Privacy Policy

In compliance with the Digital Personal Data Protection Act, 2023 and applicable Indian laws

This Privacy Policy ("Policy") governs the collection, use, storage, disclosure, and protection of personal data by Aithertech Business Solutions Pvt Ltd ("Company", "we", "our", "us") in connection with the use of our mobile application and related services ("Services").

By accessing or using our Services, you ("Data Principal", "you", "your") acknowledge and consent to the practices described herein, subject to your rights under applicable law.

  1. 1. Definitions

    • "Personal Data" means any data about an individual who is identifiable by or in relation to such data.
    • "Data Principal" means the individual to whom the personal data relates.
    • "Data Fiduciary" refers to Aithertech Business Solutions Pvt Ltd, which determines the purpose and means of processing personal data.
    • "Processing" means the collection, storage, use, disclosure, or erasure of personal data.
    • "Significant Data Fiduciary" shall have the meaning assigned under the DPDP Act, 2023.

  2. 2. Categories of Personal Data Collected

    We may collect the following categories of personal data:

    • Identity Data: Name, contact details, government-issued identification documents.
    • Account Data: Username, password, credentials.
    • Financial Data: Payment details, billing address.
    • Travel Data: Pickup/drop-off locations, travel schedules.
    • Device & Usage Data: IP address, browser type, operating system, GPS location (with consent).

  3. 3. Lawful Basis & Consent

    • Personal data shall be processed only upon obtaining free, specific, informed, and unambiguous consent from the Data Principal.
    • Consent may be withdrawn at any time through the mechanisms provided in the App.
    • Certain processing may be undertaken without consent where permitted under the DPDP Act (e.g., compliance with legal obligations, prevention of fraud, or public interest).

  4. 4. Purpose of Processing

    Personal data shall be processed strictly for the following purposes:

    • Provision and improvement of Services.
    • Booking and payment management.
    • Customer communication and grievance redressal.
    • Safety, fraud prevention, and security.
    • Compliance with applicable laws and judicial directions.
    • Marketing and promotional communications (only with explicit consent).

  5. 5. Data Sharing & Disclosure

    Personal data may be disclosed to:

    • Service Providers: Payment processors, hosting partners, customer support vendors.
    • Drivers/Transportation Partners: Limited data necessary for fulfilling bookings.
    • Government Authorities: Where required under law, regulation, or judicial order.
    • Business Transfers: In case of merger, acquisition, or restructuring, subject to lawful safeguards.

    Cross-border transfers shall be permitted only to jurisdictions not restricted by the Government of India.

  6. 6. Data Security

    We implement appropriate technical and organizational measures, including:

    • Encryption of data in transit and at rest.
    • Access controls and authentication.
    • Regular audits and vulnerability assessments.
    • Employee training on data protection.

    However, no system is entirely immune to risks, and we disclaim absolute guarantees of security.

  7. 7. Data Retention

    Personal data shall be retained only for as long as necessary to fulfill the purposes of processing or as mandated under applicable law. Upon expiry of retention periods, data shall be securely erased.

  8. 8. Rights of Data Principals

    You have the following rights under the DPDP Act:

    • Right to Access: Obtain details of personal data processed.
    • Right to Correction & Erasure: Correct inaccuracies and request deletion, subject to legal obligations.
    • Right to Data Portability: Receive data in a structured format.
    • Right to Withdraw Consent: Withdraw consent at any time.
    • Right to Grievance Redressal: Lodge complaints with our Grievance Officer.

    Requests shall be processed within statutory timelines.

  9. 9. Processing of Children's Data

    Our Services are not intended for individuals below 18 years of age. Processing of children's personal data shall be undertaken only with verifiable parental consent. No profiling, targeted advertising, or tracking of minors shall be permitted.

  10. 10. Breach Notification

    In the event of a personal data breach, we shall notify the Data Protection Board of India and affected Data Principals within 72 hours, in accordance with the DPDP Act.

  11. 11. Changes to Policy

    We may amend this Policy to reflect changes in law or operational practices. Material changes shall be notified to Data Principals through the App and updated on our website.

  12. 12. Grievance Redressal & Contact Information

    For any queries, concerns, or to exercise your rights, please contact:

    Grievance Officer / Data Protection Officer

    Aithertech Business Solutions Pvt Ltd

    Ganesh Business Hub, SP Ring Road, Vastral,

    Ahmedabad, Gujarat, India 382418

    Email: mail@aithertech.in

    Phone: 079-45945642

    If unresolved, you may escalate complaints to the Data Protection Board of India.