Skip to content
Home/Privacy
Legal · last updated 2026-04-22

Your brand data stays yours.

Written to be read. What we collect, why, how long we keep it, and how you export or delete it. DPDP Act (India) compliant.

1. What we collect

  • Account data — name, email, company, role. Collected when you sign up.
  • Brand inputs — your brand URL, product idea, category, target markets, and any briefs, recipes, or SKUs you load into the Build module.
  • Platform usage — which modules you use, Lab Units consumed, pages viewed. We use this to improve the platform and bill accurately.
  • Payment data — handled by our PCI-compliant payment processor. We never see or store your card number.

2. What we do not do

Your formulas, COGS models, spec sheets, and brand research never cross into another brand's workspace. We do not sell data. We do not train third-party AI models on your brand identity or recipes. Anonymised, aggregated platform learnings (e.g., "average reformulation cycles across all categories") are used internally only.

3. How we use your data

  • To operate the platform and deliver your Build Pack.
  • To provide support, send transactional emails, and deliver monthly billing.
  • To improve Bettrlabs, using anonymised usage patterns.
  • To comply with Indian law, including FSSAI clearance letter retention.

4. Data retention

Active account data is retained while your account is open. After cancellation, brand-formula data is retained for 30 days for reactivation, then permanently deleted unless you export it first. Billing records are retained for 7 years per Indian tax law.

5. Your rights (DPDP Act, 2023)

As the data principal you have the right to: access the data we hold on you, correct it, erase it, withdraw consent, nominate a representative, and raise a grievance. To exercise any of these rights, email privacy@bettrlabs.com. We respond within 7 working days.

6. Export & portability

At any time, you can export your entire Brand Library — every recipe version, COGS model, research query, and compliance report — as structured JSON or via MCP (Model Context Protocol). Zero lock-in is a working principle, not a marketing line.

7. Cookies and tracking

We use minimal first-party cookies for authentication and a privacy-respecting analytics tool (self-hosted). We do not use third-party advertising trackers. You can disable cookies in your browser; some dashboard features will stop working without them.

8. Security

Data in transit is encrypted with TLS 1.3. Data at rest is encrypted with AES-256. Access to production systems is limited to named Bettrlabs engineers under role-based controls and audited monthly. Incidents, if any, are disclosed to affected users within 72 hours.

9. International transfers

Our primary hosting is in Mumbai, India. Some auxiliary tools (email delivery, error logging) operate from the EU or US under standard contractual clauses.

10. Contact

Grievance officer: privacy@bettrlabs.com. For general questions, talk to us.