Privacy Policy

Who we are. ReppOut is operated by PSYMIL, a partnership firm with registered office at B2-38, Safdarjung Enclave, Main Road, DEVLP Area, 110029, New Delhi, Delhi. GSTIN: 07ABHFP1392E1Z9.

1. Scope of this Policy

This Policy applies to ReppOut's website, lead forms, onboarding process, admin and wallet systems, tenant connection services, and related support activities. ReppOut is a B2B SaaS product for Shopify brands in India. A client brand remains responsible for its own relationship with its customers and for its own storefront, products, legal notices, and customer-facing compliance.

2. Personal Data We Collect

Depending on how you interact with ReppOut, we may collect or process the following categories of data:

• Lead and signup data: contact name, email, phone number, brand/store name, Shopify store URL, monthly order range, preferred plan, and notes submitted through forms.
• Client account and onboarding data: client status, plan, wallet balance, billing configuration, deployment URL, onboarding checklist, support communications, and administrative notes.
• Wallet, payment, and billing data: wallet top-ups, wallet deductions, billing ledger entries, plan fees, success fees, Cashfree payment references, timestamps, and related reconciliation records.
• Tenant event and operational data: subscription created events, payment success or failure events, Shopify order created or failed events, retry, reschedule, pause, cancel, and health status events.
• End-customer operational data: customer name, email, phone number, payment amount, subscription ID, Shopify order ID, and related information needed to operate subscription workflows for a client brand.
• Credential data: client-provided Shopify, Cashfree, ZeptoMail, domain, deployment, and related setup credentials. These are stored encrypted where supported by ReppOut's credential vault.
• Technical data: IP address, browser/device information, log data, security events, cookies or similar identifiers, and website analytics events, including Meta Pixel where enabled.

3. How We Use Data

We use personal data and operational data for the following purposes:

• to respond to demo requests, qualify leads, and onboard clients;
• to provide, operate, maintain, and improve ReppOut's subscription systems;
• to connect Shopify storefronts, hosted subscription checkout, payment providers, Shopify order creation, and customer self-service flows;
• to manage wallet top-ups, billing, deductions, statements, and plan status;
• to provide support, operational monitoring, retry handling, reconciliation, and incident investigation;
• to protect ReppOut, clients, and end customers from fraud, abuse, security risks, and unauthorized access;
• to comply with applicable legal, tax, accounting, regulatory, and dispute-resolution obligations;
• to understand website performance and marketing effectiveness through analytics tools where used.

4. Legal Basis and Consent

We process personal data for purposes connected with providing ReppOut, performing contracts with clients, responding to requests, operating payment and wallet systems, improving our services, complying with law, and protecting security. Where applicable law requires consent, we rely on consent collected through forms, account actions, or client configuration.

5. End-Customer Data

ReppOut may process end-customer data on behalf of client brands to operate subscription checkout, payment status tracking, Shopify order creation, renewal management, and related support workflows. Client brands are responsible for ensuring they have appropriate customer notices, permissions, and legal bases for using ReppOut with their customers.

6. Sharing With Service Providers

We may share data with trusted third-party service providers only as needed for ReppOut operations, hosting, payments, communication, deployment, analytics, and support. These providers may include:

• DigitalOcean for application and database hosting;
• Shopify for store, customer, variant, and order operations;
• Cashfree for wallet top-ups and client-configured subscription payment flows;
• ZeptoMail for transactional email;
• Cloudflare for networking, security, and tunneling or traffic handling where used;
• GitHub for source control and deployment workflows;
• Meta Pixel for website analytics and advertising measurement where enabled.

We may also disclose information if required by law, court order, regulatory request, fraud investigation, security incident response, or to enforce our Terms & Conditions.

7. Storage and Security

ReppOut uses reasonable technical and organizational safeguards for the nature of the service, including access controls, encrypted credential storage where supported, HTTPS, database-backed audit records, and operational logging. No system can be guaranteed to be completely secure, and clients must also protect their own accounts, credentials, Shopify access, Cashfree access, and admin passwords.

8. Data Retention

Unless deletion is explicitly requested and legally or operationally possible, ReppOut retains lead data, client account data, payment and wallet ledger records, logs, webhook records, audit records, and operational records while ReppOut exists. After client termination, client account data is retained for at least 6 months and may be retained longer where needed for legal, tax, accounting, security, dispute-resolution, or service-history reasons.

9. Data Rights and Requests

Subject to applicable Indian law and operational limitations, you may request access, correction, updating, or deletion of personal data associated with you or your organization. We may need to verify your identity and authority before acting on a request. Certain records, such as tax, wallet ledger, security, payment, audit, or dispute records, may need to be retained even after a deletion request.

10. Cookies, Analytics, and Meta Pixel

Our website and services may use cookies, logs, analytics, and similar technologies to operate the site, remember sessions, protect security, measure traffic, and understand marketing performance. Where Meta Pixel or similar tools are used, they may collect information about page visits and interactions according to their own policies and configurations.

11. Children's Data

ReppOut is intended for business use by Indian Shopify brands and is not directed to children. Clients must not use ReppOut to knowingly collect children's personal data unless they have all permissions and legal bases required by applicable law.

12. Changes to this Policy

We may update this Privacy Policy from time to time. The updated version will be posted on this page with a revised "Last updated" date. Material changes may also be communicated through email, admin notices, or support channels where appropriate.

13. Contact and Grievance Officer

For privacy questions, data requests, or grievances, contact: