Effective Date: 29 May 2026
 

1. Purpose
 

The purpose of this Information Security & Data Protection Policy is to safeguard the confidentiality, integrity, and availability of information processed, stored, or transmitted through the Autobro platform.

This policy establishes the security measures, responsibilities, and procedures implemented to protect dealer information, vehicle inventory records, business analytics, financial data, customer information, and other business-critical assets.
 

2. Scope
 

This policy applies to:

• Autobro platform users

• Employees, contractors, and authorized personnel

• Dealer and business accounts

• Vehicle inventory and stock management data

• Sales and financial reporting data

• Customer and communication records

• Uploaded images, documents, and files

• Cloud infrastructure, APIs, and supporting systems
   

3. Data Classification
 

Autobro classifies information based on its sensitivity and business impact.

Data CategoryClassification

Login Credentials & Authentication DataCritical

Financial Reports, Profit & Loss DataCritical

Customer Information & Communication RecordsHigh

Vehicle Inventory & Business DataHigh

Images, Documents & AttachmentsMedium

Public Marketing ContentLow

Appropriate security controls are applied based on the classification level.
 

4. Information Security Controls
 

A. Technical Security Measures

Autobro implements industry-standard security controls, including:

• SSL/TLS encrypted communication

• Secure cloud-hosted infrastructure

• Data encryption during transmission

• Firewall and network protection measures

• Automated backup systems

• Secure API authentication mechanisms

• Access logging and monitoring

B. Access Control Measures

Access to data is restricted based on business requirements.

Controls include:

• Role-based access permissions

• Multi-level user authorization

• Administrative access restrictions

• Session management controls

• Password protection and authentication policies

C. Operational Security Measures

To maintain ongoing security, Autobro conducts:

• Security monitoring

• System performance monitoring

• Internal security reviews

• Periodic vulnerability assessments

• Security awareness and compliance activities
   

5. Platform and Account Security
 

Autobro maintains security controls designed to protect user accounts and platform access, including:

• Secure authentication processes

• Protected login sessions

• Account activity monitoring

• Unauthorized access prevention measures

• Abuse detection and fraud prevention systems

Users are responsible for maintaining the confidentiality of their login credentials and account access information.
 

6. Data Breach Response Procedure
 

Autobro maintains an incident response process to address potential security incidents.

In the event of a suspected or confirmed data breach, the following actions may be taken:

1. Immediate containment and system isolation.

2. Internal investigation and impact assessment.

3. Identification of affected systems and data.

4. Remediation and corrective actions.

5. Notification of affected users where legally required.

6. Reporting to regulatory authorities when applicable.

The response process is designed to minimize disruption and protect affected information.
 

7. Regulatory Compliance
 

Autobro aims to maintain compliance with applicable laws, regulations, and industry practices, including:

• Information Technology Act, 2000 (India)

• Digital Personal Data Protection Act (DPDP), where applicable

• Applicable cybersecurity and privacy regulations

• Industry-standard SaaS security practices

• Security frameworks commonly adopted by cloud-based software providers
   

8. Backup and Disaster Recovery
 

To ensure business continuity and data resilience, Autobro maintains:

• Automated daily backups

• Redundant storage mechanisms where applicable

• Disaster recovery procedures

• Data restoration capabilities

• Business continuity planning processes

Recovery procedures are periodically reviewed and tested to ensure effectiveness.
 

9. Data Retention and Secure Disposal
 

Data is retained only for as long as necessary to:

• Provide Services

• Meet operational requirements

• Comply with legal and regulatory obligations

• Resolve disputes and enforce agreements

When information is no longer required, Autobro follows secure deletion and disposal practices designed to prevent unauthorized recovery or access.
 

10. Third-Party Systems and API Dependency
 

Autobro may integrate with third-party APIs, government databases, automotive information providers, payment gateways, cloud infrastructure providers, communication services, and analytics platforms.

Data Source & Accuracy Disclaimer

Certain information displayed within Autobro, including vehicle details and related records, may be retrieved from external systems and third-party data providers.

While Autobro takes reasonable measures to ensure service reliability, we do not control or guarantee the accuracy, completeness, availability, or timeliness of third-party data sources.

Accordingly, Autobro shall not be liable for:

• Data inaccuracies

• Incomplete information

• Delayed updates

• API service interruptions

• Third-party server failures

• External system downtime

Users are encouraged to independently verify critical information before relying upon it for operational or business decisions.
 

11. Employee and Personnel Responsibilities
 

All employees, contractors, consultants, and authorized personnel are required to:

• Maintain strict confidentiality of information.

• Access data only when authorized.

• Follow company security policies and procedures.

• Report suspected security incidents immediately.

• Participate in security and compliance awareness activities.

Unauthorized access, disclosure, or misuse of information may result in disciplinary action, termination, or legal proceedings.
 

12. User Responsibilities
 

Users of the Autobro platform are responsible for:

• Protecting account credentials.

• Using strong passwords.

• Maintaining accurate account information.

• Ensuring authorized use of uploaded data.

• Reporting suspicious account activity.

Users should immediately notify Autobro if they suspect unauthorized access to their account.
 

13. Policy Review and Updates
 

This policy shall be reviewed:

• At least annually;

• Following significant platform changes;

• After major security incidents;

• Upon changes in applicable laws or regulatory requirements.

Autobro reserves the right to update this policy as necessary to maintain compliance, security, and operational effectiveness.
 

14. Contact Information
 

For security-related concerns, incident reporting, or compliance inquiries, please contact:

Autobro Security & Compliance Team

Email: info@zooperklook.com

Website: https://autobro.ai