Traveller Track ("we", "us", "our") provides bookkeeping, financial tracking, performance insights, and networking services for clients in the transport sector, including ETS (Express Transport Services), corporate fleets, spot rentals, and self-drive operators. We are committed to protecting the privacy and security of the personal and business data you entrust to us. This Privacy Policy explains how we collect, use, disclose, store, and protect your data in compliance with applicable laws, including the Digital Personal Data Protection Act, 2023 (DPDP Act) in India.

We act as a Data Fiduciary under the DPDP Act for the personal data we process on your behalf.

1. Information We Collect

We collect the following types of information to deliver our services:

Business and Financial Data: Transaction records, invoices, expenses, revenue details, payment histories, fleet/vehicle usage logs, booking data, and other financial metrics you upload or integrate (e.g., via API, Excel, or manual entry).

Personal Data of Users and Associated Individuals: Names, phone numbers, email addresses, addresses, KYC documents (if provided), driver/owner details, employee information, and contact details of clients, drivers, or business representatives.

Account and Usage Data: Login credentials, IP address, device information, login times, features used, reports generated, and interaction logs within our platform.

Insights and Analytics Data: Derived data from processing your inputs, such as performance reports, trend analysis, cost breakdowns, and efficiency insights.

Location Data (Mobile App): GPS coordinates recorded at the time of Punch-in and Punch-out to verify your presence within the designated office or job-site geofence. For field employees, location is additionally collected on a continuous basis during active field job sessions.

Photo Verification Data (Mobile App): Selfie images captured at the point of attendance marking to confirm employee identity. These images are used solely for verification purposes and are not shared with third parties beyond your employer.

Device Information (Mobile App): For users of our mobile applications, we additionally collect Device ID, hardware model, operating system version, and application version to ensure compatibility, security, and accurate session attribution.

Work Information (Mobile App): Department, designation, joining date, and shift assignment details for employees enrolled on our attendance and field tracking modules.

We collect only the data necessary for providing bookkeeping, tracking, insights, and connection services. Sensitive personal data (e.g., financial passwords, bank OTPs) is not collected or stored by us.

2. How We Use Your Information

We use your information solely for the following legitimate purposes:

To provide bookkeeping, financial tracking, and record-keeping services.

To generate insights, dashboards, reports, and analytics about your transport operations (e.g., profitability, vehicle utilization, expense patterns).

To facilitate connections between clients (e.g., matching spot rentals or networking opportunities, with your consent where required).

To manage your account, provide support, send service updates, and communicate regarding your subscription or queries.

To improve our platform, detect fraud, ensure security, and comply with legal obligations.

To record and track employee attendance, shift timings, and working hours through our mobile attendance application.

To verify the validity of Punch-in and Punch-out events using geofencing and location-based checks.

To confirm employee identity at the point of attendance through selfie-based verification, as authorised by your employer.

To compile and make available attendance reports, logs, and records to your employer or designated HR administrators.

To track field employee locations during active field job sessions in order to support real-time operations and safety.

To send important in-app notifications, announcements, and operational alerts relevant to your account and assignments.

All processing is based on your consent, contractual necessity (as per our service agreement), or legitimate interests, in line with DPDP Act requirements.

3. Mobile Application — Location Tracking

Our mobile application collects location data in a manner that depends on your role and the nature of your work:

Standard Employees:

Location is collected only at the moment of Punch-in and Punch-out in order to verify that you are within the authorised office or site geofence. Location is not accessed at any other time.

Field Employees:

When you initiate a field job within the application, your location is tracked on a continuous basis in the background until you explicitly end that job session. This data is used solely to support live operational visibility and field job management for your employer. You retain the ability to disable background location access through your device settings; however, doing so will affect the functionality of field job tracking features.

We do not use location data for any purpose beyond those described above, and location information is never sold or shared with third parties outside the scope of your employer's account.

4. Sharing and Disclosure of Information

We do not sell your data. We share information only as necessary:

With your employer and their designated administrators, for the purpose of attendance management, field operations, and HR records — as authorised by your enrolment on the platform.

With service providers (e.g., cloud hosting, analytics tools, payment processors) who are contractually bound to protect data and process it only for our purposes.

With transport ecosystem partners (e.g., for connections or integrations) only with your explicit consent or as directed by you.

If required by law, government authorities, courts, or regulatory bodies (including under DPDP Act).

In case of mergers, acquisitions, or business transfers, with notice where feasible.

5. Data Storage, Security, and Retention

Your data is stored securely on encrypted servers with industry-standard measures including HTTPS encryption, firewalls, access controls, and encryption at rest and in transit. We retain data only as long as necessary for service delivery, legal compliance, or dispute resolution (typically up to 7 years for financial records or as per your instructions). Attendance records, location logs, and photo verification data are retained as directed by your employer or as required by applicable law. After the applicable retention period, data is securely deleted or anonymised. You may submit a request for deletion of your personal data by contacting us at the details below.

6. Your Rights Under DPDP Act and Other Laws

As a Data Principal, you have the right to:

Access, correct, update, or erase your personal data.

Withdraw consent (where processing is consent-based), subject to contractual obligations.

Nominate a representative for rights exercise (in case of death/incapacity).

Grievance redressal (contact our Grievance Officer below within timelines prescribed by law).

To exercise rights, email us. We will respond within the statutory period (e.g., 30 days under DPDP rules where applicable).

7. Grievance Officer

For complaints or queries:

Grievance Officer: Bhavish Dewaat

Email: bhavishdewaat@rochasoft.in

We will acknowledge and resolve in accordance with DPDP Act.

8. Children's Data

Our services are not intended for or directed at individuals under the age of 18. We do not knowingly collect or process the personal data of minors.

9. Changes to This Policy

We may update this policy from time to time. Changes will be posted here with a revised effective date. For significant changes, we will notify you via email or your platform dashboard where feasible.

10. Contact Us

Email: support@travellertrack.in

Business Name: Traveller Track

Location: Delhi, India

By using Traveller Track services, you agree to this Privacy Policy and our processing of data as described.