Privacy Policy

Privacy Policy

Last updated: May 2026

Wayso Technologies ("Wayso", "we", "us", or "our") operates the wayso.in platform and related services. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform.

1. Information We Collect

Account Information

When you create a Wayso account, we collect:

  • Name and email address
  • Password (encrypted, never stored in plain text)
  • Business name and store details
  • Billing and payment information

Store Data

When you use Wayso to run your store, we process:

  • Product catalog information
  • Customer records and order history
  • Staff accounts and roles
  • Payment transaction records
  • Inventory and fulfillment data

Automatically Collected Information

  • IP address and approximate location (via GeoIP)
  • Browser type, device information, and operating system
  • Usage patterns, pages visited, and session duration
  • Login timestamps and activity logs

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our platform
  • Process transactions and send billing notifications
  • Create and manage your account and stores
  • Send administrative emails (OTP verification, password resets)
  • Provide customer support
  • Monitor platform usage and detect abuse
  • Comply with legal obligations

3. Data Storage and Security

  • All data is stored in SurrealDB databases hosted on Fly.io infrastructure
  • Passwords are hashed using bcrypt
  • API communications use HTTPS/TLS encryption
  • JWT tokens are used for session management
  • We implement rate limiting to prevent abuse
  • Database credentials are stored securely and rotated regularly

4. Third-Party Services

We share data with the following third-party services only as necessary to provide our platform:

Service Purpose Data Shared
Razorpay Payment processing Transaction amount, order ID
PhonePe Payment processing Transaction amount, phone number
Stripe International payments Transaction amount, email
MSG91 OTP & email delivery Phone number, email address
Delhivery Shipping & courier Shipping address, order details
Google Gemini AI features Prompts (no personal data)
Cloudflare DNS & SSL Domain names
Firebase Push notifications Device tokens

We do not sell your personal information to third parties.

5. Data Retention

  • Account data is retained as long as your account is active
  • Store data is retained for the duration of your subscription
  • Transaction records are retained for 7 years (legal compliance)
  • You may request deletion of your account and associated data at any time

6. Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Opt out of marketing communications
  • Withdraw consent at any time

7. Cookies

We use essential cookies for:

  • Session management and authentication
  • Store subdomain resolution
  • Security (CSRF protection)

We do not use tracking cookies or third-party advertising cookies.

8. Children's Privacy

Our platform is not intended for use by children under 18. We do not knowingly collect data from minors.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through the platform.

10. Contact Us

For privacy-related inquiries: