Privacy Policy
Effective Date: May 30, 2026 · Last Updated: May 30, 2026
1. Introduction
EaseCab ("we", "us", "our") operates the EaseCab platform available at easecab.com — a taxi ride leads service for drivers and vendors in India. This Privacy Policy explains what information we collect, why we collect it, how we use it, and the choices you have.
By using EaseCab, you agree to the collection and use of information as described in this policy. If you do not agree, please do not use the platform.
2. Information We Collect
2.1 Account Information
We collect your Indian mobile phone number when you register. Your number is used solely for authentication via one-time password (OTP) through Firebase Authentication. We do not store OTPs.
2.2 Profile Information
You may optionally provide your name, preferred vehicle type, and service area (city). This information is used to personalise your experience.
2.3 Location Information
We request approximate city-level location permission only to suggest your city for targeted push notifications about new ride leads. We do not track precise GPS location or your movement. Location permission is optional — you may decline without losing access to the ride feed.
2.4 KYC Documents
To post your own ride leads and earn a verified trust badge, we collect and verify your identity through our KYC partner Surepass:
- Aadhaar number and OTP (Aadhaar-linked mobile for verification)
- Driving Licence number
- Vehicle Registration Certificate (RC) number
KYC documents are processed by Surepass and are not stored on EaseCab servers beyond what is required for verification status.
2.5 Payment Information
Subscription payments are processed by Razorpay. We do not receive, store, or have access to your card number, bank account details, or UPI credentials. We store only subscription status, plan period, and anonymised Razorpay transaction identifiers.
2.6 Chat Messages
In-app chat messages between verified users are stored in Firebase Firestore. Messages are associated with a specific ride contact and are automatically made read-only when the related ride expires.
2.7 Usage Data
We collect standard server logs including IP address, device type, operating system, browser/app version, pages visited, ride cards viewed, and actions taken. Logs are used for security, debugging, and aggregated analytics. Logs never contain phone numbers, OTPs, Aadhaar details, JWT tokens, or payment credentials.
3. How We Use Your Information
- Authenticate you via phone OTP and maintain your session
- Deliver and personalise the real-time ride leads feed
- Verify your identity through KYC to enable ride posting and the verified trust badge
- Process your subscription payment and manage access
- Send city-targeted push notifications for new ride leads (with your permission)
- Enable in-app 1:1 chat with other verified users on a confirmed ride
- Detect and prevent fraud, abuse, spam, and duplicate ride leads
- Improve the platform through aggregated, anonymised analytics
- Respond to your support requests
4. Third-Party Services
We use the following third-party services, each governed by their own privacy policies:
- Firebase (Google)— Phone OTP authentication, in-app chat (Firestore), and push notifications (FCM). Google's Privacy Policy applies to data processed by Firebase.
- Razorpay— Subscription payment processing. Razorpay's Privacy Policy applies to all payment data.
- Surepass — KYC verification (Aadhaar, Driving Licence, RC). Surepass processes identity documents under its own data handling policy.
- Cloudflare R2 — Secure cloud storage for profile pictures, KYC-related uploads, and chat image attachments. Files are served via time-limited presigned URLs only — the storage bucket is never publicly accessible.
- PostHog — Aggregated, anonymised product analytics. No personally identifiable information is transmitted to PostHog.
- Sentry — Application error monitoring. Error reports do not contain PII.
5. Data Retention
- Account data: retained while your account is active, and for 30 days following an account deletion request, after which it is permanently deleted.
- KYC document data: retained for 90 days after verification is confirmed, then permanently deleted.
- Chat messages: retained while the associated ride contact is active; automatically purged when the ride expires.
- Ride lead data: ride leads are automatically hard-deleted 12 hours after posting.
- Payment records: retained for 7 years as required under Indian financial regulations.
- Server logs: retained for 30 days, then automatically deleted.
6. Data Security
We implement the following security measures:
- Authentication tokens stored in httpOnly, Secure cookies — never in localStorage
- All data transmitted over HTTPS (TLS)
- Uploaded files accessible only via time-limited presigned URLs
- Role-based access control separating user and admin systems
- No PII (phone numbers, OTPs, Aadhaar, payment credentials) recorded in server logs
- Rate limiting on OTP requests to prevent abuse
Despite these measures, no transmission over the internet is 100% secure. We encourage you to keep your account credentials confidential.
7. Your Rights
- Access: You may request a summary of the personal data we hold about you by contacting support@easecab.com.
- Correction: You can update your profile name, vehicle type, and preferences directly in the app.
- Deletion: You can request account deletion from Profile → Settings → Delete Account, or by emailing support@easecab.com. Deletion takes effect within 30 days and is irreversible.
- Push notification opt-out: You can withdraw push notification consent at any time in your device settings or the app notification settings.
8. Cookies
We use a single httpOnly session cookie for authentication. We do not use tracking cookies, advertising cookies, or any third-party cookies. No cookie consent banner is required because we use only strictly necessary session cookies.
9. Children's Privacy
EaseCab is intended for commercial vehicle operators aged 18 and above. We do not knowingly collect information from persons under 18. If we become aware that a minor has registered, we will delete the account promptly.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes via an in-app notification at least 7 days before the change takes effect. Continued use of EaseCab after the effective date constitutes your acceptance of the updated policy. The "Last Updated" date at the top of this page reflects the most recent revision.
11. Contact Us
For any questions, concerns, or requests related to this Privacy Policy, please contact us at:
Email: support@easecab.com
Platform: easecab.com
12. Governing Law
This Privacy Policy is governed by the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and other applicable laws of India. Any disputes arising out of this policy shall be subject to the jurisdiction of courts in Chandigarh, India.