Back to Terminal
Privacy Policy

Your data.
Your control.

Effective: 22 April 2026//Version 1.0

On this page

1 · Introduction2 · Information We Collect3 · Product-Specific Data Handling4 · How We Use Your Information5 · Security & Storage6 · Third-Party Services7 · Data Retention8 · Your Rights9 · International Data Transfers10 · Children's Privacy11 · Changes to This Policy12 · Contact

1 · Introduction

Kamsora Technologies Pvt. Ltd. ("Kamsora", "we", "our", or "us") builds AI-first enterprise platforms - AttendX, RoadEye, SmartWaste, TenderEye, and Natchat - alongside custom engineering work. This Privacy Policy explains what personal and operational data we collect, why we collect it, how we protect it, and the rights you have over it.

This policy applies to all visitors to kamsora.com, customers using our products in cloud, hybrid, or on-premise mode, and anyone whose data flows through our platforms as part of a customer deployment.

2 · Information We Collect

Directly from you (visitors, prospects, customers)

  • Contact information: name, work email, company, designation, phone number.
  • Enquiry content: product of interest, brief, operational context shared via forms or email.
  • Account credentials when a customer account is provisioned (email + authentication tokens).

Automatically from our website

  • Technical telemetry - IP address, browser, device, referring page.
  • Anonymous usage analytics (page views, session duration) used to improve the site.
  • We do not sell visitor data or share it with advertisers.

Through our products (operational data)

Each product processes data specific to its purpose. These details are covered in Section 3. In all cases, customers remain the data controller; Kamsora acts as a data processor under their instructions.

3 · Product-Specific Data Handling

AttendX

  • Biometric data is stored as encrypted mathematical face templates, not as raw face photos.
  • Enrolment photos used to generate the template are discarded by default; retention is configurable per customer policy.
  • Attendance events (timestamp, location, user ID) are written to the customer's HRMS of record.
  • Spoof-attempt images (from failed liveness checks) are retained only as part of the customer's audit log.
  • Full on-premise and air-gapped deployments are supported so biometric data never leaves customer infrastructure.

RoadEye

  • Survey vehicles and dashcams capture road imagery, GPS coordinates, and sensor data.
  • Imagery is scanned by our computer vision models to detect defects. Faces and license plates in incidental frames are automatically blurred.
  • Contractor field-app data (check-in GPS, repair photos) is tied to the customer's work-order record for audit purposes.
  • All defect records and media are retained per customer retention policy, with immutable audit logs.

SmartWaste

  • Vehicle telemetry (GPS, load, route adherence) is processed for route optimization and dispatch.
  • Citizen complaint submissions may include name, phone number, and geo-tagged photos; this data is scoped to the municipal authority's workflow and is not shared externally.
  • Driver identifiers, shift data, and pickup confirmations stay inside the customer's deployment.
  • Analytics and CO₂ reporting are generated from aggregated, de-identified operational data.

TenderEye

  • Customer-uploaded RFPs, tender documents, and internal CVs are processed to extract structured insights and match candidates to roles.
  • CV data - names, qualifications, project history, certifications - is indexed for search and matching only within the customer's tenant.
  • Role-based access controls restrict CV visibility to authorized bid-team members and recruiters.
  • Documents and extracted data are stored encrypted; retention is configurable. Customers can request permanent deletion at any time.
  • We do not train public models on customer RFPs or CV data.

Natchat

  • Natchat is deployed on customer infrastructure (on-premise, private cloud, or air-gapped). Kamsora does not host, store, or route messages, files, or metadata at any point.
  • End-to-end encryption is applied to direct messages and channel content.
  • AI monitoring runs on the customer's own servers; alert data does not leave their environment.
  • Kamsora may receive anonymized crash logs from client applications if the customer opts in - no message content is ever included.

4 · How We Use Your Information

  • Delivering the product or service you or your organization has contracted for.
  • Responding to enquiries, demo requests, and pre-sales conversations.
  • Operating, securing, monitoring, and improving our platforms and supporting infrastructure.
  • Complying with legal, regulatory, and contractual obligations including DPDP Act, GDPR-aligned frameworks, BFSI mandates, and industry-specific rules.
  • Internal analytics and product improvement using aggregated, de-identified data only.

We never sell personal data, biometric data, or customer operational data to third parties. We do not use customer data to train models that serve other customers.

5 · Security & Storage

  • Encryption in transit (TLS 1.2+) and at rest (AES-256 or equivalent) across all managed platforms.
  • Role-based access controls, principle of least privilege, and audit logging for all internal access.
  • Network segmentation, WAF, DDoS protection, and continuous vulnerability scanning.
  • ISO 27001 and SOC 2 aligned controls; formal certifications in progress.
  • Customer data residency honored - India-only, EU-only, or any region you specify.
  • Air-gapped and fully on-premise deployments available for defense, BFSI, and regulated sectors.

6 · Third-Party Services

We use a small, vetted set of sub-processors strictly for service delivery. These may include cloud infrastructure (AWS, Azure, or GCP regions as selected by the customer), transactional email, identity providers (if SSO is enabled), and error-monitoring tools.

Customers running Natchat, or any product deployed on-premise, do not have Kamsora sub-processors in their data path for those deployments. A current sub-processor list is available on request to privacy@kamsora.com.

7 · Data Retention

  • Visitor enquiry data: retained for up to 24 months unless you request earlier deletion.
  • Customer operational data: retained per the customer's configured retention policy.
  • Audit and compliance logs: retained immutably for the duration the customer requires for regulatory purposes.
  • On termination of services, customer data is exported on request and then deleted within 90 days unless legally required otherwise.

8 · Your Rights

Under the DPDP Act and aligned frameworks (GDPR, UK DPA), individuals have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your personal data, subject to legal retention requirements.
  • Withdraw consent for processing based on consent.
  • Object to or restrict certain processing activities.
  • Receive your data in a portable format.
  • Lodge a complaint with the appropriate data protection authority.

Requests can be sent to privacy@kamsora.com. For customer-side data (data we process on behalf of a customer), we will route the request to the customer as the data controller.

9 · International Data Transfers

Kamsora is headquartered in Gurugram, India. Where operational delivery requires a cross-border transfer, we rely on standard contractual clauses, adequacy decisions, or the customer's explicit instruction. Customers can enforce strict data-residency at infrastructure level as part of their deployment.

10 · Children's Privacy

Our services are designed for enterprise and government customers and are not directed to individuals under the age of 18. We do not knowingly collect personal data from children.

11 · Changes to This Policy

We may update this Privacy Policy to reflect new products, regulations, or operational practices. Material changes will be communicated to customers in advance, and the effective date at the top of this page will be updated.

12 · Contact

Kamsora Technologies Pvt. Ltd.
Ground Floor, 421/42, Sector 42
Gurugram, Haryana, India

Privacy enquiries: privacy@kamsora.com
General: sales@kamsora.com

Questions about how we handle your data?

Write to our privacy team - we respond within 5 working days.

privacy@kamsora.com
System Online//v1.0.0
Node: Gurugram//Uptime 99.98%
Kamsora Logo

Intelligent systems, engineered for modern enterprise.

India · HQ

Ground Floor, 421/42, Sector 42

Gurugram, Haryana, India

United Kingdom

Clayton, Yorkshire

BD14 6LX, United Kingdom

Products
Navigate
Connect
sales@kamsora.com

Follow_Network

© 2026 Kamsora Technologies Pvt. Ltd. All rights reserved. Crafted with precision in India.