EventKhata ("we", "us", "our") operates the EventKhata web and mobile applications and the website eventkhata.com (the "Service"). This page informs you of our policies regarding the collection, use and disclosure of personal data when you use our Service.
1. Information We Collect
- Account Information: business name, owner name, email, phone, password (stored hashed with bcrypt)
- Business Data You Enter: leads (customer name/phone), menu items, quotations, expenses, payment records, support tickets — used solely to operate your catering business inside EventKhata.
- End-Customer Data: when you add a lead, you supply your customer's name and phone number. This data is stored under your account.
- Usage Data: pages viewed, actions taken, device/browser type, IP address — for analytics and abuse prevention.
- Payment Data: handled by PhonePe Payment Gateway. We never see or store your card / UPI credentials.
2. How We Use Your Data
- To provide and maintain the Service
- To process subscription payments via PhonePe
- To send transactional messages on WhatsApp (via Twilio) to YOUR customers, on your behalf, when you click "Send Menu" or "Send Quotation"
- To generate PDF quotations and invoices
- To respond to your support tickets
- To improve the product (anonymised aggregated analytics)
3. Sharing Your Data
We do not sell, rent, or trade your personal data. We share data only with:
- PhonePe — for processing subscription payments
- Twilio — for sending WhatsApp messages to end-customers on your behalf
- MongoDB Atlas — our cloud database provider (data stored in Mumbai, India region)
- Hosting / Infrastructure providers — to operate the Service
- Legal authorities — if required by law (court order, legal process)
4. Data Retention
We retain your data for as long as your account is active. If you delete your account, your data is permanently erased within 30 days, except where retention is required by Indian tax / accounting law (typically 7 years for invoice records).
5. Your Rights
- Access — request a copy of your data by emailing support@eventkhata.com
- Correction — edit your information any time inside the app
- Deletion — use the in-app account deletion or visit Data Deletion
- Portability — request export of your data in JSON / PDF format
- Withdraw consent — disable any feature or close your account
6. Security
We use industry-standard security measures: TLS 1.3 for all data in transit, bcrypt for password hashing, JWT for authenticated sessions, encrypted MongoDB storage at rest, and access controls on our hosting infrastructure. No system is 100% secure, but we strive to protect your data using commercially reasonable safeguards.
7. Children
EventKhata is a business tool. We do not knowingly collect data from anyone under 18 years of age.
8. International Transfers
Your data is stored in MongoDB Atlas servers located in Mumbai, India. If your country is outside India, by using the Service you consent to your data being processed in India.
9. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you via email or in-app banner before significant changes take effect.
10. Contact Us
Questions about this Privacy Policy? Email us at support@eventkhata.com.