Privacy Policy

Effective date: 25 February 2026 | Last updated: 24 April 2026

This Privacy Policy describes how Asli One Global Private Limited (“OneRide”, “we”, “our”) — CIN U62011TN2026PTC190105, operating the OneRide mobile apps, website and related services (the “Platform”) — collects, uses, discloses and protects your personal information.

This Policy is compiled in accordance with the Information Technology Act 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules 2011, and the Digital Personal Data Protection Act, 2023.

1. Information we collect

a) Information you give us

Full name, mobile number, email (passengers and drivers).
Drivers additionally: date of birth, address, driving licence number, vehicle registration number, RC, permit, Aadhaar, PAN, UPI ID, and a selfie for identity verification.
Payment details: UPI VPA (for drivers receiving fare), and a tokenised payment method identifier issued by our certified payment gateway (used for booking fees and insurance subscription debits). Full card numbers, CVV, UPI PIN and bank credentials are handled exclusively by the payment gateway under PCI-DSS and are never stored on OneRide servers.
Optional family information (driver welfare program): spouse name, children's school details — only if the driver opts in.

b) Information we collect automatically

Location — while the app is open, for ride matching, pickup, route display, and ride completion. Drivers: continuous location while online. Passengers: only during an active ride and last-mile pickup.
Device information — model, OS version, app version, Firebase Installations ID, FCM push token.
Usage logs — ride history, fare, payment status, cancellation, rating, support tickets.
Crash diagnostics — stack traces via Firebase Crashlytics, to fix bugs.

2. How we use your information

Match passengers with nearby drivers and complete rides.
Process the ₹5 booking fee payment via our certified payment gateway.
Process driver insurance subscription auto-debits via our certified payment gateway.
Verify driver documents and identity during onboarding (KYC).
Communicate in-app notifications (ride accepted, arrived, completed, fare receipts, document-expiry reminders).
Deliver driver welfare benefits (emergency loan, education support, legal assistance, care calls).
Detect and prevent fraud, abuse, safety violations, and money-laundering.
Comply with legal, regulatory and tax obligations (GST filings, MCA filings, law-enforcement requests).

No SMS marketing. OneRide does not send promotional SMS messages. All transactional communication is through in-app notifications (FCM) and email. Ride OTPs to drivers / receivers (for parcels) are generated and shown in-app only.

3. How we share your information

We share personal information only in these specific cases:

With the matched party — a passenger's name, first-name only of the driver, vehicle number, and approximate location are shared between passenger and driver during an active ride.
Payment gateways — OneRide uses PCI-DSS compliant certified payment gateway partners (currently Razorpay Software Private Limited and Cashfree Payments India Private Limited) for payment processing. These providers are bound by their own privacy obligations under Indian law. Our choice of payment partners may change over time; the updated list will always be reflected in this section.
IRDAI-approved insurance partners — for drivers who opt into insurance subscription, we share driver name, age, address, vehicle details and KYC documents with the underwriting insurer.
Cloud hosting — Google Firebase (Firestore, Authentication, Storage, Cloud Functions, Cloud Messaging) operated by Google LLC. Data is stored in the asia-south1 (Mumbai) region.
Law enforcement — in response to a valid legal demand from a government authority.
Corporate events — in connection with a merger, acquisition or asset sale, subject to standard protection.

We do not sell your personal information to third parties.

4. Data retention

Account data: kept while your account is active, and for 3 years after deletion for fraud prevention and tax audit purposes.
Ride and payment records: retained for 8 years as required under Indian tax law.
KYC documents (driver): retained for 5 years after the driver leaves the Platform, per RBI / PMLA guidance.
Location history: retained only for 30 days in identifiable form; aggregated afterwards for analytics.

5. Security

All data in transit is encrypted via TLS 1.2+.
Data at rest in Firebase is encrypted with Google-managed keys (AES-256).
Access to personal data inside OneRide is role-based and logged. Only authorised employees with a specific business need can access driver KYC or passenger records.
Payment credentials (full card / UPI PIN) are never handled by OneRide servers — they are tokenised by our certified payment gateway directly.

6. Your rights

Under the Digital Personal Data Protection Act, 2023, you have the right to:

Access the personal information we hold about you.
Correct inaccurate information.
Request deletion of your account and associated data (subject to retention obligations above).
Withdraw consent for optional features (location sharing, welfare program opt-ins).
Nominate another person to exercise these rights on your behalf in the event of your death or incapacity.

To exercise any of these rights, email info@asli.one.

7. Children

OneRide is not intended for use by persons below 18 years of age. We do not knowingly collect personal information from minors. If we discover such collection, we will delete it promptly.

8. International transfers

Our primary data storage region is Mumbai, India (asia-south1). Limited data (e.g. crash diagnostics, push notification delivery) may transit Google's global infrastructure. All such transfers are governed by Google's standard data processing agreements and comply with Indian law.

9. Grievance Officer

As required by the Information Technology (Intermediary Guidelines) Rules 2021 and the DPDP Act, the following officer handles privacy grievances:

Mr. Manoj Kannan
Grievance Officer & Data Protection Contact
Asli One Global Private Limited
309/3, Yasmin Nagar, Vedhanarayanapuram, Ozhalur, Tirukalikundram, Kanchipuram 603111, Tamil Nadu
Email: info@asli.one
Phone: +91 8110908008
Response time: within 48 business hours.

10. Changes to this Policy

We may update this Privacy Policy from time to time. Material changes will be notified via in-app notice and/or email to your registered address. Continued use of the Platform after an update constitutes acceptance of the revised Policy.