Privacy Policy

Last Updated: 8 April 2026  ·  Version 1.0

This policy applies to the Raddar platform (raddar.in) operated by RADDAR Solutions LLP ("we", "our", or "us"), a Limited Liability Partnership registered in India.

1. What Raddar Does

Raddar is a SaaS platform for truck fleet owners and transport businesses in India. It helps you manage trips, drivers, trucks, clients, invoices, expenses, and compliance documents — all in one place. To deliver these services, we need to collect and process certain personal and business data as described below.

2. Data We Collect and Why

We collect only the data necessary to provide the Raddar services you sign up for. The table below lists each category, what we collect, and the specific purpose.

Account & Company Registration

What: Company name, registered address, GST Identification Number (GSTIN), email address, contact person name, WhatsApp / phone number.

Why: To create and maintain your account; to pre-fill invoice and LR headers with your company details; to verify your business identity via GSTIN; to send OTP-based authentication over WhatsApp; and to deliver account notifications and support communications.

Legal basis: Contractual necessity; your explicit consent at signup.

Driver Information

What: Driver name, phone number, date of birth, home address, blood group, Driving Licence (DL) number and expiry, vehicle class, and salary / per-trip payment terms.

Why: To assign drivers to trips; to verify driving licence validity; to generate trip documents (LR, challan) that legally require driver and DL details; to track licence expiry and alert you before compliance deadlines; to maintain blood group on record for emergency medical reference as required for commercial transport operations; and to calculate driver payouts.

Legal basis: Contractual necessity; legitimate interest (fleet compliance); regulatory compliance (Motor Vehicles Act).

Vehicle (Truck) Information

What: Vehicle registration number, owner name, engine number, chassis number, truck type, payload capacity, RC copy, insurance certificate, national permit, fitness certificate, and other compliance documents you upload.

Why: To populate LR and challan documents legally; to verify RC and challan status; to send timely renewal alerts for insurance, permits, and fitness certificates; and to enable FASTag balance lookups.

Legal basis: Contractual necessity; legitimate interest (compliance management); regulatory compliance (Central Motor Vehicles Rules).

Client & Supplier Information

What: Business name, GSTIN, PAN, registered address, contact person name, phone, and email of your clients and suppliers.

Why: To auto-populate consignor / consignee fields on LRs and invoices; to validate GSTIN for GST-compliant billing; to generate GST reports and ITR filings; and to maintain your business address book.

Legal basis: Contractual necessity; regulatory compliance (GST Act, Income Tax Act).

Trip & Expense Records

What: LR number, trip dates, origin and destination, freight amount, advances, balances, material description, e-way bill references, and expense line items (fuel, tolls, loading, repairs, etc.).

Why: To generate LRs, invoices, and challans; to produce GST-ready reports; to compute trip profitability and cash flow; to support ITR preparation; and to power AI-based analytics on route efficiency and client risk.

Legal basis: Contractual necessity; regulatory compliance (GST, Income Tax).

Payment & Subscription Data

What: Subscription plan, billing cycle, payment status, and order references. Card or bank details are processed directly by Cashfree Payments and are never stored on Raddar servers.

Why: To manage your subscription, process renewals, and provide receipts.

Legal basis: Contractual necessity.

Usage & Technical Data

What: IP address, browser type, device information, pages visited, and anonymised error / performance logs.

Why: To detect and fix bugs, monitor platform performance, prevent fraud, and improve the product experience. Logs are anonymised or pseudonymised where possible.

Legal basis: Legitimate interest (platform security and improvement).

3. Third-Party Services We Use

We share data with trusted processors only to the extent necessary to deliver the service:

  • Supabase — secure cloud database and authentication (servers in Singapore / India).
  • Cashfree Payments — payment processing. Card/bank data goes directly to Cashfree; Raddar never sees raw payment credentials.
  • Resend — transactional email delivery (OTP confirmation, data export, reports).
  • Upstash Redis — OTP and rate-limit state (data retained for ≤ 10 minutes).
  • Surepass — a trusted API provider used to retrieve verified data from government systems for vehicle RC verification, DL verification, and GSTIN lookup. Only the queried identifier is sent; no other personal data is transmitted.
  • Sentry — anonymised error monitoring to help us fix bugs faster.

We do not sell or rent your personal data to any third party.

4. Data Retention

We retain your data for as long as your account is active or as needed to provide the service. Trip and financial records are retained for 7 years from the date of creation to comply with GST and income-tax record-keeping requirements under Indian law. After account deletion, personal profile data is erased immediately; financial records required by law are anonymised and retained for the statutory period. OTP codes and session tokens are deleted within 10 minutes of creation or use.

5. Data Security

We implement industry-standard security controls: TLS in transit, AES-256 encryption at rest, Row Level Security (RLS) on all database tables, short-lived JWT authentication tokens, constant-time HMAC OTP verification, and rate limiting on all sensitive endpoints. No method of transmission over the Internet is 100% secure; if you suspect unauthorised access to your account, contact us immediately at contactus@raddar.in.

6. Cookies & Tracking

Raddar uses strictly necessary session cookies for authentication. We do not use advertising or cross-site tracking cookies. If we add analytics cookies in the future, we will update this policy and seek your consent where required.

7. Your Rights (DPDPA 2023)

Under the Digital Personal Data Protection Act 2023, you have the following rights with respect to your personal data:

  • Right to Access — request a summary of the personal data we hold about you.
  • Right to Correction — request correction of inaccurate or incomplete data via Profile → Company Details.
  • Right to Erasure — request permanent deletion of your account and all associated data via Profile → Account & Privacy → Delete My Account.
  • Right to Data Portability — download a complete export of your data in XLSX format via Profile → Account & Privacy → Export My Data.
  • Right to Grievance Redressal — raise a complaint with our Grievance Redressal Officer (see Section 10 below).

We will respond to all data rights requests within 30 days. Some rights may be limited where retention is required by law (e.g., GST records).

8. Children's Privacy

Raddar is a business tool intended for adults running commercial transport operations. We do not knowingly collect data from anyone under the age of 18. If you believe a minor has registered an account, please contact us immediately.

9. Changes to This Policy

We may update this Privacy Policy when we add new features or when regulations change. Material changes will be communicated by email and/or an in-app banner at least 15 days before they take effect. The "Last Updated" date at the top of this page reflects the most recent revision. Continued use of Raddar after the effective date constitutes acceptance of the revised policy.

10. Contact & General Enquiries

For general privacy questions or data requests, email us at contactus@raddar.in. We aim to respond within 2 business days.

11. Grievance Redressal Officer (DPDPA 2023)

In accordance with the Digital Personal Data Protection Act 2023, we have appointed a Grievance Redressal Officer to handle complaints relating to the collection, storage, processing, or use of your personal data.

Name: Kaushik G

Phone: +91 81473 25107

Email: contactus@raddar.in

Response SLA: 30 days from the date of receipt of the grievance

Organisation: RADDAR Solutions LLP, Bengaluru, Karnataka, India

Please email your grievance with the subject line "DPDPA Grievance — [your name]". We will acknowledge receipt within 48 hours and resolve your complaint within 30 days. If unresolved to your satisfaction, you may escalate to the Data Protection Board of India once constituted.