App Privacy policy

Effective date: 28 January, 2024

1. Introduction

ATAI Labs PvtPrivate Limited (“ATAI”, “we”, “our”, or “us”) operates the GateSurvey App (“App”).”), anenterprise business-to-business application. This Privacy Policy explainsdescribes how we collect, use, store, disclose,and protect informationwhen you use our is collected,used, stored, processed, disclosed, and protected in connection with the use ofthe App. WeareATAI is committed to safeguarding privacy and complying withapplicable data protection and cybersecurity laws, including the InformationTechnology Act, 2000 (India), and the rulesissued thereunder, applicable directions issued by the Indian ComputerEmergency Response Team (CERT-Inguidelines, and), the DigitalPersonal Data Protection Act, 2023, as and when applicable, the GeneralData Protection Regulation (GDPR), where applicable, and any otherapplicable data protection laws in the jurisdictions in which ATAI operates orprovides the App.

2. Scope and application

 This Privacy Policy applies to the useof the App. By accessing or using thisthe App, you acknowledgethat you agreeto the terms of have read andunderstood this Privacy Policy and agree to its terms, subject to anyapplicable enterprise service agreements or data processing agreements governing the use of the App. The Gate Survey App is aan enterprise business-to-business (B2B) application used by gate surveyors, logistics operators, terminal operators, and other authorized employees,representatives, and contractors of ATAI and its customers. The App is designed to support operationalactivities including gate inspection, verification, compliance, security, andlogistics operations.

3. Roles and Responsibilities

Depending on the context of use, ATAI may act as adata processor or a data fiduciary/data controller in relation to informationprocessed through the App. Where the App is used by ATAI’s customers for theiroperational activities, ATAI processes personal data on behalf of suchcustomers and in accordance with applicable enterprise service agreements anddata processing agreements. ATAI may act as an independent data fiduciary/datacontroller for limited categories of information processed for its ownlegitimate business purposes, such as user account administration,authentication, security monitoring, audit logging, compliance with legal andregulatory obligations, and system performance and diagnostics.

4. Information we collect

Depending on the nature of use of the App and therole of the user, ATAI may collect and process different categories ofinformation in connection with the operation of the App. The informationcollected is limited to what is necessary for legitimate operational,contractual, compliance, security, and system performance purposes.

4.1. Information Collected About App Users (Authorised Personnel) 

ATAI may collectthe following information about authorized users of the App, includingemployees, representatives, and contractors of ATAI and its customers:

· Fullname

· Companyor organization name

· Emailaddress

· Phonenumber

· Logincredentials and authentication datainformation

· User roles, access rights, and permissions

 · Internaluser identifiers (such as user ID or employee/contractor reference number)

· Account accessand activity timestamps (such as login history)

4.2. Information Collected About Truck Drivers & Vehicles 

In the course of gate inspection, verification, andsurvey operations, authorized users of the App may record information relatingto drivers, vehicles, and containers as part of customer-controlled operationalworkflows. Such information is captured solely for legitimate operational,compliance, security, and audit purposes and may include:

· DrivingLicenseNumberlicence number

· Dateof Birth (DoB)birth

· Truck/Vehicle Registration Numberor vehicle registration number

· FASTagIDidentifier

· ContainerNumbernumber

· ContainerSealNumberseal number

· EXIMor shipment status

· Container images (all sides andinside)

· Driver document images (e.g., drivinglicense)

 · Images of containers,vehicles, and driver identification documents

Such information is recorded only to the extentrequired to perform the relevant operational task.

 

4.3. Images,Media, and Evidence Data

The Gate Survey App enables thecapture and processing of images and other media by authorized users as part ofoperational workflows. Such images and media are captured solely forverification, inspection, audit, security, and compliance purposes and mayinclude:

· Images of containers (external andinternal)

· Images of trucks and othervehicles

· Images of driver identificationdocuments, as required for operational verification

· Geo-taggedphotographs and other evidence imagescaptured during gate operations

  Images and media are captured only at the direction of authorized users and only to the extentnecessary to support the relevant operational activity.

4.4. LocationData

The App may collect precise location data,including GPS coordinates and geo-tagging information, at the time of specificoperational activities. Location data is processed solely for purposes such aslocation verification, operational audit, security validation, compliancemonitoring, and incident investigation in connection with gate operations. TheApp does not perform continuous or background location tracking beyond what isrequired to support the relevant operational task.

4.5. Device &,Technical, and Usage Data

The App mayautomatically collect certain device, technical, and usage information toensure the secure, reliable, and efficient operation of the App. This informationmay include:

· DeviceIDidentifiers

· Internet Protocol (IP) address

· Operatingsystem, device type, and App version

· System logs,audit logs, crash reports, and diagnostic information

· Performance, telemetry snd error metrics

Such information is processed solely for purposes including system security, access control, troubleshooting, performance monitoring, fraud prevention, and process data strictly compliance with applicable legal and regulatory requirements.

5. Purpose of Processing/Use of Information

ATAI processes information collected through the App solely forlegitimate business and, operational purposes, including:, contractual,security, and compliance purposes. Information is processed only to the extent necessary to support the intended functionality of the App and the operational requirements of ATAI and its customers, and in accordance with applicable enterprise service agreements and data processing agreements. Information maybe processed to enable and manage gate entry and exit verification, conduct container, vehicle, and driver inspections, and support operational audits,verification, and record keeping. The App is used to facilitate logistics tracking, operational workflows, and the creation of verifiable inspection records, including for purposes of dispute resolution and incident investigation.

Information may also be processed to ensure the security and integrity of the App and related systems. This includes performing access control and authentication,detecting, preventing, and investigating fraud, misuse, or unauthorized activity, maintaining audit logs and evidence records, and complying with applicable legal, regulatory, and contractual obligations. Where required,information may be processed to respond to lawful requests from government authorities, regulators, or law- enforcement agencies. In addition, ATAI processes certain information to monitor, maintain, and improve the performance,stability, and reliability of the App. This includes identifying and resolving technical issues, conducting system diagnostics, monitoring performance metrics, maintaining infrastructure and security controls, and ensuring business continuity.

Information relating to authorized users of the App may be processed for account administration and access management purposes, including creating and managing user accounts, assigning and managing user roles and permissions,authenticating users, and communicating service-related notices, updates, and operational information necessary for the effective use of the App. Information is processed on one or more lawful bases, as applicable, including the performance of contractual obligations under enterprise service agreements,ATAI’s legitimate business interests in operating and securing the App,compliance with legal and regulatory obligations, and user consent, where required under applicable law. The App does not use personal data for automated decision-making or profiling that produces legal or similarly significant effects on individuals.

6. Data Storage, Processing, and Transfers

Information collected through the App is stored and processed inusing secure cloud-based or on-premises infrastructure, as requiredto meetdetermined by customer requirements, contractual, commitments, and applicable legal and regulatory obligations. ATAI implements appropriate technical andorganizational measures to ensure that information is handled in a secure and controlled manner throughout its lifecycle. Data storage locations may vary depending on factors such as the geographic location of the customer, regulatory or sector-specificrequirements, and the deployment model agreed under applicable enterprise service agreements. Where required, the App may be deployed in customer-designated environments, including customer-managed or on-premises infrastructure.

Information maybe processed in jurisdictions where ATAI, its customers, or its authorized service providers maintain operations or infrastructure. Where cross-bordertransfers of personal data occur, such transfers are carried out in accordancewith applicable data protection laws and contractual safeguards, including dataprocessing agreements and other lawful transfer mechanisms, as required. ATAIensures that all data storage and processing environments implementindustry-standard security controls, including encryption, access restrictions,monitoring, and audit logging. Access to information is limited to authorizedpersonnel and service providers who require such access for legitimateoperational, support, or compliance purposes and who are subject to appropriateconfidentiality and security obligations.

7. Data Retention

Information collected and processed through the App is retained only for as long as necessary to fulfill the operational, contractual, legal, and regulatory purposes for which it was collected. Retention periods may vary depending onthe nature of the information, customer requirements, applicable laws, and the terms of relevant enterprise service agreements or data processing agreements.Where retention periods are configurable or defined by customer contract, ATAI retains information in accordance with such contractual requirements. Upon termination or expiry of the applicable service agreement, or upon customer instruction, information is securely deleted or returned in accordance with contractual obligations and applicable legal requirements, unless retention isrequired to comply with law, resolve disputes, enforce agreements, or meetaudit or compliance obligations.

Certain information, such as system logs, audit records, or backup data, may be retained for limited periods beyond active use for purposes including security monitoring, incident investigation, business continuity, and compliance withlegal or regulatory requirements. Complete deletion of all data, including backup copies, may not be immediately feasible due to technical or operational constraints; however, such data will remain protected and subject to appropriate access controls until securely deleted in accordance with applicable policies. 

8. Data Sharing and Disclosure

ATAI does not sell, rent, or trade personal data collected through the App. Information is shared only to the extent necessary to support the operation of the App, complywith legal obligations, and fulfill contractual commitments. Information processed through the App may be shared with ATAI’s customers that operate or control the relevant logistics facility or operational environment. Such sharing occurs as part of the provision of the App and related services and is governed by applicable enterprise service agreements and data processing agreements. Information may also be accessed by authorized ATAI personnel and internal teams who require such access for legitimate operational, support,security, compliance, or administrative purposes. Access is limited based on role and necessity and is subject to confidentiality and security obligations.

ATAI may disclose information where required to comply with applicable law, legal process, or lawful requests from government authorities, regulators, or law enforcement agencies. Information may also be disclosed where necessary to protect the rights, safety, or property of ATAI, its customers, users of the App, or the public, including for the prevention or investigation of fraud,security incidents, or misuse of the App. Where ATAI engages trustedthird-party service providers to support the operation, monitoring, or maintenance of the App, such providers may process information on ATAI’s behalf under contractual obligations that require appropriate confidentiality, data protection, and security safeguards. Such service providers are permitted toprocess information only for the purposes specified by ATAI and in accordance with applicable agreements.

9. Third-Party Services

The App uses certain trusted third-party services to support application monitoring,diagnostics, and performance optimization. These services are used solely toensure the secure, reliable, and efficient operation of the App and are notused for advertising, profiling, or marketing purposes. Such third-party services may process limited technical and usage information, including system logs, performance metrics, and diagnostic data, in accordance with ATAI’s instructions and applicable contractual safeguards. These service providers are contractually obligated to process information only for the purposes specifiedby ATAI and to implement appropriate confidentiality, data protection, andsecurity measures.

The App currently uses the following third-party services for operational monitoringand diagnostics:

  • Firebase Analytics
  • OpenTelemetry exporters

ATAI does notpermit third-party services used in connection with the App to independentlyuse, disclose, or commercialize information collected through the App.

10. Security Measures

ATAI implements strong technical, administrative,and organizational security measures designed to protect information processedthrough the Gate Survey App against unauthorized access, loss, misuse,alteration, or disclosure. These measures are proportionate to the nature ofthe information processed and the operational environments in which the App isdeployed. As part of its security framework, ATAI implements security controlsthat may include, as appropriate:

  • Encryption of data in transit using HTTPS/ TLS protocols
  • Encryption of data at rest
  • Role-based  access control (RBAC) to limit access based on job function and authorization
  • Audit logging to support monitoring, investigation, and compliance requirements
  • Multi-factor authentication for user access, where applicable
  • Secure key management practices
  • Device authentication and access controls
  • Strict internal access control policies and procedures

 Access toinformation is restricted to authorized personnel and service providers whorequire such access for legitimate operational, support, security, orcompliance purposes and who are subject to appropriate confidentiality andsecurity obligations. ATAI maintains internal policies, procedures, andmonitoring mechanisms to support information security, including incidentdetection, response, and remediation processes, in line with applicablecybersecurity and regulatory requirements. While ATAI takes reasonable andappropriate measures to safeguard information, no method of transmission or storage is completely secure, and absolute security cannot be guaranteed.

11. User Rights and Requests

Subject to applicable data protection laws, individuals whose personal data is processed through the App may have certain rights in relation to their personal data,including the right to request access to, correction of, or deletion of suchdata. Where ATAI acts as a data processor on behalf of its customers, requests relating to personal data processed through the App should be directed to the relevant customer organization acting as the data fiduciary or data controller.ATAI will assist its customers, as required under applicable agreements andlaw, in responding to such requests. Where ATAI acts as an independent data fiduciary or data controller for limited categories of information, requestsmay be submitted by contacting ATAI at privacy@atai.ai. ATAI maytake reasonable steps to verify the identity of the requester before responding to any request. The exercise of data subject rights may be subject to limitations where retention or processing of information is required to comply with legal or regulatory obligations, fulfill contractual commitments, maintain security and audit logs, protect the rights or safety of ATAI or its customers,or support dispute resolution and incident investigation. ATAI will respond tovalid requests within the timelines prescribed under applicable law.

12. Children's Privacy

TheApp is intended solely for use in enterprise and professional environments andis not designed for or directed to individuals under the age of 18. ATAI does not knowingly collect personal data from children. If ATAI becomes aware that personal data of a child has been collected inadvertently, reasonable steps will be taken to delete such information inaccordance with applicable law. 

13. Poicy Updates

ATAI may update this Privacy Policy from time to time to reflect changes in legal requirements,regulatory guidance, operational practices, or the functionality of the GateSurvey App. Any updates to this Privacy Policy will be reflected by the “Last Updated” date indicated at the top of this document. Where required under applicable law or contractual obligations, ATAI will take reasonable steps tonotify users or customers of material changes to this Privacy Policy through appropriate means. Continued use of the App after any updates become effective constitutes acknowledgment of the updated Privacy Policy, subject to applicable enterprise service agreements.

14. Contact Information

Where requiredunder applicable law, ATAI will designate a grievance officer or equivalent contact and make the relevant details available through appropriate channels. Ifyou have any questions, concerns, or requests regarding this Privacy Policy orthe processing of information through the Gate Survey App, you may contact ATAIat:

ATAI Labs Private Limited

Email: privacy@atai.ai
Website:https://www.atai.ai

Email: privacy@atai.aihttps://www.atai.ai

Automating global supply chain operations using Al.
ATAI is dedicated to enhancing the capacity, efficiency, and transparency of global supply chain operations. Our platform, rooted in AI and deep learning, is equipped with Computer Vision and pre-trained AI models, enabling the automation of visually-driven and evidence-based supply chain operations with unparalleled precision and reliability.
@2026 ATAI  All rights reserved.
Terms of UsePrivacy Policy