FlexiCommerce FlexiCommerce

Privacy Policy

Last updated: March 19, 2026

1. Information We Collect

We collect information you provide during registration and use of our platform:

  • Account Data: Name, email, phone number, business name, password
  • Business Data: GSTIN, PAN, bank details, store settings, product listings
  • Transaction Data: Orders, payments, refunds, shipping details
  • Customer Data: Your store's customer data (managed by you, stored on our servers)
  • Usage Data: Login history, IP address, device type, analytics

2. How We Use Your Data

  • Provide and maintain the FlexiCommerce platform
  • Process subscriptions and billing
  • Send transactional notifications (order updates, account alerts)
  • Improve platform features and user experience
  • Generate aggregated, anonymised analytics
  • Comply with legal obligations (GST, taxation)

3. Data Storage & Security

Your data is stored on secured servers in India. We use industry-standard security measures including:

  • Encrypted connections (HTTPS/TLS)
  • Hashed passwords (bcrypt)
  • Rate limiting (120 req/min authenticated, 60 req/min guests)
  • Role-based access control (RBAC) with 49 permissions
  • Activity logging with Spatie Activity Log

4. Third-Party Data Sharing

We share data with third-party services only as necessary for platform functionality:

  • Payment Gateways: Razorpay, Cashfree, PayU, PhonePe (for payment processing)
  • Shipping: Shiprocket, Shipway (for order fulfilment)
  • SMS/WhatsApp: MSG91, Twilio (for notifications)
  • AI: OpenAI (for product descriptions and search, text only — no personal data)
  • Analytics: Google Analytics, Microsoft Clarity (anonymised usage data)

We do not sell your personal data to any third party.

5. Your Store's Customer Data

You are the data controller for your store's customer data. We act as a data processor. You are responsible for:

  • Obtaining customer consent for data collection
  • Displaying your own privacy policy on your store
  • Handling customer data access/deletion requests

6. Cookies

We use cookies for session management, analytics (Google Analytics), and user experience (Microsoft Clarity). Cookie consent banner is displayed on first visit. Users can accept or decline analytics cookies.

7. Data Retention

Account data is retained for the duration of your subscription. Upon termination, data is available for export for 30 days, after which it is permanently deleted. Transaction records may be retained for 7 years as required by Indian tax law.

8. Your Rights (DPDPA 2023)

Under the Digital Personal Data Protection Act, 2023 (India), you have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data (subject to legal retention requirements)
  • Withdraw consent for optional data processing

9. Children's Privacy

Our platform is not intended for users under 18 years of age. We do not knowingly collect data from minors.

10. Changes to This Policy

We may update this policy from time to time. We will notify you via email of significant changes. Continued use constitutes acceptance.

11. Contact

For privacy concerns, contact us at hello@flexicommerce.store or WhatsApp +91 99770 28207.