Privacy Policy

Welcome to SamTechy, a Machine Service Management System developed by Sammed Technosol ("we", "us", or "our").

This Privacy Policy explains how we collect, use, store, and protect your personal information when you use the SamTechy application on Android or Windows. By using SamTechy, you agree to the practices described in this policy.

SamTechy operates as a multi-organization SaaS platform. Data is scoped per organization — users within an organization can only access data belonging to that organization.

We collect the following categories of information:

On Android, SamTechy requests the following permissions. Each permission is used exclusively for the stated purpose:

SamTechy supports optional fingerprint / biometric login on compatible Android devices using the Android BiometricPrompt API.

• Biometric data (fingerprint templates) is never transmitted to our servers or stored in our database
• All biometric operations are handled entirely by the device's secure hardware (Android Keystore / TEE)
• We only store a boolean flag indicating whether biometric login is enabled for your account — not the biometric data itself
• Biometric authentication is always optional and can be disabled at any time

SamTechy is also available on Microsoft Windows. The Windows version provides the same core service management functionality with these platform-specific differences:

• ✓No Camera Permissions: The Windows app does not request camera access. Photos must be selected from existing files on your device.
• ✓No Push Notifications via FCM: Firebase Cloud Messaging is not used on Windows. In-app alerts are displayed instead.
• ✓No Biometric via Android Keystore: Windows Hello (PIN/fingerprint) may be used for session re-authentication if supported by the device.
• ✓Same Cloud Data: All business data (tickets, clients, machines, expenses) is stored in Google Firebase — identical to Android. No business data is stored locally on the Windows device.
• ✓No Advertising or Tracking: The Windows version does not use any advertising SDKs, analytics libraries, or tracking pixels.

We use collected information solely for the following purposes:

• ✓Authenticate and authorize users to access the SamTechy platform
• ✓Enable core service management features: ticket creation, assignment, tracking, and closure
• ✓Manage machine assets, AMC/warranty schedules, and installation records
• ✓Process and approve field expense claims submitted by engineers
• ✓Track customer referrals and leads through the approval pipeline
• ✓Generate PDF service reports and Excel analytics exports
• ✓Send push notifications for ticket assignments, status updates, and approvals
• ✓Maintain a complete audit timeline of all actions for business accountability
• ✓Allow administrators to manage staff roles, regions, and permissions
• ✓Enforce organization-level data isolation in a multi-tenant environment

We do not use your data for advertising, profiling, or any purpose outside of the business operations described above.

All data is stored securely using Google Firebase (Cloud Firestore and Firebase Storage), hosted in the nam5 (North America) region. Firebase complies with industry-standard security practices.

• All data in transit is encrypted using TLS/HTTPS
• All data at rest is encrypted by Firebase using AES-256
• Sensitive fields within the app are additionally encrypted using AES-256-GCM before being written to the database
• Session tokens are stored in the Android Keystore (hardware-backed secure storage)
• Database access is governed by Firestore Security Rules enforcing role-based access control (Super Admin, Admin, Engineer, Dealer, Client)
• Users can only access data belonging to their own organization
• The app enforces HTTPS-only traffic (usesCleartextTraffic="false")

SamTechy uses the following third-party services:

Please refer to Google's Privacy Policy for details on how Google handles data within these services.

SamTechy is a multi-tenant SaaS platform. Each organization's data is strictly isolated. Users cannot access data from other organizations.

Within an organization, data access is role-based:

• Super AdminFull system access across all organizations (platform management)
• AdminFull access within their own organization — engineers, clients, tickets, reports
• EngineerAccess to assigned tickets, own profile, and submitted expenses
• DealerAccess to assigned clients, referrals, and related tickets
• ClientAccess to own service tickets and machine records only

We do not sell, rent, or trade your personal information. Data may be shared only in these limited circumstances:

• Within the organization: Staff data is visible to authorized administrators within the same organization
• Service providers: Firebase and Google as described above, solely to operate the app's backend infrastructure
• Legal obligations: If required by law, court order, or government authority in India or applicable jurisdictions

Business data (tickets, clients, machines, expenses) is retained for as long as the organization's account remains active and licensed.

• Staff and engineer accounts are retained until deleted by an administrator
• Inactive user accounts are marked as inactive rather than immediately deleted to preserve historical audit records
• OTP login codes are automatically expired within 10 minutes of generation and purged from the database
• Ticket photo files stored in Firebase Storage are subject to periodic compression by a scheduled Cloud Function

To request deletion of your personal data, please contact us at the email below. We will process your request within 30 days.

SamTechy is a business-to-business application intended exclusively for adults (18 years and older) acting in a professional capacity. We do not knowingly collect any information from children under the age of 13. If we become aware that a child has provided personal information, we will delete it immediately.

As a user of SamTechy, you have the right to:

• Request access to the personal data we hold about you
• Request correction of inaccurate or incomplete data
• Request deletion of your account and associated personal data
• Withdraw consent for specific Android permissions via the device's App Settings at any time (note: some features may stop working if required permissions are revoked)
• Disable biometric login at any time within the app settings
• On Windows, uninstall the app at any time to stop all local data access

We may update this Privacy Policy from time to time. When we do, we will update the “Last Updated” date at the top of this page. Continued use of SamTechy after changes constitutes acceptance of the updated policy.

For significant changes, we will notify users via in-app notification or through their registered email address.

If you have any questions, concerns, or requests regarding this Privacy Policy or your data, please contact us: