GENLOGIX PRIVATE LIMITED (herein referred to as "GenlogixHQ", "we", "us", or "our"), incorporated at NO.22, ANANDA NILAYA, 3RD FLOOR, 7TH MAIN, 8TH CROSS, MALLESHWARAM, Bangalore, Karnataka 560003, is committed to safeguarding your corporate metadata, database connection credentials, and transactional event streams. This Privacy Policy details our protocols regarding the collection, transmission, storage, and processing of organizational data when using our decision intelligence tools, background agents, and notification integrations.
1. Data Processing Architecture
Unlike traditional business intelligence systems that replicate and store entire relational database tables on third-party cloud servers, GenlogixHQ operates a lightweight, stateless query translation engine. Our core architecture relies on the following boundaries:
- Read-Only Access Verification: We require you to supply credentials configured with strictly read-only capabilities. Our connection tunnels and credentials vaults do not support write commands. We never delete, modify, or insert database records in your target data sources.
- Stateless Real-Time Queries: When a user queries our chatbot interface or an active background agent triggers an inventory or sales scan, our system compiles natural language inputs into optimized SQL queries. These are dispatched to your connected sources (Shopify API, local Tally gateway, MySQL databases). The query returns only the final summary counts or tabular rows, which are displayed to the user and instantly discarded. We do not maintain caches or local copies of your customer profiles or transaction logs.
- Metadata Indexing: To facilitate natural language conversion, our platform indexes and stores database schema metadata, including table names, column headers, data types, and primary-foreign key relationships. We do not index or store the actual table contents or row values during this indexing phase.
2. Information We Collect
In the course of providing our services, we process the following categories of information:
- User Accounts & Corporate Profiles: Full name, business email address, company name, corporate billing details, and registration logs necessary to maintain active accounts.
- Data Connector Credentials: Encrypted database passwords, SSH keys, Shopify OAuth tokens, Amazon Web Services (AWS) API keys, and local Tally Prime gateway connection strings. These credentials are stored using AES-256 encryption at rest.
- Notification Webhooks & Channel Configs: Target destinations for business briefs, including Slack webhook URLs, authorized WhatsApp phone numbers, and recipient lists for daily email briefs.
- Communication & Usage Inquiries: Standard diagnostic headers, API response times, model prompt history (excluding data payloads), and inquiry submissions dispatched via our booking portals (processed securely via Brevo APIs).
3. Third-Party Integrations & Connectors
Our application integrates with external platform tools to deliver analytics. The usage of data through these channels is governed as follows:
- Brevo SMTP & Transactional Messaging: We use Brevo to securely dispatch confirmation codes, support updates, and daily email digests. Brevo is bound by strict service contracts to process email addresses solely for transactional routing and never for marketing reuse.
- Slack Webhooks: Audit alerts, morning briefs, and out-of-bounds notifications are pushed to your designated Slack workspace channels via incoming webhooks. GenlogixHQ only pushes outgoing alert data and does not read messages or communications from your internal channels.
- WhatsApp Business API: When morning briefs or automated inventory warning cards are sent to WhatsApp numbers, we route these using official business API gateways. These messages are encrypted in transit.
4. AI Model Sovereignty & Tenant Isolation
We maintain strict corporate data sovereignty protocols to protect proprietary metrics from leaking into public artificial intelligence models:
- Zero Model Training: GenlogixHQ does not train open-source or proprietary large language models (LLMs) on your company's schema definitions, query histories, or numeric datasets.
- Logical Tenant Isolation: All workspace resources, connected database credentials, and customized agent configurations are isolated at the tenant level. Cross-tenant queries are structurally prevented.
- VPC Deployment: For Enterprise clients, we support dedicated virtual private cloud (VPC) deployments where all query translation and agent components operate within your own secure network parameter (AWS, GCP, or Azure), preventing data from exiting your cloud perimeter.
5. International Compliance & Data Protection Laws
Depending on your region, you have rights regarding your personal and corporate data under frameworks such as GDPR (General Data Protection Regulation), CCPA (California Consumer Privacy Act), and India's DPDP (Digital Personal Data Protection) Act 2023:
- Right to Deletion (Right to Be Forgotten): You can request the permanent deletion of your credentials, metadata maps, and configuration profiles. Upon request, all API keys and credential blocks will be scrubbed from our systems within 48 hours.
- Right to Restrict Processing: You can disable or revoke OAuth credentials or API tunnels directly from your external systems (such as Shopify, AWS, or local firewalls) at any time, immediately halting all data queries.
- Indian DPDP Act Compliance: In accordance with the DPDP Act 2023, GENLOGIX PRIVATE LIMITED maintains a designated Data Protection Officer. For any grievance, request for review, or deletion requests, contact compliance@genlogixhq.com.
6. Security Audits & Updates
We perform regular automated scanning of our connection points and support monthly penetration tests. This privacy policy is updated annually or when we introduce new database connector protocols. Significant changes will be announced directly on your admin console or sent via email notification.
