Namma Yatri, Inc. ("Namma Yatri," "we," "us," or "our"), headquartered at 1701 Directors Blvd, Suite 300, Austin, TX 78744, operates an open-source, zero-commission ride-hailing platform that connects riders and driver-partners in Indian cities. This Privacy Policy describes how we collect, use, disclose, and safeguard your personal data when you use our mobile applications, website located at nammayatri.com, and related services (collectively, the "Services").
By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with its terms, please discontinue your use of the Services immediately. This Policy applies to all users of the Namma Yatri platform, including riders, driver-partners, and visitors to our website.
1. Information We Collect
1.1 Information You Provide Directly
Account Registration: When you create a Namma Yatri account, we collect your full name, mobile phone number, email address (optional), profile photograph (optional), and, for driver-partners, government-issued identification documents, vehicle registration information, and driver's license number. We require this information to verify your identity and enable platform access.
Payment Information: To facilitate fare payments, we collect payment method information including UPI IDs, linked bank account details, and transaction history. We do not store full bank account credentials — payment processing is handled by licensed payment service providers under separate security and compliance frameworks. We retain transaction records for a period required by applicable financial regulations.
Driver-Partner Documentation: Driver-partners provide additional documentation including vehicle insurance certificates, pollution under control certificates, commercial vehicle permits, and fitness certificates. This information is required to verify compliance with regulatory requirements for commercial passenger transportation.
Communications: When you contact our support team, participate in surveys, or communicate through the platform, we collect the content of those communications and associated metadata. This information is used to respond to your inquiries and improve our services.
1.2 Information Collected Automatically
Location Data: With your permission, we collect precise GPS location data during active trips and, for driver-partners, during active platform sessions. Riders' location data is collected from the time of booking request through trip completion. We collect this data to enable our core matching and navigation services. You may disable location sharing through your device settings, but doing so will prevent you from using core ride-hailing features.
Device Information: We automatically collect information about the device you use to access our Services, including device type and model, operating system version, unique device identifiers (IMEI, advertising ID), mobile network information, and app version. This information helps us optimize platform performance and diagnose technical issues.
Usage Data: We collect information about how you interact with our Services, including app session times, features accessed, screens viewed, search queries, and button taps. This behavioral data helps us understand how riders and drivers use the platform and identify areas for improvement.
Trip Data: Every trip generates a comprehensive data record including origin and destination coordinates, route taken, trip distance and duration, fare amount, timestamps, and quality of service metrics such as driver rating and any incident reports. This trip record is retained for the duration of your account relationship with us and for a period after account closure as required by regulatory and business record-keeping requirements.
1.3 Information from Third Parties
We may receive information about you from third-party sources including background check service providers (for driver-partner verification), payment service providers (for transaction processing and fraud prevention), mapping and navigation service providers, and governmental licensing databases (for vehicle and driver permit verification).
2. How We Use Your Information
2.1 Providing and Improving Our Services
We use your personal data primarily to operate and improve the Namma Yatri platform. This includes matching riders with available driver-partners based on location proximity, enabling navigation for completed trips, processing fare payments, calculating and distributing driver earnings, providing in-app customer support, and improving our matching algorithms and route optimization. We also use aggregate, anonymized data to conduct research and develop new platform features.
2.2 Safety and Security
We use personal data to protect the safety of riders, driver-partners, and the general public. This includes verifying identity and eligibility to use the platform, detecting and preventing fraud and unauthorized access, investigating safety incidents and complaints, and sharing relevant information with emergency services when required by law or when there is an imminent risk to safety. We retain safety-related data for extended periods to support investigations that may be initiated after the incident date.
2.3 Legal Compliance
We process personal data as required to comply with applicable laws and regulations, including the Digital Personal Data Protection Act 2023 (India), state-level transport regulations requiring commercial vehicle operator records, financial record-keeping requirements, and tax reporting obligations. We retain records required by law for the periods mandated by applicable regulations.
2.4 Communications
We use your contact information to send you transactional notifications about your trips and account, platform updates and policy changes, driver-partner earnings summaries and payment confirmations, and security alerts. We do not use your personal data to send third-party marketing communications without your explicit consent.
3. Data Sharing and Disclosure
3.1 Sharing Between Riders and Drivers
When a trip is matched, riders receive the driver-partner's first name, vehicle make, model, color, and license plate number, and real-time location. Driver-partners receive the rider's first name and pick-up location. After trip completion, both parties receive a trip receipt. We do not share riders' full names, phone numbers, or destination addresses with driver-partners. Phone calls made through the platform use number masking to prevent direct number exchange.
3.2 Service Providers
We share personal data with third-party service providers who assist us in operating the platform, including cloud infrastructure providers (for data storage and processing), payment processing companies, background verification service providers, mapping and navigation data providers, and customer support software vendors. All service providers are bound by data processing agreements that restrict their use of personal data to the specific services they provide to us.
3.3 Open Data Program
We publish aggregated, anonymized mobility reports that include trip volume heat maps and origin-destination matrices at the neighborhood level. This data does not contain any personally identifiable information — it is aggregated across thousands of trips to a level of geographic granularity (minimum neighborhood area of 1 km²) that prevents individual identification. This open data is available to municipal governments, academic researchers, and urban planning organizations under a Creative Commons Attribution license.
3.4 Government and Law Enforcement
We may disclose personal data to government agencies and law enforcement in response to lawful legal process including court orders, statutory notices, and regulatory requests. We require formal legal process for any disclosure of individual user data. When legally permitted, we notify affected users of government data requests. We publish a semi-annual transparency report disclosing aggregate statistics about government data requests we receive. We challenge requests that we believe exceed legal authority.
3.5 Business Transfers
In the event of a merger, acquisition, or sale of all or substantially all of our assets, personal data may be transferred to the acquiring entity. We will provide notice to affected users before personal data is transferred and becomes subject to a different privacy policy.
4. Data Retention
We retain personal data for the periods necessary to fulfill the purposes for which it was collected, subject to legal requirements for minimum retention periods. Account information is retained while your account is active and for two years after account closure for dispute resolution purposes. Trip records are retained for seven years to comply with commercial transport record-keeping requirements. Payment transaction records are retained for seven years to comply with financial record-keeping requirements. Support communications are retained for three years. Location data collected outside of active trips (not including driver-partner active-session location) is retained for a maximum of 90 days.
5. Your Rights and Choices
5.1 Access and Correction
You have the right to access the personal data we hold about you and to request correction of inaccurate or incomplete data. You can access most of your personal data directly through the Namma Yatri app in the Account Settings section. For data not accessible through the app, you may submit a Data Access Request through our Privacy Contact form at privacy@nammayatri.com. We will respond within 30 days of receiving a verified request.
5.2 Data Portability
You have the right to receive your personal data in a structured, machine-readable format and to transmit it to another service provider. You may request a data export through the app's Account Settings > Data & Privacy section. Exports include your trip history, account information, and payment records in JSON format.
5.3 Erasure
You may request deletion of your personal data by deleting your account through the app or by contacting our privacy team. Account deletion initiates a 30-day deactivation period, after which personal data is deleted subject to legal retention requirements. Data that we are legally required to retain — including certain financial records and commercial transport logs — is retained for the required period even after account deletion, then permanently deleted.
5.4 Withdrawal of Consent
Where we process personal data based on your consent, you may withdraw that consent at any time through the app's privacy settings. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal. Note that withdrawing consent to certain data processing — such as location sharing — will prevent you from using core platform features that depend on that data.
5.5 Complaints
If you believe we have not handled your personal data in accordance with applicable law or this Privacy Policy, you may file a complaint with the relevant data protection authority. In India, the relevant authority is the Data Protection Board of India established under the Digital Personal Data Protection Act 2023. You may also contact our Data Protection Officer directly at dpo@nammayatri.com.
6. Data Security
We implement technical and organizational measures designed to protect personal data against unauthorized access, accidental loss, destruction, or disclosure. These measures include encryption of personal data in transit and at rest using industry-standard protocols, access controls that limit employee access to personal data on a need-to-know basis, regular security audits by independent third-party security professionals, and an audited access request process for any internal access to individual user data.
Our open-source codebase means that our platform architecture is available for public security review. We operate a responsible disclosure program that allows independent security researchers to report vulnerabilities, and we commit to timely patching of reported vulnerabilities. Despite these measures, no security system is completely impenetrable, and we cannot guarantee absolute security of your personal data. In the event of a data breach affecting your rights or freedoms, we will notify you and relevant authorities as required by law.
7. International Data Transfers
Namma Yatri is incorporated in Austin, Texas, USA, and our platform is operated primarily for users in India. Personal data collected in India is primarily processed and stored on cloud infrastructure located in data centers within India. When data is transferred to our Austin headquarters or to service providers operating outside India, we ensure appropriate safeguards are in place, including data processing agreements incorporating standard contractual clauses and adherence to requirements of the Digital Personal Data Protection Act 2023 for cross-border transfers.
8. Children's Privacy
Our Services are not directed to individuals under 18 years of age. We do not knowingly collect personal data from children under 18. If we become aware that we have inadvertently collected personal data from a child under 18, we will take steps to delete that information promptly. If you believe a child under 18 has provided personal data through our Services, please contact us at privacy@nammayatri.com.
9. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our data practices, platform features, or applicable law. When we make material changes, we will notify you through the app and by email (if you have provided an email address) at least 30 days before the changes take effect. Your continued use of the Services after the effective date of the updated Policy constitutes your acceptance of the changes. If you do not agree with the updated Policy, you should discontinue using the Services before the changes take effect.
10. Contact Information
If you have questions, concerns, or requests related to this Privacy Policy or our data practices, please contact us:
Namma Yatri, Inc.
1701 Directors Blvd, Suite 300
Austin, TX 78744
United States
Privacy Team: privacy@nammayatri.com
Data Protection Officer: dpo@nammayatri.com
India Operations Office: Bengaluru, Karnataka, India
For riders and driver-partners in India, support and privacy inquiries are also available through the in-app Help Center in English, Kannada, Tamil, Telugu, and Hindi. We endeavor to respond to all privacy inquiries within 30 days of receipt.
Also see: Terms of Service · Cookie Policy