Privacy Policy
🔒 Voice audio is never stored. Transaction data stays on your device. We don't sell your data. We don't run ads.
1. Introduction & Scope
This Privacy Policy explains how WeSimplifAI Private Limited ("we", "our", "KiranaMitra") collects, uses, and protects information when you use the KiranaMitra mobile application (com.kiranamitra.app) on Android devices.
By downloading and using the KiranaMitra app, you agree to the data practices described in this policy. If you do not agree, please do not use the app.
This policy covers the KiranaMitra Android application only. It does not cover third-party services, payment apps, or websites linked from within the app, which have their own privacy policies.
2. Information We Collect
Voice Audio
The app uses your device microphone when you activate voice billing by tapping the voice button. Audio is processed transiently by Android's SpeechRecognizer service (on-device where supported, or via Google's speech API). KiranaMitra does not record, store, transmit, or retain any voice audio. Audio processing happens in real time and the audio is discarded immediately after transcription.
Transaction Data
Items, quantities, amounts, dates, and payment methods for each billing transaction. This data is stored locally on your device using SQLite/Room database. It is not transmitted to KiranaMitra servers except as part of optional cloud backup (v0.1.1+).
Merchant Profile
Your store name and UPI ID, entered during initial setup. Stored locally on device. Used only for generating dynamic UPI QR codes — not transmitted externally.
Customer Credit (Udhar) Records
Customer name, phone number, amount, and date for udhar transactions. Stored locally only. Never transmitted. Never shared.
Anonymous Device Identifier
A random anonymous identifier generated by Firebase Anonymous Authentication. Used to associate your transaction backup with your account. Not linked to your name, phone, or any personal identifier. This identifier falls under the "Device or other IDs" category in Google Play's Data Safety framework and is shared with Firebase (Google LLC) for the purpose of app functionality.
Usage Analytics
Anonymized data including app opens, session duration, and feature usage, collected via Firebase Analytics (Google LLC). Used to understand how merchants use the app and improve the product. Not linked to personal identity.
Crash Reports
Anonymized device model, Android version, and stack trace information when the app crashes. Collected via Firebase Crashlytics. Used for debugging. Contains no personal or transaction data.
3. Information We Do NOT Collect
- We do not store voice recordings or audio files of any kind
- We do not collect, access, or read your device contacts
- We do not access your location or GPS data
- We do not access your camera
- We do not read your SMS, call logs, or other communications
- We do not sell your data to any third party
- We do not share your data with advertisers
- We do not run ads within the application
- We do not access the microphone at any time except during explicit, user-initiated voice billing sessions
4. How We Use Information
- To operate core billing features: voice input, bill generation, payment collection, udhar recording
- To generate dynamic UPI QR codes (processed entirely on-device using ZXing)
- To provide transaction history and daily summaries
- To sync transaction data to secure cloud backup when you enable this feature and when internet connectivity is available
- To diagnose crashes and improve app reliability
- To understand usage patterns and improve product features (anonymized only)
We do not use your information for advertising, profiling, or selling to third parties.
5. Data Storage & Security
Primary storage: All transaction data, merchant profile, item catalog, and udhar records are stored on your device in a SQLite database managed by Android Room. This database is not accessible to other apps on your device.
Cloud backup: When you enable cloud backup, transaction data is synced to Google Firebase Firestore hosted in the asia-south1 (Mumbai, India) region. Data is encrypted in transit (TLS) and at rest.
Access control: Each merchant's data is associated with a unique anonymous identifier. Only you can access your own data — KiranaMitra team members do not have access to your transaction records in normal operation.
Device security: The app follows Android security best practices. The local database is protected by Android's app sandbox model.
6. Data Retention
Local device data: Retained indefinitely until you uninstall the app. Uninstalling deletes all local data.
Cloud data (if backup enabled): Retained for the lifetime of your account. You may request full deletion at any time by contacting support@kiranamitra.in.
Analytics and crash data: Retained for up to 90 days in anonymized, aggregated form. No personal or transaction data is retained in analytics systems.
7. Third-Party Services
| Service | Provider | Purpose |
|---|---|---|
| Firebase Anonymous Auth | Google LLC | Anonymous account for cloud sync |
| Firebase Firestore | Google LLC | Cloud backup of transaction data |
| Firebase Analytics | Google LLC | Anonymized usage analytics and feature engagement |
| Firebase Crashlytics | Google LLC | Anonymized crash reporting |
| Android SpeechRecognizer | Google LLC | Voice-to-text for billing input (ephemeral — audio not retained) |
| UPI Payment Apps | Various (GPay, PhonePe, Paytm) | Payment processing after QR scan |
Each third-party service is governed by its own privacy policy. KiranaMitra does not control how these services handle data processed by them. We encourage you to review Google's Privacy Policy and the privacy policies of any UPI payment apps you use.
8. App Permissions Explained
RECORD_AUDIO (Microphone)
Required for the voice billing feature. The microphone is activated only when you tap the voice button to start a voice billing session. The app does not access the microphone in the background, on startup, or at any other time. Voice audio is not stored, recorded, or transmitted by KiranaMitra. Audio is processed ephemerally by Android's SpeechRecognizer — it is not collected or retained. In Google Play's Data Safety framework, this is classified as ephemeral processing, not data collection.
INTERNET
Required for Firebase cloud sync and backup. The app operates fully offline for all core billing functions. Internet access is used only for background sync when connectivity is available.
ACCESS_NETWORK_STATE
Used to check whether internet connectivity is available before scheduling background sync operations. Does not collect location or network identity information.
9. Children's Privacy
KiranaMitra is designed for adult business operators and merchants. We do not knowingly collect personal information from users under the age of 18. If you believe a user under 18 is using the app, please contact us at support@kiranamitra.in and we will take appropriate action.
10. Your Rights
You have the right to:
- Access your data: Request a copy of data we hold about you
- Delete your data: Request deletion of your account and all associated cloud data
- Opt out of analytics: Contact us to disable usage analytics collection
- Data portability: Request an export of your transaction data
To exercise any of these rights, contact us at support@kiranamitra.in. We will respond within 30 days.
Local data stored on your device is always under your direct control. Uninstalling the app deletes all local data immediately.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes via in-app notification before the changes take effect. The "Last updated" date at the top of this policy reflects the most recent revision.
Continued use of the app after changes are posted constitutes acceptance of the updated policy.
12. Contact Us
For privacy-related queries, data requests, or concerns:
WeSimplifAI Private Limited
Email: support@kiranamitra.in
Website: kiranamitra.in