Legal Documentation

Privacy Policy

Last Updated: June 18, 2026
Comprehensive privacy policy detailing how Stragure collects, uses, and protects your personal information in compliance with Indian privacy laws.

Table of Contents
1. Introduction Our commitment to privacy
2. Data Collection What information we collect
3. Data Usage How we use your information
4. Location Data Attendance, field visits & location use
5. Google Workspace and Google Calendar Data Calendar & Workspace access
7. Security How we protect your data
8. Your Rights Your privacy choices
9. Contact Get in touch with us

1. Introduction

This Privacy Policy explains how we collect, use, process, and protect your personal information when you use our website, GrowchainAI platform, and related services.

Legal Compliance: This policy complies with Information Technology Act, 2000 and SPDI Rules, 2011.

2. Information We Collect

🔹 Personal Information

  • Contact Information: Name, email, phone, company details
  • Account Information: Username, password, preferences
  • Voice Data: Voice recordings and speech transcripts processed only with explicit user consent for AI-powered voice assistant functionality
  • Biometric Information: When facial attendance features are enabled, the platform may generate and store a facial biometric template (embedding) for identity verification and attendance purposes. Original facial images captured during enrollment or attendance verification are processed solely for identity verification, liveness detection, and generation of biometric templates, and are not retained after processing unless required for operational, legal, audit, or compliance purposes.
  • Liveness Verification Data: The platform may process liveness detection signals to verify that attendance submissions originate from a live person and to prevent spoofing attempts.

🔹 Technical Information

  • Device Data: IP address, browser type, device identifiers
  • Usage Analytics: Pages visited, interaction patterns
  • Tracking: Cookies and similar technologies

3. How We Use Your Information

  • Platform Services: Provide and maintain GrowchainAI platform
  • Voice AI Processing: Process voice recordings, speech transcripts, and AI-powered enterprise workflow requests using secure backend infrastructure and OpenAI APIs
  • Security: Authentication and account protection
  • Support: Customer service and platform improvements
  • Compliance: Legal requirements and business operations

🔹 AI Voice Assistant & Third-Party AI Processing

GrowchainAI includes AI-powered voice assistant and natural-language processing features.

When users interact with voice assistant functionality, certain data may be securely transmitted to and processed by trusted third-party AI service providers, including OpenAI APIs, solely for the purpose of providing requested functionality such as:

  • Speech recognition and transcription
  • Natural-language understanding
  • AI-powered responses and workflow assistance

This processing may include:

  • Voice recordings captured while actively using voice assistant features
  • Speech transcripts generated from user voice input
  • Work-related operational requests such as leave applications, payroll queries, approvals, employee search, attendance requests, inventory queries, procurement workflows, and other enterprise operations initiated by the user
  • Authenticated user account context required to fulfill enterprise workflow requests

Voice and AI processing occurs only after the user provides explicit in-app consent.

Data is transmitted over encrypted connections and is not sold to third parties.

Voice recordings are processed transiently for transcription and are generally not retained after processing by our backend proxy infrastructure unless required for operational, legal, audit, or compliance purposes.

Data transmitted through OpenAI APIs is not used to train AI models.

🔹 Facial Recognition & Attendance Verification

The platform may provide facial-recognition-based attendance functionality for organizations that enable this feature.

Facial biometric templates and liveness verification data are used solely for:

  • Employee identity verification
  • Attendance recording and validation
  • Prevention of impersonation and attendance fraud
  • Liveness verification and anti-spoofing protection

Biometric data is not used for advertising, profiling, marketing, or purposes unrelated to attendance management and authorized workforce operations.

Biometric templates are retained only for as long as required to provide attendance verification services, comply with legal obligations, or satisfy organizational record-retention requirements, after which they are securely deleted.

4. Location Data

GrowchainAI may collect precise location information from authorized users of the Sales Representative application.

🔹 Data Collected

  • Precise GPS location captured during attendance punch-in, punch-out, and field-visit check-ins.
  • Device-generated location coordinates and timestamps.
  • Background location updates may be collected on supported platforms, such as Android, where continuous duty tracking is enabled and the user has granted the required permissions.

🔹 Purpose of Collection

Location data is collected solely for legitimate business purposes, including:

  • Employee attendance verification
  • Field-visit and customer visit verification
  • Route and field activity tracking where enabled
  • Workforce management and operational reporting
  • Safety and compliance monitoring

🔹 Platform-Specific Location Behavior

On iOS devices, GrowchainAI collects precise location information only while the application is actively in use. The iOS application does not request 'Always' location permission and does not perform background location tracking.

On supported platforms and configurations where duty tracking is enabled, the application may collect background location information after obtaining the necessary permissions from the user.

🔹 Data Sharing

Location data is not sold to third parties. Location information may be shared only with:

  • The user's employer organization using GrowchainAI
  • Service providers required to operate the platform
  • Government authorities when required by applicable law

🔹 Data Retention

Location records are retained according to the organization's configured retention policies and applicable legal requirements.

🔹 User Controls

Users may disable location permissions through device settings. On iOS, users can manage permissions by navigating to Settings → Privacy & Security → Location Services → GrowchainAI. Disabling location access may limit attendance verification, field-visit check-ins, and field-tracking functionality.

5. Google Workspace and Google Calendar Data

GrowchainAI may integrate with Google Workspace services, including Google Calendar, when a user explicitly authorizes access through Google's OAuth consent process.

🔹 Information We Access

  • Google Calendar events and schedules
  • Meeting details and event metadata
  • Calendar availability and free/busy information
  • User profile information required for authentication and account linking
  • Other Google Workspace information explicitly authorized by the user

🔹 How We Use Google User Data

Google Workspace and Google Calendar information is accessed and processed solely to provide user-requested functionality within the GrowchainAI platform.

  • Calendar synchronization
  • Meeting scheduling and coordination
  • Appointment and event management
  • Workflow automation initiated by the user
  • Productivity and collaboration features
  • Enterprise operations and business process management

🔹 Sharing, Transfer and Disclosure of Google User Data

GrowchainAI does not sell Google user data to third parties.

Google user data may be shared, transferred, or disclosed only in the following circumstances:

  • To the authenticated user who authorized the access
  • To authorized administrators within the user's organization where required for enterprise operations requested by the user
  • To cloud hosting, infrastructure, security, monitoring, backup, email delivery, and support service providers strictly required to operate, maintain, and secure the GrowchainAI platform
  • To comply with applicable laws, regulations, court orders, legal processes, or governmental requests
  • With the user's explicit consent

Google Workspace and Google Calendar data are protected using industry-standard security controls and are accessed only for the purposes authorized by the user.

6. Google API Services User Data Policy Compliance

GrowchainAI's use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Google Workspace API data is accessed, used, stored, and transferred only to provide user-facing features requested by the user and in accordance with Google's Limited Use requirements.

🔹 Limited Use Compliance

Information obtained through Google Workspace APIs is used only to provide or improve user-facing features that are visible, prominent, and directly requested by users.

GrowchainAI does not use Google Workspace API data for:

  • Advertising purposes
  • Marketing campaigns
  • Building advertising or marketing profiles
  • Selling user information to third parties
  • Credit-worthiness determination
  • Insurance eligibility determination
  • Employment eligibility decisions unrelated to requested functionality
  • Data brokerage activities

🔹 Artificial Intelligence and Machine Learning Restrictions

  • Google Workspace API data is not used to develop, improve, train, fine-tune, evaluate, or operate generalized artificial intelligence (AI) models or machine learning (ML) models.
  • Google Workspace API data is not used to train foundation models, large language models (LLMs), generative AI systems, or any generalized machine learning technologies.
  • Google Workspace API data is not used to create datasets for training artificial intelligence systems.
  • Any processing of Google Workspace API data is limited solely to providing user-requested functionality within the GrowchainAI platform and is performed in accordance with the Google API Services User Data Policy and Limited Use requirements.
  • No Google Workspace API data is used for model training, model improvement, analytics unrelated to user-requested functionality, advertising, marketing, or product development purposes.

7. Data Security

  • 🔐 Encryption: Military-grade encryption in transit and at rest
  • 🛡️ Access Controls: Multi-factor authentication & role-based access
  • 🎙️ Voice Protection: Advanced encryption for voice data processing
  • 🤖 AI Processing Security: Audio and AI-related data is transmitted through encrypted connections and processed through secured backend proxy infrastructure
  • 👤 Biometric Protection: Facial biometric templates are stored securely using industry-standard security controls. Access is restricted to authorized personnel and system processes required for attendance verification.
  • 🔍 Regular Audits: Continuous security assessments

8. Your Rights and Choices

  • 📥 Access: Get a copy of your personal data
  • ✏️ Correct: Fix inaccurate or incomplete information
  • 🗑️ Delete: Request removal of personal information
  • 📧 Opt-out: Unsubscribe from marketing communications
  • 🚫 Withdraw: Remove consent for data processing
  • 👤 Biometric Data: Request information regarding biometric data associated with your account and, where permitted by organizational policy and applicable law, request its deletion.
Exercise your rights: info@stragure.com

9. Contact Information

For questions about this Privacy Policy or our data practices:

Privacy Inquiries: privacy@stragure.com

📧 Email: info@stragure.com
⏰ Response Time: Within 30 days per Indian regulations
⚖️ Jurisdiction: Governed by the laws of India