Skip to main content
Hisabe
Legal

Privacy policy

Effective 29 May 2026

This Privacy Policy explains how Propgic (“Hisabe”, “we”, “us” or “our”) collects, uses, discloses and safeguards information when you visit our website, create an account, or use the Hisabe ERP platform and related apps (together, the “Service”). By using the Service, you agree to the practices described here.

1. Who this policy applies to

Hisabe is a business-to-business product. We act in two distinct roles:

  • As a data fiduciary for account, billing and website information — the data we collect directly from you to provide and operate the Service.
  • As a data processor for the business records you and your team enter into Hisabe(customers, suppliers, products, invoices, payments, and similar operational data). Your organisation controls that data; we process it on your behalf under our Terms of Service.

2. Information we collect

Information you provide

  • Account details: name, email address, phone number, organisation name, role, and password credentials.
  • Business profile: GSTIN, billing address, branch details and tax preferences used to configure your workspace.
  • Operational data: the records you create in the product — customers, suppliers, products, stock, invoices, orders, payments and reports.
  • Support communications: messages, attachments and feedback you send us.

Information we collect automatically

  • Usage data: features used, pages viewed, actions taken, and timestamps.
  • Device & log data: IP address, browser type, device identifiers, operating system, and diagnostic logs.
  • Cookies & similar technologies: used to keep you signed in, remember preferences, and understand how the Service is used (see Section 5).

Information from payment providers

When you subscribe to a paid plan, our payment processor collects and handles your payment details. We do not store full card numbers; we receive only confirmation of payment and limited billing metadata.

3. How we use information

  • To provide, operate, secure and maintain the Service.
  • To authenticate users and manage organisation access.
  • To process subscriptions, invoices and payments.
  • To provide customer support and respond to your requests.
  • To monitor performance, prevent fraud and abuse, and improve product quality.
  • To send service-related notices (security, billing, and material changes) and, where permitted, product updates you can opt out of.
  • To comply with legal, tax and regulatory obligations.

We do not sell your data, and we do not use your business transaction data to train third-party AI systems.

4. Legal bases for processing

We process personal data where it is necessary to perform our contract with you, to comply with a legal obligation, for our legitimate business interests (such as securing and improving the Service), or on the basis of your consent, as applicable under the Digital Personal Data Protection Act, 2023 and other laws that apply to you. Where we rely on consent, you may withdraw it at any time.

5. Cookies and tracking

We use strictly necessary cookies to run the Service (for example, to keep you signed in) and limited analytics cookies to understand usage. You can control or block cookies through your browser settings, though some features may not work without them.

6. How we share information

We share information only as described below:

  • Service providers (sub-processors): cloud hosting, email delivery, analytics and payment processing partners who act on our instructions under confidentiality obligations.
  • Within your organisation: data you enter is visible to authorised users in your workspace, according to the roles and permissions you configure.
  • Legal requirements: when required by law, regulation, court order, or to protect our rights, users or the public.
  • Business transfers: in connection with a merger, acquisition or sale of assets, subject to this policy.

7. Data storage and security

We host data with reputable cloud infrastructure providers and apply administrative, technical and physical safeguards — including encryption in transit, access controls, and tenant isolation — to protect information. No method of transmission or storage is completely secure, so we cannot guarantee absolute security. If we become aware of a breach affecting your personal data, we will notify you and the relevant authorities as required by law.

8. Data retention

We retain account and operational data for as long as your organisation maintains an active account, and thereafter only as needed to comply with legal, tax and accounting obligations or to resolve disputes. You can request export or deletion of your data as described below; some records may be retained where the law requires us to keep them.

9. Your rights

Subject to applicable law, you may have the right to access, correct, update or delete your personal data, to withdraw consent, to request a copy of your data, and to nominate another person to exercise your rights in case of death or incapacity. To exercise these rights, contact us at hello@propgic.com. Where Hisabe processes data on behalf of your organisation, we will direct your request to that organisation.

10. Your responsibilities

If you use Hisabe to process personal data about your own customers or staff, you are responsible for having a lawful basis to collect and share that data with us, for honouring data-subject requests, and for configuring access within your workspace appropriately.

11. Children

The Service is intended for businesses and is not directed to individuals under 18. We do not knowingly collect personal data from children.

12. International transfers

Your data is primarily stored and processed in India. Where data is transferred to or accessed from other countries (for example, by a sub-processor), we take steps to ensure it remains protected in line with this policy and applicable law.

13. Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the effective date above and, where appropriate, notify you through the Service or by email. Continued use of the Service after changes take effect constitutes acceptance.

14. Contact & grievances

For questions about this policy or to raise a grievance about how we handle your data, contact our Grievance Officer: