S

Privacy & Data Protection

SonaKhata jewellery billing software · Last updated 8 June 2026

SonaKhata is the software your jeweller uses to run their shop — billing, stock, customer accounts, schemes, repairs and pawn (girvi) records. This note explains, in plain language, what data the software holds and how it is protected. Here “your shop” means the jewellery business using SonaKhata, and “we” / “SonaKhata” means the people who provide the software.

Where your data lives (India residency)

All data is hosted in India — the Mumbai region (ap-south-1) on a managed PostgreSQL database. It is encrypted at rest, and every connection is over HTTPS (encrypted in transit). Data is not moved out of India for normal operation.

What we store

  • Your shop / business: shop name, GSTIN, address, and the login accounts of your staff.
  • Customers: name, phone and address, plus — only when a transaction needs it — PAN and GSTIN (e.g. the KYC rule on a bill of ₹2 lakh or more, or a B2B input-credit invoice).
  • Aadhaar: we store only the last 4 digits as a reference. The full Aadhaar number is never stored, in line with UIDAI and the DPDP Act.
  • Transactions: bills, payments, udhaar (credit), schemes, repairs, and pawn (girvi) loans including pledge photos.

Who can see it

Each shop’s data is strictly separated — one shop can never see another shop’s data. This is enforced at the database level (row-level security), not just in the app. Only your own logged-in staff can access your shop’s data, according to their role.

SonaKhata support staff access an account only to fix a problem you have reported, and every such access is recorded in an audit log.

Sensitive documents & masking

Pledge photos and any ID documents are kept in private storage and shown only through short-lived, secure links — they are never placed on a public address. On screen, sensitive identifiers such as Aadhaar and PAN are shown masked (only the last few characters are visible).

Sharing

Bills and receipts are shared only when your shop chooses to send them (for example, a WhatsApp link to a customer). We do not sell your data or your customers’ data, and we do not share it with anyone except as needed to run the service or where required by law. Your tax filings and any reporting to authorities remain your shop’s own responsibility.

Keeping data & your choices

Data is kept while your account is active so your books stay complete. You can ask us to export your shop’s data, or to delete your account and its data, at any time.

Contact

Use the in-app Feedback button, or reach your SonaKhata contact, for any privacy question or a data export/deletion request.

← Back to home