Privacy Policy

Your privacy is important to us. This policy explains how we collect, use, and protect your information.

Last Updated: January 3, 2026
Effective: January 1, 2026
Version 2.0

Table of Contents

1 Introduction

Welcome to MyMBill ("we," "our," or "us"). MyMBill is India's leading billing and invoicing software solution designed for businesses of all sizes including pharmacies, restaurants, retail stores, salons, grocery shops, and more.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our billing software application, website (www.mymbill.com), mobile applications, and related services (collectively, the "Services").

By using our Services, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use our Services.

Important: MyMBill operates primarily in offline mode. Your billing data, customer information, and transaction records are stored locally on your device by default. Cloud backup is optional and requires your explicit consent.

2 Information We Collect

2.1 Personal Information

When you register for MyMBill or subscribe to our services, we may collect:

  • Account Information: Name, email address, phone number, business name, and address
  • Business Details: GST number, PAN, business type, trade license number
  • Billing Information: Payment card details (processed securely through payment gateways), billing address, UPI ID
  • Identity Verification: Government-issued ID copies for GST compliance verification

2.2 Business Data

When you use our billing software, the following data is generated and stored:

  • Transaction Records: Invoices, bills, quotations, purchase orders, delivery challans
  • Inventory Data: Product catalog, stock levels, pricing information, batch numbers, expiry dates
  • Customer Data: Your customers' names, contact information, purchase history, credit balances
  • Financial Records: Sales reports, GST returns data, profit/loss statements, cash flow records
  • Employee Information: Staff details, attendance, commissions (if using HR module)

Note: In offline mode, all business data is stored locally on your device. We do not have access to this data unless you enable cloud backup or sync features.

2.3 Technical Information

We automatically collect certain technical information:

  • Device information (model, operating system, unique device identifiers)
  • IP address and general location (city/region level)
  • App version and usage statistics
  • Error logs and crash reports
  • Browser type and version (for web application)

2.4 Communication Data

We collect information when you communicate with us:

  • Support tickets and chat conversations
  • Email correspondence
  • Phone call recordings (with consent, for quality assurance)
  • Feedback and survey responses

3 How We Use Your Information

We use the collected information for the following purposes:

Purpose Description
Service Delivery To provide, maintain, and improve our billing software and related services
Account Management To create and manage your account, process subscriptions, and handle renewals
Customer Support To respond to your inquiries, troubleshoot issues, and provide technical assistance
Cloud Backup To securely backup your data to cloud servers (when enabled by you)
GST Compliance To generate GST-compliant invoices and facilitate GST return filing
Communication To send service updates, security alerts, and promotional offers (with consent)
Analytics To analyze usage patterns and improve our software features
Legal Compliance To comply with applicable laws, regulations, and legal processes

4 Data Storage & Security

4.1 Local Storage (Default Mode)

By default, MyMBill operates in 100% offline mode. All your business data is stored locally on your device:

  • Data is encrypted using AES-256 encryption
  • Protected by your device's security features (PIN, fingerprint, face recognition)
  • Automatic local backups to prevent data loss
  • No internet connection required for daily operations

4.2 Cloud Storage (Optional)

When you enable cloud backup, your data is stored on secure servers:

  • Hosted on AWS (Amazon Web Services) servers located in India (Mumbai region)
  • End-to-end encryption during transmission (TLS 1.3)
  • Data encrypted at rest using AES-256
  • Regular security audits and penetration testing
  • ISO 27001 certified data centers
  • Daily automated backups with 30-day retention

4.3 Security Measures

We implement comprehensive security measures:

  • Multi-factor authentication (MFA) for account access
  • Role-based access control for team members
  • Secure API communications with OAuth 2.0
  • Regular security updates and patches
  • Intrusion detection and prevention systems
  • 24/7 security monitoring

Your Responsibility: Please ensure you maintain strong passwords, keep your devices secure, and regularly backup your data. We are not responsible for data loss due to device theft, damage, or user negligence.

5 Subscription & Payment Data

5.1 Subscription Plans

MyMBill offers the following subscription plans:

Plan Duration Data Collected
Free Trial 15 Days Basic account information only
Monthly Plan 1 Month Account + Payment information
Quarterly Plan 3 Months Account + Payment information
Half-Yearly Plan 6 Months Account + Payment information
Annual Plan 12 Months Account + Payment + Business verification
Lifetime License Perpetual Complete business verification required

5.2 Payment Processing

We use secure third-party payment processors:

  • Razorpay: For UPI, credit/debit cards, net banking, and wallet payments
  • PayU: Alternative payment gateway for redundancy
  • Bank Transfer: Direct NEFT/RTGS for enterprise customers

We do not store your complete card details. Payment processors handle this data in compliance with PCI-DSS standards. We only retain:

  • Transaction reference numbers
  • Last 4 digits of card (for identification)
  • Payment status and timestamps
  • Invoice and receipt records

5.3 Auto-Renewal

For subscription plans with auto-renewal enabled:

  • We store a secure payment token (not actual card details)
  • You will receive email reminders 7 days and 1 day before renewal
  • You can disable auto-renewal anytime from your dashboard
  • Failed payment attempts are retried up to 3 times over 7 days

6 Cookies & Tracking Technologies

6.1 Types of Cookies We Use

Cookie Type Purpose Duration
Essential Required for website/app functionality, login sessions Session
Functional Remember preferences, language settings 1 Year
Analytics Understand usage patterns (Google Analytics) 2 Years
Marketing Personalized ads and remarketing (optional) 90 Days

6.2 Managing Cookies

You can control cookies through:

  • Browser settings to block or delete cookies
  • Our cookie consent banner preferences
  • Opt-out links for specific analytics services

Note: Disabling essential cookies may affect the functionality of our services.

7 Third-Party Services

We integrate with the following third-party services:

Service Purpose Data Shared
AWS (Amazon) Cloud hosting & backup Encrypted business data (if cloud enabled)
Razorpay/PayU Payment processing Payment details for transactions
Google Analytics Website analytics Anonymous usage data
Firebase Push notifications, crash reporting Device tokens, error logs
Twilio/MSG91 SMS notifications Phone numbers, message content
SendGrid/Mailchimp Email communications Email addresses, names
GST Network GST compliance & filing GST-related transaction data
WhatsApp Business API Customer communication Phone numbers, invoice details

Each third-party service has its own privacy policy. We encourage you to review their policies:

8 Data Sharing & Disclosure

8.1 We Do NOT Sell Your Data

MyMBill does not sell, rent, or trade your personal or business information to third parties for marketing purposes.

8.2 When We May Share Data

We may share your information only in the following circumstances:

  • With Your Consent: When you explicitly authorize us to share information
  • Service Providers: With trusted vendors who assist in operating our services (under strict confidentiality agreements)
  • Legal Requirements: When required by law, court order, or government authority
  • Business Transfers: In case of merger, acquisition, or sale of assets (with prior notice)
  • Protection of Rights: To protect our rights, privacy, safety, or property
  • Tax Authorities: GST and income tax related data as required by law

8.3 Government & Regulatory Requests

We may be required to share data with government authorities including:

  • GST Department for tax compliance verification
  • Income Tax Department for financial investigations
  • Law enforcement agencies with valid legal orders
  • RBI for payment-related compliance

We will notify you of such requests unless legally prohibited from doing so.

9 Your Rights

Under applicable data protection laws, you have the following rights:

  • Right to Access: Request a copy of your personal data we hold
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Deletion: Request deletion of your data (subject to legal retention requirements)
  • Right to Data Portability: Export your data in a machine-readable format
  • Right to Restrict Processing: Limit how we use your data
  • Right to Object: Object to processing for marketing purposes
  • Right to Withdraw Consent: Withdraw previously given consent at any time

How to Exercise Your Rights

To exercise any of these rights:

  • Email us at: privacy@mymbill.com
  • Use the "Data Privacy" section in your account dashboard
  • Call our support: +91 73193 28962

We will respond to your request within 30 days. We may ask for identity verification before processing your request.

Data Export: You can export all your business data (invoices, inventory, customer records) anytime from the MyMBill app in CSV, Excel, or PDF format.

10 Data Retention

We retain your data for the following periods:

Data Type Retention Period Reason
Account Information Until account deletion + 90 days Service delivery & recovery
Transaction Records 8 years GST & Income Tax compliance
Payment Records 10 years Financial regulations
Support Tickets 3 years Service improvement
Marketing Data Until opt-out Communication preferences
Analytics Data 26 months Product improvement
Cloud Backups 30 days after deletion request Recovery period

After the retention period, data is securely deleted or anonymized.

11 Children's Privacy

MyMBill is a business software not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from children under 18.

If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information promptly.

If you believe that a child under 18 has provided us with personal information, please contact us at privacy@mymbill.com.

12 Changes to This Policy

We may update this Privacy Policy from time to time. When we make changes:

  • We will update the "Last Updated" date at the top of this policy
  • For significant changes, we will notify you via email or in-app notification
  • We will provide at least 30 days notice before major changes take effect
  • Continued use of our services after changes constitutes acceptance

We recommend reviewing this policy periodically for any changes.

13 Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Data Protection Officer

WhatsApp
+91 73193 28962
Address
Karak, Kalyanpur, Nandakumar
West Bengal 721456, India

Grievance Redressal: If you are not satisfied with our response, you may escalate your complaint to the appropriate data protection authority or consumer forum in India.