Legal

Data & Account Deletion

Last updated: 30 May 2026

1. Overview

This page explains how to request deletion of your Compreo account and the personal data associated with it. It applies to all of our applications, including the web-based Customer Portal, Vendor Portal, and Field-Sales Portal, as well as our Compreo mobile apps distributed through the Google Play Store and the Apple App Store. Compreo Business Systems India Private Limited ("Compreo," "we," "us," or "our") is the entity responsible for handling deletion requests in the manner described below, and we honour these requests in accordance with applicable data-protection law, including India's Digital Personal Data Protection Act, 2023 ("DPDP Act") and, where it applies, the EU General Data Protection Regulation ("GDPR"). We have written this page to be clear and straightforward so that you always know what will be deleted, what we are legally required to keep, and how long the process takes.

2. How to request deletion

You can request deletion of your account and associated personal data in either of the following ways. In-app (mobile apps): open the Compreo mobile app, then go to Profile > Settings > Delete account and follow the on-screen confirmation steps. By email: send a request to privacy@compreo.ai from the email address registered to your Compreo account, with the subject line "Account Deletion Request." We ask that you email us from your registered address so that we can verify your identity and protect your account against fraudulent or mistaken deletion requests; if we cannot match the request to a registered account, we may ask you for additional information to confirm who you are before we proceed.

3. What gets deleted

When we action a deletion request, we remove the personal data that identifies you as an individual user and that is held under our control. This includes:

  • Your personal profile information, such as your name, email address, phone number, profile photo, job title, and any other contact details you provided.
  • Your login and authentication credentials, including your username, password hashes, security questions, and saved session or device tokens.
  • Application data tied to you as an individual, such as your in-app preferences, notification settings, saved searches, device identifiers, and usage activity that is personally attributable to your account.
  • Backup copies containing the above, which are purged on our regular backup-rotation cycle so that residual copies do not persist indefinitely.

Once deletion is complete, you will no longer be able to sign in to the account, and the personal data above will no longer be accessible to you or to other users of the platform.

4. What is retained, and why

Some information cannot be deleted on request, either because we are not the party entitled to delete it or because the law requires us to keep it. We retain the following:

  • Organisation-owned ("controller") data. Where you use Compreo through your employer or another organisation, that organisation — not you — is the data controller for the business records created in the platform (for example, purchase orders, invoices, vendor records, sales transactions, and workflow approvals). Compreo acts as a data processor on the organisation's behalf, so we cannot unilaterally delete that data; requests to remove it must be directed to your organisation, which controls its own retention settings.
  • Records we must retain for legal, tax, and statutory reasons. We keep certain records — including transaction and accounting records, audit logs, tax-relevant documentation, and records needed to establish, exercise, or defend legal claims — for as long as required by applicable Indian law (including, where relevant, retention obligations of up to eight (8) years under tax and companies legislation) or for the period otherwise mandated by statute.
  • Limited records of the deletion request itself, retained to demonstrate our compliance with your request and with our obligations under the DPDP Act and the GDPR.

Retained data is held securely on Microsoft Azure infrastructure, access to it is restricted, and it is deleted or anonymised once the applicable retention period expires. For more on how we safeguard this data, see our Security page and our Privacy Policy.

5. Timeline

After we receive and verify your request, we will action the deletion of the eligible personal data described in Section 3 within [30] days. In limited cases — for example, where we need to confirm your identity or where a high volume of requests applies — we may take longer; if so, we will tell you and explain the reason for the delay. Personal data held in routine backups is removed on our standard backup-rotation cycle, which may extend slightly beyond the primary deletion window, after which no recoverable copies remain.

6. Organisation-provisioned accounts

If your account was created or provisioned for you by your employer or another organisation (for example, a single-sign-on or administrator-managed account), full deletion may require action by your organisation's administrator rather than by us directly. This is because the organisation is the controller of that account and the business data within it. In these cases we will, on request, delete the personal data we are entitled to remove, and we will direct you to your administrator for anything that remains under the organisation's control. If you are unsure whether your account is organisation-provisioned, contact your internal IT or administrator team, or email us at privacy@compreo.ai and we will help you identify the correct path.

7. Contact

For any questions about this page, to make a deletion request, or to exercise your rights under the DPDP Act or the GDPR, please contact us:

  • Email: privacy@compreo.ai
  • Entity: Compreo Business Systems India Private Limited
  • Registered office: [registered office address], [city], India
  • Grievance / Data Protection Officer: [officer name], [contact number]

We will respond to your enquiry within a reasonable time and in accordance with applicable data-protection law. You may also wish to review our related legal pages: the Privacy Policy, the Cookie Policy, and our Security overview.