Privacy Policy

Effective Date: 01/09/2025 • Last Updated: 01/09/2025
Controller: Santrupti Gas, Sy no 44, Geddalahalli Village, Kasaba Hobli, Nelamangala Taluk, Bangalore Rural - 562 123 • santrupti.gasagencies@gmail.com • +91 98802 55247

​

Applicability: Authorized Users (delivery personnel, plant admins, distributor admins) only. We process operational data for Tamar in alignment with the Digital Personal Data Protection Act, 2023 (DPDP Act) and Google Play requirements.

​

1) Data We Collect

• 1.1 Authorized User Profile

  • Name, role, employee/contractor ID, mobile number, optional email, supervisor mapping.

  • Provisioning metadata (created by back office; no self-registration).
     

• 1.2 Operational/Delivery Data

  • Stock movement events (Plant→Distributor→Delivery Person→Customer), cylinder identifiers (QR/serial), timestamps, quantities, assignment IDs, OTP verification status, proof-of-delivery metadata.
     

• 1.3 Location (Delivery-Moment Only)

  • Precise location captured only at the delivery event (to evidence place/time of handover and ensure auditability).

  • The App does not collect continuous/background location or general en-route tracking.
     

• 1.4 Device & App Diagnostics

  • Device model, OS version, app version, crash logs, performance metrics, event logs, and IP-derived coarse location for reliability and support.
     

• 1.5 Camera / QR Scanning

  • Camera access is used strictly to scan cylinder QR/serial codes (no gallery access by default).
     

• 1.6 Communications

  • Outbound OTPs to customers (sent by backend). The App does not read SMS on the device.

  • Support interactions (tickets/calls) where applicable.
     

• No Payment Data

  • The App does not integrate a payment gateway and does not store card/UPI data.
     

​

2) Why We Process Data

• Authentication & Access Control of Authorized Users.

• Operational fulfilment: QR scans, OTP handover, delivery-moment location, delivery notes.

• Audit, safety & compliance: chain-of-custody and fraud prevention.

• Reliability & support: diagnostics/crash analytics to improve stability.

• Legal obligations: statutory/audit requirements and lawful requests.

​

​

3) Legal Basis (DPDP Act)

• Consent: for permissioned features (camera, location at delivery), and any optional communications.

• Performance of Contract / Legitimate Use: to carry out assigned operational duties.

• Compliance with Law: to meet statutory and safety requirements.
   

​

4) Sharing (No Selling)

We do not sell personal data. We share only as needed with Company entities & authorized distributors/plant admins (role-based access); service providers: secure cloud hosting, analytics/crash reporting (e.g., Firebase/Crashlytics), SMS/push providers, maps/geocoding; and device management (if applied); and Government/Regulators/Courts when required by law. Vendors are contractually bound to appropriate security controls.

​

​

5) International Processing

Data may be processed in India and, where vendors operate abroad, in other jurisdictions with appropriate safeguards per law and policy.

​

6) Retention

• Core operational records & audit trails: retained for business/legal/audit purposes for up to 3 years.

• Diagnostics & security logs: typically 90–365 days, unless needed longer for investigations.

• After the retention period, data is deleted or irreversibly de-identified unless we must retain it to resolve disputes or comply with law.

​

7) Your Choices & Rights

• Access & Correction: request access to and correction of your profile data.

• Account Deletion (In-App): you can delete your account via Settings → Account → Delete. Deleting your account disables future access; however, operational/audit records already created (e.g., delivery proofs) will be retained for up to 3 years as required for legal/operational purposes and then deleted/de-identified.

• Permissions Control: you may revoke camera/location permissions in device settings; this may limit your ability to perform assigned duties.

We may require verification (e.g., OTP or supervisor confirmation) before fulfilling rights requests.

​

​

8) Security

We implement reasonable technical and organizational measures (encryption in transit, role-based access, least-privilege, monitoring, periodic reviews). No system is 100% secure; promptly report suspected incidents.

​

​

9) Children

The App is intended for adults (18+) in operational roles; it is not directed to children.

​

​

10) Third-Party SDKs & Links

Integrated SDKs (maps, analytics/crash, notifications) process limited data to provide their services. Their privacy terms apply in addition to this Policy. Integrations are reviewed periodically.

​

​

11) Changes

We may update this Policy; material changes will be notified in-app. Continued use after changes indicates acceptance.

​

​

12) Contact & Grievance Redressal (India – IT Rules, 2021)

Grievance Officer: Raviraj(a) Shetty
Email: santrupti.gasagencies@gmail.com • Phone: +91 98802 55247
Address: Santrupti Gas, Sy no 44, Geddalahalli Village, Kasaba Hobli, Nelamangala Taluk, Bangalore Rural - 562 123
Acknowledgment target: 24–72 hours; resolution target: 15–30 days.