Privacy Policy

BizSweet is a SaaS platform built for small Indian food businesses — home bakers, cake shops, tiffin services, and sweets shops. For privacy matters contact us at info@capturo.in.

Account information. When you sign up we collect your name, email, business name, business category, and phone number. Your password is stored in a one-way hashed format — we cannot read it.

Business data. We store the ingredients, products, orders, customers, employees, expenses, investments, and shift records you enter into your dashboard. You own this data; we process it only to provide the service to you.

Customer information you enter.When you create an order we store the customer’s name, phone number, address, and (optionally) birthday. If the customer paid you, we store the payment amount, method, and date.

Files you upload. Product images, your business logo, and any other images you upload are stored in Wasabi object storage.

WhatsApp credentials. If you enable the WhatsApp Business integration, we store the Phone Number ID and Access Token you provide. The Access Token is used only to send messages you or your configured automations trigger.

Technical information. Standard web-server logs containing IP address, user agent, and request path — retained for 30 days for security and debugging purposes.

• To provide and operate the BizSweet dashboard for you.
• To authenticate you and keep your session secure.
• To calculate your business metrics (profit, inventory, payroll).
• To send WhatsApp messages to your customers when you enable automations — the messages are sent on your behalf, from your WhatsApp Business number, not ours.
• To store and serve the images and logos you upload.
• To detect and prevent abuse (fraud, spam, rate-limit breaches).
• To respond to your support requests.

We do notsell your data, your customers’ data, or any business information to any third party.

We share data only with the following processors, and only as needed to run the service:

• MongoDB — database hosting.
• Wasabi — object storage for your uploaded images.
• Meta (WhatsApp Cloud API) — when you opt in, messages sent from your business number pass through Meta’s servers subject to Meta’s own terms.
• Vercel — frontend application hosting.
• Hostinger — backend API hosting.

We may disclose information if required by a valid legal process (subpoena, court order) or to protect our rights or the safety of others.

You may at any time:

• Access your data — export via the CSV download buttons on Orders, Expenses, and Investments pages.
• Correct any data — edit directly in the dashboard.
• Delete your account — email info@capturo.in; we will delete all associated data within 30 days.
• Restrict processing or withdraw consent — contact us.

When you enter your customers’ information into BizSweet, you (not we) are the data controller for that information. You are responsible for ensuring you have lawful grounds to process their data under applicable laws (including the Digital Personal Data Protection Act, 2023 in India). BizSweet acts as a data processor on your behalf.

In particular, if you enable WhatsApp automations you warrant that each customer has agreed to receive business messages at the number you provide, and that you comply with Meta’s WhatsApp Business Messaging Policy.

Passwords are hashed with bcrypt. API access uses short-lived JSON Web Tokens. All production traffic is served over HTTPS. Rate limiting is applied to authentication endpoints and sensitive external-API calls. Despite our efforts, no system is 100% secure — in the event of a breach affecting you or your customers, we will notify you within 72 hours.

We keep your data for as long as your account is active. Deleted accounts and their associated data are removed from live systems within 30 days and from backups within 90 days. Anonymized aggregate metrics (e.g., total orders processed on the platform) may be retained indefinitely.

BizSweet is not intended for use by anyone under the age of 18. We do not knowingly collect data from children.

We may update this Privacy Policy occasionally. Material changes will be highlighted on the dashboard the next time you log in. The “Last updated” date above always reflects the current version.

Questions about this policy? Email info@capturo.in. We reply within 3 business days.