1st November 2018
This is applicable if you are using our services:
- Subscribed to ERPNext hosted account
- 14-day trial account
- Requested for a demo
- Contact us for enquiry via e-mail
By providing us with your data, you warrant to us that you are over 13 years of age.
erpnext.com is a property of Frappe Technologies Private Limited, an Indian Company registered under the Companies Act, 1956 having its registered office at D/324 Neelkanth Business Park, Vidyavihar West, Mumbai, Maharashtra - 400086, India
Information we collect
We might collect your name, email, mobile number, phone number, street, city, state, pin code, country and IP address.
Payment and billing information
We might collect your billing name, billing address and payment method when you make a purchase on our website. We NEVER collect your credit card number or credit card expiry date or other details pertaining to your credit card on our website. Credit card information will be obtained and processed by online payment management intermediary Razorpay or Paypal.
Information you post
We collect information you post in a public space on our website or on a third-party social media site belonging to erpnext.com.
We may collect demographic information about you, your business and business needs, events you like, events you intend to participate in, conference tickets you buy, or any other information provided by you during the use of our website. We might collect this as a part of a survey also.
If you use our website, we may collect information about your IP address and the browser you're using. We might look at what site you came from, duration of time spent on our website, pages accessed or what site you visit when you leave us. We might also collect the type of mobile device you are using, or the version of the operating system your computer or device is running.
We collect information in different ways.
We collect information directly from you
We collect information directly from you when you make a purchase on erpnext.com, register for an event or subscribe to free trial period. We also collect information if you post a comment on our websites or ask us a question through phone or email.
We collect information from you passively
We may use other tracking tools like Google, web analytics, LinkedIN, browser cookies or other external websites for collecting information about your usage of our website.
We get information about you from third parties
For example, if you use an integrated social media feature on our website. The third-party social media site will give us certain information about you. This could include your name and email address.
Use of your personal information
We might use the information you provide to contact you for confirmation of a purchase on our website, registration for free trial or for other promotional purposes including sending newsletters.
We use information to respond to your requests or questions
We might use your information to confirm your purchase of service, free trial, registration for an event or contest.
We use information to improve our products and services.
We might use your information to customize your experience with us. This could include displaying content based upon your preferences.
We use information to look at site trends and customer interests
We may use your information to make our website and products better. We may combine information we get from you with information about you we get from third parties.
We use information for security purposes.
We may use information to protect our company, our customers, or our websites.
We use information for marketing purposes
We might send you information about special promotions or offers. We might also tell you about new features or products. These might be our own offers or products, or third-party offers or products we think you might find interesting. Or, for example, if you buy our services we enrol you in our newsletter automatically.
We use information to send you transactional communications. We might send you emails or SMS about your account or a purchase. We use information as otherwise permitted by law.
Sharing of information with third-parties
We will share information with third parties who perform services on our behalf
We share information with vendors who help us manage our online registration process or payment processors or transactional message processors. Some vendors may be located outside of India.
We may share information with our business partners
This includes a third party who may help us with implementation of the services subscribed by you and only in case we need to use their expertise on your account. Our partners use the information we give them as described in their privacy policies.
We will share information with the event organizers
We share your information with event organizers and other parties responsible for organising events, demo sessions for you. The event organizers and other parties may use the information we give them as described in their privacy policies.
We may share information if we think we have to in order to comply with the law or to protect ourselves. We will share information to respond to a court order or subpoena. We may also share it if a government agency or investigatory body requests. Or, we might also share information when we are investigating potential fraud.
We may share information with any successor to all or part of our business. For example, if part of our business is sold we may give our customer list as part of that transaction.
We may share your information for reasons not described in this policy. We will tell you before we do this.
Third party sites
The regulation distinguishes two main types of entities:
- Data controller: any entity who determines the purposes and means of the processing of personal data, alone or jointly. As a general rule, every organization is a controller for its own data.
- Data processor: any entity who processes data on behalf of a data controller.
|We Act As
||Kind of data
|Data Controller & Processor
||Personal Information like name, email, contact no. of clients, prospective clients who either email us, request for demo or sign up for a trial account
||Any data stored by our customers in their ERPNext account, they are the database owner and become the Data Controller for it. We on act as the Data Processor
||Open Source users using ERPNext for their organization on their own server.
We only store the information necessary for billing and contact purposes. This will include the following:
- Your Name (of course)
- Your Email ID
These are the common information stored with us when you use an Frappe cloud account. The following information is also stored:
- Phone number of the primary contact person (if shared by the user)
- Billing Address (of the company/primary user)
We also store all the data that is requested from you when you signup or request a demo.
We currently host with online.net whose servers/data centers are located in Paris, France.
On the cloud, we maintain regular SQL backups (from hereon referred to as backup) of your account. A backup is taken every 6 hours.
These backups are stored on Amazon's AWS service. You can refer to its compliance information.
We recommend that you also maintain your own copy. To download them manually by going to
Setup > Download Backups. You can also automate database backup download of your ERPNext account into your Dropbox account.
We also have an access to your account for adminsitrative purposes. This includes access for support and update purposes.
If anyone in our team has to access your data for support, then you will get an email mentioning that one of our engineers have accessed your data along with a reason. Your passwords are not accessible to our engineers and are generated via a program. If they need to access the account, they must go via this route. All our employees have signed a Non-Disclosure of Data agreement with us and they are fully aware of the consequences and risks involved with access of customer data.
We will report to you what changes (if any) we have done. At the bottom of each form (or doctypes as we call them) you will see who has made the recent changes. Additionally, you can view the Activity Log Report to track the activities of users in your account. Changes are also made automatically via patches when a new version gets released. In case a patch fails, an Administrator may change your data. In this case too you will receive an email notification of the same.
Any personal information received will only be used to reply to your queries or fix your bugs (and occassionally send Newsletters which you can opt out of). We do not and never will sell or redistribute your information to any third party.
We do track your visits to the website through Google Analytics. This data is collected anonymously and viwed in an aggregated form to understand the user behaviour across companies. The kind of queries we engage with here are like what is the most used transaction in ERPNext, or what do most users do after making a Sales Invoice.
Just download the backup of your account.
Want to exercise your right to be forgotten? Just drop an email to firstname.lastname@example.org with the subject line "Please delete my data".
Please note that we can't delete certain details related to billing for legal and auditing purposes.
ERPNext is free and Open Source. This is our biggest advantage against other cloud/SAAS ERPs. In the remote possibility that you do not want our service or we are unable to service, the entire source code with installation instructions is online at github.com.
All you have to do is download your backup and reinstall on your new server. You can also export only the necessary data in spreadheets (Excel, CSV) and import them in your new instance.
You can opt out of receiving or Unsubscribe our marketing emails. To stop receiving our promotional emails, please email email@example.com.It may take about ten days to process your request. Even if you opt out of getting marketing messages, we will still be sending you transactional messages through email and SMS about your purchases.
If you believe that any information we are holding on you is incorrect or incomplete, please write to or email us as soon as possible, at firstname.lastname@example.org. We will promptly correct any information found to be incorrect.
In accordance with Information Technology Act 2000 and rules made there under, the name and contact details of the Grievance Officer are provided below. If you have any questions about this Policy or other privacy concerns, please do connect with us.
Our full details are:
Full name of legal entity: Frappe Technologies Private Limited
Grievance Officer: Mr. Umair Sayyed
Email address: email@example.comfirstname.lastname@example.org
D/324, Neelkanth Business Park,
Near Vidyavihar Railway Station,
Telephone number: +91-80-339-23819
It is very important that the information we hold about you is accurate and up to date. Please let us know if at any time your personal information changes by emailing us at
Email address: email@example.com.
Taking care of your Password (Password security)
erpnext.com firmly believes in protecting the personal information of the customer. erpnext.com or any of its staff or official will never ask for any password or related information from its customers and the customers are also advised, in order to protect access to their accounts and to other channels, do not disclose the passwords to anyone. Generally, when you subscribe to free trial or make a purchase at erpnext.com, you are required to generate your own password. It is recommended that the customers necessarily choose their own passwords carefully such that no unauthorized access is made by a third party. You are also advised not to keep any written or other record of the password/s so that no third party could access the same. You should not disclose the password to anyone. In order that the passwords become complex and difficult for others to guess the you should carefully choose the alpha numeric passwords with combination of upper case alphabets and numbers and special characters (like @, %, &, ! etc.) The password is a private information and must be kept confidential by the owner of the username related to the password. If a password is known by someone other than the owner, that username and password could be misused to access resources and information and possibly with criminal intent—and without notice since they would appear as the registered owner. We will bear no responsibility for loss caused to you in relation to password theft or unauthorised access due to weak passwords etc.
Updates to this policy
Have more questions?
Drop an email to firstname.lastname@example.org.