Privacy policy
How Neev collects, holds and uses your data — written in plain English and updated whenever the underlying practice changes.
What we collect
Business and contact details, the data you actively send into Neev (orders, invoices, inventory, customer records, ledger entries), the messages you parse through Neev (WhatsApp, SMS, email), and basic device/session telemetry for security.
How we use it
Only to operate the service for your business and to honour our contract. We do not sell, broker or use your data to train cross-customer models. Aggregate, fully de-identified product analytics may be used internally to improve Neev.
Where it lives
Inside Indian borders, in our AWS regions ap-south-1 (Mumbai) and ap-south-2 (Hyderabad). Backups stay within India. No data is replicated outside the country, ever.
Who can see it
Inside your business: the roles you grant. Inside Neev: a strictly limited engineering and support team, on a need-to-act basis, with full audit logging.
How long we keep it
Live data while you are a customer. Statutory records (invoices, tax filings, audit log) for 7 years per Indian law. Cancellation: full export within 7 days, hard delete within 30 days of confirmation.
Your rights
You can export, correct or delete personal data we hold about you. Email privacy@neev.in. We respond within 7 working days.
Terms of service
Plain-English summary first; the formal master agreement is attached on every paid contract.
Your data is yours
You retain all rights to data you put into Neev. We are processors, not owners.
Our service
We provide the Neev platform on an "as-built" basis, with reasonable commercial efforts to maintain uptime and security per the SLA attached to your plan.
What we will not do
Sell your data. Train cross-customer ML models on your data without explicit opt-in. Disclose your data without a valid legal request, and we will notify you when we can.
Acceptable use
Do not use Neev to break Indian law, target third parties, or circumvent reasonable rate limits. We reserve the right to suspend access if we detect abuse, with notice where possible.
Liability
Capped at the fees paid in the prior 12 months. We carry cyber-liability insurance separately.
Termination
You can cancel any time. We pro-rate paid plans to the day. Pilots: no notice required. Enterprise: per your master agreement.
GST policy
How Neev handles GST compliance on your behalf, and on its own services.
On invoices we generate for you
Every Neev-generated invoice is GST-compliant: GSTIN of seller and buyer, HSN per line, CGST/SGST/IGST split per place-of-supply rules, e-invoice IRN auto-pulled from GSTN in real time at the moment of dispatch.
GSTN integration
We are integrated via a NIC-authorised GSP (GST Suvidha Provider) partner. We do not store the e-invoice payload longer than required by GSTN protocol.
On invoices Neev sends you
Billing entity: Neev Technologies Pvt Ltd · GSTIN 29ABCDE1234F1Z5 (Karnataka). We charge 18% IGST for inter-state customers, 9% CGST + 9% SGST for Karnataka customers. PAN: AAACS1234F.
Place of supply
Default: your registered place of business. Override per-transaction when shipping cross-state.
TDS / TCS
If your size or sector requires you to deduct TDS or collect TCS on payments to Neev, our finance team helps you set up the deduction. Email accounts@neev.in.
Filing windows
Neev exports GSTR-1 (JSON + Excel) by the 7th of the following month. GSTR-3B reconciliation runs continuously and surfaces mismatches in /admin/reports.
Security
Full posture lives on /security.html — this is the legal abbreviation.
Encryption
TLS 1.3 in transit; AES-256 at rest. Envelope encryption for sensitive fields (PII, GSTINs, ledger balances). Customer-managed keys available on Enterprise.
Access control
5 default roles · least-privilege · approval workflows for elevated actions. Internal Neev access requires SSO, hardware MFA, and is fully audit-logged.
Audit log
Every money/stock/customer change is signed and hash-chained. 7-year retention. Verifiable end-to-end.
Backups
Encrypted snapshots every 24 h, 30-day retention, monthly restore drills. RPO 4 h · RTO 8 h.
Incident response
Every customer-affecting incident triggers notification within 4 hours of detection. Post-mortem published within 5 working days.
Reporting a vulnerability
Mail security@neev.in. PGP key on request. We respond within 24 hours and operate a coordinated-disclosure program.