This Privacy Policy explains how e-Business Group Ltd, trading as e-Business ERP ("e-Business", "we", "us" or "our"), collects, uses, shares and protects personal information when you visit our websites or use the e-Business ERP platform (the "Service").
If you use the Service to manage information about your own customers, staff or suppliers, you act as the controller of that information and we act as your processor; that relationship is governed by our Data Processing Addendum. This Privacy Policy primarily describes how we handle the personal information of account holders, website visitors and the people who contact us.
On this page
1. Who we are
e-Business Group Ltd, of 89 Robertson Road, Suva, Fiji, is responsible for the personal information described in this policy. You can reach us about privacy at [email protected].
2. Information we collect
Information you provide
- Account and signup details — your name, business name, work email, phone number, country, chosen workspace address, password (stored only as a secure one-way hash), and the business profile information collected during signup (such as role, business size, industry and primary need).
- Business data you enter — the records you create in the Service, which may include information about your own customers, employees and suppliers ("Customer Data"). We process this on your behalf as described in our Data Processing Addendum.
- Communications — messages you send us by email, live chat or support requests.
Information collected automatically
- Usage and device data — IP address, browser and device type, pages viewed, and actions taken, used to operate, secure and improve the Service.
- Security signals — information used to prevent fraud and abuse, including reCAPTCHA risk scores during signup.
Payment information
When you subscribe, payment details are collected directly by our payment provider, Stripe. We receive only limited information such as the card brand, the last four digits, the expiry date and a payment reference — see section 5.
3. How we use information
We use personal information to:
- Create and manage your account and provide the Service;
- Verify your email and protect against fraud, bots and abuse;
- Process subscriptions, payments, renewals and refunds;
- Provide customer support and respond to your enquiries;
- Send service messages (for example trial reminders, billing notices and important updates);
- Monitor, maintain, secure and improve the Service; and
- Comply with our legal obligations and enforce our Terms.
4. Legal bases
Where data-protection law requires a legal basis, we rely on: performance of our contract with you (to provide the Service and process payments); our legitimate interests (to secure, support and improve the Service and prevent fraud); your consent (where requested, for example for certain communications); and compliance with legal obligations.
5. Payment information
Payments are processed by Stripe, a PCI-DSS compliant payment provider. Your full card number is entered on Stripe's secure systems and is never received or stored by us. We store only non-sensitive billing details (such as card brand, last four digits, expiry date and the Stripe customer/subscription references) to manage your subscription, generate invoices and provide support. Stripe processes your payment data as an independent controller under its own privacy policy.
6. Cookies and tracking
We use a small number of cookies and similar technologies that are necessary to operate the Service — for example, to keep you signed in and to maintain security. We also use Google reCAPTCHA on our signup forms to distinguish humans from bots, which sets its own cookies. We do not use cookies to sell your data or to serve third-party advertising. You can control cookies through your browser settings, though disabling essential cookies may affect how the Service works.
7. How we share information
We do not sell your personal information. We share it only with trusted service providers ("sub-processors") who help us run the Service, and only as needed for the purposes below:
| Provider | Purpose |
|---|---|
| Stripe | Payment processing and subscription billing |
| Brevo | Transactional and service emails (e.g. verification, billing notices) |
| Cloudflare | DNS, content delivery, SSL and security/DDoS protection |
| Google reCAPTCHA | Bot and abuse protection on signup forms |
| Hosting provider | Secure cloud hosting of the platform and databases |
We may also disclose information where required by law, to protect our rights or the safety of others, or in connection with a business transfer such as a merger or acquisition. A current list of sub-processors is maintained in our Data Processing Addendum.
8. International transfers
We and our sub-processors may process information in countries other than your own. Where information is transferred internationally, we take steps to ensure it remains protected by appropriate safeguards and is handled consistently with this policy.
9. How we protect information
We use appropriate technical and organisational measures to protect personal information, including encryption of data in transit (TLS), access controls, the storage of each customer's data in dedicated, logically separated databases, and regular backups. No method of transmission or storage is completely secure, but we work continually to safeguard your information.
10. How long we keep information
We keep account and personal information for as long as your account is active and as needed to provide the Service. If a trial or subscription lapses, your data is retained in a read-only or paused state and is later archived; archived data may be reactivated on request for a reasonable period (generally up to one year) before deletion. We may retain limited records longer where required for legal, tax, accounting or fraud-prevention purposes. Backups are rotated and overwritten on a regular cycle.
11. Your rights
Depending on your location, you may have the right to access, correct, update, export or delete your personal information, to object to or restrict certain processing, and to withdraw consent where processing is based on consent. To exercise these rights, contact [email protected]. Where the information relates to your own customers, employees or suppliers (Customer Data), please direct requests to the business that controls that data; we will assist that business as their processor.
12. Children's privacy
The Service is intended for businesses and is not directed to individuals under 18. We do not knowingly collect personal information from children. If you believe a child has provided us information, contact us and we will delete it.
13. Changes to this policy
We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date above and, for material changes, provide additional notice where appropriate.
14. Contact us
e-Business Group Ltd
89 Robertson Road, Suva, Fiji
Email: [email protected]