Privacy Policy

Who we are

RestroInvoice ("we", "us") provides restaurant POS and hotel management software. This policy explains what we collect and how we handle it. Contact: hello@restroinvoice.com.

What we collect

• Account data — your name, business name, email, phone, and login credentials.
• Operational data you enter — menu, orders, invoices, expenses, staff, and customer details (e.g. a guest's name/phone) that you record while using the POS.
• Payment data — handled by our payment processor (Razorpay). We do not store your card details.
• Technical data — a session cookie for authentication, and basic server logs (IP, timestamps) for security and reliability.

Where your data is stored

• Database & authentication — Supabase (managed PostgreSQL).
• Application server — Hostinger VPS located in Mumbai, India.
• Transactional email — Hostinger email.
• Payments — Razorpay (PCI-DSS compliant).

Data is isolated per business using database row-level security, and transmitted over encrypted connections (HTTPS/TLS).

How we use it

To provide and operate the service, process subscriptions and payments, send transactional email (e.g. login credentials, receipts), provide support, and keep the platform secure. We do not sell your data.

Sharing

We share data only with the processors above (Supabase, Hostinger, Razorpay) to run the service, and where required by law.

Retention & your rights

We keep your data while your account is active and as required by law (e.g. tax/GST records). You may request access, correction, or deletion of your data by emailing hello@restroinvoice.com.

Public bill links

When you share a customer e-bill link, anyone with that link can view that single bill (items, total, and any customer name/phone on it). Links use long, unguessable identifiers.