PRIVACY POLICY – BIGISO PORTAL

BIGISO (“we”, “our”, “us”) operates a cloud-based ISO documentation, workflow management, and certification support platform (“BIGISO Portal”). This Privacy Policy explains how we collect, use, store, share, and protect your personal and organizational information when you access our website or use our software.
By registering, accessing, or using the BIGISO Portal, you agree to the data practices described in this Privacy Policy.

1. Information We Collect

We collect information to provide you with a secure, personalized, and efficient experience.

1.1 Personal Identification Information

  • Full Name
  • Email Address
  • Mobile Number
  • Login credentials (encrypted)
  • User Role (Admin, Sub-User, Consultant)

1.2 Company Information

  • Company name & business details
  • GST Number, Address (if provided)
  • Uploaded ISO documents, SOPs, audits, reports, certificates
  • Risk assessments, non-conformity reports, and task data

1.3 System & Technical Information

  • IP address
  • Device information
  • Browser details
  • Login logs
  • Activity logs (for system security and audit trail)

1.4 Payment Information (If applicable)

  • Billing email
  • Transaction records
  • Plan/subscription details

We do NOT store credit/debit card numbers. Payments are handled by secure third-party gateways.

2. How We Use Your Information

  • Create and manage user accounts
  • Provide cloud-based ISO documentation services
  • Personalize platform access based on user role and permissions
  • Maintain secure document storage
  • Enable collaboration between admin and sub-users
  • Improve platform features
  • Communicate system alerts, updates, and notifications
  • Provide customer support and troubleshooting
  • Improve performance through analytics
  • Prevent fraud, unauthorized access, or misuse

We do NOT sell your data to advertisers or external companies.

3. Legal Basis for Processing Information

  • Contractual necessity (to provide the service you subscribed to)
  • Legitimate business interests (security, platform improvement)
  • Compliance with applicable laws
  • Your explicit consent where required

4. Data Sharing and Disclosure

4.1 With Your Consent

When you choose to share your ISO application or documents with:

  • ISO certification bodies
  • Consultants
  • Internal stakeholders

4.2 With Service Providers

To support:

  • Cloud hosting
  • Email delivery
  • Payment processing
  • Security and analytics

All service providers follow strict confidentiality and data protection agreements.

4.3 Regulatory or Legal Requirements

We may share information if required:

  • By law
  • By court order
  • To prevent fraud, unauthorized access, or harm

5. Data Protection & Security

  • Encrypted passwords (bcrypt/modern hashing)
  • Secured servers and firewalls
  • SSL/TLS encryption for data transmission
  • Role-based access control
  • Activity logs and audit trails
  • Daily backups
  • Restricted internal access

However, as with any digital platform, 100% security cannot be guaranteed.
Users are responsible for maintaining the confidentiality of their login credentials.

6. Your Rights

You may request the following anytime:

  • Access to your personal data
  • Correction of inaccurate data
  • Download/export of your stored documents
  • Deletion of your account
  • Restriction of processing
  • Withdrawal of consent (for non-essential data processing)

To exercise your rights:
📩 support@thebigiso.com

7. Data Retention

We retain data only as long as it is necessary to:

  • Provide active service
  • Comply with legal or audit requirements
  • Maintain account history and records

After subscription expiration:
Data is securely stored for 90 days
After 90 days, the account and all related data may be permanently deleted.

8. Children’s Privacy

Our services are not intended for individuals under 18.
We do not knowingly collect data from minors.

9. Cookies & Tracking Technologies

BIGISO uses cookies for:

  • Session management
  • Authentication
  • User experience improvement
  • Analytics (non-personal)

You may disable cookies, but some features may not work.

10. External Links

BIGISO may contain links to external websites.
We are not responsible for their content, security, or privacy practices.

11. Changes to This Privacy Policy

We may update this Policy from time to time.
Users will be notified via email or system notification when changes occur.

12. Contact Information

For queries, support, or data concerns:
📩 support@thebigiso.com
🌐 www.thebigiso.com