Privacy Policy

Privacy Policy

PRIVACY AND DATA RETENTION POLICY

Introduction

We at TrunkPool ("Zen Delivery Services Pvt. Ltd."/Company) respect the privacy of its users. The information if any collected will be secured, safeguarded and shall be utilised for providing better and appropriate services to you and for lawful usage and purpose. We are commited to abide by law of the land and shall comply with the Information Technology Act, 2000 ("Act") and also the Information Technology (Reasonable Security Practices And Procedures And Sensitive Personal Data Or Information) Rules 2011 ("Rules") or any other statues which are in place to govern the Information technology practice in India.

Scope and Definition

This policy shall govern the Company’s collection and use of Data and Handling (“usage”) of the Personal Information (“PI”) and the Sensitive Personal Data or Information (“SPDI”) by the Company in accordance with the Rules.

"Personal information" means any information that relates to a natural person, which, either directly or indirectly, in combination with other information available or likely to be available with a body corporate, is capable of identifying such person. “Sensitive personal data or information” means any information of a person means such personal information which consists of information relating to;—

  1. password
  2. financial information such as Bank account or credit card or debit card or other payment instrument details
  3. physical, physiological and mental health condition
  4. sexual orientation
  5. medical records and history
  6. Biometric information
  7. any detail relating to the above clauses as provided to body corporate for providing service
  8. viii. any of the information received under above clauses by body corporate for processing, stored or processed under lawful contract or otherwise

Provided that, any information that is freely available or accessible in public domain or furnished under the Right to Information Act, 2005 or any other law for the time being in force shall not be regarded as sensitive personal data or information.

By clicking the accept button below you hereby expressly give consent to use your PI and SPDI as more fully described herein below. Your consent to the same shall be construed as a lawful contract between you and the Company in accordance with the Act and Rules.

PI and SPDI are collected for

The Company may, collect, use, receive, possess, process, store, deal, disclose, transfer or handle Personal Information, Password and Financial Information such as Bank Account Number for the following purpose:-

For authentication of user and his attached trucks, for making payments & deducting TDS (if applicable), for researching and developing new products and services, and in connection with Freight, Insurance & Services Platform of the Company and Zen Delivery Services Private Limited from time to time.

For providing the services, the Company will collect, use, receive, possess, process, store, deal, disclose, transfer or handle SPDI.

Data Retention

The PI or the SDPI that the Company may collect, use, receive, possess, process, store, deal, disclose, transfer or handle shall be stored till the user account is active and thereafter deleted once the user deletes his profile from the Applications of the Company.

Sharing of PI and SPDI

In addition to the above said purposes, the Company may share your PI and SPDI with the following entities:

  1. Governmental Agency or Courts or Regulators as required under the applicable law
  2. Instaveritas India Pvt. Ltd. for background verification of the Trucks
  3. With Hindustan Petroleum Corporation Ltd. (“HPCL”) and Reliance India Ltd. (“RIL”) for the user KYC
  4. With IDFC Bank Ltd. and ICICI Bank Ltd. for getting the Fasttags activated
  5. Any employee, agent, contractor or third party or service provider in connection with the Company’s business
  6. Any other person under duty of confidentiality to the Company.

We may also disclose information about you if we determine that disclosure is reasonably necessary to enforce our terms and conditions or protect our operations or users. Additionally, in the event of a reorganization, merger, or sale we may transfer any and all personal information we collect to the relevant third party. It may also be necessary for us − by law, legal process, litigation, and/or requests from public and governmental authorities to disclose your personal information. We may also disclose information about you if we determine that for purposes of national security, law enforcement, or other issues of public importance, disclosure is necessary or appropriate.

At times we may make certain personal information available to strategic partners that work with us to services, or that help our customers. For example:- to HPCL and RIL to when you purchase the petro cards to activate the said cards we provide the KYC documents and when you are approved you will be governed by their respective privacy policies. Personal information will only be shared by us to provide or improve our products, services and advertising; it will not be shared with third parties for their marketing purposes.

Openness and Data Access

The user whose PI and/or SPDI is collected, received, possessed, processed, stored, transferred, dealt or handled may inquire as to the nature of data stored or processed by the Company. The person will be provided reasonable access to the person’s PI and SPDI held by the Company. If any data is inaccurate or incomplete, such person may request that the data be amended or modified or updated.

Option to Opt Out

The person has an option to withdraw the consent to use the PI or SPDI by the Company in accordance with this Policy. In that case the person should contact the Data Privacy and Grievance officer designated by the Company below.

Security Measures

As stated earlier we have high regards for the privacy of our end users and hence we take all possible measures to store and secure the PI and SDPI collected by us. We have engaged the services of one of the Best ISO certified cloud based data storage service providers. Our service providers are ISO/IEC 27001:2013 certified.

We ourselves or through our service providers, systematically evaluates our information security risks, taking into account the impact of threats and vulnerabilities.

We undertake to the following

  1. The usage of PI and SPDI will be in compliance with the Act and the Rules
  2. PI and SPDI will be used for the purposes for which it has been collected or obtained
  3. PI and SPDI will be relevant/necessary to/for the purposes for which it is collected and used
  4. Appropriate reasonable measures will be taken to prevent unauthorized use, processing, and accidental loss, destruction, or damage to such PI or SPDI.

Updates

The Company reserves the right to add, revise, amend, modify or delete any part of this Policy (in part or in full) at its discretion. The updated version of this Policy in force will be posted on the Company’s website from time to time. In the event of any change in the Act or the Rules or in case of any requirement arising under any of the applicable law, this Policy shall be deemed to be amended or modified to the extent necessary to comply with such amendment to the Act or the Rules or to meet any requirement under the applicable laws.