Privacy Policy

Last updated: 16 July 2026

This Privacy Policy ("Policy") is published by Biztribe Trading & Consultancy India Private Limited ("Company", "We", "Us", or "Our"), a company incorporated under the Companies Act, 2013, having its registered office at B-1001, Kapil Akhila, Pancard Club Road, Baner, Pune – 411 045, Maharashtra, India.

This Policy governs the collection, receipt, possession, storage, handling, usage, processing, disclosure, transfer, and protection of Personal Data ("Personal Data") of all individuals ("Data Principals") who access or use the platform operating at fractionalsales.com ("Platform") or any associated mobile applications, APIs, or services (collectively, "Services").

This Policy is compliant with the Digital Personal Data Protection Act, 2023 ("DPDPA 2023"), the Information Technology Act, 2000 and its associated Rules, including the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 ("SPDI Rules"), and all other applicable Indian laws. This Policy is to be read in conjunction with our Terms and Conditions.

By using our Services, you consent to the collection and use of your information as described in this Policy.

1. Definitions

For the purpose of this Policy, unless the context otherwise requires:

  • Data Fiduciary:means the Company, which determines the purpose and means of processing Personal Data.
  • Data Principal:means the natural person to whom the Personal Data relates. In the context of a minor, the term includes the parent or lawful guardian.
  • Personal Data:means any data about an individual who is identifiable by or in relation to such data. This includes but is not limited to name, email address, phone number, employment details, and financial information.
  • Sensitive Personal Data or Information (SPDI):means Personal Data consisting of passwords, financial information (bank account, credit/debit card), physical, physiological, and mental health conditions, biometric data, and any detail relating to the above as provided to the Company.
  • Processing:means any automated or manual operation or set of operations performed upon Personal Data, including collection, recording, storage, use, disclosure, or erasure.
  • Consent:means a free, specific, informed, unconditional, and unambiguous indication of the Data Principal's wishes by a clear affirmative action.

2. Data Infrastructure and Data Localisation

The Company is fully committed to the data localisation principles embedded in Indian data protection law. Our infrastructure is architected as follows:

🇮🇳 India-First Data Architecture

  • Primary User Data Store: All Personal Data of Indian users is stored in Google Cloud Firestore databases hosted within data centres physically located in Mumbai, India (asia-south1 region). This ensures your data never leaves Indian sovereign territory for primary storage.
  • Regional Isolation: User profiles, engagement data, business listings, and all identifiable information are segregated into region-specific databases. Data created and managed by Indian Business Owners and Sales Partners remains within the Indian boundary.
  • Service Infrastructure: The Company uses Google Cloud Platform, which has committed to compliance with Indian data protection regulations.

For any Personal Data that may be accessed or processed outside India (e.g., by an Overseas Business Owner interacting with an Indian Sales Partner's profile), such access is governed by appropriate contractual safeguards and the explicit consent of the Data Principal. We do not sell or transfer Indian residents' Personal Data to foreign entities for independent processing.

3. Categories of Personal Data Collected

We collect the following categories of Personal Data only to the extent necessary for the specified purpose ("Purpose Limitation Principle"):

A. Identity and Contact Data

  • Full name
  • Email address
  • Mobile number
  • City / State / Country of residence
  • Profile photograph

B. Professional and Business Data

  • Years of professional experience
  • Current industry and sector
  • Business name and description
  • Company website / LinkedIn profile
  • Service offerings and areas of expertise

C. Account Data

  • Account login credentials (securely hashed; never stored in plain text)
  • User role (Business Owner / Sales Partner / Service Provider)
  • Onboarding responses and preferences

D. User-Generated Content

  • Posts, comments, and engagements published on the platform feed
  • Interests expressed in Business Listings
  • Profile cover images and banner images uploaded by users

E. Technical and Usage Data

  • IP address and approximate geolocation
  • Browser type and device information
  • Pages visited and time spent on the Platform
  • Referring URLs and session activity logs

F. Payment Data (When Applicable)

  • Transaction IDs and payment status
  • We do NOT store raw card numbers, CVV, UPI PINs, or net banking credentials. All payment processing is handled by our PCI-DSS compliant payment gateway.

4. Lawful Basis for Processing

We process your Personal Data only where we have a valid lawful basis under applicable Indian law:

  • Consent: Where you have provided a free, specific, informed, and unambiguous consent (e.g., during account creation or onboarding). You may withdraw consent at any time by contacting us, subject to applicable legal or contractual obligations.
  • Contractual Necessity: Where processing is necessary to perform the contract of services entered into with you (i.e., our Terms and Conditions).
  • Legal Obligation: Where processing is necessary for compliance with a legal obligation to which the Company is subject, including obligations under the Companies Act, Income Tax Act, GST laws, and regulations of RBI.
  • Legitimate Interests: Where processing is necessary for our legitimate business interests (e.g., fraud prevention, platform security, analytics to improve services), provided such interests are not overridden by your rights as a Data Principal.

5. Purpose of Processing Personal Data

The Company processes Personal Data strictly for the following identified purposes:

  • To facilitate registration, onboarding, and account management on the Platform.
  • To enable matching between Business Owners and Sales Partners / Service Providers.
  • To display user profiles, posts, business listings, and engagement activity on the Platform feed.
  • To process payments for platform subscriptions or services fees.
  • To send transactional communications such as account confirmations, password resets, and payment receipts.
  • To send promotional or marketing communications, only where explicit consent has been obtained and subject to the right to opt-out at any time.
  • To monitor, analyse, and improve the performance, security, and user experience of the Platform.
  • To comply with applicable law, court orders, or statutory requirements.

We shall not use your Personal Data for any purpose beyond what is stated herein without obtaining fresh consent.

6. Disclosure and Sharing of Personal Data

We do not sell, rent, or trade your Personal Data. We may share your data only in the following limited circumstances:

  • With Other Platform Users: Certain profile information (name, professional background, city, profile photo, posts) is visible to other registered users on the Platform as part of the core service. You control what you make public through your profile settings.
  • With Data Processors / Technology Service Providers: We engage vetted third-party service providers who process data on our behalf under binding data processing agreements, including Google Cloud Platform (infrastructure), Firebase Authentication (user authentication), and our payment gateway partner. These processors are contractually prohibited from using your data for their own purposes.
  • For Legal Compliance: We may disclose Personal Data to government agencies, law enforcement authorities, or regulatory bodies as required by applicable Indian law, court orders, or governmental mandates.
  • In Business Transfers: In the event of a merger, acquisition, or sale of substantially all of the Company's assets, Personal Data may be transferred to the acquiring entity, subject to the same privacy protections. We shall notify Data Principals of such a transfer.

7. Data Retention

  • Personal Data is retained for as long as your account remains active or as necessary to provide our Services.
  • Upon account deletion, Personal Data will be erased or anonymised within 90 days, except where retention is required by applicable law.
  • Financial transaction data and payment records shall be retained for a minimum period of 8 years from the date of the transaction, in compliance with applicable Indian taxation and accounting laws.
  • Technical logs (access logs, security logs) may be retained for up to 1 year for security and fraud detection purposes.

8. Rights of Data Principals under DPDPA 2023

As a Data Principal, you have the following rights under the Digital Personal Data Protection Act, 2023, which we are fully committed to upholding:

Right to Access

You have the right to obtain a summary of your Personal Data being processed by us and the processing activities undertaken.

Right to Correction and Erasure

You may request correction of inaccurate or incomplete Personal Data, and erasure of Personal Data that is no longer necessary for the purpose for which it was collected.

Right to Grievance Redressal

You have the right to have your grievances addressed by us expeditiously and in a manner prescribed under applicable law.

Right to Nominate

You have the right to nominate another individual who shall exercise your rights in the event of your death or incapacity.

Right to Withdraw Consent

You may withdraw your consent to processing at any time. Such withdrawal shall not affect the lawfulness of processing based on consent before its withdrawal.

To exercise any of the above rights, please contact our Data Protection Officer at sales@fractionalsalespartner.com. We shall respond to all verifiable requests within 30 days.

9. Security Measures

The Company implements appropriate technical and organisational security measures in accordance with the SPDI Rules, 2011 and DPDPA 2023 to protect Personal Data from unauthorised access, disclosure, alteration, or destruction, including:

  • Transport Layer Security (TLS/HTTPS) encryption for all data transmitted between your browser and our servers.
  • Firestore Security Rules enforcing row-level access controls ensuring users can only access their own data.
  • Firebase Authentication with industry-standard credential hashing for all user accounts.
  • Role-based access controls (RBAC) for internal personnel, ensuring minimum necessary access to production data.
  • Regular review and audit of security access controls and policies.

In the event of a Personal Data breach that is likely to result in a risk to the rights and freedoms of Data Principals, we shall notify the affected individuals and the Data Protection Board of India within the timeline stipulated by applicable law.

10. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to maintain your session, remember your preferences, and analyse how you use the Platform. You can control the use of cookies through your browser settings. Disabling cookies may affect the functionality of certain parts of the Platform.

11. Minors

Our Services are not directed to children below the age of 18 years. We do not knowingly collect Personal Data from minors without verifiable parental or guardian consent as required under DPDPA 2023. If we become aware that a minor has provided us with Personal Data without such consent, we will take immediate steps to delete such information.

12. Grievance Officer / Data Protection Officer

In accordance with the Information Technology Act, 2000, IT (Amendment) Act, 2008, SPDI Rules, 2011, and the DPDPA 2023, the Company has designated a Grievance Officer. Any grievances, complaints, or requests regarding this Policy or processing of your Personal Data may be addressed to:

Name: Hrishikesh Pangarkar

Designation: Grievance Officer / Data Protection Officer

Company: Biztribe Trading & Consultancy India Private Limited

Address: B-1001, Kapil Akhila, Pancard Club Road, Baner, Pune – 411 045, Maharashtra, India

Email: sales@fractionalsalespartner.com

Response Time: We shall acknowledge your grievance within 48 hours and endeavour to resolve it within 30 days of receipt.

13. Amendments to this Policy

The Company reserves the right to update or modify this Policy at any time. Any material changes will be notified to you via email or through a prominent notice on the Platform at least 15 days before such changes take effect. Your continued use of the Platform after the effective date of the revised Policy constitutes your acceptance of the changes. We encourage you to review this Policy periodically.

14. Governing Law and Jurisdiction

This Policy is governed by and construed in accordance with the laws of the Republic of India. Any dispute arising out of or in connection with this Policy shall be subject to the exclusive jurisdiction of the competent courts located in Pune, Maharashtra, India.