Privacy Policy — DistroOps

1. Information we collect

We collect information you provide directly (account details, company information, billing data) and information generated through use of our service (orders, deliveries, transactions, audit logs).

2. How we use it

We use your data to provide the DistroOps service: process transactions, deliver orders, generate invoices, ensure compliance with local tax authorities (FBR, ZATCA, UAE FTA), and improve the product.

3. Data sharing

We do not sell your data. We share data with: (a) sub-processors who help us run the service (hosting, email, payment processing); (b) tax authorities as required by law; (c) integration partners only as you configure.

4. Data retention

We retain your data for the duration of your subscription plus 90 days after cancellation. Audit logs and tax records may be retained longer to meet legal obligations (typically 7 years).

5. Your rights

You can request access to, correction of, or deletion of your personal data by emailing privacy@distroops.app. Tenant admins can also export their data from the portal at any time.

6. Security

Data is encrypted at rest (AES-256) and in transit (TLS 1.3). See our security page for full details.

7. International transfers

Data is hosted in your region by default (Pakistan-based customers in PK, GCC customers in UAE). Cross-border transfers happen only as needed for service delivery (e.g., email).

8. Contact

Privacy questions: privacy@distroops.app. Data protection officer: dpo@distroops.app.