Skip to content

Legal

Privacy Policy

Last updated: 11 June 2026 · Applies to https://www.reachbell.com and https://app.reachbell.com

DotSpheres Technologies Pvt Ltd(“ReachBell”, “we”, “us”) provides a customer engagement platform for sending push notifications, emails, and automated messages. This policy explains what personal data we process, why, and the rights you have over it — under India’s Digital Personal Data Protection Act, 2023 (DPDP) and the EU General Data Protection Regulation (GDPR).

Two roles we play

For data about our customers (account holders, billing contacts, dashboard users) we act as a data fiduciary / controller. For data about our customers’ subscribers (the people who receive notifications), our customer is the controller and we process that data only on their instructions, as a processor.

Data we collect

  • Account data — name, email address, password hash, organization name, and role.
  • Billing data — plan, invoices, GSTIN, and payment status. Card and UPI details are handled by our payment provider (Cashfree) and never touch our servers.
  • Subscriber data processed for customers — push tokens, email addresses, tags, approximate location derived from IP (city/country), device and browser type, and engagement events (delivered, clicked, opened, unsubscribed).
  • Usage data — dashboard actions (kept in a 90-day audit log), API request metadata, and diagnostic logs.

Why we process it

  • To provide the service: deliver messages, render analytics, enforce frequency caps and preferences.
  • To bill and invoice, including GST compliance.
  • To secure the platform: fraud prevention, abuse detection, audit logging.
  • To communicate service updates. Marketing email from us is always opt-in and separately unsubscribable.

Where data lives

Production data is stored with our cloud providers (MongoDB Atlas, Railway, AWS) — region details are available on request and in our DPA. Email is delivered through Amazon SES. We retain subscriber engagement data for the life of the customer’s project plus 90 days, audit logs for 90 days, and invoices as long as tax law requires.

Sharing

We share data only with sub-processors needed to run the service (hosting, email delivery, payments, error monitoring), each bound by data-protection agreements. We do not sell personal data, ever.

Your rights

Account holders and subscribers can request access, correction, export, or deletion of their personal data. Subscribers can also withdraw consent instantly via the preference-center link included in every message. Write to support@reachbell.com — we respond within 30 days, and you may escalate to the Data Protection Board of India or your local supervisory authority.

Security

Data in transit is encrypted with TLS; credentials at rest (FCM service accounts, APNs keys, DNS tokens) are encrypted with AES-256-GCM. Access to production systems is role-restricted and logged.

Children

ReachBell is not directed at children under 18, and we do not knowingly process their data as a controller.

Changes & contact

We’ll announce material changes by email and update the date above. Questions: support@reachbell.com · DotSpheres Technologies Pvt Ltd, India.

Ready to make some noise?

Free forever for your first 1,000 subscribers. Set up in five minutes — no credit card needed.

Start free today