Privacy Policy
Effective Date: November 17, 2025
Last Updated: November 17, 2025
Introduction
Welcome to RHD CommandX, an AI-powered Customer Relationship Management (CRM) system operated by RHD Enterprise. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our CRM platform accessible at commandx.rhdenterprise.in.
RHD Enterprise is committed to protecting the privacy and security of your personal information. This policy applies to all users of the RHD CommandX system, including administrators, agents, and warehouse personnel.
By accessing or using RHD CommandX, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.
Information We Collect
1. User Account Information
- Username and password (encrypted)
- Full name and email address
- Role and permissions (Admin, Agent, Warehouse)
- Login timestamps and activity logs
2. Customer Data
- Company names and contact information
- Phone numbers and email addresses
- Business addresses and locations
- Industry classifications and customer types
- Sales stages and customer notes
- Communication history and timestamps
3. Device Information
- Device fingerprints (screen resolution, timezone, browser type, operating system)
- IP addresses and geolocation data
- Device names and identifiers
- Session tokens and authentication data
4. AI Query Data
- Natural language queries submitted to the AI assistant
- Query responses and recommendations
- AI conversation history (up to 40 messages)
- Usage patterns and frequency
5. System Usage Data
- Audit logs and security events
- Feature usage statistics
- Performance metrics and error logs
- Campaign and shipment tracking data
How We Use Your Information
RHD Enterprise uses the collected information for the following purposes:
Business Operations
- Managing customer relationships and sales processes
- Processing and tracking orders, shipments, and dispatches
- Facilitating communication with customers via WhatsApp and other channels
- Generating analytics and business intelligence reports
System Security & Authentication
- Authenticating user identities and managing access control
- Preventing unauthorized access and credential sharing
- Device tracking and session management (3-device limit enforcement)
- Detecting suspicious activities and security threats
AI-Powered Features
- Processing natural language queries through OpenAI integration
- Providing intelligent search and customer recommendations
- Generating contextual suggestions and automated insights
- Improving AI model accuracy and user experience
Compliance & Auditing
- Maintaining audit trails for compliance purposes
- Investigating security incidents and policy violations
- Meeting legal and regulatory obligations
Data Security
RHD Enterprise implements industry-standard security measures to protect your information:
Security Measures
- Encryption: All passwords are hashed using bcrypt. Data in transit is protected via HTTPS/TLS.
- Access Control: Role-based permissions (Admin, Agent, Warehouse) with strict authorization checks.
- Device Management: Multi-device tracking with automatic device revocation and approval workflows.
- Session Security: Secure session management with CSRF protection and session regeneration.
- Rate Limiting: AI queries limited to 100/day (admin) and 50/day (agent) to prevent abuse.
- Audit Logging: Comprehensive logging of all security-sensitive operations.
- Database Security: PostgreSQL with pg_trgm extension and secure connection strings.
Despite our security measures, no system is completely secure. Users are responsible for maintaining the confidentiality of their login credentials.
AI Processing & Third-Party Services
RHD CommandX uses OpenAI to power its AI assistant features. When you submit queries to the AI assistant:
- Your query text is sent to OpenAI's API for processing
- Customer data may be included in queries for context (e.g., "Show customers in Mumbai")
- OpenAI processes the data according to their own privacy policy
- Query history is stored locally in our database for up to 40 messages per session
Third-Party Services
We use OpenAI's API for AI processing. Please review OpenAI's privacy policy at https://openai.com/privacy to understand how they handle data.
We do not sell or share your personal data with third parties for marketing purposes.
Data Retention
We retain different types of data for varying periods:
| Data Type | Retention Period |
|---|---|
| User Account Data | Duration of employment + 7 years |
| Customer Data | Indefinitely (business records) |
| AI Conversation History | 40 messages per session (rolling) |
| Audit Logs | 7 years (compliance requirement) |
| Device Session Data | Until device revocation or 1 year of inactivity |
When user accounts are deactivated, all associated device sessions are automatically revoked, and the user loses access to the system.
Your Rights
As a user of RHD CommandX, you have the following rights:
Access
Request access to your personal data stored in the system
Correction
Update or correct inaccurate personal information
Deletion
Request deletion of your data (subject to legal requirements)
Export
Export your data in a portable format
To exercise these rights, please contact your system administrator or reach out to RHD Enterprise using the contact information below.
Contact Us
If you have questions or concerns about this Privacy Policy or your data, please contact:
RHD Enterprise
Website
commandx.rhdenterprise.inCompany
RHD Enterprise - Bearing Solutions
Changes to This Privacy Policy
RHD Enterprise reserves the right to update this Privacy Policy at any time. We will notify users of material changes through the system or via email. The "Last Updated" date at the top of this policy indicates when it was last revised. Continued use of RHD CommandX after changes constitutes acceptance of the updated policy.