Legal

Privacy Policy

Last updated: January 2025

1. Introduction

Zipybills (“Company”, “we”, “us”) operates the FactoryOS platform. This Privacy Policy explains how we collect, use, store, and protect your information when you use our Service. We are committed to protecting your privacy and ensuring the security of your data. By using FactoryOS, you consent to the practices described in this policy.

2. Information We Collect

We collect the following types of information:

2.1 Account Information

  • Company name and workspace URL (slug)
  • Administrator full name, username, and email address
  • Password (stored securely using industry-standard hashing)
  • Subscription plan and billing information

2.2 Manufacturing Data

  • Machine configurations, production data, and cycle times
  • Quality parameters (CTQ/CTP readings and checksheet data)
  • Downtime events, reason codes, and maintenance records
  • Energy consumption data
  • Tool inventory, calibration, and usage records
  • Work instruction content and operator acknowledgments

2.3 Usage Data

  • Login timestamps, session duration, and feature usage patterns
  • Browser type, device information, and IP address
  • Pages visited within the application

3. How We Use Your Information

We use the collected information for the following purposes:

  • Service Delivery: To provide, maintain, and improve the FactoryOS platform
  • Account Management: To create and manage your workspace, authenticate users, and process subscriptions
  • Communication: To send important service updates, security alerts, and support responses
  • Analytics: To understand how the Service is used and improve features (aggregated, anonymized data only)
  • Security: To detect, prevent, and address technical issues and security threats
  • Compliance: To comply with legal obligations and enforce our Terms of Service

4. Data Isolation & Multi-Tenancy

FactoryOS uses a multi-tenant architecture where each customer's data is completely isolated. Your manufacturing data, user information, and configurations are stored in your own dedicated database schema. No other customer or tenant can access your data. This isolation is enforced at the database level and cannot be bypassed through the application.

5. Data Storage & Security

We implement the following security measures:

  • Encryption in Transit: All data transmitted between your browser and our servers uses TLS/SSL encryption
  • Encryption at Rest: Databases are encrypted at rest using AES-256 encryption
  • Password Security: User passwords are hashed using bcrypt with salt rounds
  • Access Controls: Role-based access control (RBAC) ensures users only access data relevant to their role
  • Audit Logging: All sensitive operations are logged for audit and compliance purposes
  • Regular Backups: Automated daily backups with point-in-time recovery capability

6. Data Sharing

We do not sell, rent, or trade your personal or manufacturing data to third parties. We may share limited information only in the following circumstances:

  • With Your Consent: When you explicitly authorize us to share data with a third party
  • Service Providers: With trusted hosting providers (e.g., cloud infrastructure) who process data on our behalf under strict confidentiality agreements
  • Legal Requirements: When required by law, subpoena, or government request
  • Business Transfer: In connection with a merger, acquisition, or sale of assets (with prior notice)

7. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. If you choose to terminate your account, we will retain your data for 30 days to allow data export, after which it will be permanently deleted from our systems. Usage logs and anonymized analytics data may be retained for up to 12 months for service improvement purposes.

8. Your Rights

You have the following rights regarding your data:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate personal data
  • Deletion: Request deletion of your personal data (subject to legal retention requirements)
  • Export: Export your manufacturing data in standard formats (CSV, JSON) at any time
  • Restriction: Request limitation of processing of your personal data
  • Objection: Object to processing of your personal data for specific purposes

To exercise any of these rights, please contact us at contact@factoryos.in.

9. Cookies

We use essential cookies for authentication and session management. We do not use advertising or tracking cookies. Essential cookies are required for the Service to function and cannot be disabled. We may use anonymized analytics cookies to understand usage patterns — these do not collect personal information.

10. On-Premise Deployments

For customers who choose on-premise deployment, all data resides on your own servers within your own network. In this case, Zipybills does not have access to your data unless you explicitly grant remote access for technical support purposes. The security of on-premise data is your organization's responsibility, and we provide guidelines and best practices for securing the deployment.

11. Children's Privacy

FactoryOS is a business application designed for manufacturing operations. We do not knowingly collect personal information from children under the age of 18. If we become aware that a child has provided us with personal information, we will take steps to delete such information.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or a prominent notice on the platform. We encourage you to review this page periodically for the latest information on our privacy practices.

13. Contact Us

If you have questions or concerns about this Privacy Policy, please contact us at: contact@factoryos.in