Privacy policy

Last updated 14 May 2026

1. Who we are

SAYLS.in (operated as a brand of the agency that publishes this site) is a multi-tenant B2B CRM platform. This policy describes how we collect, use, store and share personal data of customers (tenants), end-users (employees of customers) and visitors to our marketing site.

2. Data we collect

• Account data: name, email, phone, role, company, tax IDs (GSTIN/PAN), payment history.
• Customer-generated content: companies, contacts, leads, quotations, orders, invoices, dispatches, tasks, attachments and messages you create or upload.
• Usage data: IP address, browser, device, page views, audit-log entries (every change to data is logged with actor, before/after).
• Communication data: emails / WhatsApp / SMS sent and received via our integrations are stored in your tenant workspace.
• Cookies: a single session cookie used to keep you signed in. We do not use third-party advertising or analytics cookies.

3. How we use it

• To provide the service you signed up for and bill you for it.
• To deliver outbound messages your team triggers (email, WhatsApp, SMS).
• To diagnose problems and improve the product.
• To meet legal, tax and audit obligations in India and your country of business.

4. Where it lives

Production data lives on servers in India unless you specifically request otherwise. Backups are encrypted at rest and retained for 30 days unless your contract specifies a longer term.

5. Who we share it with

Sub-processors (the providers we use to run the service):

• Hosting & database — your contracted region
• Email — Brevo, Gmail (per-user OAuth), or your SMTP relay
• WhatsApp — Meta Cloud API (Meta Platforms, Inc.)
• SMS — MSG91 or Twilio (per .env configuration)
• Payments — Razorpay
• AI assist — Anthropic (only when your team triggers AI features)

We never sell or rent your data. We share it only as needed to operate the service or as required by law.

6. Your rights

• Export: any tenant admin can download a full ZIP of their workspace data from /account/export.
• Erasure: contact hello@sayls.in to request deletion. We honour requests within 30 days unless legal retention applies.
• Correction: every entity in the system has an Edit screen for the tenant admin.
• Portability: the export is CSV per table — portable to any other system.

7. Retention

While your subscription is active, we retain all your data. After cancellation, we keep your data for 30 days as a recovery window, then permanently delete it. Audit logs are retained for the lifetime of your subscription.

8. Security

TLS for all traffic. Bcrypt password hashing. CSRF tokens on every form. HMAC-signed webhooks. Tenant-scoped queries enforced at the model layer with automated tests.

9. Contact

Questions? Email hello@sayls.in.