Privacy Policy

This Privacy Policy describes how Prianitha Tech Private Limited (“Prianitha Tech”, “we”, “us”, or “our”) collects, uses, stores, and protects information when you access or use SanghamApp (“the Service”) at sanghamapp.in or any subdomain.

SanghamApp is a software platform offered to cooperative societies, welfare societies, and community organisations (each, a “Branch”) to manage their members, loans, subscriptions, and daily collections. This policy applies to information about Branches, their operators (administrators, cashiers, and verifiers), and the members whose records the Branch chooses to manage on the Service.

For most data inside the Service — member records, loan ledgers, transactions, receipts — the Branch is the data controllerand Prianitha Tech is the data processor. We process that data only on the Branch’s instructions, as configured through the Service.

For account information, billing details, support correspondence, and website analytics, Prianitha Tech is the data controller.

3.1 Information you provide to us

• Account information: name, email, phone number, branch name, and password (stored as a salted hash).
• Operator profiles: role (admin, cashier, verifier), language preference, and assigned permissions.
• Member records the Branch enters: passbook number, name, phone, address, family/guarantor links, and lifecycle status.
• Financial data the Branch enters: loans, subscriptions, instalments, penalties, expenses, and reconciliation entries.
• Support correspondence: messages you send us by email, phone, WhatsApp, or our demo-request form.

3.2 Information collected automatically

• Log data: IP address, browser type, device type, pages viewed, and timestamps.
• Audit trail: every create, update, and delete action inside the Service is logged with the actor, old/new values, and timestamp. Branches use this to maintain accountability.
• Cookies and similar technologies: session cookies for authentication and limited first-party analytics.

• To provide, operate, and maintain the Service.
• To authenticate operators and enforce role-based access controls.
• To process transactions, generate reports, and produce printable receipts.
• To send transactional messages such as account confirmations, security alerts, and report emails.
• To send service-related WhatsApp messages where the Branch has configured WhatsApp Business API and the recipient has opted in.
• To provide customer support and respond to enquiries.
• To detect, prevent, and investigate fraud, abuse, and security incidents.
• To comply with applicable laws and respond to lawful requests from authorities.

Branches may use SanghamApp’s WhatsApp module to send transactional messages (such as receipts, dues reminders, and account notifications) to their members through the WhatsApp Business Platform operated by Meta. By using this feature:

• The Branch is responsible for obtaining valid opt-in from its members before sending messages.
• Messages are sent through Meta’s WhatsApp Business API and are subject to Meta’s WhatsApp Business Policy and Business Terms.
• Recipients can opt out at any time by replying STOP, and the Branch must honour the opt-out promptly.
• We do not use the contents of WhatsApp messages for advertising or for any purpose other than delivering the Service.

We do not sell personal information. We share information only as described below:

• Within a Branch: operators can see information consistent with their role.
• Service providers (sub-processors): hosting (Vercel and Cloudflare), database (Neon), email delivery (Resend), error monitoring (Sentry), and WhatsApp delivery (Meta Platforms). Each is bound by confidentiality and data-protection obligations.
• Legal and safety: when required by law, regulation, or valid legal process, or to protect rights, property, or safety.
• Business transfers: in connection with a merger, acquisition, or sale of assets, with notice to affected Branches.

We retain Branch data for as long as the Branch’s account is active. When a Branch closes its account, financial records are retained for the statutory period required under Indian law (typically 8 years for cooperative society records), after which they are securely deleted.

Audit logs are retained for a minimum of 24 months. Backups are retained on a rolling 30-day schedule. Support correspondence is retained for 24 months.

• All data is encrypted in transit using TLS 1.2 or higher.
• Passwords are stored as salted hashes (bcrypt). We never store passwords in plain text.
• Database is hosted on managed PostgreSQL with encryption at rest and daily automated backups.
• Role-based access controls, session timeouts, and optional IP restrictions are enforced inside the Service.
• Production access is limited to authorised engineering personnel and is logged.

No system is perfectly secure. If we become aware of a breach affecting your personal information, we will notify the affected Branch without undue delay, consistent with applicable law.

Subject to applicable law, you may have the right to:

• Access the personal information we hold about you.
• Request correction of inaccurate or incomplete information.
• Request deletion of your personal information.
• Object to or restrict certain processing.
• Withdraw consent where processing is based on consent.
• Lodge a complaint with the relevant data protection authority.

If you are a member of a Branch and want to exercise these rights over records the Branch maintains, please contact the Branch directly. We will assist the Branch in fulfilling your request.

For data we control (account, billing, support), email us at contact@sanghamapp.in and we will respond within 30 days.

The Service is not directed at individuals under 18, and we do not knowingly collect personal information from children. If you believe a child has provided us information, please contact us so we can delete it.

Our primary infrastructure is hosted in regions configured for India. Some sub-processors may process limited data outside India (for example, Sentry for error monitoring). Where international transfers occur, we rely on standard contractual safeguards.

We may update this Privacy Policy from time to time. Material changes will be notified through the Service or by email. The “Last updated” date at the top of this page indicates when the policy was most recently revised.

For questions about this Privacy Policy or our data practices, contact:

Prianitha Tech Private Limited
Email: contact@sanghamapp.in
Phone: +91 98494 74029

See also our Terms & Conditions and Contact page.