Data Protection Policy

Secure, Transparent & Compliant Data Management

Raido Bike Taxi is committed to protecting your privacy and personal information through strong encryption, limited access, and complete transparency.

1. Introduction

This Data Protection Policy (“Policy”) sets out how Raido Bike Taxi (“Raido”, “we”, “our”, or “us”) protects the personal data of users, employees, and partners in compliance with the Digital Personal Data Protection Act, 2023 (DPDP Act) and other applicable Indian laws.

Raido is committed to ensuring lawful, transparent, and secure data processing across all its services and platforms.

2. Purpose

The purpose of this policy is to define how Raido collects, stores, shares, and protects personal data to ensure confidentiality, integrity, and availability of information.

3. Scope

  • Applies to all personal data collected from users, drivers, employees, and corporate clients of Raido.
  • Applies to all digital and physical data managed by Raido across mobile apps, websites, and databases.
  • Applies to all third-party vendors and service providers engaged in processing personal data on behalf of Raido.

4. Types of Data We Collect

  • Personal data: Name, phone number, email, gender, address.
  • Identification data: Aadhaar, PAN, driver’s license (for drivers only).
  • Financial data: Payment method, UPI ID, and transaction details.
  • Location data: Real-time GPS for ride tracking and safety monitoring.
  • Device & usage data: IP address, app version, device ID, and operating system details.

5. Data Protection Principles

Raido adheres to the following core principles while processing any personal data:

  • Lawfulness & Fairness: Data is processed lawfully with explicit consent from the user.
  • Purpose Limitation: Data is collected only for specified, legitimate purposes.
  • Data Minimization: Only essential data necessary for service delivery is collected.
  • Accuracy: Data is maintained and updated to ensure correctness.
  • Storage Limitation: Data is retained only as long as necessary for legal or operational purposes.
  • Integrity & Confidentiality: Data is secured against unauthorized access, alteration, or disclosure.

6. Data Security Measures

  • End-to-end encryption for personal and financial data.
  • Secure cloud hosting within India with firewall protection and intrusion monitoring.
  • Two-factor authentication (2FA) for admin and employee logins.
  • Regular data backup and disaster recovery mechanisms.
  • Access restricted based on “least privilege” and “need-to-know” principles.
  • Annual security audits and vulnerability assessments (VAPT).

7. User Rights under DPDP Act

  • Right to access and review personal data held by Raido.
  • Right to correction or erasure of inaccurate or outdated data.
  • Right to withdraw consent for non-essential data processing.
  • Right to know how and where personal data is being used or shared.
  • Right to lodge a complaint with Raido’s Data Protection Officer (DPO).

8. Data Retention

  • Data is retained for as long as required to fulfill business, legal, or contractual obligations.
  • Inactive accounts or old transaction data are automatically anonymized or deleted after 3 years.
  • Backups are securely purged after retention periods expire.

9. Third-Party Sharing

  • Data is shared only with verified partners such as payment processors, analytics tools, and SMS/email providers.
  • All third-party vendors are bound by confidentiality and data protection agreements.
  • Data is never sold, rented, or traded for marketing purposes.

10. International Data Transfers

In limited cases, Raido may store or process data outside India (e.g., on secure global cloud infrastructure). All such transfers comply with DPDP Act requirements and international data security standards.

11. Breach Notification Policy

  • In case of a data breach, Raido will promptly notify affected users and relevant authorities within 72 hours of discovery.
  • Incident response teams will immediately contain, investigate, and mitigate risks.

12. Data Protection Officer (DPO)

Raido has appointed a qualified Data Protection Officer responsible for monitoring compliance and handling grievances.

Data Protection Officer (DPO)
Email: dpo@raidobiketaxi.in
Phone: +91 96801 92909

13. Employee & Internal Data Handling

  • Employees receive data protection training during onboarding and annually thereafter.
  • Strict disciplinary action is taken against any misuse or unauthorized data access.
  • Employee access logs are reviewed regularly by compliance teams.

14. Compliance & Legal Framework

This policy aligns with the following Indian and international data protection frameworks:

  • Digital Personal Data Protection Act, 2023 (India)
  • Information Technology Act, 2000
  • ISO/IEC 27001:2022 – Information Security Management System

15. Updates to This Policy

Raido Bike Taxi reserves the right to amend this policy from time to time to reflect regulatory changes, business practices, or technological advancements. The latest version will always be available on our official website.

Effective Date

Last Updated: November 11, 2025