Privacy Policy

Effective Date: June 09, 2026

1. Governance and Commitment

At CloudSync ERP, we recognize that our clients entrust us with their most sensitive organizational data. This Privacy Policy serves as a comprehensive framework outlining our strict adherence to global data protection standards, including GDPR, CCPA, and HIPAA compliance where applicable. Our commitment is to ensure the integrity, confidentiality, and availability of your business ecosystem.

1.1 Connected Mobile Applications

This privacy policy also explicitly governs the data collection, handling, and usage of consumer-facing mobile applications connected to our ERP Point of Sale (POS) and business management ecosystem. This includes the mobile application Grillesta Restro & Cafe, published and managed by Developers at GurN Sandhu. Data collected through these connected applications—including location data used exclusively for delivery radius eligibility—is processed securely through our central ERP architecture and is bound by the identical strict security protocols outlined in this policy.

2. Detailed Data Taxonomy

We classify the data we collect into three primary categories to ensure transparent processing:

• Organizational Identity: Corporate names, tax identification numbers, physical headquarters addresses, and authorized signatory details.
• User & Consumer Credentials: Encrypted biometric hashes (if enabled), multi-factor authentication metadata, customer contact numbers used for OTP login, and professional email identifiers.
• Transactional Metadata: Logs of ERP module interactions, ledger entries, mobile app API call histories, and system performance telemetry designed to optimize database indexing and query speed.

3. Advanced Data Processing Architecture

Our ERP processes data through a multi-tenant isolated architecture. This means your data is logically separated from other clients at the database level. Processing occurs for:
- Automating complex financial reconciliation and tax calculations.
- Predictive inventory management using machine learning algorithms based on your historical patterns.
- Generating real-time audit trails for regulatory compliance within your industry.

4. Security & Sovereign Cloud Storage

We utilize Tier-IV data centers with physical security protocols including biometric entry and 24/7 armed surveillance. On a digital level, all data is protected via TLS 1.3 in transit and AES-256 at rest. We conduct bi-annual third-party penetration testing to ensure our defenses against SQL injection, Cross-Site Scripting (XSS), and zero-day vulnerabilities remain impenetrable.

5. Your Rights & Data Portability

Under our "Data Sovereignty" principle, you remain the sole owner of your information. You have the right to request a full dump of your SQL data at any time. We provide automated tools within the Admin Console to export data in JSON, CSV, or XML formats. Requests for permanent data scrubbing or mobile user account deletion are processed within 48 hours, ensuring no residual fragments remain in our cold storage backups.