Businessly — Privacy Policy

Effective date: 23 June 2026 · Applies to the Businessly app for Android (com.zak.businessly) and Windows.

Businessly ("the app", "we") is a digital khata (ledger) for small shopkeepers. This policy explains what data the app handles, why, who processes it, and how you can delete it. It is written to match what the app actually does.

1. Who we are

Data controller: Zubair Ahmed Khan (individual developer).
Contact for privacy questions and data-deletion requests: zubair530@gmail.com.

2. What we collect and why

DataWhen / whyWhere it goes
Google account email, display name, and user ID When you sign in with Google, to authenticate you and tie your ledger to your account. Google (Sign-In); our authentication backend (Supabase). Cached on the device.
Your ledger / business records (customers, suppliers, sales, purchases, payments, balances, cash, expenses, business name, settings) This is the core of the app — the records you create. Stored in an encrypted database on your device; synced to our server (Supabase) when you use more than one device; and backed up to your own Google Drive.
Contacts (a name and phone number) Only when you tap "Import from contacts" to add a customer or supplier. We read just the contact you pick. Becomes part of your ledger entry (so it is stored / synced / backed up the same way as your ledger).
Basic device info (platform — Android/Windows/web, app version, OS version) Recorded with your device registration when you sign in, so the developer can see which app/OS versions are in use and support them. First-party only — no third-party analytics SDK. Our backend (Supabase), linked to your account. Never shared with advertisers or third parties.

We do not collect your location, photos, messages, or an advertising ID, and the app shows no ads and uses no third-party analytics SDKs. The only diagnostics we record are the basic device/app-version fields listed above (first-party, tied to your account, used solely to support the app). Backups stored on your device and Google Drive are encrypted.

3. Who processes your data (sub-processors)

4. How your data is protected

5. How long we keep it

Your synced ledger remains on the server while your account exists. The app keeps the most recent 5 Google Drive backups and removes older ones automatically. When you delete your data (section 6), the server copy and Drive backups are removed.

6. Your choices and your right to delete

7. Permissions the app requests

8. Children

Businessly is a business tool intended for users 18 and over. It is not directed at children.

9. Changes to this policy

We will update this page and its effective date when the app's data practices change. Material changes will be reflected here before the corresponding app version is released.

Note for the Pakistan Personal Data Protection Bill (PDPB): once enacted, this policy will be reviewed for consent, data-subject rights, and data-residency alignment.