Last updated: May 7, 2026
This Privacy Policy describes how Vasundhara Logistics (“we,” “us”) collects, uses, and protects information when you use the Vasundhara AMS mobile and web applications (the “Service”). The Service is a private, business-only asset management tool provided to authorized employees and contractors of organizations that have licensed it.
The Service is not a consumer-facing application. It is used internally by employees and authorized contractors of organizations (each, a “Customer”) that license the Service from us. The Customer is the data controller for any personal information processed through their deployment.
When a Customer creates an account for you, we store: name, email address, role (admin / auditor / employee), site / location / department assignment, and an encrypted password hash. Passwords are never stored in plain text.
The Service stores asset records (descriptions, codes, locations, photos, depreciation values, custom fields) and audit records (which user scanned which asset and when). This is the core business data the Service exists to manage.
The mobile app uses the camera only to scan QR codes and barcodes on assets, and to take photos of assets when you choose to attach one. Camera frames used for scanning are processed on-device and are not uploaded. Photos you choose to attach are uploaded and stored as part of the asset record.
When you scan an asset during an audit, the app captures the device’s GPS coordinates at that moment so the audit record can show where each scan occurred. Location is not tracked in the background, only recorded at the moment of an explicit scan action.
If you choose to attach an existing photo from your device’s library to an asset, the app accesses only the photo(s) you select. The app does not enumerate or upload your library contents.
We log API requests for the purpose of debugging, performance monitoring, and security auditing. These logs include: request method, URL path, response status code, response time, and the authenticated user’s ID. We do not log request bodies for routes that carry passwords or credentials.
Data is stored in a SQLite database hosted on the Customer’s designated server. Backups are encrypted at rest by the storage provider. All network traffic between the mobile app, the web app, and our API is encrypted in transit using TLS. Passwords are hashed using bcrypt. Apple App Store Connect API keys and other secrets are stored on the server file system with restricted permissions; they are never embedded in the mobile or web client.
We do not share your personal information with third parties, except as needed to operate the Service (cloud storage providers and email-delivery providers acting as our sub-processors), or when required by law. We do not share data with advertising networks or data brokers.
Account and asset data is retained for as long as the Customer’s license is active. Daily backups are retained for 90 days. When a Customer terminates their license, their data is deleted within 30 days unless a longer retention period is required by law.
Because the Service is a business tool, requests to access, correct, export, or delete personal data should be directed first to your employer (the Customer). We will assist the Customer in fulfilling such requests as required by applicable law (including the EU GDPR and India’s Digital Personal Data Protection Act, 2023).
The Service is not intended for use by children under 16, and we do not knowingly collect information from children.
We may update this Privacy Policy from time to time. The “Last updated” date at the top reflects the most recent change. Material changes will be communicated through the application or by email to account administrators.
Questions or concerns? Email support@ffstudios.io.