Back to Home
Privacy Policy

Your Privacy Matters

At QRTAGPLUS (a brand of Khush Dhankad Digital Solutions LLP), protecting your personal information is fundamental to everything we do. This policy explains clearly what we collect, why we collect it, and exactly how it is used and protected.

Last updated: April 2, 2026 Applicable in India IT Act, 2000 Compliant
🔒
Number Always Masked
🚫
Never Sold to Advertisers
🇮🇳
Data Stored in India
👁️
You Control Your Data
🔐
Encrypted at Rest

1 Overview

Khush Dhankad Digital Solutions LLP (LLP), operating the QRTAGPLUS brand and platform ("we", "our", "us"), is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, store, and share information when you use the QRTAGPLUS website, platform, or purchase our QR vehicle tag products.

QRTAGPLUS is a registered brand and digital product of Khush Dhankad Digital Solutions LLP, incorporated and operating under the laws of India. By registering an account or purchasing a product on QRTAGPLUS, you consent to the practices described in this Privacy Policy. Please read this document carefully before using our services.

ℹ️
Who this applies to
This policy applies to all users of QRTAGPLUS — including visitors browsing the website, registered account holders, customers who have purchased tags, and anyone whose vehicle tag is scanned by a third party.

2 Data We Collect

We collect only the information necessary to provide our service effectively. Below is a complete breakdown of what we collect and why:

Category Data Collected Purpose
Account Information Full name, mobile number, password (hashed) Account creation, login, identity verification
Vehicle Information Vehicle number, vehicle model/type Tag activation and display on scan page
Contact Preferences Call / SMS / WhatsApp visibility settings Controlling which contact options appear on scan
Emergency Contacts Name and phone number of contacts you add Emergency contact display on your QR scan page
Documents RC, Insurance, PUC (uploaded by you) Secure digital storage in your account dashboard
Delivery Address Name, address, city, state, PIN, country Shipping physical QR tag cards
Payment Information Order ID, payment status (via Razorpay) Order processing and confirmation
Scan Logs Timestamp, contact action (call/SMS/WhatsApp/emergency) Analytics dashboard shown to tag owner
Profile Photo Profile picture uploaded by you (optional) Displayed in your account dashboard
Technical Data IP address, browser type, session data Security, fraud prevention, error debugging
What we do NOT collect
We do not collect your bank account or card details (handled entirely by Razorpay), your exact GPS location, biometric data, or any information from your device's contacts, camera, or files beyond what you explicitly upload to our platform.

3 How We Use Your Data

Your data is used strictly to operate and improve the QRTAGPLUS service. Specifically, we use your information to:

  • Create and manage your QRTAGPLUS account
  • Activate and manage your QR vehicle tags
  • Display the appropriate contact options when your tag is scanned
  • Process and fulfil your orders and arrange delivery of physical tag cards
  • Provide your scan activity logs and analytics in your dashboard
  • Send transactional communications such as order confirmations and OTPs
  • Respond to your support queries or complaints
  • Detect, prevent, and investigate fraud or security incidents
  • Comply with applicable legal obligations under Indian law
  • Improve our platform based on aggregated, anonymised usage patterns

We do not use your data for advertising, profiling, or any purpose beyond what is listed above without your explicit consent.

4 Phone Number Privacy — Our Core Promise

🔒
Your real number is never revealed
This is the fundamental promise of QRTAGPLUS. When someone scans your QR tag, they will never see your actual phone number. Only the last two digits are shown in a masked format (e.g., +91 ••••••60). The contact action (call, SMS, WhatsApp) is routed through our system.

Your phone number is stored securely in our database and is used solely for:

  • OTP-based login and identity verification
  • Routing contact actions initiated through your tag scan
  • Sending you transactional messages related to your account or orders

Emergency contact numbers added to your profile are also never shown in full to anyone scanning your tag — only masked versions are displayed alongside the contact action buttons.

5 Data Sharing & Disclosure

We do not sell, rent, trade, or share your personal information with any third party for commercial or marketing purposes. Your data may be shared only in the following limited circumstances:

  • Service Providers: We share necessary data with trusted third-party vendors (e.g., Razorpay for payment processing, courier partners for tag delivery) strictly to fulfil the service. These vendors are bound by confidentiality agreements.
  • Legal Requirements: We may disclose your information if required by law, court order, or government authority under applicable Indian laws, including the IT Act, 2000.
  • Safety & Fraud Prevention: We may share information to protect the rights, safety, or property of QRTAGPLUS, our users, or the public — for example, to investigate fraudulent activity or abuse of our platform.
  • Business Transfer: In the event of a merger, acquisition, or sale of all or part of Khush Dhankad Digital Solutions LLP or the QRTAGPLUS platform, your data may be transferred as part of that transaction. You will be notified of such changes via your registered mobile number.
⚠️
What third parties can see when scanning your tag
When someone scans your QR tag, the scan page shows only: your vehicle number, vehicle model, masked phone number (last 2 digits only), and the contact action buttons. No other personal information is visible to the scanner.

6 Data Storage & Security

We take the security of your personal information seriously. Here is how we protect your data:

  • All data is stored on secured servers located within India
  • Passwords are hashed using industry-standard algorithms and are never stored in plain text
  • All data transmission between your browser and our servers occurs over HTTPS (TLS encryption)
  • Access to personal data within our organisation is restricted to authorised personnel only on a need-to-know basis
  • Uploaded documents (RC, Insurance, PUC) are stored in a protected directory not publicly accessible via URL
  • Payment data is processed entirely by Razorpay — we never receive or store your card or bank details
  • We conduct periodic security reviews to identify and address vulnerabilities

While we implement robust security measures, no system is 100% immune to breaches. In the event of a data breach that affects your personal information, we will notify you promptly through your registered mobile number or email, as required by applicable law.

7 Cookies & Session Data

QRTAGPLUS uses cookies and session storage to operate the platform effectively. We use the following types:

  • Session Cookies: Required for login state, CSRF protection, and keeping you signed in during your session. These are deleted when you close your browser.
  • Preference Cookies: Store your language or display preferences if set.
  • Security Cookies: Used to detect and prevent fraudulent login attempts and rate-limit sensitive actions such as OTP requests.

We do not use advertising cookies, tracking pixels, or third-party analytics cookies. We do not participate in cross-site user tracking.

You can disable cookies in your browser settings. However, disabling session cookies will prevent you from logging into your account or using the platform.

8 Third-Party Services

QRTAGPLUS integrates with a small number of third-party services to deliver our product. Below is what each receives:

Service Purpose Data Shared
Razorpay Payment processing Order amount, your name — no card data passes through us
Courier Partners Physical tag delivery Delivery name, address, PIN code, phone number
Google Fonts Typography on our website Your IP address (standard browser font request)
Font Awesome CDN Icons on our website Your IP address (standard CDN request)

We do not use Facebook Pixel, Google Analytics, Hotjar, or any behavioural analytics or advertising platform. Our platform is ad-free and we do not allow any third-party advertising on QRTAGPLUS.

9 Children's Privacy

QRTAGPLUS is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from minors. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately at support@qrtagplus.com and we will delete such information promptly.

10 Your Rights Over Your Data

As a QRTAGPLUS user, you have the following rights regarding your personal information:

👁️
Right to Access
Request a copy of all personal data we hold about you.
✏️
Right to Correct
Update or correct any inaccurate information in your profile or account settings.
🗑️
Right to Delete
Request deletion of your account and associated personal data, subject to legal retention obligations.
📦
Right to Portability
Request an export of your personal data in a structured, machine-readable format.
🚫
Right to Object
Object to any processing of your data that goes beyond the scope of service delivery.
🔕
Right to Withdraw Consent
Withdraw consent for optional data use at any time without affecting your core service access.

To exercise any of the above rights, please contact us at support@qrtagplus.com. We will respond within 30 days of receiving your request. Some requests may require identity verification before we can process them.

11 Data Retention

We retain your personal information only for as long as necessary to fulfil the purposes outlined in this policy, or as required by law. Specifically:

  • Account data is retained for the duration of your account and for up to 2 years after account deletion, for legal and audit purposes
  • Order and payment records are retained for 7 years as required under Indian tax and financial regulations
  • Scan logs are retained for 12 months and then automatically purged
  • Uploaded documents (RC, Insurance, PUC) are deleted within 30 days of account deletion upon your request
  • OTP logs are retained for 90 days for security auditing and then deleted

When data is no longer needed, it is securely deleted or anonymised so that it can no longer be linked to you.

12 Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the "Last Updated" date at the top of this page.

For significant changes that affect how we use your personal information, we will notify you via your registered mobile number or email address prior to the changes taking effect. Your continued use of QRTAGPLUS after any update constitutes your acceptance of the revised Privacy Policy.

We encourage you to review this page periodically to stay informed of how we are protecting your information.

Privacy Questions or Concerns?

If you have any questions about this Privacy Policy, wish to exercise your data rights, or want to report a privacy concern, please reach out to us. We typically respond within 2–3 business days.

support@qrtagplus.com +91 9958877242

14 DPDP Act 2023 — India Compliance

⚖️
Digital Personal Data Protection Act, 2023
Khush Dhankad Digital Solutions LLP, operating QRTAGPLUS, is committed to complying with the Digital Personal Data Protection (DPDP) Act, 2023 — India's primary data protection law enacted by Parliament. This section explains your rights as a Data Principal and our obligations as a Data Fiduciary under the Act.

Your Rights as a Data Principal

Under the DPDP Act, 2023, you have the following statutory rights with respect to your personal data:

📋
Right to Information
Request a summary of the personal data we hold about you and the purposes for which it is being processed (Section 11).
✏️
Right to Correction & Erasure
Request correction of inaccurate or incomplete personal data, and erasure of data that is no longer necessary for the purpose for which it was collected (Section 12).
🔕
Right to Withdraw Consent
Withdraw consent for processing of your personal data at any time, without affecting the lawfulness of processing carried out before withdrawal (Section 13).
⚖️
Right to Grievance Redressal
Lodge a complaint with our Grievance Officer. If unsatisfied with our response, escalate to the Data Protection Board of India (Section 13).
🧾
Right of Nomination
Nominate another individual to exercise your data rights on your behalf in the event of your death or incapacity (Section 14).

Our Obligations as Data Fiduciary

  • Purpose Limitation: We collect personal data only for the specific, lawful purposes described in this policy (e.g., service delivery, order processing, scan notifications). Data is never used beyond those stated purposes without fresh consent.
  • Data Minimisation: We collect only the minimum personal data required to deliver our services. Optional fields (such as email address) are never compelled.
  • Consent: All non-essential data collection (e.g., marketing WhatsApp messages, location data) is based on explicit, freely given consent, which you may withdraw at any time through your account Settings page.
  • Storage Limitation: Personal data is retained only for as long as necessary (see Section 11 — Data Retention). After the retention period, data is securely deleted or anonymised.
  • Security Safeguards: We implement reasonable technical and organisational safeguards including HTTPS encryption, hashed passwords (bcrypt), parameterised database queries, CSRF protection, and restricted admin access.
  • Breach Notification: In the event of a personal data breach that may cause harm, we will notify the Data Protection Board of India and affected Data Principals as required by law.
  • Children's Data: We do not knowingly process personal data of minors (below 18 years). Our service requires a valid Indian mobile number and is intended for vehicle owners of legal driving age.

Legal Bases for Processing

We process your personal data on the following lawful bases under the DPDP Act:

  • Consent (Section 7): For WhatsApp notifications, location logging, marketing communications, and push notifications. You may withdraw consent at any time.
  • Legitimate Use: For processing necessary to perform the contract with you (creating your account, processing orders, delivering tags, sending scan alerts to vehicle owners).
  • Legal Obligation: For retaining financial and transaction records as required under Indian tax law (GST, Income Tax).

Grievance Officer

In accordance with the DPDP Act, 2023 and the Information Technology Act, 2000, we have appointed a Grievance Officer to address your concerns:

Grievance Officer — Khush Dhankad Digital Solutions LLP (QRTAGPLUS)
📧 privacy@qrtagplus.com
📞 +91 9958877242
⏱️ Response time: within 48 hours of receipt (complaints resolved within 30 days)

If you are unsatisfied with the resolution provided by our Grievance Officer, you may escalate your complaint to the Data Protection Board of India once the Board is established and operational under the DPDP Act, 2023.

How to Exercise Your Rights

To exercise any of your rights under the DPDP Act, contact our Grievance Officer at privacy@qrtagplus.com with the subject line "DPDP Rights Request". Please include your registered mobile number and a description of your request. We may request identity verification before processing certain requests to protect your data from unauthorised access.

Last reviewed for DPDP compliance: April 2, 2026. QRTAGPLUS will update this section as the DPDP Rules are notified by the Government of India and as the Data Protection Board of India becomes operational.

© 2026 QRTAGPLUS. All rights reserved. Registered Address: Bijnor, Uttar Pradesh — 246701, India.  ·  Home  ·  Terms of Use