The short version. Sauda is offline-first: your shop’s data lives on your own device and is encrypted. When you’re online, it syncs to our secure cloud so you can use multiple devices and keep a backup. Your data is isolated to your business, you can export it anytime, and we never sell it.

1. Who we are

This Privacy Policy explains how Sauda (“Sauda”, “we”, “us”, “our”) handles personal information in connection with the Sauda applications and website — the offline-first point-of-sale, accounting, inventory and khata app for shops, available on web, mobile and desktop (together, the “Service”).

This policy applies to people who create a Sauda account and use the Service. If you record information about your own customers, suppliers or employees in Sauda, please also read section 6, which explains your responsibilities as the owner of that data.

2. Information we collect

2.1 Information you give us

Account details. The phone number and/or email address you use to sign in (we authenticate with a one-time code), your display name, your business name, and your role.
Business data you enter. The records you create while using Sauda — products and prices, sales and receipts, parties (customers and suppliers), khata/ledger entries, inventory and stock movements, expenses, and any payroll or staff records you choose to keep. You decide what to put in. If you enter sensitive identifiers about other people (for example an employee’s CNIC or phone number), that information is processed as described below.
Support communications. Messages you send us and the details they contain.

2.2 Information we collect automatically

Device & technical data. A device identifier (used to keep your devices in sync and to support remote logout), app version, operating system and basic, non-identifying diagnostics that help us keep the Service reliable and secure.
Sync metadata. Timestamps and change records that let multiple devices converge to the same balances without conflicts.

2.3 What we do not collect

We do not collect payment card numbers. Sauda is free and has no in-app purchases.
We do not use third-party advertising trackers, and we do not build advertising profiles from your business data.

3. How we use information

We use the information above only to run the Service for you:

To provide the core features — selling, accounting, inventory, khata and payroll.
To sign you in securely and keep your account safe.
To sync your data across your devices and keep a backup so you don’t lose your records.
To provide support and respond to your requests.
To maintain, troubleshoot and improve reliability, performance and security.
To comply with legal obligations and enforce our Terms & Conditions.

We do not sell your personal information or your business data, and we do not use your business data for advertising.

4. Offline-first storage & sync

Sauda is built offline-first, which shapes how your data is stored:

On your device. When you create a sale or any other record, it is written to a local database on your device first, so the app works with no internet connection. This local database is encrypted at rest.
In the cloud. When a connection is available, your data syncs to our cloud backend so you can use more than one device and keep a secure backup. Data is encrypted in transit (HTTPS/TLS) and at rest on the server.
Isolated to your business. Every record carries your business identifier, and database-level security rules (row-level security) ensure that you only ever access your own business’s data. Our client apps never hold the privileged server keys.
Demo data. If you switch on demo mode, demo records are kept separate and are excluded from your real totals, reports and exports.

We share personal information only in these limited situations:

Service providers (sub-processors). Trusted vendors who host and operate the Service on our behalf — for example our cloud/database host and the providers that deliver one-time sign-in codes by SMS or email. They may process data only to provide their service to us.
At your direction. When you choose to share a receipt or send a payment reminder over WhatsApp, that share happens from your own device through WhatsApp; it is governed by WhatsApp’s own terms and privacy policy. We do not send messages to your customers on our servers’ behalf.
Legal reasons. Where we are required by applicable law, regulation or valid legal process, or to protect the rights, safety and security of users, the public or Sauda.
Business transfers. If Sauda is involved in a merger, acquisition or sale of assets, data may be transferred as part of that transaction; we will notify you of any change in control or use of your personal information.

6. Data about your customers, suppliers & staff

Sauda lets you keep records about other people — your customers, suppliers and employees (for example names, phone numbers, balances, and any identifiers such as a CNIC that you choose to store). For that information, you are the data controller and Sauda processes it on your behalf as part of providing the Service.

You are responsible for collecting and using that information lawfully — including having any consent or other lawful basis required, telling those individuals how their information is used, storing only what you need, and handling requests they make about their data. Please don’t store more sensitive personal information than your business genuinely needs.

7. Data retention

We keep your data for as long as your account is active so the Service works as you expect. The local copy on a device remains until you delete the app or remotely log that device out. You can ask us to delete your account and the associated cloud data — see your rights below. We may retain limited records where the law requires, or to resolve disputes and enforce our agreements.

8. Your rights & choices

You can, at any time:

Access & review your data inside the app.
Correct information by editing your records (financial records are corrected with adjusting entries so history stays intact).
Export your data — Sauda includes export/backup tools so you can take your records with you.
Delete your account and request deletion of your cloud data by contacting us.
Log out remotely to remove access from a lost or stolen device.

Depending on where you live, you may have additional rights under local law. To exercise any right, contact us using the details in section 13. We will respond within the time required by applicable law.

9. Security

We take security seriously and use measures designed to protect your information, including: encryption of the local database at rest, encryption in transit (TLS), per-business isolation enforced at the database level, one-time-code sign-in, optional device PIN/biometric unlock for fast user switching, and keeping privileged server keys off client devices. No method of storage or transmission is 100% secure, so we cannot guarantee absolute security; if we become aware of a breach affecting your personal information, we will notify you and the relevant authorities as required by law.

10. International data transfers

Our cloud infrastructure and service providers may store and process data on servers located outside Pakistan. Where data is transferred across borders, we take steps to ensure it remains protected in line with this policy and applicable law.

11. Children

Sauda is a business tool intended for use by adults (18+) operating a business. It is not directed to children, and we do not knowingly collect personal information from children. If you believe a child has provided us personal information, please contact us so we can remove it.

12. Changes to this policy

We may update this policy from time to time. When we make material changes, we will update the “Last updated” date above and, where appropriate, notify you in the app. Your continued use of the Service after an update means you accept the revised policy.

13. Contact us

Questions, requests or concerns about privacy? Contact us at privacy@saudaapps.com (or support@saudaapps.com for general help). You can also reach us through our contact page.