Privacy Policy

PrescenseOS (“we”, “us”) operates the multi-tenant SaaS at prescenseos.in. This policy explains what personal data we collect from clients, how we use it, who we share it with, and the rights you have under India’s Digital Personal Data Protection Act, 2023 (DPDP Act).

When you sign up and use PrescenseOS, we collect:

• Account details: your name, email, and password (stored hashed by our auth provider).
• Business profile: business name, type, phone, city, services, target clients, tone, USP, taglines, brand colours, writing-style samples, and similar onboarding inputs.
• Payment details: handled by Razorpay; we receive only the resulting payment IDs and subscription identifiers — never your card number.
• Google Business Profile data: with your explicit OAuth consent, we store an encrypted access and refresh token, plus your selected GBP location ID, so we can post and reply on your behalf.
• Generated content + reviews: AI-drafted website copy, GBP posts, LinkedIn posts, blog articles, and the reviews and replies we collect through your GBP connection.
• Engagement records: customer name, email, service provided, and engagement date — only as you log them.
• Usage analytics: anonymous page-view and event data via PostHog. No cross-site tracking.

• Generating your website, content, and review replies.
• Sending you operational emails (welcome, content ready, payment failed, etc.).
• Sending review request emails to customers you logged as engagements — only to the customers you logged, never to anyone else.
• Charging your subscription via Razorpay on the cadence you chose.
• Diagnosing problems and improving the product through aggregated analytics.

We share the minimum necessary data with:

• Supabase — database and authentication hosting.
• Anthropic (Claude) — generates your website copy, content, and review replies.
• Razorpay — payments and subscriptions.
• Google — only where you OAuth-connect your Google Business Profile.
• Resend — transactional email delivery.
• Vercel — application hosting.
• PostHog — product analytics.

Each is bound by their own privacy terms. We do not sell your data to anyone.

We retain your data for as long as your subscription is active. On cancellation, we keep your data for 30 days so you can reactivate without losing anything. After 30 days, we permanently delete your account data — including business brain, content, engagements, and reviews — unless you ask us to delete sooner.

• Right to export: download a copy of your data any time from Settings → “Download my data”.
• Right to correct: edit your account, business profile, and engagements directly in the dashboard.
• Right to deletion: email hello@prescenseos.in and we will erase your data within 14 days of the request.
• Right to withdraw consent: disconnect Google Business Profile any time from Settings.

Google OAuth tokens are encrypted with AES-256 before being stored. All traffic to the application is HTTPS. Database access is restricted by row-level security so that one client cannot see another client’s data.

For any privacy-related question, write to hello@prescenseos.in. We are the Data Fiduciary for the purposes of the DPDP Act.