ReqVise

Privacy Policy
JD
Jayesh Dalal
Home Legal Privacy Policy

Privacy Policy

Last updated: 01 Jan 2026

1 Information We Collect

ReqVise collects certain information to provide and improve our enterprise resource planning services. The types of information we collect include:

Personal Data: When you create an account or are provisioned by your tenant administrator, we collect your name, email address, phone number, job title, and department. This information is necessary to identify you within the system and facilitate collaboration across modules.

Usage Data: We automatically record information about how you interact with the application, including login times, actions performed (such as creating purchase requests, approving orders, or uploading documents), pages visited, and features used. This data helps us maintain comprehensive audit trails for compliance purposes.

Device Data: We collect technical information including your IP address, browser type and version, operating system, device type, and screen resolution. This information is used for security monitoring, session management, and optimizing the user experience.

2 How We Use Your Information

We use the information collected for the following purposes:

  • Authentication & Access Control — To verify your identity, manage your sessions, enforce role-based access control, and ensure only authorized users access specific modules and data.
  • Audit Trails & Compliance — To maintain detailed logs of all user actions for regulatory compliance, internal audits, and dispute resolution as required by applicable laws and industry standards.
  • Personalization — To customize your dashboard, remember your preferences (such as theme settings, favorite modules, and recently accessed items), and provide relevant notifications.
  • Communication — To send you system notifications, approval requests, workflow updates, security alerts, and important announcements related to your tenant's operations.
  • Analytics & Improvement — To analyze usage patterns, identify performance bottlenecks, improve feature design, and generate aggregate reports that help us enhance the overall platform experience.

3 Data Storage & Security

We take the security of your data seriously and implement industry-standard measures to protect it. All data transmitted between your browser and our servers is encrypted using TLS 1.3. Data at rest is encrypted using AES-256 encryption standards.

Access to production systems is strictly controlled through multi-factor authentication and role-based access policies. We maintain comprehensive access logs and regularly review them for suspicious activity. Our infrastructure undergoes regular penetration testing and vulnerability assessments conducted by independent third-party security firms.

Compliance: ReqVise maintains ISO 27001:2022 certification for information security management. Our security practices are regularly audited and verified by independent assessors. We also comply with SOC 2 Type II requirements for service organizations.

4 Third-Party Sharing

We do not sell, rent, or trade your personal data to any third party. Your information is shared only in the following limited circumstances:

  • Tenant Administrators — Your tenant's designated administrators may access user activity data, audit logs, and usage reports to manage their organization's operations within ReqVise.
  • Integration Partners — When your tenant configures integrations with third-party services (such as ERP systems, payment gateways, or email providers), limited data may be shared with those services with your tenant's explicit consent and configuration.
  • Law Enforcement — We may disclose information when required by law, subpoena, court order, or governmental regulation. We will notify your tenant administrator of such requests unless legally prohibited from doing so.

5 Your Rights

Under applicable data protection regulations including the General Data Protection Regulation (GDPR) and the Digital Personal Data Protection Act (DPDPA), you have the following rights regarding your personal data:

  • Right of Access — You may request a copy of all personal data we hold about you, including activity logs and profile information.
  • Right to Rectification — You may request correction of inaccurate or incomplete personal data. Profile updates can be made directly through your account settings or by contacting your tenant administrator.
  • Right to Erasure — You may request deletion of your personal data, subject to legal retention requirements and ongoing contractual obligations. Note that audit logs may be retained as required by compliance regulations.
  • Right to Portability — You may request your data in a structured, commonly used, and machine-readable format (JSON or CSV) for transfer to another service.
  • Right to Object — You may object to processing of your personal data for specific purposes, including analytics and profiling, where such processing is based on legitimate interests.

To exercise any of these rights, please contact our Data Protection Officer at the address provided in Section 8 below.

6 Cookies & Tracking

ReqVise uses essential cookies only to ensure the proper functioning of the application. We do not use third-party tracking cookies, advertising cookies, or analytics cookies from external providers.

The cookies we use include:

  • Session Cookies — Used for authentication and maintaining your active session. These are automatically deleted when you log out or your session expires.
  • Preference Cookies — Used to remember your application preferences such as theme settings (light/dark mode), language, and sidebar state. These are stored locally in your browser.
  • Security Cookies — Used for CSRF protection and ensuring the integrity of form submissions within the application.

We do not engage in cross-site tracking, behavioral advertising, or any form of third-party data collection through our application.

7 Data Retention

We retain your data according to the following schedule:

  • Active Account — All personal data and activity records are retained for the duration of your active tenure with your organization. Data remains accessible as long as your account is active within the tenant.
  • Post-Termination — Upon account deactivation or termination, your personal data is retained for 90 days to allow for account recovery or dispute resolution. After 90 days, personal identifiers are anonymized and cannot be linked back to you.
  • Audit Logs — In accordance with regulatory requirements and industry best practices, audit log entries are retained for a minimum of 7 years. These logs may be anonymized after the retention period expires.
Your tenant administrator may request earlier deletion of data subject to contractual terms and applicable legal requirements. Backup copies may persist for up to 30 additional days after deletion from primary systems.

8 Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our Data Protection Officer:

Data Protection Officer
[email protected]
VCNR Technologies
Bangalore, India

We will respond to all data protection inquiries within 30 days of receipt. For urgent matters, please mark your communication as “Urgent – Data Protection” in the subject line.

Table of Contents