Privacy Policy
1. Introduction
Welcome to Rentopus, a clothing rental management software platform ("Platform") operated by Rentopus ("Company", "we", "us", or "our"). This Privacy Policy explains how we collect, use, disclose, and safeguard information when you access or use our SaaS Platform and related services.
This Policy applies to all business clients ("Clients"), their authorized users, and any individuals whose data is processed through our Platform in the course of business operations. By accessing or using Rentopus, you agree to the terms of this Privacy Policy.
2. Scope of This Policy
- Information collected from Client organizations and their authorized users
- Data processed on behalf of Clients in connection with their clothing rental operations
- Information collected through our website, customer support, and sales channels
This Privacy Policy covers:
This Policy does NOT apply to third-party services, websites, or applications that may link to or integrate with Rentopus.
3. Information We Collect
3.1 Account & Business Information
- Business name, type, and registration details
- Contact information: name, email, phone number, and business address
- Billing and payment details (processed via secure third-party payment gateways)
- GST/Tax Identification Numbers, as applicable
- Account credentials (username and encrypted password)
When a business registers for Rentopus, we collect:
3.2 Platform Usage Data
- Inventory records: clothing items, SKUs, categories, availability status
- Rental transaction data: booking details, rental periods, return records
- Customer records entered by you: names, contact info, rental history
- Financial records: invoices, payments, late fees, refund data
- Staff and user role information
As you use Rentopus to manage your clothing rental operations, we may collect:
3.3 Technical & Log Data
- IP addresses and approximate location
- Browser type, device information, and operating system
- Pages visited, features used, session duration
- Error logs and crash reports
- API access logs and timestamps
We automatically collect certain technical data when you use our Platform:
3.4 Communications
We retain records of communications you send us, including support tickets, emails, feedback, and chat messages.
4. How We Use Your Information
- Providing, operating, and improving the Rentopus Platform
- Processing transactions and sending billing-related communications
- Authenticating users and maintaining account security
- Generating reports, analytics, and operational insights for your business
- Responding to support requests and resolving disputes
- Sending product updates, feature announcements, and maintenance notices
- Complying with legal obligations under applicable Indian laws
- Detecting, preventing, and addressing fraud, security breaches, or misuse
We use the information collected for the following purposes:
We do not sell your data to third parties or use it for advertising purposes.
5. Legal Basis for Processing
- Contractual necessity: to perform our obligations under the service agreement with Client businesses
- Consent: where required, with appropriate consent from individuals
- Legal obligation: to comply with applicable laws and regulations
- Legitimate interests: for security, fraud prevention, and improving our Platform
As a B2B SaaS provider operating in India, our processing activities are governed by the Information Technology Act, 2000 (IT Act), the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (SPDI Rules), and the Digital Personal Data Protection Act, 2023 (DPDPA) to the extent applicable.
We process data on the following lawful bases:
6. Data Sharing & Disclosure
6.1 Service Providers
- Cloud hosting and infrastructure providers
- Payment processing gateways
- Customer support tools
- Analytics and monitoring services
We share data with trusted third-party service providers who assist in delivering our Platform, including:
All such providers are contractually obligated to handle data in accordance with applicable laws and our data protection requirements.
6.2 Legal Requirements
We may disclose information if required to do so by law, court order, or government authority under Indian law, including the IT Act, DPDPA, or other applicable regulations.
6.3 Business Transfers
In the event of a merger, acquisition, or sale of assets, data may be transferred to the acquiring entity, subject to the same privacy obligations.
6.4 No Sale of Data
Rentopus does not sell, rent, or trade your business or personal information to any third party for commercial or marketing purposes.
7. Data Retention
- Account data: retained for the duration of the subscription and up to 5 years post-termination for legal/audit purposes
- Transaction records: retained for a minimum of 7 years in compliance with Indian accounting and tax requirements
- Log data: retained for up to 12 months
- Support communications: retained for up to 3 years
We retain data only as long as necessary to provide our services and fulfill legal obligations:
Upon request for deletion, we will anonymize or delete data in accordance with applicable law.
8. Data Security
- Encryption of data in transit (TLS/SSL) and at rest
- Role-based access control and multi-factor authentication
- Regular security audits and vulnerability assessments
- Secure data centers with physical and logical access controls
- Employee training on data privacy and security practices
We implement reasonable security practices and procedures as mandated by the SPDI Rules, 2011, including:
While we strive to use commercially acceptable means to protect your data, no method of transmission over the Internet or electronic storage is 100% secure. In the event of a data breach, we will notify affected Clients as required by applicable law.
9. Client Responsibilities
- Ensuring lawful collection of personal data entered into the Platform
- Obtaining appropriate consents from their own customers as required
- Maintaining the security of their account credentials
- Informing their users about how their data is used within the Rentopus Platform
- Ensuring their use of Rentopus complies with applicable Indian data protection laws
As a B2B Platform, Rentopus acts as a Data Processor on behalf of its Client businesses (Data Fiduciaries/Controllers). Clients are responsible for:
10. Your Rights
- Access the personal data we hold about you
- Correct inaccurate or incomplete personal data
- Request erasure of personal data (subject to legal retention requirements)
- Withdraw consent where processing is based on consent
- Nominate a person to exercise rights on your behalf
Under the Digital Personal Data Protection Act, 2023 and applicable Indian law, you and your authorized users may have the right to:
To exercise any of these rights, please contact us at the details provided in Section 13. We will respond within a reasonable timeframe as required by applicable law.
12. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements, or service offerings. We will notify Clients of material changes via email or in-Platform notification at least 30 days before the changes take effect.
Continued use of the Platform after the effective date of any update constitutes acceptance of the revised Policy.
13. Contact Us
For any questions, concerns, or requests related to this Privacy Policy or data protection, please contact us:
Rentopus
Email: info@whitecoretechnology.com
Website: www.rentopus.in
Phone: +91 76007 63090
Address: 428, Avadh Viceroy, Sarthana Jakatnaka, Surat, Gujarat 395006, India
As required under the IT Act and SPDI Rules, we have designated a Grievance Officer to address any complaints or concerns regarding our data processing practices. Complaints will be addressed within 30 days of receipt.
© 2026 Rentopus. All rights reserved. | Privacy Policy v1.0
