Report 360 — Privacy Notice

1. Who We Are

Report 360 is operated by Propip Data Science Private Limited.

For privacy matters, contact: support@propip.net
For grievance/contact officer: Selvakumar, Grievance Officer

2. Scope of This Notice

This Notice applies to:

• Website visitors.
• Trial users.
• Paid customers.
• Customer administrators and team members.
• Users of the Tally/ERP connector.
• Users of AI-assisted features.
• People who contact us for demo, support, billing, or partnership enquiries.

Where a business customer uploads or syncs data relating to its employees, vendors, customers, distributors, branches, users, or other individuals, the customer is responsible for ensuring that it has the necessary authority, notice, consent, contractual basis, or legal basis to share such data with Report 360.

3. Data We Collect and Process

Depending on usage, we may process the following categories of data.

A. Account and Login Data

Name, email address, mobile number, login identifiers, authentication information, workspace details, company name, role, permissions, user settings, and account status.

B. Business and Reporting Data

Tally data, ERP data, accounting data, ledger data, voucher data, invoice data, GST/tax data, customer data, vendor data, inventory data, sales data, purchase data, bank/cash data, cost data, production data, dashboard metadata, uploaded files, mapped fields, report configurations, filters, and analytics outputs.

C. Billing and Commercial Data

Plan details, subscription status, invoices, payments, tax details, GSTIN, PAN/TRN references where applicable, billing contact details, payment status, credit usage, top-ups, and renewal/cancellation history.

D. AI Interaction Data

Prompts, questions, dashboard context, selected records, generated answers, usage metadata, AI credit consumption, and related logs needed to provide AI-assisted features.

E. Technical and Usage Data

IP address, device information, browser type, operating system, approximate location, session data, API usage, connector logs, error logs, performance logs, security logs, audit logs, timestamps, feature usage, and diagnostic information.

F. Support and Communication Data

Emails, WhatsApp/business messages, calls, tickets, screenshots, attachments, feedback, demo requests, and support conversations.

G. Cookies and Website Data

We may use cookies, local storage, analytics identifiers, and similar technologies for login, security, preferences, analytics, performance, and website improvement.

4. Why We Use Data

We use data for the following purposes:

• Creating and managing accounts.
• Authenticating users.
• Providing dashboards, reports, analytics, reconciliations, AI explanations, and business insights.
• Connecting with Tally, ERP, files, APIs, and other authorised data sources.
• Processing subscriptions, billing, renewals, credits, and support.
• Applying licensing, fair usage, rate limits, security controls, and abuse prevention.
• Improving performance, reliability, accuracy, and product features.
• Providing customer support, troubleshooting, onboarding, training, and implementation.
• Detecting bugs, misuse, fraud, unauthorised access, and security incidents.
• Complying with legal, tax, accounting, regulatory, contractual, and law-enforcement obligations.
• Sending service messages, product updates, security alerts, and billing notices.
• Developing aggregated or anonymised insights that do not identify a customer or disclose confidential customer business data.

5. Legal Basis and Customer Responsibility

Where applicable, we process personal data based on consent, contract, legal obligation, legitimate business purposes, or other lawful grounds available under applicable law.

For customer-uploaded or customer-synced data, the customer is generally responsible for determining whether it has the required permission to process and share that data with Report 360.

The customer must not upload, sync, or process data through Report 360 if doing so violates law, contract, confidentiality obligation, employment obligation, customer/vendor obligation, or third-party rights.

6. AI Processing

Report 360 may use AI models and AI service providers to generate explanations, summaries, comments, draft responses, anomaly insights, and dashboard interpretations.

AI features may process prompts, selected dashboard context, metadata, and user-provided content. AI outputs may be incomplete, inaccurate, or unsuitable for the customer’s specific context. Customers must verify important AI outputs before relying on them.

We may change AI models, AI providers, routing, retention settings, safety controls, and processing methods as the Service evolves.

Customers should avoid entering unnecessary sensitive personal data, confidential information not required for the request, passwords, API keys, financial credentials, or unrelated third-party personal data into AI prompts.

7. Hosting, Infrastructure and International Processing

Report 360 may use cloud infrastructure, database providers, AI providers, security tools, communication tools, payment providers, backup systems, analytics tools, and support tools located in India, the European Union, the United States, or other regions required to operate the Service.

Hosting, backup, support, AI processing, and disaster recovery locations may change over time for security, performance, availability, legal, cost, or operational reasons.

Where required, we will use reasonable contractual, technical, and organisational safeguards when engaging third-party processors or service providers.

8. Sharing of Data

We do not sell customer business data.

We may share data with:

• Cloud hosting and infrastructure providers.
• Database, storage, backup, and security providers.
• AI model and AI infrastructure providers.
• Payment gateways and billing providers.
• Email, SMS, WhatsApp, notification, and communication providers.
• Analytics, logging, monitoring, and error-tracking providers.
• Professional advisors such as lawyers, auditors, accountants, and consultants.
• Government, tax, regulatory, law-enforcement, or judicial authorities where legally required.
• Successors, acquirers, or restructuring parties in connection with merger, acquisition, investment, financing, restructuring, or sale of business, subject to appropriate safeguards.

Service providers are authorised to process data only as needed to provide services to us, subject to contractual and operational controls where applicable.

9. Security Measures

We use reasonable safeguards designed to protect data, which may include access controls, authentication, encryption in transit, infrastructure security, role-based access, logging, monitoring, backups, least-privilege access, and administrative controls.

However, no system can be guaranteed to be 100% secure. Customers are responsible for maintaining secure devices, strong passwords, user access controls, secure networks, appropriate permissions, and internal data governance.

Customers must notify us promptly if they suspect unauthorised access, credential compromise, API key leakage, connector misuse, data breach, or account misuse.

10. Retention

We retain data for as long as reasonably necessary to provide the Service, maintain dashboards and reports, support the customer, comply with legal/tax/accounting obligations, resolve disputes, enforce agreements, prevent abuse, maintain security, and operate backups.

Retention periods may vary depending on the type of data:

• Account and billing records may be retained for legal, tax, and accounting requirements.
• Business reporting data may be retained while the customer account or subscription is active.
• Logs may be retained for security, debugging, audit, and abuse prevention.
• Backup copies may remain for a limited period after deletion from active systems.
• Deleted data may not be immediately removed from backups, logs, archives, or legally required records.

11. Data Export and Deletion

Customers may request export or deletion of customer data, subject to technical feasibility, subscription status, identity verification, operational constraints, legal requirements, billing records, security needs, dispute resolution, and backup retention.

Deletion may affect dashboards, reports, AI history, connectors, audit trails, and service functionality.

We may refuse or delay deletion where retention is required for law, tax, accounting, fraud prevention, security, legal claims, contractual obligations, or legitimate business purposes.

12. User Rights

Depending on applicable law, individuals may have rights to access, correct, update, withdraw consent, erase, or raise grievances regarding personal data.

Where personal data is controlled by a business customer and Report 360 acts as a processor/service provider, requests should generally be made to that customer first. We may redirect requests to the relevant customer where appropriate.

We may verify identity and authority before acting on privacy requests.

13. Children’s Data

Report 360 is intended for business use and is not directed at children. Customers must not knowingly use the Service to collect or process children’s personal data unless they have all required legal authority and safeguards.

14. Cookies and Tracking

We may use cookies and similar technologies for:

• Login and session management.
• Security and fraud prevention.
• User preferences.
• Product analytics.
• Performance monitoring.
• Website improvement.
• Marketing measurement where applicable.

Users can control cookies through browser settings, but disabling cookies may affect login, dashboard functionality, or website experience.

15. Marketing Communications

We may send product updates, service notices, billing reminders, educational content, offers, or marketing communications to business contacts.

Users can opt out of non-essential marketing communications. However, we may still send important service, security, legal, support, and billing communications.

16. Confidential Business Data

We understand that customer business data may include sensitive commercial information. We do not use customer-specific business data for public disclosure, resale, or unrelated third-party marketing.

We may use aggregated, anonymised, or de-identified information to improve product performance, analytics, reliability, benchmarks, and features, provided it does not identify the customer or disclose confidential customer business data.

17. Government and Legal Requests

We may disclose information if required by law, court order, government request, regulatory authority, tax authority, law-enforcement request, or to protect our rights, users, systems, business, or the public.

Where legally permitted and practical, we may notify the affected customer before disclosure.

18. Changes to This Privacy Notice

We may update this Privacy Notice from time to time. Updated versions will be posted on the website or communicated through the Service.

Continued use of Report 360 after the effective date of an updated Notice means the customer acknowledges the updated Notice.

19. Contact

For privacy, data export, deletion, grievance, or security requests, contact:

Report 360 Privacy Contact
Email: support@propip.net
Company: Propip Data Science Private Limited
Address: No 114 Royapettah High Road, Mylapore,Chennai -600 004