Privacy Policy

PRIVACY POLICY SHIPTER — Peer-to-Peer Parcel Delivery via Delhi Metro Effective Date: April 20, 2026 Last Updated: April 20, 2026 Version: 1.0 1. INTRODUCTION AND OVERVIEW SHIPTER ("Company", "we", "our", or "us") is a technology platform that facilitates peer-to-peer parcel delivery through the Delhi Metro Rail Corporation (DMRC) network. We connect individuals who need to send parcels ("Senders" or "Customers") with verified metro travelers ("Traveler Partners") who are already traveling on the same metro route. This Privacy Policy ("Policy") is an electronic record in accordance with the provisions of the Information Technology Act, 2000 and the Rules and Regulations made thereunder, including the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 ("IT RSP Rules"). This Policy does not require any physical, electronic, or digital signature. This Policy describes in detail how SHIPTER collects, receives, possesses, stores, deals with, handles, and transfers your personal information and sensitive personal data or information when you access or use the SHIPTER mobile application ("App") and the services offered through it ("Services"). This Policy applies to all users of the SHIPTER App, including Senders, Customers, and Traveler Partners, without limitation. The terms "you", "your", and "user" refer to any person who downloads, installs, accesses, or uses the SHIPTER App in any capacity. The term "Services" refers to all services offered by SHIPTER through the App, including but not limited to parcel booking, parcel delivery, wallet management, KYC verification, and customer support. By downloading, installing, accessing, or using the SHIPTER App and Services, you expressly agree and consent to the collection, transfer, use, storage, disclosure, and sharing of your information as described in this Policy. This Policy is incorporated into and forms a part of the SHIPTER Terms and Conditions. All capitalized terms used but not defined in this Policy shall have the meaning ascribed to them in the Terms and Conditions. If you do not agree with the terms of this Policy, please do not download, install, access, or use the SHIPTER App or Services. SHIPTER reserves the right to modify, update, or revise this Policy at any time at its sole discretion. We will notify you of material changes through the App or by other means. Your continued use of the App after any such changes constitutes your acceptance of the revised Policy. You are encouraged to review this Policy periodically. 2. INFORMATION WE COLLECT SHIPTER collects various categories of information to provide, maintain, improve, and secure our Services. The categories of information we collect are described below: 2.1 Information You Provide Directly When you register for an account, use our Services, or communicate with us, you may provide us with the following information: Full name as registered with your Google account or as entered during profile setup. Mobile phone number, which serves as your primary identifier on the platform. Email address associated with your Google account. Profile information including any additional details you choose to provide. Parcel details including description of goods, estimated value, weight, size, and photographs of the parcel. Pickup and drop Delhi Metro station details for each delivery booking. Receiver's name and mobile phone number for delivery coordination. Support messages, feedback, ratings, and reviews submitted through the App. Any other information you voluntarily provide to us through the App or in communications with our support team. 2.2 Identity Verification Information (Traveler Partners Only) To ensure the safety and security of our platform and users, Traveler Partners are required to complete a Know Your Customer (KYC) verification process. For this purpose, we collect: Aadhaar Card — front and back side photographs. Aadhaar Card number (12-digit unique identification number). PAN Card — front side photograph. PAN Card number (10-character alphanumeric identifier). This information is collected solely for the purpose of verifying the identity of Traveler Partners and preventing fraudulent registrations. We implement strict access controls to ensure that KYC documents are accessible only to authorized personnel. 2.3 Financial Information (Traveler Partners Only) To facilitate the withdrawal of earnings from the SHIPTER Wallet, Traveler Partners are required to provide: Bank account holder name. Bank account number. Bank IFSC code. Bank name and branch details. This information is used exclusively for processing approved withdrawal requests and is never shared with unauthorized third parties. 2.4 Location Information Location data is a critical component of our Services. We collect: Precise GPS location data from your mobile device when you grant us location permissions. Metro station proximity data to verify that Senders are physically present at the pickup DMRC station before a booking is confirmed. Metro station proximity data to verify that Traveler Partners are at the correct stations during pickup and delivery. Location data is collected from the time a service is requested until it is completed. We also use location data to detect and prevent the use of fake or mock location applications, which is a form of fraud on our platform. You may disable location access in your device settings at any time; however, doing so will significantly limit the functionality of the App and may prevent you from using certain Services. 2.5 Device and Technical Information When you use the SHIPTER App, we automatically collect certain technical information, including: Device model, manufacturer, and operating system version. Unique device identifiers including device fingerprint for fraud detection and security purposes. App version and build number. Network information including IP address and mobile network carrier. Crash reports, error logs, and diagnostic data to help us identify and fix technical issues. App usage data including screens visited, features used, buttons tapped, and session duration. Push notification token (FCM token) for sending delivery status notifications and alerts. 2.6 Transaction and Wallet Information We maintain records of all financial transactions on the platform, including: Wallet credit transactions — earnings from completed deliveries (Traveler Partners). Wallet debit transactions — delivery charges paid for parcel bookings (Senders). Wallet top-up transactions — amounts added to the wallet via Razorpay. Withdrawal requests — amount, bank account details, status, and processing history. Delivery charges, platform fees, and applicable taxes for each transaction. Payment mode selected — SHIPTER Wallet or Cash on Delivery. 2.7 Communication and Support Data We collect and store: In-app support chat messages between users and our support team. Support ticket details including issue category, description, and resolution status. Feedback and ratings submitted after deliveries. Announcements and notifications sent to users. 2.8 OTP Verification Logs For security and dispute resolution purposes, we maintain logs of: Pickup OTP generation and verification events. Delivery OTP generation and verification events. Timestamps of all OTP-related activities. GPS coordinates at the time of OTP verification (for fraud detection). 3. HOW WE USE YOUR INFORMATION SHIPTER uses the information we collect for the following purposes: 3.1 Service Delivery To create and manage your SHIPTER account. To match Senders with Traveler Partners traveling on the same Delhi Metro route. To facilitate secure parcel handover through OTP-based verification at pickup and delivery. To process wallet transactions, delivery charges, and withdrawal requests. To generate delivery receipts and transaction records. To provide real-time parcel tracking and status updates. 3.2 Safety and Security To verify the identity of Traveler Partners through KYC verification. To detect and prevent fraud, fake accounts, and misuse of the platform. To detect and block devices that have been flagged for fraudulent activity. To detect and prevent the use of fake or mock GPS location applications. To investigate disputes, complaints, and reported incidents. To enforce our Terms and Conditions and other policies. 3.3 Communication To send push notifications about parcel status updates, OTP codes, and delivery confirmations. To send SMS alerts for important account and delivery events. To respond to your support queries, complaints, and feedback. To send important notices about changes to our Services, Terms, or this Policy. To send promotional communications about new features, offers, and updates (you may opt out at any time). 3.4 Platform Improvement To analyze app usage patterns and user behavior to improve our Services. To identify and fix technical issues, bugs, and performance problems. To develop new features and improve existing ones based on user feedback. To conduct internal research and analysis to enhance the platform. 3.5 Legal and Compliance To comply with applicable Indian laws, regulations, and court orders. To respond to requests from government authorities and law enforcement agencies. To enforce our legal rights and protect against legal claims. To maintain records as required by applicable law. 4. INFORMATION SHARING AND DISCLOSURE SHIPTER does not sell, trade, or rent your personal information to third parties for their marketing purposes. We may share your information in the following limited circumstances: 4.1 Between Users When a Traveler Partner accepts a delivery request, we share with them: the Sender's name, pickup DMRC station, drop DMRC station, parcel description, and parcel photograph. When a delivery is matched, we share with the Sender: the Traveler Partner's name and phone number to facilitate coordination. We do not share financial information, KYC documents, or any other sensitive information between users. 4.2 Service Providers We may share your information with trusted third-party service providers who assist us in operating the platform, including: Payment processing entities (Razorpay) for wallet top-up transactions. Firebase (Google) for authentication, database, storage, and push notification services. Cloud infrastructure providers for hosting and data storage. All service providers are bound by confidentiality agreements and are prohibited from using your information for any purpose other than providing services to SHIPTER. 4.3 Legal Requirements We may disclose your information to government agencies, law enforcement authorities, or other parties when: Required to do so by applicable Indian law, regulation, or court order. Necessary to protect the rights, property, or safety of SHIPTER, our users, or the public. Required to investigate, prevent, or take action regarding illegal activities, fraud, or violations of our Terms. 4.4 Business Transfers In the event of a merger, acquisition, restructuring, or sale of all or part of our business, your information may be transferred to the acquiring entity, subject to the same privacy protections described in this Policy. 4.5 With Your Consent We may share your information with third parties for any other purpose with your explicit consent. 5. DATA SECURITY SHIPTER takes the security of your personal information seriously. We implement appropriate technical, physical, and administrative security measures in accordance with the IT RSP Rules to protect your information against unauthorized access, alteration, disclosure, destruction, or loss. Our security measures include: Firebase Authentication for secure user login and session management. Firestore Security Rules to restrict data access based on user identity and role. Firebase Storage with restricted access controls for KYC documents and parcel images. OTP-based verification for all parcel pickup and delivery handovers. Device fingerprinting to detect and block fraudulent or blocked devices. Phone number blocking to prevent blocked users from re-registering. Admin-controlled access for sensitive operations including withdrawal approvals and KYC reviews. Encrypted data transmission using HTTPS for all API communications. Despite our best efforts, no security system is completely impenetrable. We cannot guarantee the absolute security of your information. You are responsible for maintaining the confidentiality of your account credentials and for all activities that occur under your account. 6. DATA RETENTION We retain your personal information for as long as is reasonably necessary to provide our Services, comply with our legal obligations, resolve disputes, and enforce our agreements. Specifically: Account information is retained for the duration of your account and for a reasonable period thereafter. Transaction records and delivery history are retained for a minimum of 3 years for legal and accounting purposes. KYC documents are retained for the duration of the Traveler Partner's active status and for a period thereafter as required by law. Support communications are retained for a period of 1 year. Crash reports and technical logs are retained for a period of 6 months. Upon deletion of your account, we will delete your personal information within 30 days, except where retention is required by law or for legitimate business purposes such as fraud prevention and dispute resolution. 7. YOUR RIGHTS AND CHOICES You have the following rights with respect to your personal information: 7.1 Access and Correction You have the right to access the personal information we hold about you and to request correction of any inaccurate or incomplete information. You may update your profile information directly through the App. 7.2 Deletion You have the right to request deletion of your personal information. To request account deletion, please contact us at dhneshwar3079@gmail.com. Please note that we may retain certain information as required by law or for legitimate business purposes. 7.3 Opt-Out of Communications You may opt out of promotional communications at any time by contacting us. You cannot opt out of transactional communications such as delivery status updates and OTP notifications, as these are essential to the Services. 7.4 Location Data You may disable location access for the SHIPTER App in your device settings at any time. However, this will limit your ability to use certain features of the App. 7.5 Withdrawal of Consent You may withdraw your consent to the collection and processing of your personal information at any time by contacting us in writing. Please note that withdrawal of consent may result in our inability to provide certain Services for which the information was required. 8. CHILDREN'S PRIVACY The SHIPTER App and Services are not directed to individuals under the age of 18 years. We do not knowingly collect personal information from minors. If we become aware that a user is under 18 years of age, we will take immediate steps to delete their account and associated information. If you believe that a minor has provided us with personal information, please contact us immediately at dhneshwar3079@gmail.com. 9. THIRD-PARTY SERVICES The SHIPTER App may contain links to or integrations with third-party services, including Google Sign-In and Razorpay. These third-party services have their own privacy policies, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party services you use in connection with the SHIPTER App. 10. COOKIES AND TRACKING TECHNOLOGIES We use cookies and similar tracking technologies in our App to analyze usage patterns, remember your preferences, and improve our Services. You may configure your device to refuse cookies; however, this may affect the functionality of certain features. 11. PROHIBITED ACTIVITIES In accordance with Rule 3(1)(b) of the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, users are prohibited from uploading, sharing, or transmitting any content that is defamatory, obscene, pornographic, invasive of privacy, harmful to children, infringing of intellectual property rights, threatening to national security, or patently false and misleading. Violation of these prohibitions may result in immediate account suspension, removal of content, and reporting to law enforcement authorities. 12. GOVERNING LAW AND JURISDICTION This Privacy Policy shall be governed by and construed in accordance with the laws of India. Any disputes arising out of or in connection with this Policy shall be subject to the exclusive jurisdiction of the courts in NIT Faridabad, Haryana, India. 13. GRIEVANCE OFFICER In accordance with the Information Technology Act, 2000 and the Consumer Protection (E-Commerce) Rules, 2020, the details of the Grievance Officer are as follows: Name: Dhaneshwar Organization: SHIPTER Address: Plot No. 9466, Sanjay Colony, Sector 23, Block F, NIT Faridabad, Haryana – 121005, India Phone: 7838604008 Email: dhneshwar3079@gmail.com Working Hours: Monday to Saturday, 9:00 AM to 6:00 PM IST Any grievances or complaints regarding the processing of your personal information may be directed to the Grievance Officer at the above contact details. We will endeavor to address your grievance within 30 days of receipt. 14. CONTACT US If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at: SHIPTER Plot No. 9466, Sanjay Colony, Sector 23, Block F, NIT Faridabad, Haryana – 121005, India Email: dhneshwar3079@gmail.com Phone: 7838604008