Legal Information

Privacy Policy

Last updated: May 28, 2026 • Version 2.1

1. Introduction and Scope

Welcome to GHALLA ("Company", "we", "us", or "our"), operated by GHALLA Technologies Pvt Ltd. We operate the GHALLA mobile application and the website https://ghalla.in (collectively, the "Services"). We respect your privacy and are committed to protecting it through our compliance with this Privacy Policy ("Policy"). This Policy describes the types of information we collect, how we use it, and under what circumstances we may disclose it. By accessing or using our Services, you agree to this Privacy Policy. If you do not agree, please do not use our Services.

2. Data We Collect

We collect the following categories of information from users of our Services:

  • Personally Identifiable Information (PII): Phone number, business/shop name, and any other information you provide during registration or use of the app.
  • Financial and Transactional Data: Ledger entries, customer names, transaction amounts, outstanding balances, transaction descriptions, and payment history as entered by the user.
  • Voice and Audio Data: When using our voice recording features ("One-Tap Record"), we process voice recordings through AI transcription services. Audio is processed in real-time and is not permanently stored on our servers after transcription.
  • Device and Technical Data: IP address, device model, operating system version, device identifiers, app version, and usage analytics.
  • Contact Data: If you choose to enable contact import, we access your phonebook to link customer names to transaction entries. This is optional and can be revoked at any time.
  • Consent Records: Timestamps, IP addresses, and device identifiers associated with your acceptance of our Terms of Service and this Privacy Policy.

3. How We Use Your Information

We use collected information to:

  • Provide, operate, and maintain the GHALLA Services.
  • Process voice inputs and generate accurate ledger entries using AI.
  • Send WhatsApp payment reminders to customers on your behalf.
  • Generate business insights and analytics for your dashboard.
  • Communicate with you regarding account updates, security alerts, and service changes.
  • Improve our AI models and app functionality using anonymized, aggregated data.
  • Enforce our Terms of Service and protect against fraud or misuse.
  • Comply with legal obligations and respond to lawful requests from authorities.

4. Disclosure of Data to Law Enforcement & Government Authorities

We do not sell your personal information. However, we may be legally compelled to disclose your data under the following circumstances:

  • Upon receipt of a valid legal order, court order, warrant, summons, or notice issued under applicable Indian law, including Section 91 of the Code of Criminal Procedure (CrPC), Section 69 of the Information Technology Act, 2000, or any order from a competent court or tribunal.
  • To comply with directions from the Enforcement Directorate (ED), Income Tax Department, Central Bureau of Investigation (CBI), National Investigation Agency (NIA), Serious Fraud Investigation Office (SFIO), or any other authorized government agency.
  • Where we believe in good faith that disclosure is necessary to prevent fraud, protect public safety, or protect the rights and property of GHALLA or its users.
  • To enforce our Terms of Service and other agreements.

Data disclosed may include transaction records, account information, device identifiers, IP addresses, login history, and audit logs. By using the Services, you acknowledge and consent to such disclosures.

5. Data Retention & Deletion

We retain your data as follows:

  • Active accounts: All transaction data, account information, and associated records are retained for the duration of your account.
  • Deleted accounts: Upon account deletion, we will delete your transaction details, customer names, and voice data within 30 days. However, we will retain audit logs (login history, consent records, metadata) for a minimum period of 5 (five) years as required under the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, and for compliance with potential legal requests.
  • Anonymized data: We may retain anonymized, aggregated data indefinitely for analytics and service improvement. This data cannot be traced back to any individual user.

6. Third-Party Service Providers

We may share data with trusted third-party service providers who assist us in operating our Services:

  • Cloud Infrastructure: Our servers are hosted on secure cloud infrastructure within India, compliant with data localization requirements.
  • AI/ML Providers: Voice transcription is processed through AI services. Only the necessary audio data is transmitted, processed in real-time, and not retained by the provider.
  • Analytics: We use analytics tools to understand usage patterns and improve our Services. Data shared with analytics providers is anonymized.
  • Payment Processing: Subscription payments are processed through secure, PCI-DSS compliant payment gateways. We do not store your full payment card details.

7. Your Rights

As a user, you have the following rights:

  • Right to Access: You can request a copy of your personal data at any time by contacting us.
  • Right to Correction: You can update or correct your personal information through the app.
  • Right to Deletion: You can request deletion of your account and associated data, subject to our retention obligations as described in Section 5.
  • Right to Withdraw Consent: You can revoke permissions (microphone, contacts) at any time through your device settings.

To exercise any of these rights, contact us at privacy@ghalla.in.

8. Data Security

We implement industry-standard security measures to protect your data, including encryption in transit (TLS/SSL), encryption at rest, secure authentication, and access controls. However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. You use the Services at your own risk.

9. Foreground Service & System Permissions

GHALLA uses an Android Foreground Service to maintain a persistent notification for quick recording. This service is essential for providing the "One-Tap Record" feature. We require permissions to access the microphone for voice features and contacts (if you choose to link customers). We do not record background audio without your explicit trigger. You may revoke these permissions at any time via your device settings, though this may limit app functionality.

10. Grievance Officer

In accordance with the Information Technology Act, 2000 and the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, the details of the Grievance Officer are provided below:

Name: Akshay Jain

Designation: Grievance Officer & Founder

Company: GHALLA Technologies Pvt Ltd

Email: grievance@ghalla.in

Response Time: We will acknowledge your grievance within 24 hours and resolve it within 15 days from the date of receipt, as per the IT Rules.

Nodal Contact for Law Enforcement: For requests from government authorities and law enforcement agencies, please contact nodal@ghalla.in.

11. Governing Law & Contact

This Privacy Policy is governed by the laws of India. Any disputes arising under or in connection with this Policy shall be subject to the exclusive jurisdiction of the courts at Pune, Maharashtra, India. If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at privacy@ghalla.in.