Data Processing and Security Policy

This Data Processing and Security Policy explains how Biththi processes, protects, and manages data used by the service.

It applies to account data, organization data, invoices, customers, items, settings, support requests, attachments, operational metadata, audit records, and related service information.

Biththi provides tools for storing and managing business workflow data. Users and organizations are responsible for deciding what information they enter into the service and for ensuring they have the right to process that information.

Biththi processes data to provide the service, support users, secure accounts, maintain reliability, manage plans, troubleshoot issues, and improve the product.

Biththi may process account and profile information, organization information, business settings, invoice records, customer records, item records, support messages, screenshots or attachments, authentication data, audit logs, and operational metadata.

Operational metadata may include usage counts, invoice counts, organization-level activity indicators, plan status, and similar service metrics used to run, monitor, improve, and support Biththi.

Biththi uses reasonable technical and organizational safeguards designed to protect data against unauthorized access, misuse, loss, and alteration.

Security measures may include hashed passwords, session controls, same-origin protections, role-based access, primary-admin controls, rate limits, audit logs, database-backed persistence, restricted operational access, and secure configuration practices.

No system can guarantee perfect security, and users remain responsible for protecting passwords, devices, email accounts, and access to their organization workspace.

Access to organization data is controlled by user roles and organization membership. Primary admins and admins are responsible for managing users and reviewing access.

Internal operational access is limited to service operation, support, security, reliability, and product oversight needs.

Users must not attempt to access data, dashboards, tools, or metadata systems they are not authorized to use.

When users contact support, Biththi may process the message, contact details, account context, organization context, screenshots, and attachments provided with the request.

Users should avoid sending unnecessary sensitive information and should redact passwords, payment credentials, government identifiers, and private customer data unless required to investigate the issue.

Biththi retains data for as long as needed to provide the service, support users, maintain audit and security records, comply with legal obligations, resolve disputes, and preserve business continuity.

Backups, logs, inactive-user records, and audit records may remain for a period after account changes, deletion, or deactivation.

Users should maintain independent backups of important business, accounting, tax, customer, and invoice records.

Biththi may use service providers for hosting, database infrastructure, email delivery, authentication, payment workflows, storage, security, monitoring, and related operational services.

These providers may process data only as needed to provide their services to Biththi and are subject to their own terms, policies, and security practices.

If Biththi becomes aware of a security incident affecting user or organization data, we will investigate and take reasonable steps to contain, assess, and remediate the issue.

Where required by applicable law or appropriate under the circumstances, we may notify affected users, organizations, service providers, or authorities.

Biththi is for data storage and workflow convenience and should not be treated as the sole or final source of truth for legal, tax, accounting, financial, customer, or business records.

Users are responsible for verifying important records against original documents, accounting books, bank statements, contracts, tax filings, or other authoritative systems.

We may update this Data Processing and Security Policy from time to time. The updated version will be posted on this page with a revised effective date.

Continued use of Biththi after the policy is updated means you acknowledge the updated policy.

For questions about data processing or security, contact support at support@biththi.com.