SutiSoft offers suite of integrated apps that are used by our customers to seamlessly manage their business decisions. This privacy policy applies to all our customers as well as visitors.

This Privacy Policy describes how SutiSoft collects, uses and discloses information, and what choices you have with respect to the information.


It is SutiSoft's policy to respect your privacy regarding any information we may collect while using our software applications and websites, collectively called the Services.

This Privacy Policy applies when you use our Services. For our customers and their employees, a link to this privacy policy is also available in “My Profile” section of the application.

SutiSoft operates a suite of web-based applications as given below.

Spend Platform: SutiExpense, SutiProcure, SutiAP, SutiTravel, SutiInvoice

HR Platform: SutiHR, SutiSign, SutiSurvey, SutiDMS, SutiProject, SutiSSO

CRM Platform: SutiCRM, SutiDAnalytics, SutiDesk, SutiPMS

The above applications are collective called SutiSoft applications. All such products, applications, websites are collectively called “Services”.

This Privacy Policy shall be deemed part of the User Agreement, and your use of the SutiSoft Offerings, as defined in the User Agreement, is subject to both the User Agreement, available at, and this Privacy Policy.

Data Controller and Data Processor

We process two main types of personal data.

Our Customers are the controller of Customer Data. SutiSoft is the processor of Customer Data and the controller of Other Data.

Domains and Websites for this Policy

For the purposes of this Policy, the term, “Websites”, shall refer collectively to as well as the other websites that the SutiSoft Group operates and that link to this Policy.

Information We Collect

Customer Data

Customer Data may be processed by us as a result of customer’s use of the Services when our customers, or their end-users, input or upload information into the Service. For example, customers who use our SutiSoft application may upload Customer Data about themselves or their employees.

Depending upon which services you use, the data that you provide us includes name, email address, phone number, landline number, profile photo, job title for your employees etc. We collect billing details for invoice purposes. SutiSoft also collects customer data, on your instruction, from third parties on your behalf.

Billing Information

Any and all financial and billing information that we collect through the SutiSoft Offerings is used only to check the qualifications of potential customers and to bill customers for the SutiSoft Offerings. Billing information that consists of Personally Identifiable Information is not used by SutiSoft for marketing or promotional purposes (although SutiSoft may use such information in ways which do not personally identify individuals, such as for aggregating information that identifies customer locations, etc.).

Other Data

Customers provide data that is necessary to create user accounts.

For creation of user accounts, you provide your name, email address, password, telephone number and correspondence address. You also provide billing details for invoicing purposes.

We also collect data when you use our applications and websites.

Data from Others

SutiSoft may receive your data from sources other than from you, such as Google Analytics, heat map tracking tool such as Crazy Egg, social media sites such as LinkedIn, Facebook, Twitter, and other online business listing sites. Categories of such data include name, contact information, location information, device information and your website interactions.


Data from Others

SutiSoft may receive your data from sources other than from you, such as Google Analytics, heat map tracking tool such as Crazy Egg, social media sites such as LinkedIn, Facebook, Twitter, and other online business listing sites. Categories of such data include name, contact information, location information, device information and your website interactions.


We collect data through cookies.

SutiSoft uses cookies to help SutiSoft identify and track visitors, their usage of SutiSoft website, and their website access preferences. SutiSoft visitors can control cookies through your browser settings.

For more details about how we use these technologies, please see our Cookie Policy.

How We Use Your Data

How we use your personal data will depend on which Services you use and how you use those Services.

Customer Data will be used by SutiSoft in accordance with Customer’s instructions, including any applicable terms in the Customer Agreement and as required by applicable law. SutiSoft is a processor of Customer Data and Customer is the controller.

Other Data is used by us to provide our services, send our newsletters and to communicate with you by responding to your requests, comments and questions.

Lawful Basis for Processing

We have lawful basis to process your personal data. We also use your consent as basis for lawfully processing your personal data.

We process your personal data only when we have a lawful basis. Presently, we use the Performance of Contract (i.e. to deliver the services to our customers) and consent as the lawful basis for processing. For certain processing, we may also use legitimate interests as provided under the Data Protection Regulations.

In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person.

Where you have consented to a particular processing, you have a right to withdraw the consent at any time.

How We Use Customer Data

We use your data to authenticate you and authorize access to our services.

We only process Customer Data on behalf of our customers and in accordance with their instructions provided in the applicable Services agreement with us. We use the data that we have about you to provide our services and provide support to you. In each case, SutiSoft collects such information only in so far as is necessary or appropriate to fulfil the purpose of the interaction with our services.

How We Use Other Data

We may send you service related messages or marketing/promotional materials. You may choose to restrict the collection or use of your personal information.

We will update you with improvements in our services, new features and from time to time also carry out direct marketing of our products and services. Direct marketing is carried out only if you consent to receiving such communications from us.

Users Under 16 Years of Age

The Sites and Services do not knowingly collect personal information from users under the age of 16.

If you are under the age of 16, you are not permitted to use the Sites and Services or to disclose Personal Information. If we learn we have collected or received Personal Information from a child under 16, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us.

Data Retention Policy

We will retain your personal information for as long as is needed to fulfil the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law (such as tax, accounting or other legal requirements).

Customer Data - We retain your information for as long as you have an active Services account. We may also retain your personal information for extended period under applicable statutory laws.

SutiSoft will retain Customer Data in accordance with a Customer’s instructions, including any applicable terms in the Customer Agreement and as required by applicable law. When you decide to close your account, we delete all personal information about you.

Other Data - We retain your information for as long as necessary for the purposes that we have described in this privacy policy.

SutiSoft may retain Other Information pertaining to you for as long as necessary for the purposes described in this Privacy Policy.

Your Rights

You can request to access, update or correct your personal information. You also have the right to object to direct marketing.

You may have additional rights pursuant to your local law applicable to the processing. For example, if the processing of your personal information is subject to the EU General Data Protection Regulation ("GDPR"), and your personal information is processed based on legitimate interests, you have the right to object to the processing on grounds relating to your specific situation. Under GDPR you may also have the right to request to have your personal information deleted or restricted and ask for portability of your personal information.

Your Rights to Control Data

Whenever you use our services, we aim to provide you easy means to access, modify, delete, object to or restrict use of your personal information.

We strive to give you ways to access, update/modify your data quickly or to delete it unless we have to keep that information for legal purposes. Some rights can be access from within the SutiSoft application. For visitors, these rights can be exercised by contacting us with your specific request.

Account Closure

We keep some personal data even after account closure.

Once you choose to close your account, we generally delete your personal information within 60 days of closure of your account. Some information that is necessary for statutory obligations such as records of payment processing, invoicing data will be retained as necessary.

Your information shared with others

Your data will be shared with other recipients in order to provide you with services.

While we aim to limit the sharing of your data, at times, it is necessary to share your data with certain service providers. Examples of when and for what purpose your data is shared include data center / hosting services, email marketing services, etc.

The following categories of recipient will most likely receive your data in order for us to provide services to you.

To Comply with Laws. - If we receive a request for information, we may disclose if we reasonably believe disclosure is in accordance with or required by any applicable law, regulation or legal process.

Cross-Border Data Transfers

Your data will be stored and processed in multiple countries including outside of the European Union (EU) Region.

Since we are an international company, your data will be processed outside of the EU region. Your data will be processed within Third Party Data Centers in USA and in Germany. Some countries where we process data may not have as protective laws as your own country and there are risks associated with such transfer.

SutiSoft offers European Union Model Clauses, also known as Standard Contractual Clauses, to meet the adequacy and security requirements for our Customers that operate in the European Union, and other international transfers of Customer Data. These clauses are contractual commitments between parties transferring personal data (for example, between SutiSoft and its Clients, suppliers or data processors outside the EU), binding them to protect the privacy and security of the data.

Security Measures to Protect your Data

Security Measures

We implement security controls to prevent breaches and unauthorised access to your data.

We maintain reasonable and appropriate security measures to protect Customer Data from loss, misuse, and unauthorized access, disclosure, alteration, and destruction.

Examples of security measures include physical access controls, HTTPS, restricted access to data, monitoring for threats and vulnerabilities etc.

We also subject our services to internationally recognised certification and attestation standards. Details about our security measures are available at our Group website.

Security for Customers

SutiSoft provides secure authentication and transmission of information.

When the Services are accessed using Netscape Navigator, or Microsoft Internet Explorer versions 4.0 or higher, Secure Socket Layer(SSL) technology protects information using both server authentication and data encryption to help ensure data is safe, secure and available only to you. Finally, SutiSoft requires unique user names and passwords that must be entered each time a customer logs on. These safeguards help prevent unauthorized access, maintain data accuracy and ensure the appropriate use of data.

Protection of Personal Information

Our Sites and Services uses commercial efforts to maintain safeguards for protection of your Personal Information.

SutiSoft takes all measures reasonably necessary to protect against the unauthorized access, use, alteration or destruction of potentially personally-identifying and personally-identifying information.

US Privacy Laws

Child Protection

We do not offer services to, or target, persons under the age of 13. In compliance with the Children's Online Privacy Protection Act, we will purge any information we receive from people we believe to be children under 13 from our database and cancel the corresponding accounts.

Other Information

Contact Information

You can contact us about this privacy policy or use of our services.

If you have questions or complaints regarding this Policy, you may contact us through email at or through phone at (888) 272-4385 or (650) 969-7884. You may contact us at our mailing address below.

SutiSoft, Inc.
333 West El Camino Real,
Suite 210,
Sunnyvale, CA 94087 USA

If you are a resident of the European Economic Area and we maintain your Personal Data within the scope of the General Data Protection Regulation (GDPR), you have additional rights. If you are not satisfied with the resolution, you can also lodge a complaint with the Supervisory Authority in the country of your residence.

Privacy Policy Change

SutiSoft may change this Privacy Policy from time to time, at our sole discretion.

SutiSoft encourages visitors and customers to frequently check this page for any changes to its Privacy Policy. We will notify you of material changes in advance, at least thirty (30) business days before the change takes effect, by email or by notice when you log in to the Sites and Services or both. You confirm that your continued use of our services after any change in this Privacy Policy will constitute your acceptance of such changes and agree to be subject to the revised privacy policy.

SutiSoft uses cookies on this site to ensure you get the best experience and also to improve this website better. Please read our Cookie Policy

Welcome to SutiSoft!
How can I help you?