20HIGH’S DATA PRIVACY POLICY

This 20-HIGH SOFTWARE PRIVATE LIMITED Privacy Policy (the “Policy”) hereby discloses the privacy practices for 20High TMS and other related services, together with its web-based interfaces (collectively referred to as the “Service”). 20-HIGH SOFTWARE PRIVATE LIMITED (“20High”), the provider of the Service, is committed to protecting the User’s privacy online. Please read the information below to learn the following regarding the User’s use of the Service.

20High will be complying with, and undertake that it shall continue to comply with, all the applicable data protection, privacy and information technology laws and policies of the jurisdictions applicable to it in the course of receiving, handling, storing and processing personal data in connection with or for the purpose of this Agreement, which obligations shall continue to apply as long as it is receiving or is in possession of such personal data.

This Policy is effective as of 8th August 2023. 20High reserves the right to change this Policy at any time. Such changes, modification, additions or deletions shall be effective immediately upon notice thereof, which may be given by means including, but not limited to issuing an email to the email address listed by the registered users or posting the revised Policy on this Page. The User acknowledges and agrees that it is the User’s responsibility to maintain a valid email address as a registered user, review this site and this Policy periodically and to be aware of any modifications. If the User finds the modified Policy unacceptable, the User may terminate the User’s subscription and discontinue use of the Service. The User’s continued use of the Service after such modifications will constitute the User’s (a) acknowledgment of the modified Policy; and (b) its agreement to abide and be bound by the modified Policy.

1. Types of Information Collected
While the Service is targeted toward and designed for business use and the performance of business-to-business functions and transactions, 20High understands that individual consumers may access the Service or individuals employed by such businesses (with such individuals and businesses, referred to collectively as the “User”) may provide personally identifiable information through the Service. Therefore, 20High may collect two types of information about the User: Personally Identifiable Information and Non-Personally Identifiable Information (collectively referred to as the “User Information”).

(a) Personally Identifiable Information: This refers to information that lets 20High know the specifics of who an individual User is. When the User engages in certain activities within the Service, such as registering for a membership and entering demographic and contact information, the User may provide personal phone numbers, mobile numbers, fax numbers, websites, email addresses, and physical addresses (including zip code), employer, or other personal identifying information.

(b) Non-Personally Identifiable Information: This refers to information that does not by itself identify a specific individual. 20High gathers certain information about the User based upon the information entered into the Service. This information may be compiled and analysed on an individual and an aggregate basis. This information may include Service Specific Information (“SSI”) such as the User’s legal name, principal place of business, billing address, telephone numbers and email addresses; if the User is a corporation or company entity, loads built, the User’s client and carrier data, locations for load origins and destinations, commodity data, vehicle/carrier’s Global Positioning System (“GPS”) coordinates, and any other business information entered into the Service or Non-Service Specific Information (“NSI”), which is information transmitted by the User’s access to the Service and other communications with the Company, including but not limited to the User’s Internet Protocol (“IP”) address, User browser or other software type, and other information that may be collected by cookies or similar methods, as well as any information transmitted by the User via email. An IP address is an identifier for a computer or device on a Transmission Control Protocol/Internet Protocol (“TCP/IP”) network, such as the World Wide Web. Networks like the Web use the TCP/IP protocol to route information based on the IP address of the destination. In other words, an IP address is a number that is automatically assigned to your computer whenever you are surfing the web, allowing web servers to locate and identify your computer. Computers require IP addresses in order for users to communicate on the Internet.

2. Collection Methods and Use of User Information
20High does not collect any Personally Identifiable Information or SSI about the User unless the User voluntarily provides the information to 20High through the use of the Service The User may provide certain Personally Identifiable Information to 20High when the User: (a) registers for the Service and registers an email address; and (b) saves demographic and contact information in the Service. The User may provide certain SSI to 20High when the User enters: (a) carrier data; (b) load information; (c) location information; (d) commodity data; and (e) demographic and contact information. We may also collect User Information from the User at other points within the Service that state such information is being collected. 20High does not collect any Personally Identifiable Information or SSI about the User unless it is absolutely necessary for the Service to perform.

The collected Personally Identifiable Information or SSI about the User will be used by 20High through the use of the Service for (a) user authentication (b) sending One-time Passcode (“OTP”); (c) carrier data; (d) customer data; (e) party contact information of the transport shipments; (f) sending email notifications about shipments; (g) live tracking of transports; (h) chatbot and instant messaging among the users of the Service.

20High may use User Information for the purposes of providing the Service to the User, and by providing such User Information the User consents to 20High’s use. 20High may also use the User Information to develop demographics or statistics to improve the Service and develop additional goods and services for its Users in line with the Service.

3. Deletion of User Information
The Personally Identifiable Information or SSI data collected through the use of the Service including the Personally Identifiable Information or SSI about the individuals using the service will be retained only for a specified duration of time (“Retention period”) as agreed with the business, using the Service, during the Service configuration.

Beyond the configured Retention period, data will be deleted permanently without any local archival; on business’s request data may be archived and handed over to the business before the permanent deletion.

Individuals may also be able to request the Service through authorized Users to forget their Personally Identifiable Information or SSI data collected through the use of the Service.

4. Release of Information
20High does not sell, trade, or rent the User’s Personally Identifiable Information or SSI to others. 20High may, however, provide its parent organizations, subsidiaries, and affiliates (collectively referred to as “Affiliates”) access the User’s Personally Identifiable Information and SSI in order for such Affiliate to offer, solicit and provide complementary transportation and logistics services in accordance with the Services’ Terms of Use. All Affiliates provided access to such Information shall abide by the terms of this Policy in relation to the use and release of the User’s Personally Identifiable Information and SSI in accordance with the obligations of 20High herein, and by providing Personally Identifiable Information or SSI the User consents to 20High’s Affiliate’s use.

Only to the extent of enabling effective and complete use of Service by the User, 20High needs to provide links or other interface to third party sites or services, and for the purpose 20High may disclose User Information as required by the third-party service provider(s), and a User’s use of such link or interface shall constitute explicit consent and authorization for such disclosure. 20High is not responsible for the use of User Information by such third -party service providers, and the User Information will be subject to each such third party’s respective privacy and security policies once transmitted. In such cases, User shall not have recourse to 20High for any breach of Data Security by such third parties.

20High will not sell or permit unauthorized access to User Information. 20High will not disclose User Information to any third party without such User’s authorization except when necessary to (a) comply with applicable law, (b) establish a lawful claim or defence, or (c) respond to lawful process or appropriate governmental inquiry. 20High reserves the absolute and sole discretion to reveal User Information if 20High deems such action necessary to (i) safeguard the rights of 20High and the other users, or (ii) protect or prevent injury to another person.

5. Right to Contact User
20High reserves the right to use User Information to contact the User regarding the User’s account status and changes to the Service’s Terms and Conditions, this Policy, or any other policies or agreements relevant to the Service’s Users. Only 20High or affiliate employees, operating under the terms of this privacy policy will contact the User regarding this Policy or the User’s use of the Service.

6. Data Security
The User of the Service can stay assured that the User’s Personally Identifiable Information and SSI is secured, consistent with current industry standards and the personal data is secured throughout the entire data lifecycle. 20High has policies and procedures in place to protect the privacy and confidentiality of the User Information and other data that 20High collects and maintains. The importance of security for all Personally Identifiable Information and SSI associated with each User is of utmost concern to us. The User’s Personally Identifiable Information and SSI is protected in several ways. Access by the User to the User’s Personally Identifiable Information and SSI is available through a multi-factor authentication process where first the password and unique login ID selected by the User are validated and then a One-Time-Passcode (“OTP”) is sent to the user’s registered email address for the user to enter for verification. This password is encrypted and kept or stored by 20High. 20High recommends that the User does not divulge the User’s password to anyone. It is the User’s responsibility to maintain the confidentiality of its login ID and password. 20High is not liable for any losses the User may incur from the unauthorized use of its password protected access. However, the User will be held liable for losses incurred by 20High due to someone else using Customer’s account. In addition, User’s Personally Identifiable Information and SSI reside on a secure server that only selected 20High and affiliate personnel and contractors have access to via password. 20High encrypts the User’s Personally Identifiable Information and SSI and thereby prevents unauthorized parties from viewing such information when it is transmitted to 20High.

7. Cookies
When the User uses the Service, 20High may store cookies on the User’s computer in order to facilitate and customize the use of the Service. A cookie is a small data text file, which a Web site stores on your computer’s hard drive (if your Web browser permits) that can later be retrieved to identify the User on the Service. The cookies make your use of the Service easier, make the Service run more smoothly and helps IMG maintain the security of the Service. The User is always free to decline 20High’s cookies if the User’s browser permits, but some parts of the Service may not work properly in that case.

8. Privacy Policies of Third-Party Sites
Except as otherwise discussed in this Policy, this document only addresses the use and disclosure of information 20High and its affiliates collect from the User. Other sites accessible through the Service may have their own privacy policies and data collection, use and disclosure practices. Please consult each site’s privacy policy. 20High is not responsible for the policies or practices of third parties. Additionally, other companies which place advertising on the Service may collect information about the User when the User views or clicks on their advertising through the use of cookies. 20High cannot control this collection of information. The User should contact these advertisers directly if the User has any questions about their use of the information that they collect.

9. Miscellaneous
The User must be at least eighteen (18) years old to have 20High’s permission to use the Service. 20High’s policy is that it does not knowingly collect, use or disclose Personally Identifiable Information about Service users that are under 18 years of age. The User is solely responsible for maintaining the secrecy of the User’s username, password and the OTP that is being sent during the user authentication process.

If the User has any questions about this Policy, the practices of the Service, or the User’s dealing with the Services, please contact 20High by sending a letter to:

20-HIGH SOFTWARE PRIVATE LIMITED
Attn: Data Privacy Officer
C.C. BUILDING, INFO CITY, KIIT, Bhubaneswar, Khorda-751024, Orissa

User may also contact 20High at support@20high.com.