PRIVACY POLICY AND OMNIBUS DATA PROTECTION PROTOCOL FOR TRUCOI
DOCUMENT CONTROL IDENTIFIER: TRU-LEGAL-OMNIBUS-SEC-2026-V99STRICT CLASSIFICATION: BINDING DIGITAL INSTRUMENT
ENTITY NATURE: PASSIVE SOFTWARE INTERMEDIARY (SECTION 79, IT ACT 2000)
OPERATIONAL JURISDICTION: REPUBLIC OF INDIA (INTERNAL AND TRANS-BOUNDARY DATA FLOWS)
ARTICLE I: PREAMBLE, STATUTORY FOUNDATION, AND CONSTRUCTIVE ACCEPTANCE
1.1. LEGAL INSTRUMENTALITY: THIS PRIVACY POLICY ("POLICY") IS AN ELECTRONIC RECORD CONSTITUTED IN ACCORDANCE WITH THE INFORMATION TECHNOLOGY ACT, 2000, THE INFORMATION TECHNOLOGY (REASONABLE SECURITY PRACTICES AND PROCEDURES AND SENSITIVE PERSONAL DATA OR INFORMATION) RULES, 2011, AND THE DIGITAL PERSONAL DATA PROTECTION ACT (DPDP), 2023.1.2. DEEMED CONSENT: BY ACCESSING, BROWSING, REGISTERING, OR INTERACTING WITH ANY INTERFACE COMPRISING THE TRUCOI ECOSYSTEM—INCLUDING BUT NOT LIMITED TO TRUCOI-TRUX, TRUCOI-SHIP, TRUCOI-YAAR, AND ALL ASSOCIATED API ENDPOINTS—THE USER ("DATA PRINCIPAL") PROVIDES UNCONDITIONAL AND IRREVOCABLE CONSENT TO THE TERMS HEREIN.
1.3. DECLARATION OF NON-ASSET IDENTITY: THE DATA PRINCIPAL EXPRESSLY ACKNOWLEDGES THAT TRUCOI IS A PURELY SOFTWARE-BASED TECHNOLOGY PROVIDER. THE COMPANY DOES NOT OWN, OPERATE, LEASE, MAINTAIN, OR HIRE PHYSICAL LOGISTICS ASSETS, MOTOR VEHICLES, HEAVY TRUCKS, OR CARGO HARDWARE. WE ARE NOT A "COMMON CARRIER" UNDER THE CARRIAGE BY ROAD ACT, 2007.
1.4. SAFE HARBOR: THE COMPANY RETAINS ABSOLUTE IMMUNITY UNDER SECTION 79 OF THE IT ACT, 2000, AS A PASSIVE CONDUIT FOR USER-GENERATED COMMUNICATIONS AND DATA.
ARTICLE II: COMPREHENSIVE CATEGORIZATION OF DATA HARVESTING
2.1. PRIMARY IDENTITY VECTORS: WE COLLECT, INDEX, AND STORE FULL LEGAL NAMES, CORPORATE TAX IDENTIFIERS (GST/PAN/UDYAM), AND GOVERNMENT-ISSUED KYC DOCUMENTATION SUBMITTED VOLUNTARILY BY THE USER.2.2. GEOSPATIAL TELEMETRY: WE VISUALIZE REAL-TIME COORDINATES, VELOCITY VECTORS, AND HISTORICAL PATHWAYS DERIVED FROM THIRD-PARTY AIS-140 HARDWARE OR MOBILE NETWORK TRIANGULATION. THE COMPANY IS A DATA "VISUALIZER" AND NOT A "GENERATOR" OF SUCH SIGNALS.
2.3. SYNTHETIC DISCOVERY INDEXING (PUBLIC DATA): TO ENHANCE THE LOGISTICS NETWORK, WE UTILIZE AUTOMATED HEURISTICS TO AGGREGATE PROFESSIONAL CONTACT DATA FROM THE PUBLIC DOMAIN, BUSINESS REGISTRIES, AND OPEN-SOURCE DIRECTORIES. SUCH PROCESSING IS CONDUCTED UNDER THE DOCTRINE OF "LEGITIMATE COMMERCIAL INTEREST."
2.4. TRANSITORY INTERACTION DATA: INDIVIDUALS INTERACTING WITH SESSION-BASED TOKENS (MAGIC LINKS) ARE SUBJECT TO IMMEDIATE IP LOGGING AND ACTION-TIMESTAMP RECORDING, IRRESPECTIVE OF ACCOUNT REGISTRATION STATUS.
ARTICLE III: DATA PROCESSING, UTILIZATION, AND ALGORITHMIC HEURISTICS
3.1. OPERATIONAL NECESSITY: DATA IS PROCESSED TO ENABLE THE DIGITAL MATCHING OF FREIGHT REQUIREMENTS WITH VEHICULAR AVAILABILITY ACROSS THE INTEGRATED MONOREPO INFRASTRUCTURE.3.2. NETWORK INTEGRITY: WE CONDUCT POINT-IN-TIME DIGITAL VALIDATION OF PROFESSIONAL CREDENTIALS TO MITIGATE SYSTEMIC FRAUD AND IDENTITY SPOOFING WITHIN THE INDIAN ROAD LOGISTICS SECTOR.
3.3. COMMUNICATION PROTOCOLS: THE USER GRANTS EXPLICIT CONSENT FOR THE DELIVERY OF TRANSACTIONAL METADATA, OTPS, AND PROMOTIONAL CONTENT VIA AUTOMATED IVR, SMS, WHATSAPP, AND ELECTRONIC MAIL PROTOCOLS.
ARTICLE IV: PERMANENT ARCHIVAL AND THE "SOFT-DELETE" PROTOCOL
4.1. NON-PURGE MANDATE: PURSUANT TO INTERMEDIARY DUE DILIGENCE RULES 2021, THE COMPANY DOES NOT PRACTICE "HARD DELETION." DATA RECORDS ARE MANDATED TO BE RETAINED FOR LEGAL ACCOUNTABILITY AND AUDIT TRAILS.4.2. SOFT-DELETE EXECUTION: UPON A DEACTIVATION REQUEST, DATA IS TRANSITIONED TO A "LOGICAL ARCHIVE." IT REMAINS INACTIVE IN THE UI BUT IS RETAINED IN ENCRYPTED PARTITIONS FOR STATUTORY PERIODS.
4.3. PURPOSES OF ARCHIVAL: DATA IS RETAINED INDEFINITELY TO PREVENT RECIDIVISM BY BANNED ACTORS, ASSIST IN CRIMINAL INVESTIGATIONS (THEFT/ACCIDENTS), AND PROVIDE EVIDENCE IN USER-TO-USER DISPUTES.
ARTICLE V: THE "ZERO-LIABILITY" DOCTRINE (ABSOLUTE PROTECTIONS)
5.1. NON-RESPONSIBILITY FOR CARGO: THE COMPANY ASSUMES ABSOLUTE ZERO LIABILITY FOR CARGO LOSS, THEFT, ACCIDENTS, HIJACKING, PILFERAGE, OR DAMAGE. THE PLATFORM IS A "DIGITAL VENUE" ONLY.5.2. NO BAILMENT OR CARRIAGE: THE COMPANY NEVER TAKES POSSESSION, TITLE, OR CUSTODY OF ANY PHYSICAL ASSETS. NO CONTRACT OF BAILMENT OR CARRIAGE IS EVER FORMED.
5.3. TELEMETRY INACCURACY: WE DISCLAIM ALL LIABILITY FOR TRACKING LATENCY, SIGNAL "DARK ZONES," OR FAILURES IN GPS POSITIONING DATA VISUALIZED VIA THIRD-PARTY HARDWARE.
5.4. FINANCIAL INDEMNITY: THE COMPANY IS NOT AN ESCROW AGENT. WE ARE NOT LIABLE FOR NON-PAYMENT OF FREIGHT, DETENTION CHARGES, OR CASH-ADVANCE FRAUD COMMITTED BY USERS.
ARTICLE VI: MANDATORY DISCLOSURES AND LAW ENFORCEMENT
6.1. JUDICIAL COMPLIANCE: WE SHALL DISCLOSE ANY AND ALL DATA (INCLUDING SOFT-DELETED RECORDS) TO LAW ENFORCEMENT AGENCIES (LEA) OR CERT-IN WITHOUT PRIOR NOTICE UPON RECEIPT OF A VALID STATUTORY MANDATE.6.2. MAGIC LINK GOVERNANCE: USERS GENERATING TRANSITORY LINKS ARE SOLELY RESPONSIBLE FOR OBTAINING RECIPIENT CONSENT. THE COMPANY IS NOT LIABLE FOR PRIVACY BREACHES ARISING FROM THE MISUSE OF SUCH LINKS.
ARTICLE VII: INDEMNIFICATION, JURISDICTION, AND DIGITAL DOMICILE
7.1. USER INDEMNITY: THE DATA PRINCIPAL SHALL INDEMNIFY AND HOLD HARMLESS THE COMPANY FROM ANY CLAIMS ARISING FROM USER-TO-USER INTERACTIONS DISCOVERED VIA THE PLATFORM.7.2. EXCLUSIVE JURISDICTION: THIS POLICY IS GOVERNED BY THE LAWS OF INDIA. ALL DISPUTES ARE SUBJECT TO THE EXCLUSIVE JURISDICTION OF THE COURTS LOCATED AT THE COMPANY'S PRIMARY DIGITAL DOMICILE.
7.3. SERVICE OF PROCESS: AS A PURELY DIGITAL ENTITY, THE COMPANY ACCEPTS LEGAL NOTICES SOLELY VIA ELECTRONIC CHANNELS PROVIDED IN THE GRIEVANCE SECTION.
ARTICLE VIII: GRIEVANCE REDRESSAL AND CONTACT DATA
8.1. IN ACCORDANCE WITH THE IT RULES 2021 AND DPDP ACT 2023, CONTACT:ATTENTION: DATA PROTECTION OFFICER / GRIEVANCE CELL
EMAIL: support@trucoi.com
LEGAL: hr@trucoi.com with Subject as 'LEGAL QUERY'
--- END OF OMNIBUS POLICY: TRU-LEGAL-2026