Privacy Policy

This Privacy Policy describes how FleetSense India ("FleetSense", "we", "us", or "our"), operated by Vividweb Technologies Private Limited (CIN: U72900UP2020PTC139694), collects, uses, stores, shares, and protects personal data when you use our website, our fleet management platform, our mobile applications, and related services (collectively, the "Services").

We are committed to protecting your privacy and processing your personal data in accordance with the Digital Personal Data Protection Act, 2023 ("DPDP Act") and the rules framed thereunder, as well as all other applicable laws of India.

By accessing or using our Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree, please discontinue use of our Services.

Data Principal

The individual to whom personal data relates — including fleet operators, drivers, and website visitors.

Data Fiduciary

FleetSense / Vividweb Technologies Private Limited, which determines the purpose and means of processing personal data.

Data Processor

Any third party that processes personal data on our behalf.

Personal Data

Any data about an individual who is identifiable by or in relation to such data.

Processing

Any operation performed on personal data, including collection, storage, use, sharing, and deletion.

Consent

A free, specific, informed, unconditional, and unambiguous indication by a Data Principal, given by a clear affirmative action.

This Policy applies to:

• Fleet Operators and Business Users who register an account and use the FleetSense platform to manage their fleet.
• Drivers who use the FleetSense Driver App or whose data is collected through installed GPS hardware.
• Website Visitors who browse our website, request a demo, or sign up for a free trial.
• Contact Persons at enterprises who interact with our sales or support teams.

4.1 Data Provided by Fleet Operators (Account Holders)

4.2 Data Relating to Drivers

4.3 Data Collected Automatically (Website & Platform)

4.4 GPS & Telematics Data

We process personal data only for specified, clear, and lawful purposes. Under the DPDP Act, the lawful bases on which we rely are:

5.1 Consent

Where we rely on your consent, you may withdraw it at any time (see Section 10). Withdrawal does not affect the lawfulness of processing before withdrawal.

5.2 Performance of a Contract

5.3 Legitimate Interests

5.4 Legal Obligation

We do not sell your personal data. We share data only in the following circumstances:

6.1 With Data Processors Acting on Our Behalf

6.2 With Government Authorities (Mandatory Legal Disclosure)

As required under AIS-140 regulations mandated by MoRTH, vehicle GPS data is dual-streamed in real time to the VAHAN/NIC government server. This is a statutory obligation and occurs automatically for every GPS packet.

6.3 With the Fleet Operator (for Driver Data)

Drivers' location, behavioural, and trip data is made accessible to their employing fleet operator through the FleetSense platform dashboard. Fleet operators are independently responsible for their use of this data in accordance with applicable employment law and the DPDP Act.

6.4 Business Transfers

In the event of a merger, acquisition, or sale of all or a portion of our assets, personal data held by us may be transferred to the acquiring entity, subject to equivalent privacy protections.

6.5 Safety and Emergency

We may disclose personal data where we believe disclosure is necessary to protect the safety of a driver or other person (e.g., in connection with a SOS/panic button activation).

All personal data collected through the FleetSense platform is stored on AWS Mumbai (ap-south-1) and does not leave Indian territory under standard operations.

Where any processing by a third-party service provider involves transfer of data outside India, we ensure that such transfers are conducted in accordance with the applicable provisions of the DPDP Act and any rules or government notifications specifying permitted countries/conditions for such transfers.

When data is no longer required, we delete or anonymise it securely.

We implement appropriate technical and organisational security measures to protect personal data against unauthorised access, disclosure, alteration, or destruction, including:

• Encryption — data encrypted in transit (TLS 1.2+) and at rest (AES-256)
• Access Controls — role-based access; least-privilege principle applied to all internal systems
• Infrastructure Security — all data hosted on AWS Mumbai with VPC isolation, security groups, and regular vulnerability assessments
• Authentication — multi-factor authentication available for fleet operator accounts
• Audit Logs — all platform access and data exports are logged
• Incident Response — we maintain a documented data breach response procedure

In the event of a personal data breach that is likely to cause harm to Data Principals, we will report it to the Data Protection Board of India and notify affected individuals in accordance with the DPDP Act and applicable rules.

Under the DPDP Act 2023, you have the following rights in respect of your personal data:

How to Exercise Your Rights

Submit a request by email to info@vividwebtechnologies.com with the subject line "Data Rights Request".

We will verify your identity before processing any request. We aim to respond within 30 days. Complex requests may take up to 60 days; we will notify you if an extension is needed.

The FleetSense platform is not directed at children under the age of 18. We do not knowingly collect personal data from minors. If we become aware that we have inadvertently collected data from a person under 18 without verifiable parental consent, we will delete it promptly.

Fleet operators must ensure that no driver under 18 is enrolled on the platform.

Our website uses cookies and similar tracking technologies. You may manage your cookie preferences at any time via our Cookie Policy page or through the Cookie Preference Centre accessible from the footer of our website.

We deliver alerts, notifications, and support communications via WhatsApp Business API. By providing your WhatsApp number and agreeing to receive alerts:

• You consent to receiving operational notifications (fuel anomalies, geofence alerts, compliance warnings, daily summaries) on that number.
• You can opt out of non-essential marketing messages at any time by replying STOP or by updating your notification preferences in the FleetSense dashboard.
• Operational / safety alerts (e.g., SOS events, compliance failures) are part of the contracted service and cannot be fully disabled while your account is active.

Our website and platform may contain links to third-party websites or services (e.g., MapmyIndia, MoRTH/VAHAN portals). We are not responsible for the privacy practices of these third parties. We encourage you to read their respective privacy policies before submitting any personal data to them.

We may update this Privacy Policy from time to time to reflect changes in law, our Services, or our data practices. When we make material changes, we will:

• Post the updated policy on our website with a revised "Last Updated" date.
• Send a notification to registered fleet operators via email or in-platform notification at least 15 days before the change takes effect.

Continued use of our Services after the effective date of a revised Policy constitutes your acceptance of the changes.

In accordance with the DPDP Act 2023 and applicable IT rules, we have appointed a Grievance Officer to address your concerns:

We will acknowledge your grievance within 48 hours and endeavour to resolve it within 30 days of receipt.

If you are not satisfied with our resolution, you may escalate your complaint to the Data Protection Board of India once it is operationally established under the DPDP Act.

This Privacy Policy is governed by the laws of India, including the Digital Personal Data Protection Act, 2023. Any disputes arising under this Policy shall be subject to the exclusive jurisdiction of the courts located in Gautam Budh Nagar, Uttar Pradesh, India.