Baigo ERP
Back to Home

Privacy Policy

Last Updated: November 27, 2025

Welcome to Baigo ERP ("we," "our," or "us"). We are committed to protecting your privacy and ensuring you have full control over your business data. This Privacy Policy explains how we collect, use, and safeguard your information when you use our desktop application ("Software") and website.

Table of Contents

  1. Our Data Philosophy: Local-First
  2. Information We Collect
  3. Google Drive Integration & Google User Data
  4. How We Use Your Data
  5. Data Sharing with Third Parties
  6. Data Storage & Protection
  7. Data Retention & Deletion
  8. Your Rights
  9. Contact Us

1. Our Data Philosophy: Local-First

Baigo ERP is designed as a Local-First application. This means:

  • Your Business Data: All financial records, customer lists, inventory data, and transaction history created within the Software are stored locally on your device (in an encrypted SQLite database).
  • No Cloud Access: We (the developers) do not have access to, nor do we store, your business data on our servers. You are the sole owner and custodian of your data.

2. Information We Collect

While we do not collect your business data, we do collect limited information to provide our services:

A. Account Information

When you purchase a license or create an account, we collect:

  • Name
  • Email Address
  • Billing Information (processed securely by our payment provider, Polar)

B. Usage Data (Optional)

We may collect anonymous, aggregated telemetry data (e.g., crash reports, app version) to help us improve software stability. You can opt-out of this in the application settings.

3. Google Drive Integration & Google User Data

Important information about how we handle Google user data

Baigo ERP offers an optional feature to sync your data to your personal Google Drive for backup and cross-device access. This section describes how we access, use, store, and protect your Google user data in compliance with the Google API Services User Data Policy.

3.1 Google User Data We Access

When you enable Google Drive sync, Baigo ERP accesses the following Google user data:

  • Google Account Email: Used to identify your Google account and display which account is connected.
  • Google Drive Files (Limited Scope): We request the https://www.googleapis.com/auth/drive.file scope, which grants access ONLY to files and folders that BaigoERP has created. We create a folder named BaigoERP_Data in your Google Drive and store backup files (baigoerp_backup.json) within it.

Important: We cannot see, read, edit, or delete any other files in your Google Drive (such as your personal photos, documents, or files from other applications). Our access is strictly limited to files created by Baigo ERP.

3.2 How We Use Google User Data

We use your Google user data exclusively for the following purposes:

  • Cloud Backup: To upload encrypted backup files of your Baigo ERP business data to your Google Drive, enabling data recovery and cross-device synchronization.
  • Data Restoration: To download and restore your backup files from Google Drive when you sign in on a new device or need to recover data.
  • Account Display: To display your connected Google account email in the application settings.

We do NOT:

  • Use your Google user data for advertising or marketing purposes
  • Analyze your Google user data for profiling or behavioral tracking
  • Access any Google data beyond what is necessary for backup functionality
  • Transfer your Google user data to AI or machine learning models

3.3 Google User Data Sharing

We are committed to protecting your privacy. Here is how we handle sharing of Google user data:

  • No Third-Party Sharing: We do NOT share, sell, rent, or transfer your Google user data to any third parties.
  • Direct Transfer: Your backup data is transferred directly from your device to Google's servers using secure HTTPS connections. It does NOT pass through or get stored on our servers.
  • No Data Brokers: We do not provide your data to data brokers or any entities for commercial purposes.

Summary: Your Google user data stays between you and Google. We act only as a facilitator to enable the backup feature within the application.

3.4 Google User Data Storage & Protection

We implement the following measures to protect your Google user data:

  • Local Storage Only: Google OAuth tokens are stored securely on your local device and are never transmitted to or stored on our servers.
  • Encrypted Transmission: All data transfers between your device and Google Drive use industry-standard TLS/HTTPS encryption.
  • Minimal Data Retention: We only store the OAuth access token and refresh token locally to maintain your connection to Google Drive. No Google user data is cached on our servers.
  • Secure Token Storage: OAuth tokens are stored using your operating system's secure credential storage (Windows Credential Manager, macOS Keychain, or Linux Secret Service).

3.5 Google User Data Retention & Deletion

You have full control over your Google user data:

  • Retention Period: OAuth tokens are retained on your device only while you have Google Drive sync enabled. Backup files remain in your Google Drive until you delete them.
  • Disconnect Anytime: You can disconnect your Google account from Baigo ERP at any time via Settings → Integrations → Google Drive → Disconnect. This immediately revokes the application's access to your Google Drive.
  • Delete Backup Files: You can delete the BaigoERP_Data folder from your Google Drive at any time to remove all backup files.
  • Revoke Access: You can also revoke Baigo ERP's access to your Google account at any time by visiting Google Account Permissions.

Data Deletion Request: If you need assistance deleting your data or have questions about data retention, please contact us at help@baigoerp.com.

4. How We Use Your Data

We use the information we collect for the following purposes:

  • Provide Services: To deliver, maintain, and improve Baigo ERP software and services.
  • License Management: To verify your software license and manage your subscription.
  • Customer Support: To respond to your inquiries and provide technical support.
  • Product Improvements: To analyze anonymous usage patterns and improve our software (with your consent).
  • Communications: To send you important updates about the software, security alerts, and (with your consent) product announcements.

5. Data Sharing with Third Parties

We use trusted third-party services to operate our business:

  • Polar: We use Polar as our Merchant of Record for processing payments and managing subscriptions. Your billing information is handled according to Polar's Privacy Policy.
  • Google: We use Google for optional cloud backup services (as described in Section 3 above).
  • Supabase: We use Supabase for authentication and account management on our web portal.

We do NOT sell, rent, or share your personal information with third parties for their marketing purposes.

6. Data Storage & Protection

We implement appropriate security measures to protect your data:

  • Local Business Data: Your business data is stored locally on your device in an encrypted SQLite database. The security of this data depends on the security of your device.
  • Account Data: Your account information is stored securely using industry-standard encryption on our authentication provider's servers (Supabase).
  • Secure Communications: All communications between your device and our services use TLS/HTTPS encryption.

We recommend keeping your operating system updated, using strong passwords, and enabling two-factor authentication on your accounts.

7. Data Retention & Deletion

We retain your data only as long as necessary:

  • Account Data: Retained while your account is active. You can request deletion at any time.
  • Business Data: Stored locally on your device. You control this data entirely.
  • Backup Data: Stored in your Google Drive. You can delete it at any time.
  • Payment Records: Retained as required by law for tax and accounting purposes.

8. Your Rights

You have the following rights regarding your data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate personal data.
  • Deletion: Request deletion of your account and associated data.
  • Portability: Export your business data from the application at any time.
  • Withdraw Consent: Opt-out of telemetry data collection or disconnect third-party integrations.

To exercise any of these rights, contact us at help@baigoerp.com.

9. Contact Us

If you have any questions about this Privacy Policy or how we handle your data, please contact us at:

help@baigoerp.com

We aim to respond to all inquiries within 48 hours.