DATA PROTECTION & PRIVACY
Privacy Policy
Last updated: May 27, 2026
1. Information We Collect
We collect information you provide directly during account registration, such as your name, email address, company name, and payment information. We also log your IP address and device User-Agent to record consent history for security audit logs.
2. Consent Logging & Compliance
In accordance with data protection regulations, we maintain proof of your active consent to our Terms of Service and Privacy Policy. This consent history is stored securely in our `consent_logs` table containing:
- Your User ID
- Type of consent (tos, marketing, cookie)
- The legal policy version agreed to
- IP Address and device User-Agent details
3. Data Security & Multi-Tenant Isolation
SalesView implements strict multi-tenant isolation architectures at the database level to prevent cross-company data leaks. All data transmissions are secured with SSL/TLS encryption, JWT authentication via HttpOnly cookies, and Double-Submit Cookie CSRF protection.
4. Data Retention & Deletion Policy
We respect your rights over your personal data. When you request the deletion of your tenant account, we apply a two-phase deletion flow:
- Soft Delete (30 Days): All of your operational data will be securely deactivated and hidden. No active operations will read or write to this data. Within these 30 days, you can restore your account at any time.
- Hard Delete: If the account is not restored within 30 days, an automatic permanent purge (hard delete) is executed by our system background worker to permanently erase all data from our active servers and main databases.
5. Contact Us
If you have any questions about this Privacy Policy or wish to request your data protection rights, please contact our security team at cs@gilabs.id.