This Data Processing Agreement (“DPA”) describes how Autobotz (“we”, “our”, “us”) processes personal data on behalf of users (“you”, “your”, or “customer”) in connection with our services.
This DPA is issued in compliance with the Digital Personal Data Protection Act, 2023 (“DPDP Act”) of India and forms part of our Terms of Service. By using our services, you agree to this DPA.
1. Roles & Responsibilities
You (the Customer) act as the Data Fiduciary (controller) of your data. We (the Company) act as the Data Processor (processor) and process data solely on your documented instructions.
2. Purpose of Processing
We process personal data strictly for providing, maintaining, improving, and supporting our services, including:
- Account creation and management
- Providing core service functionality
- Security monitoring and fraud detection
- Customer support and troubleshooting
- Legal compliance and dispute resolution
3. Categories of Data
Depending on how you use our services, we may process:
- User Identification Data: Name, email, phone number, IDs.
- Usage Data: Logs, device info, browser info, IP address.
- Customer Content: Messages, files, attachments.
- Integration Data: Data shared via third-party services (e.g., Facebook, WhatsApp)
4. Security Measures
We apply reasonable technical and organizational security measures including:
- Data encryption (in transit and at rest)
- Secure authentication and access controls
- Regular vulnerability assessments
- Role-based data access and logging
5. Sub-Processors
We may engage carefully selected third-party Sub-Processors to support our services. We require all Sub-Processors to follow equivalent data protection obligations.
6. Data Subject Rights
Under the DPDP Act, you (or your end users) may exercise rights such as:
- Access, Correction, Erasure
- Grievance redressal via our Grievance Officer
7. Data Retention & Deletion
We retain personal data only as long as necessary to fulfill service obligations or legal requirements. Upon termination of your account, we securely delete or anonymize data unless retention is required by law.
8. Cross-Border Data Transfers
We may process and store data outside India in compliance with applicable law and ensure appropriate safeguards are in place.
9. Data Breach Notification
In the event of a data breach, we will notify you without undue delay and provide necessary information to meet your legal obligations.
10. Audit Rights
You may request details of our security measures and compliance certifications. We may provide audit reports (ISO 27001) or allow inspections under reasonable conditions.
11. Updates to this DPA
We may update this DPA from time to time to reflect legal, technical, or operational changes. The 'Last Updated' date will indicate the most recent revision.
12. Contact & Grievance Redressal
Grievance Officer:
Name: Jaykishan Vansadawala
Email: jaykishan@autobot.ai
Address: FLAT-1, 2ND FLOOR, BHARAT SMRUTI, H.NO.2/1340-41, Hanuman Sheri, Sagrampura, Surat, Gujarat 395002
We will respond to grievances within the period prescribed under the DPDP Act
13. Governing Law
This DPA is governed by the laws of India, and disputes shall be subject to the jurisdiction of courts in Surat, Gujarat, India.
By continuing to use our services, you agree to this Data Processing Agreement.
