Legal • Data Safety • India

Data Safety & Protection Policy

This Data Safety & Protection Policy explains how Eto Rides collects, processes, stores, shares, retains, and safeguards personal data in accordance with applicable laws of India.

Eto RidesLast updated: 08/02/2026
Terms of ServicePrivacy PolicyGrievance RedressalContact Page

1. Applicability and Scope

§

1.1This Data Safety & Protection Policy (the “Policy”) shall apply to all users, captains, partners, merchants, service providers, and visitors who access or use the Eto Rides platform, including the website, mobile applications, APIs, and related services (collectively, the “Platform”).

1.2This Policy shall be read together with the Terms of Service, Privacy Policy, and other applicable policies. In the event of conflict, the stricter data protection or legal requirement shall prevail to the maximum extent permitted by law.

1.3This Policy is intended to support compliance under Indian law, including the Information Technology Act, 2000 (and applicable rules) and the Digital Personal Data Protection Act, 2023, as and when applicable.

1.4The Provider may update this Policy to reflect operational, security, or legal changes. Continued use of the Platform after publication shall constitute acceptance of the updated Policy.

Effective Date: 08/02/2026 (as published in the finalized policy document)

Related pages: Terms of Service, Privacy Policy, Grievance Redressal, Contact.

2. Categories of Data Collected

§

The Platform may collect and process the following categories of data for lawful purposes described in this Policy.

CategoryIllustrative Examples (Non-Exhaustive)
Identity DataName, mobile number, email address.
Booking and Trip DataPickup/drop, timestamps, booking identifiers, service metadata.
Device and Technical DataIP address, device identifiers, OS/app version, diagnostics.
Support and Dispute DataSupport messages, grievance records, dispute correspondence.
Safety and Verification DataSOS events, incident logs, trip photo capture where enabled.

Payment handling

Eto Rides does not store sensitive payment instrument data such as card numbers, CVV, or banking credentials. Payments are processed by third-party payment gateways (e.g., Razorpay). The Platform may retain transaction identifiers, timestamps, and settlement references for reconciliation and compliance.

3. Purpose of Processing

§

3.1Facilitating bookings, matching, and service delivery.

3.2Ensuring safety, fraud prevention, and abuse detection.

3.3Customer support, grievance redressal, and dispute resolution.

3.4Legal, tax, and regulatory compliance.

3.5Analytics, diagnostics, performance monitoring, and service improvement.

4. Analytics and Advertising

§

4.1Eto Rides may use analytics and advertising tools operated by Google and Eto Rides to measure usage trends, diagnose technical issues, improve user experience, and conduct lawful promotional activities.

4.2Such tools may rely on cookies, SDKs, or similar technologies and may process aggregated, anonymized, or pseudonymized data subject to applicable law, user controls (where enabled), and provider configuration.

4.3Where consent mechanisms are enabled, non-essential analytics/advertising shall be governed by the user’s consent choices, to the maximum extent required by applicable law.

5. Data Storage and Security Measures

§

Primary servers and production infrastructure are hosted within India. Eto Rides shall implement reasonable and industry-standard safeguards to protect personal data, including:

  • Firewall-restricted network access and private network isolation.
  • Encrypted communication using TLS/SSL.
  • Strong authentication and role-based access control (RBAC).
  • Encrypted databases and object storage where applicable.
  • Secure DevOps practices and controlled administrative access.

No method of transmission or storage is completely secure. Security measures are implemented to reduce risk and support incident response readiness.

6. Data Retention

§

6.1Personal data shall be retained only for as long as necessary for the purposes described in this Policy or as required under applicable law, regulatory directions, or contractual obligations.

6.2Account data may be retained for the duration of an active account and as required for lawful purposes following closure.

6.3Trip and transaction records may be retained for legal/tax compliance as required under applicable law.

6.4System, security, and support logs may be retained for operational security and dispute review, subject to lawful retention and minimization.

Retention periods may vary based on legal obligations, dispute timelines, fraud prevention needs, and operational requirements.

7. User Rights

§

7.1Subject to applicable law, users may request access, correction, deletion, withdrawal of consent, or other actions available under law.

7.2Requests may require verification and shall be processed within timelines and procedures required by applicable law.

8. Children’s Data

§

8.1The Platform is intended for individuals aged 18 years or above. Eto Rides does not knowingly collect personal data of children.

8.2Accounts reasonably identified as belonging to minors may be restricted or terminated.

9. Data Sharing and Disclosure

§

9.1Personal data may be shared with service providers, payment processors, auditors, or government authorities strictly on a need-to-know basis for service delivery, security, or legal compliance, to the maximum extent permitted by law.

9.2The Platform does not sell personal data.

9.3Disclosures to authorities may be made where required by law, lawful order, or applicable regulatory direction.

10. Contact and Grievance Redressal

§

For data protection queries, rights requests, or grievances, contact Eto Rides using the official channels below.