Privacy Policy
Contents
In plain terms: We collect only what we need to run your shop. We don't sell your data or your customers' data to anyone. Your business data belongs to you. You can request deletion at any time.
1. Overview
Tailor Man ("we", "us", "our") is a shop management platform for tailoring businesses. This Privacy Policy explains how we collect, use, store, and protect information when you ("Tenant", "User") use our Service at tailorman.app or any associated web application.
We are committed to protecting your privacy and the privacy of your customers' data that you entrust to us. This policy is written to comply with the Digital Personal Data Protection Act, 2023 (DPDPA) of India and general international best practices.
2. What Data We Collect
2.1 Account and Business Data (you provide)
| Data | Why we collect it |
|---|---|
| Google account name and email | Account creation and authentication |
| Shop name and owner name | To identify your tenant workspace |
| Profile photo (from Google) | Displayed in the app interface |
2.2 Business Operations Data (you enter)
| Data | Purpose |
|---|---|
| Customer names, phone numbers, addresses | Customer management and order communication |
| Body measurements | Garment production and order management |
| Bill and order details | Order tracking and invoicing |
| Employee profiles and wages | Workforce and payroll management |
| Expense and inventory records | Business financial management |
| Photos (fabric, inspiration images) | Job card and production reference |
2.3 Technical Data (automatically collected)
| Data | Purpose |
|---|---|
| Browser type and version | Compatibility and debugging |
| Device type (mobile/desktop) | UI optimization |
| IP address | Security and fraud prevention (via Firebase) |
| Usage patterns within the app | Feature improvement (via Firebase Analytics, if enabled) |
| Error logs and crash reports | Service stability and debugging |
We do not collect payment card details. Subscription payments are processed manually via UPI; we do not store UPI credentials or bank account numbers.
3. How We Use Your Data
We use the data we collect for the following purposes:
- Service delivery: To operate, maintain, and improve the Tailor Man platform
- Account management: To authenticate users, manage tenants, and enforce subscription limits
- Customer support: To diagnose issues and respond to your support requests
- Security: To detect and prevent fraud, abuse, or unauthorized access
- Legal compliance: To comply with applicable laws and respond to lawful requests from authorities
- Service communications: To send critical notices about your subscription, service changes, or security alerts
We do not use your data or your customers' data for advertising, profiling, or sale to third parties.
4. Data Sharing and Disclosure
We do not sell, rent, or trade your personal data or your customers' data. We may share data only in the following circumstances:
4.1 Infrastructure providers
Your data is stored on Google Firebase (Firestore database and Firebase Storage). Google processes this data as a data processor under our agreement. Google's data processing terms apply: firebase.google.com/terms.
4.2 Legal requirements
We may disclose data if required by law, court order, or governmental authority in India or another jurisdiction, or if we believe disclosure is necessary to prevent fraud or imminent harm.
4.3 Business transfers
If Tailor Man is acquired or merged with another company, your data may be transferred as part of that transaction. We will notify you and give you the opportunity to delete your data before any such transfer.
4.4 With your consent
We may share data in any other circumstances with your explicit prior consent.
5. Data Storage and Security
All data is stored in Google Firebase infrastructure. Firebase Firestore and Firebase Storage are hosted in Google Cloud data centres, which maintain industry-standard security certifications (ISO 27001, SOC 2).
We implement the following security measures:
- All data in transit is encrypted using TLS 1.2 or higher
- All data at rest is encrypted by Google Cloud
- Access to your tenant data is controlled by Firebase Security Rules — each tenant's data is strictly isolated
- Authentication is handled by Google Firebase Auth (OAuth 2.0)
- Role-based access control limits what each staff member can see and do within your account
While we take all reasonable precautions, no system is 100% secure. You are responsible for keeping your Google account credentials secure and for managing access permissions for your staff.
6. Data Retention
We retain your data as follows:
- Active accounts: Data is retained for as long as your account is active and in good standing.
- Suspended accounts: Data is retained for up to 90 days after suspension to allow reactivation.
- Deleted accounts: Upon a verified deletion request, we delete your data within 30 days. Copies in backup systems may persist for up to 90 days.
- Audit logs: We may retain anonymized usage logs for up to 12 months for security and abuse prevention purposes.
You can request early deletion of your data at any time by contacting us at the address in Section 13.
7. Your Rights
Under the Digital Personal Data Protection Act, 2023 (India) and general privacy principles, you have the following rights:
- Access: You can view all data stored in your account through the application at any time.
- Correction: You can update or correct your account information directly in the app.
- Deletion (Right to Erasure): You can request deletion of your account and all associated data.
- Data Portability: You can export your bills and customer data in CSV format from the Reports section.
- Withdrawal of Consent: You may withdraw consent for data processing by deleting your account, though this will terminate your access to the Service.
- Grievance Redressal: You have the right to raise a grievance with our Grievance Officer (see Section 13).
To exercise any of these rights, contact us at privacy@tailorman.app. We will respond within 30 days.
Your customers' rights
You, as the data collector of your customers' personal data, are responsible for honoring your customers' privacy rights. If a customer requests deletion or access to their data, you should action this through the Tailor Man application (by deleting the customer record) or by contacting us.
9. Children's Privacy
The Service is intended for use by businesses and individuals aged 18 and above. We do not knowingly collect personal data from anyone under 18 years of age. If we become aware that we have inadvertently collected such data, we will delete it promptly.
10. Third-Party Services
Tailor Man integrates with or uses the following third-party services:
| Service | Purpose | Privacy Policy |
|---|---|---|
| Google Firebase (Auth, Firestore, Storage) | Authentication, database, file storage | firebase.google.com/support/privacy |
| Google Fonts / Tailwind CDN | UI styling | policies.google.com/privacy |
| api.qrserver.com | QR code generation (bill tracking links) | No personal data is shared — only URLs are sent |
| WhatsApp (wa.me links) | Optional customer notifications | Used only when you click a WhatsApp link; governed by WhatsApp's own policy |
We are not responsible for the privacy practices of third-party services. We encourage you to review their policies.
11. DPDPA Compliance (India)
Tailor Man is designed to support compliance with the Digital Personal Data Protection Act, 2023 of India. As a business using Tailor Man to collect and store your customers' personal data, you are a Data Fiduciary under the DPDPA. Tailor Man acts as a Data Processor on your behalf.
Our commitments as a Data Processor:
- We process personal data only as instructed by you (the Data Fiduciary) through your use of the Service
- We implement appropriate technical and organisational measures to protect personal data
- We will notify you of any personal data breach that may affect your customers without undue delay
- We will delete personal data upon your verified request
- We will assist you in responding to requests from your customers exercising their data principal rights
As a Data Fiduciary, you are responsible for obtaining valid consent from your customers before collecting their personal data (names, phone numbers, measurements, etc.) through Tailor Man.
12. Changes to This Policy
We may update this Privacy Policy periodically. When we make material changes, we will:
- Update the "Last updated" date at the top of this page
- Notify active account holders via email or in-app notice at least 14 days before the changes take effect
Your continued use of the Service after the effective date constitutes acceptance of the updated policy. If you do not agree to the changes, you may delete your account before the effective date.
13. Contact and Grievance Officer
For privacy-related questions, data access requests, or to raise a grievance:
- Email: privacy@tailorman.app
- General support: support@tailorman.app
- Location: Ernakulam, Kerala, India
We aim to respond to all privacy requests within 30 days. If you are not satisfied with our response, you may escalate to the Data Protection Board of India once it is established under the DPDPA.