1. Who is IDN?
1.1. India Drivers Network Services Private Ltd. (“IDN”) is the owner of the service “Cartr” which is a commuter facilitation service. The services are technology based services which enable the booking, scheduling and tracking of company vehicles (taxis/shuttles/buses), receive notifications regarding the timeliness and location of company vehicles, cancelling trips, trigger pickup and dropoff confirmations, SOS button to trigger police and medical emergencies, and features to rate trip experiences by commuters / passengers (“End Users”) through the internet and mobile telecommunications devices. IDN operates the website www.GoCartr.com (“Website”) and an Android application, iOS application and Windows Phone application for mobile telecommunications devices (collectively called “Mobile Applications”). The Website and the Mobile Applications are an integral part of mGaadi which enables End Users to hire auto rickshaws and taxis.
2.1.1. Section 43A of the Information Technology Act, 2000;
2.1.2. Regulation 4 of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information) Rules, 2011 (the “SPI Rules”); and
2.1.3. Regulation 3(1) of the Information Technology (Intermediaries Guidelines) Rules, 2011.
2.2.1. The type of information collected from the visitors and users of the Website and the Mobile Applications, including sensitive personal data or information;
2.2.2. The purpose, means and modes of usage of such information; and
2.2.3. How and to whom IDN will disclose such information.
2.3. What is personal information?
2.3.1. “Personal information” is defined under the SPI Rules to mean any information that relates to a natural person, which, either directly or indirectly, in combination with other information available or likely to be available with a body corporate, is capable of identifying such person.
2.3.2. The SPI Rules further define “sensitive personal data or information” of a person to mean personal information about that person relating to:
188.8.131.52. financial information such as bank accounts, credit and debit card details or other payment instrument details;
184.108.40.206. physical, physiological and mental health condition;
220.127.116.11. sexual orientation;
18.104.22.168. medical records and history;
22.214.171.124. biometric information;
126.96.36.199. information received by body corporate under lawful contract or otherwise;
188.8.131.52. visitor details as provided at the time of registration or thereafter; and
184.108.40.206. call data records.
2.3.3. Information that is freely available in the public domain or accessible under the Right to Information Act, 2005 or any other law will not be regarded as sensitive personal data or information.
3. Privacy Statements
3.1. All Visitors and End Users Note:
3.1.1. This section applies to all visitors and End Users (“Users”).
3.1.3. Due to the communications standards on the Internet, when a User visits the Website, IDN automatically receive the URL of the site from which such User came and the site to which such User is going when he/she/it leaves. IDN also receives the Internet Protocol (IP) address of each User’s computer (or the proxy server a User used to access the World Wide Web), User’s computer operating system and type of web browser the User is using, email patterns, as well as the name of User’s ISP. This information is used to analyze overall Users’ trends to help IDN improve its Services. The linkage between User’s IP address and User’s personally identifiable information is not shared with third-parties without such User’s permission or except when required by law or except where required to provide or facilitate the Services. Notwithstanding the above, the Users acknowledge IDN’s right to share some of the aggregate findings (not the specific data) with advertisers, sponsors, investors, strategic partners, and others in order to help grow its business.
3.1.4. The Website and the Mobile Applications use temporary cookies to store certain data. IDN does not store personally identifiable information in the cookies. Information collected by IDN, by any means whatsoever, that does not personally identify the Users as an individual (such as, patterns of utilization described above) is exclusively owned by IDN and may be used by IDN and its service providers for the technical administration of the Website, User administration, research and development, business development, statistical analysis and business intelligence purposes. Additionally IDN may sell or otherwise transfer such research, statistical or intelligence data in an aggregated or non-personally identifiable form to third parties and affiliates.
3.1.5. IDN may keep records of telephone calls received from and made to Users for the purpose of administration of Services, research and development, business development and for User administration.
3.1.6. IDN may allow other companies to serve advertisements to the Users. These companies include third party ad servers, ad agencies, ad technology vendors and research firms. IDN may “target” some ads to Users that fit a certain general profile. IDN does NOT use personally identifiable information to target ads. In the course of serving advertisements or optimizing services to its Users, IDN may allow authorized third parties to place or recognize a unique cookie on the User’s browser.
3.1.8. The Website may enable Users to communicate with other Users or to post information to be accessed by others, whereupon other Users may collect such data. IDN hereby expressly disclaims any liability for any misuse of such information that is made available by Users in such a manner, neither does IDN warrant or guarantee any such data or communication.
3.1.10. IDN does not knowingly collect personal data from children.
3.1.11. IDN has implemented industry standard security policies, rules and technical measures to protect the personal data that it has under its control from unauthorised access, improper use or disclosure, unauthorised modification and unlawful destruction or accidental loss.
3.1.13. IDN may also disclose or transfer the personal and other information provided by the Users, to any thirty party as part of reorganization or a sale of the assets of an IDN corporation division or company. Any third party to which IDN transfers or sells its assets will have the right to continue to use the personal and other information that Users provide to IDN.
3.1.14. IDN shall address any discrepancies and grievances of all Users with respect to processing of information in a time bound manner. For this purpose, IDN has designated Natasha Welcome as the Grievance Officer, who will redress the grievances of the Users expeditiously but in any event within one month from the date of receipt of grievance, and who can be reached by:
220.127.116.11. Sending a letter marked to the attention of “The Grievance Officer” to India Drivers Network Services Private Ltd , #102/1, 2nd Floor, 17th C Main, Koramangala 5th Block, Bangalore – 560095; or
18.104.22.168. Sending an email to email@example.com
3.1.16. If a User uses the Website or the Mobile Applications after notice of changes have been sent to such User or published on the Website or the Mobile Applications, such User hereby provides his/her/its consent to the changed practices.
3.2. Visitors Note:
3.2.1. No sensitive personal data or information is automatically collected by IDN from any visitors of the Website, who are merely perusing the site.
3.2.3. If you, as a visitor, have inadvertently browsed any other pages of the Website prior to reading the privacy statements set out herein, and you do not agree with the manner in which information is obtained, stored or used, merely quitting this browser application should ordinarily clear all temporary cookies installed by IDN. All visitors, however, are encouraged to use the “clear cookies” functionality of their browsers to ensure such clearing / deletion, as IDN cannot guarantee, predict or provide for the behaviour of the equipment of all the visitors of the Website.
3.3. End Users Note:
3.3.2. IDN may require the End User to pay for the Services with a credit card, wire transfer, debit card or cheque. IDN will collect such End User’s credit card number and/or other financial institution information such as bank account numbers and will use that information for the billing and payment processes, including but not limited to the use and disclosure of such credit card number and information to third parties as necessary to complete such billing operation. Verification of credit information, however, is accomplished solely by the End User through the authentication process. The End User’s credit-card/debit card details are transacted upon secure sites of approved payment gateways which are digitally under encryption, thereby providing the industry standard degree of care as per current technology. The End User is advised, however, that Internet technology is not 100% (hundred percent) safe and User should exercise discretion on using the same.
3.3.3. The End Users’ personally identifiable information they choose to provide on the Website and/or the Mobile Applications is used to help the Users describe / identify themselves. Additionally IDN may choose to conduct contests and surveys to collect relevant information about the End Users’ preferences. These surveys and contests are optional and if an End User chooses to respond, his/her/its responses will be kept anonymous. The demographic information that IDN collects in the registration process and through any surveys or contests is used to help IDN improve its Services to meet the needs and preferences of the End Users.
3.3.4. The End User can access, modify, correct and eliminate the data about him/her/it which has been collected pursuant to his/her/its decision to become an End User. If the End User updates any of his/her/its information, IDN may keep a copy of the information which such End User originally provided to IDN in its archives for uses documented herein. IDN takes the End Users’ rights seriously and encourages the End User to use them if the End User deems this to be appropriate. The End User may exercise these rights by emailing IDN at firstname.lastname@example.org
3.3.7. IDN will communicate with the End Users through email and notices posted on the Website or through other means available through the service, including text and other forms of telephonic messaging. The End Users can change their e-mail and contact preferences at any time by logging into their “Account” at www.goCartr.com and changing the account settings.
4. Registration Process
4.1. As part of the registration process, IDN may collect the following personal information from End Users:
4.1.4. Contact information including favourite locations including home address and office address, email address and mobile number;
4.1.5. Password chosen by the End User;
4.1.6. Demographic information such as postal code, preferences, interests, etc.;
4.1.7. Information regarding type of cell phone used; and
4.1.8. Other information as the End User may provide.
4.2.1. Its employees on a need-to-know basis. All IDN employees and data processors, who have access to, and are associated with the processing of sensitive personal data or information, are obliged to respect the confidentiality of every End User’s sensitive personal data and information.
4.2.2. Third party contractors to the extent necessary to provide the End Users with the Services. IDN may provide their personal information to third party contractors who work on behalf of or with IDN to provide End Users with such services, to help IDN communicate with End Users or to maintain the Website. Generally these contractors do not have any independent right to share this information, however certain contractors who provide services on the Website, including the providers of online communications services, will have rights to use and disclose the personal information collected in connection with the provision of these services in accordance with their own privacy policies.
Notwithstanding the above, IDN shall not be responsible for any breach of security or for any actions of any third parties that receive Users’ personal data or events that are beyond the reasonable control of IDN including, acts of government, computer hacking, unauthorised access to computer data and storage device, computer crashes, breach of security and encryption, etc.