights. You can control certain AI features through your account settings. We do not use your data to train AI models for other customers or third parties without your explicit consent.

7. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal data:

• Access: Request access to your personal data we hold
• Correction: Request correction of inaccurate or incomplete data
• Deletion: Request deletion of your personal data (subject to legal and contractual obligations)
• Portability: Request a copy of your data in a structured, machine-readable format
• Objection: Object to certain types of processing, including automated decision-making
• Restriction: Request restriction of processing in certain circumstances
• Withdraw Consent: Withdraw consent for data processing where consent is the legal basis

To exercise these rights, please contact us at [email protected]. We will respond to your request within 30 days, subject to applicable law.

California Residents: Under the California Consumer Privacy Act (CCPA), you have additional rights, including the right to know what personal information we collect and the right to opt-out of the sale of personal information (we do not sell personal information).

EU/UK Residents: Under the General Data Protection Regulation (GDPR), you have comprehensive data protection rights. Our legal basis for processing includes contract performance, legitimate business interests, and your consent.

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience:

• Essential Cookies: Required for the Service to function (authentication, security)
• Functional Cookies: Remember your preferences and settings
• Analytics Cookies: Help us understand how you use our Service to improve it
• Performance Cookies: Monitor Service performance and identify issues

You can control cookies through your browser settings. However, disabling certain cookies may affect Service functionality. For more information, see our Cookie Policy.

9. Data Retention

We retain your data for as long as necessary to:

• Provide our Service to you
• Comply with legal obligations
• Resolve disputes and enforce agreements
• Maintain business records as required by law

When you cancel your account, we will delete or anonymize your data within 90 days, except where we are required to retain it for legal, regulatory, or legitimate business purposes. You may request earlier deletion by contacting us.

10. International Data Transfers

Your data may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses approved by relevant data protection authorities
• Compliance with applicable data protection laws
• Security measures consistent with this Privacy Policy

By using our Service, you consent to the transfer of your data to countries that may have different data protection laws than your country.

11. Children's Privacy

Bosla ERP is designed for business use and is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately, and we will delete such information.

12. Third-Party Links and Integrations

Our Service may contain links to third-party websites or integrate with third-party services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any information.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:

• Posting the updated policy on our website with a new "Last Updated" date
• Sending an email notification to your registered email address
• Displaying a prominent notice within the Service

Your continued use of the Service after changes become effective constitutes acceptance of the updated Privacy Policy.