Privacy Policy

Privacy Policy

1. Introduction

BUSY Infotech Pvt. Ltd. (“mazu”, “we”, “us”, or “our”) operates the mazu billing and business management platform.

This Privacy Policy explains what information we collect, how we use it, how we keep it safe, and the choices you have regarding your data.

By using mazu, you agree to this policy. This document should be read together with our Terms and Conditions.

We comply with applicable Indian laws, including:

• Information Technology Act, 2000
• IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011
• Digital Personal Data Protection Act, 2023 (DPDP Act)

2. Information We Collect

2.1 Information you provide

When you sign up or use mazu, you may share:

• Account details:
  name, email address, mobile number, date of birth, gender
• Business information:
  company name, GST number, PAN, business address
• Financial and transactional data:
  invoices, customer details, payment records, bank details shown on invoices
• Payment information:
  processed securely via our payment partners (we do not store full card details)

2.2 Information collected automatically

When you use mazu, we automatically collect certain technical and usage data:

• Device information
  IP address, browser/app version, device type, OS
• Usage data
  pages visited, features used, timestamps, clicks, errors
• Approximate location
  derived from IP address (no GPS tracking)
• Usage patterns
  to improve features and user experience

Our servers are hosted in India.

2.3 Information from third parties

If you sign in using Google or connect third-party services, we may receive basic profile information as permitted by your settings on those platforms.

When you connect your Google account via OAuth, we may access:

• Your email address (to identify your account)
• Basic profile details like your name (to personalise your experience)
• Permission to send emails on your behalf (only when you trigger an action)

We do not access your inbox or read your emails.

2.31 Google User Data

We request the following Google API scopes:

• gmail.send
  to send emails on your behalf when you choose to do so
• userinfo.email
  to identify your account
• userinfo.profile
  to display basic profile details

Policy compliance statement (required):

mazu's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

How we handle Google data

• Used only to provide user-facing features
• Never used for advertising
• Never sold
• Not shared with third parties , except where required to provide the feature (e.g., sending an email)
• Not used for credit or insurance decisions
• Not used to train AI/ML models

You can revoke access anytime here: https://myaccount.google.com/permissions

Data Sharing (Non-Google Data Only)

The following applies only to non-Google-sourced data. Google user data is handled strictly as described above.

• Shared with trusted service providers (hosting, infrastructure, communication tools)
• Stored securely using industry-standard safeguards
• Access is restricted and monitored
• Encryption is used wherever appropriate

2.4 Mobile app permissions

Depending on the features you use, our mobile app may request access to:

• Camera (e.g., scanning invoices)
• Files/photos (e.g., uploading documents)
• Contacts (if you choose to import them)
• Microphone (if voice features are enabled)

These permissions are optional and can be revoked anytime via your device settings.

3. How We Use Your Information

We use your data to:

• Provide and improve the mazu platform
• Process subscriptions and payments
• Sync your data across devices
• Send important updates and support responses
• Send optional promotional messages (you can opt out anytime)
• Detect fraud and ensure platform security
• Comply with legal obligations (e.g., GST regulations)

We do not sell your personal data.
We do not use your business or financial data for advertising.

4. How We Protect Your Data

Your data is stored on secure servers in India.

We use:

• TLS encryption for data in transit
• AES-256 encryption for data at rest
• Strict access controls and internal safeguards

Only authorised personnel can access data, and only when required.

While no system is completely risk-free, we take strong measures to protect your data. In case of a data breach, we will notify you as required under applicable law.

5. Data Retention

We retain your data as long as your account is active.

If you delete your account:

• Personal data is deleted within 90 days
• Some data may be retained longer if required by law (e.g., GST compliance)
• Backup systems may retain data for up to 30 additional days

6. When We Share Your Information

We share data only in limited cases:

• Service providers
  under strict confidentiality agreements
• Legal obligations
  when required by law or authorities
• Business transfers
  mergers, acquisitions, or restructuring
• Aggregated insights
  with sponsors, investors, or partners (non-identifiable only)

We do not publicly disclose your non-public personal or business information.

7. Third-Party Links

mazu may include links to external websites. We are not responsible for their content or privacy practices. Please review their policies separately.

8. Cookies and Tracking

We use cookies to:

• Keep you logged in
• Remember preferences
• Analyse usage

You can control cookies through your browser settings.

9. Communication Preferences

You can opt out of promotional emails anytime via the unsubscribe link or by contacting us.

Service-related communications (like billing or security alerts) cannot be disabled.

10. Your Rights

Under Indian law, you can:

• Access your data
• Correct inaccurate data
• Request deletion (subject to legal requirements)
• Withdraw consent
• Nominate someone to act on your behalf

To exercise your rights, email: support@mazu.in

11. Children’s Privacy

mazu is intended for users aged 18 and above. We do not knowingly collect data from minors.

12. Updates to This Policy

We may update this policy from time to time. Significant changes will be communicated via email or in-app notification.

13. Force Majeure

We will not be held responsible for any failure or delay in fulfilling our obligations under this Privacy Policy if such failure or delay is due to events beyond our reasonable control. These may include, but are not limited to, natural disasters, acts of government, war, terrorism, riots, labour disputes, power failures, internet or network outages, or failures of third-party service providers.

In such situations, we will make reasonable efforts to resume normal operations as soon as possible.

14. Contact Us

For any questions or concerns:

• Email: support@mazu.in
• Grievance Officer: Sudhanshu Tiwari (sudhanshu@busy.in)
• Address: BUSY Infotech Pvt. Ltd., New Delhi, India