VPinnacle LoansBack to sign in
Altus Corp · Legal

Privacy Policy

This policy explains what personal data flows through the VPinnacle Loans dashboard, why it's collected, where it sits, and what controls you have. Written plainly so you can read it once and trust what's happening behind the chrome.

Last updated · 14 May 2026

1 · The short version

The dashboard collects your name, work email, role, department, and a record of the tasks you create, edit, or work on. Data sits in Supabase (Singapore) and Firebase Auth (US). We send you email notifications via Resend and — if your admin enables it — Slack DMs, WhatsApp messages, and Web Push notifications. We do not sell, rent, or share your data with anyone outside Altus Corp's narrow list of operational sub-processors. You can request a copy of your data or have it deactivated by writing to your administrator.

2 · Who controls the data

Data controller:VPinnacle Loans & Project Advisors Pvt. Ltd. — the operational data (tasks, comments, assignments, statuses) is theirs.

Data processor: Altus Corp builds and operates the dashboard on VPinnacle Loans' behalf. We do not use your data for any purpose other than running the dashboard.

3 · What we collect

Account identity

  • Full name (as entered by the inviting admin)
  • Work email (used as your sign-in identifier)
  • Role on the team (doer, initiator, or both)
  • Department (free-text legacy column + canonical FK; admin-managed)
  • Whether you're an administrator (boolean flag, admin-toggled)
  • Firebase UID (issued automatically by Firebase Authentication)
  • Avatar URL, if you have one (optional)
  • Account state — invited at, joined at, active / deactivated

Operational content

  • Tasks you create, edit, or are assigned (title, subject, description, internal notes)
  • Status changes you make and the timeline of every action on a task
  • Comments you post on tasks
  • Notifications generated for you (in-app rows, email send receipts, delivered channel array)

Channel-specific identifiers (only if enabled)

  • Slack member ID — looked up automatically by email when Slack notifications are enabled at the workspace level
  • WhatsApp phone number in E.164 format — entered by an admin with your consent
  • Web Push browser subscription endpoint + per-device encryption keys — captured when you click "Enable push notifications" on /profile

Technical metadata

  • Authentication session cookie (the magic __session cookie, signed with our cookie secrets)
  • Server logs (request paths, status codes, error stacks) retained for debugging — never enriched with operational content

4 · Why we collect it

  • To let you sign in. Email + Firebase UID; nothing more.
  • To run the operations workflow. Tasks, assignments, status transitions, approvals — the dashboard's core purpose.
  • To notify the right people at the right time. The fan-out matrix is locked in code; you don't get notifications for events you aren't a participant in.
  • To audit who did what, when. Every task event is logged for VPinnacle Loans' internal compliance.
  • To deliver on the channels you've consented to. Email is on by default; Slack auto-discovers via email; WhatsApp requires explicit admin-recorded consent; Web Push requires your browser permission.

5 · Where it sits — sub-processors

We use a small, named set of third parties. None of them get more data than they need to deliver their narrow function:

  • Supabase (Postgres database, Singapore region) — stores all operational data behind row-level security policies that gate every read and write to the signed-in employee or admin.
  • Firebase Authentication (US region) — stores your email, password hash, and session metadata. Note: Firebase Auth cannot currently be hosted in asia-south1; this is a compliance flag we are tracking against India's DPDP Act 2027 deadline.
  • Vercel — application hosting + edge-runtime middleware. Reads only the auth cookie + the request body for each page render.
  • Resend — transactional email delivery (invites, notifications, daily digest). Sees email address + body of each message.
  • Slack (if your workspace enables it) — the bot token + your Slack user ID + the body of each notification message. Workspace install scopes are read-only beyond chat:write and users:read.email.
  • Meta WhatsApp Cloud API (if enabled) — your phone number + the parameter values that fill the approved utility templates. Each message is bound to a Meta-approved template; we cannot send freeform content.
  • Google / Mozilla / Apple Push Services (if you enable Web Push) — the encrypted notification payload, routed to your device via the browser vendor's push service. We never see the device-level identifier; we only hold the W3C subscription endpoint.

6 · What we DON'T do

  • We don't sell your data to anyone, ever.
  • We don't run ads or analytics tracking on the dashboard.
  • We don't share your information with other VPinnacle Loans customers, brokers, or borrowers.
  • We don't profile you for marketing.
  • We don't combine the dashboard's data with data from other Altus Corp engagements.

7 · How long we keep it

Active accounts: indefinitely, while the engagement is live. Deactivated accounts: the row is preserved with is_active = false so historical attributions on tasks remain accurate — VPinnacle Loans' audit needs require this. Hard deletion is not exposed in the dashboard; if you want a row purged, that becomes a manual ops runbook between Altus Corp and VPinnacle Loans' legal point of contact.

Server logs: 30 days at the Vercel layer. Email send receipts: 30 days at Resend.

8 · Your rights

Under India's Digital Personal Data Protection Act 2023 (DPDP Act, enforced from May 2027) and as a matter of good faith now, you have:

  • The right to know. Ask your VPinnacle administrator for a copy of the data the dashboard holds about you. We support CSV exports on the employees + tasks tables out of the box.
  • The right to correct. Name, email, role, department, channel preferences — all editable. Either edit them in /profile yourself or ask an admin.
  • The right to deactivate. Ask an admin to deactivate your account; further sign-in is blocked immediately.
  • The right to withdraw consent. WhatsApp opt-in can be flipped off by replying STOP to any WhatsApp notification — the webhook flips your flag within seconds. Web Push opt-in is revoked via your browser's notification settings. Email + in-app inbox delivery cannot be fully suppressed without deactivation, because they are part of the operational record.

9 · Cookies

We set exactly one cookie: __session, an HTTP-only, sameSite=lax, signed JWT cookie that represents your Firebase session. It expires after 5 days of inactivity and is revoked the moment an admin deactivates your account. No analytics cookies, no advertising cookies, no third-party trackers.

10 · Security

Authentication is gated by Firebase Authentication's standard protections (password hashing, rate-limited sign-in, revocable sessions). Every database read and write passes through Supabase's row-level security policies. Service-role credentials are server-only, never exposed to the browser. The session cookie is signed with two rotating secrets to allow key rotation without forcing global sign-out.

If you spot a security issue, please write to manan@altuscorp.in before disclosing it publicly. We will reply within 72 hours.

11 · Changes

We may update this policy as the dashboard evolves, particularly as we cut over to DPDP-compliant Indian data residency before May 2027. Material changes will be announced in the dashboard's notification feed and via email to all active users.

12 · Contact

Privacy questions: manan@altuscorp.in. Operational data requests (export your row, deactivate your account, correct a record): your VPinnacle Loans administrator — currently Pravinkumar Joshi (pravin@vpinnacle.com).

Questions? Write to manan@altuscorp.in.