Privacy Policy

• Your workspace data - deals, contacts, invoices, contracts, content - is yours. We process it only to run the service for you.
• We never sell your data, and we never use one customer's business data to benefit another.
• You can export your full workspace or deactivate your account at any time, yourself, from Settings.

• Account information - name, email, password hash (or Google sign-in identity), and optional two-factor settings.
• Workspace content you create - deals, brands and contacts, invoices, contracts and signatures, content items, tasks, comments, and uploaded files.
• Payment metadata - invoice and payout records, amounts, and references. Card and bank details are handled by our payment processors (Stripe or Razorpay) and never touch our servers.
• Operational logs - request logs with timestamps and IP addresses, kept for security and debugging.
• Usage analytics - only if analytics is enabled for the site (Google Analytics 4); no workspace content is ever sent to analytics.

To operate the product: rendering your dashboards, sending the invoices and reminders you schedule, reconciling payments, notifying your team, and providing support when you contact us. We also use aggregate, de-identified usage signals to improve the product.

Only the processors required to run the service, under their own contractual safeguards:

• Payments - Stripe (international) or Razorpay (India) for collecting invoice payments.
• Email - our transactional email provider, for invoices, reminders, and notifications you trigger.
• File storage - S3-compatible object storage for contracts, PDFs, and media.
• Error reporting - crash diagnostics (when enabled) to keep the service reliable.

We do not sell personal data, and we do not share it with advertisers or data brokers.

• Every workspace is isolated with database row-level security - tenant separation is enforced by the database, not just application code.
• Access is governed by deny-by-default roles and permissions, with optional two-factor authentication on every sign-in method.
• Money and legal events are written to an append-only audit log.
• Data is encrypted in transit (TLS) and at rest with our infrastructure providers.

• Export - download a complete copy of your workspace from Settings at any time.
• Correction - edit your account and workspace data directly in the product.
• Deletion - deactivate your account or workspace from Settings; deactivation blocks all access immediately and is reversible for a grace period before permanent removal, so a mistake can't destroy your records.
• Objection & access requests - email us and we'll respond within 30 days.

We use local storage for your session tokens and preferences (like your theme). Analytics cookies are set only if site analytics is enabled. There is no third-party advertising tracking.

Influno is a business tool and isn't directed at children under 16. We don't knowingly collect their data.

If this policy changes materially, we'll notify workspace owners by email before the change takes effect. Questions or requests: contact@influno.app.