Privacy Policy

1. Data Controller

Octacorp Holdings International Limited is the Data Controller for your information. This means we are responsible for how your personal data is collected, used, and protected.

2. Information We Collect

We collect information necessary to provide and improve our service. This includes:

• Account Information: When you sign up, we collect your first and last name, username, email address, and phone number. This is used for creating your account, secure authentication (including two-factor authentication), and communication.
• Company & Customer Data: Any business data you enter into the application, such as your company's details (name, address, contacts) and the profiles of customers you create, is stored in our database to enable the core functionality of the app.
• Quote and Calculation Data: All information used to generate a quote, including item descriptions, quantities, prices, and associated costs, is saved to your account.
• Support & Feedback Data: If you submit a help request or feedback, we collect your contact information and the details of your query, including any screenshots you voluntarily provide (a feature available on paid plans).
• Usage and Activity Logs: We automatically log certain activities for security and operational purposes. This includes quote creation, data updates (e.g., company profile changes), and user login attempts to monitor for suspicious activity and prevent abuse.

3. Subscription & Payment Information

We do NOT collect or store your payment card details, bank account numbers, or sort codes.

Our current subscription page is a simulation for demonstration purposes. In a live production environment, we would use a secure, third-party payment processor (such as Stripe). In that case, your payment details would be sent directly to the processor and would not pass through or be stored on our servers.

4. How We Use Your Data

Your data is used strictly for the following purposes:

• To provide, operate, and maintain the Octacost service.
• To manage your account, authenticate you securely, and provide customer support.
• To monitor for security threats, prevent fraud, and enforce our terms of service.
• To analyze usage patterns to improve the user experience and develop new features.

5. Data Storage and Security

All your application data is stored securely using Google Firebase services (Firestore, Firebase Authentication, and Firebase Storage), which acts as our Data Processor. Google Firebase is compliant with major global privacy and security standards, including ISO 27001 and SOC 2. Your data is encrypted in transit and at rest.

6. Your Rights Under GDPR

As a user, you have rights over your personal data:

• Right to Access & Rectify: You can access and update your profile and company information directly within the app on your Profile page.
• Right to Erasure: You can request the permanent deletion of your account and all associated data. This action can be initiated from your Profile page. Upon confirmation, your account is immediately deactivated, and your data is scheduled for irreversible deletion after a 30-day grace period, during which you may contact support to potentially halt the deletion.
• Right to Data Portability: You have the right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format. You can export your customer list via the "Customers" page.

7. Contact Us

If you have any questions about this Privacy Policy or your data rights, please contact us through the form on our main landing page.