MOVTEK Private Limited ('MOVTEK', 'we', 'our', 'us') is a freight forwarding and logistics solutions company incorporated under the Companies Act, 2013, with its registered office in New Delhi, India. We facilitate the movement of cargo and goods for individuals, businesses, importers, exporters, and trade partners across India and worldwide through both our digital platform (website, online portal, mobile application) and physical operations (offices, warehouses, ground agents, customs desks).
This Privacy Policy ('Policy') governs how MOVTEK collects, uses, stores, shares, transfers, and protects Personal Data and Sensitive Personal Data or Information ('SPDI') of:
Customers and shippers (individuals and businesses)
Consignees and receivers of freight
Employees, contractors, and agency staff
Vendors, agents, subcontractors, and logistics partners
Visitors to our website and digital platforms
Any individual whose data we process in connection with our services
This Policy applies to all data processing activities conducted by MOVTEK whether in India or internationally, including data transferred across borders in the ordinary course of freight forwarding business.
For the purposes of this Policy, the following definitions apply:
'Personal Data' means any information that relates to a natural person who can be directly or indirectly identified from such information, including name, address, email, phone number, identification documents, and financial data.
'Sensitive Personal Data or Information (SPDI)' includes passwords, financial information, health data, biometrics, and any other category notified under applicable law.
'Digital Personal Data Protection Act, 2023 (DPDPA)' refers to the Indian legislation governing the processing of digital personal data.
'Data Principal' means the individual to whom the personal data relates.
'Data Fiduciary' means MOVTEK, which determines the purpose and means of processing personal data.
'Third Party' means any entity other than MOVTEK and the Data Principal.
'Freight Forwarding' means the coordination and shipment of goods from the shipper to a final point of destination using a single or multiple carriers via air, sea, rail, or road.
'Platform' refers to the MOVTEK website, web portal, and any mobile application operated by MOVTEK.
MOVTEK collects data through multiple channels — our digital platform, physical documentation, telephone interactions, email correspondence, agent networks, customs filings, and partner integrations. The categories of data we collect include:
Full name, title, date of birth
Postal address, billing address, delivery address
Email address, telephone number, WhatsApp number
Government-issued identification: PAN, Aadhaar, Passport, GST Number, IEC (Import Export Code)
Nature, description, quantity, weight, and value of goods
Origin, transit, and destination country/port details
Bill of Lading, Airway Bill, or consignment details
Harmonized System (HS) codes, customs declarations and tariff classifications
Incoterms and freight terms
Special handling instructions (hazardous materials, temperature-controlled goods)
Shipper and consignee details as appearing on trade documents
Bank account details (for wire transfers, refunds)
Credit/debit card information (processed via PCI-DSS compliant gateways)
GST registration, TAN, TDS certificates
Invoice, credit note, payment history
Foreign exchange transactions (where applicable under FEMA)
Import/Export licence numbers
ICEGATE credentials and filing references (India Customs Electronic Gateway)
Country of origin certificates, fumigation certificates, certificates of conformity
Dual-use goods documentation and sanctioned party screening records
DGFT (Directorate General of Foreign Trade) registration details
IP address, browser type, device identifier
Cookies and session data (see Section 13 – Cookie Policy)
Login credentials (hashed passwords), two-factor authentication logs
Tracking portal usage data, shipment queries, API access logs
Communications sent through our digital platform
GPS data of shipments or vehicles where tracking is enabled
Warehouse entry/exit logs
CCTV footage at MOVTEK premises (physical operations)
Port and customs handling records
In the course of freight forwarding, we may receive data about consignees, shippers, or cargo from our customers, overseas agents, customs brokers, airlines, shipping lines, and port authorities.
MOVTEK processes personal data under the following legal bases:
Contractual Necessity: Processing required to perform freight forwarding services, issue invoices, coordinate shipments, and communicate with shippers and consignees.
Legal Obligation: Processing required to comply with Indian Customs Act, FEMA, GST laws, Prevention of Money Laundering Act (PMLA), export control regulations, Carriage by Air Act, and applicable international trade regulations.
Legitimate Interests: Processing for fraud prevention, security, business analytics, improving services, and maintaining accurate cargo records.
Consent: Where processing is not covered by other bases (e.g., marketing communications, optional digital features), we seek explicit consent from the Data Principal.
Vital Interests: In exceptional circumstances where data processing is necessary to protect life, health, or safety during cargo emergencies or hazardous material incidents.
MOVTEK uses your personal data for the following specific purposes:
Booking, planning, executing, tracking, and completing freight shipments
Preparing Bills of Lading, Airway Bills, Certificates of Origin, and other trade documents
Customs clearance, import/export filings, duty drawback claims
Coordinating with carriers, co-loaders, CHAs (Customs House Agents), and port authorities
Providing real-time shipment tracking via our digital platform
User account creation, authentication, and access management
Enabling online booking, rate enquiries, and document uploads
Sending automated shipment status notifications via email and SMS
Processing payments and generating GST-compliant invoices
Customer support via live chat, email, or ticketing system
Compliance with Indian Customs regulations and ICEGATE filings
Anti-money laundering (AML) and Know Your Customer (KYC) checks
Sanctioned parties screening against Indian, US (OFAC), EU, UN, and UK sanctions lists
Export control compliance under India's Foreign Trade Policy
GSTN reporting and reconciliation
Generating management information, business analytics, and performance reports
Credit assessment and risk management
Fraud detection and cybersecurity monitoring
Training, quality assurance, and dispute resolution
Marketing communications to existing and prospective clients (with consent)
Freight forwarding is inherently a cross-border activity. In the ordinary course of business, MOVTEK transfers personal data internationally to:
Overseas freight agents and partner network members (IATA, FIATA, WCA, or equivalent networks)
Foreign customs and port authorities where legally required
International shipping lines and airlines
Consignees, shippers, or their representatives in destination countries
Cloud service providers or IT infrastructure with data centres outside India
All international data transfers are conducted in compliance with the Digital Personal Data Protection Act, 2023 and applicable cross-border transfer provisions. Transfers are made:
Under contractual safeguards including Standard Contractual Clauses (SCCs) or equivalent instruments
To countries that provide an adequate level of data protection as notified by the Government of India
Where required by law or treaty obligations in the recipient country (e.g., customs declarations, air cargo security programs, AMS/ENS/ACI filings)
MOVTEK will inform Data Principals where their data is transferred to high-risk jurisdictions and provide appropriate safeguards.
We do not sell personal data. We share personal data only as described below:
Shipping lines, airlines, road transporters, rail freight operators
Customs House Agents (CHAs) and customs brokers
Warehousing and distribution centre operators
Port authorities and inland container depots (ICDs)
Technology vendors providing CRM, ERP, TMS, or accounting systems
Payment gateway providers (subject to PCI-DSS standards)
Indian Customs (Central Board of Indirect Taxes and Customs – CBIC)
DGFT, Ministry of Commerce and Industry
GST Network (GSTN)
Directorate of Revenue Intelligence (DRI) and enforcement agencies (when legally required)
Foreign customs authorities (as mandated by advance cargo declaration laws: AMS/USA, ACI/Canada, ENS/EU, ACAS/UK, AFR/Japan, etc.)
Financial Intelligence Unit – India (FIU-IND) under PMLA obligations
Legal counsel, auditors, and accountants bound by professional confidentiality obligations
In the event of a merger, acquisition, restructuring, or sale of assets, personal data may be transferred to the successor entity subject to equivalent privacy protections.
We share data with other third parties only with your explicit prior consent.
MOVTEK retains personal data for as long as necessary to fulfil the purposes described in this Policy, and in compliance with applicable statutory retention requirements:
Customs & Trade Documents: Minimum 5 years as required under the Customs Act, 1962 and related rules
GST Records & Financial Data: Minimum 6 years as required under the GST Act, 2017 and Income Tax Act, 1961
PMLA / KYC Records: Minimum 5 years after end of customer relationship
Contractual Records: Duration of contract plus 6 years (limitation period under Indian law)
Platform & Digital Data: 3 years from last active use, unless longer retention is legally required
Marketing Consent Records: Until consent is withdrawn plus 1 year
CCTV Footage (Physical Premises): 30 to 90 days unless required for investigations
Upon expiry of applicable retention periods, data is securely deleted or anonymised in accordance with our Data Disposal Policy.
MOVTEK implements industry-standard technical, administrative, and physical safeguards to protect your personal data against unauthorized access, loss, misuse, or alteration. These measures include:
End-to-end TLS/SSL encryption for all data transmitted over our digital platform
AES-256 encryption for data stored at rest in databases and cloud storage
Multi-factor authentication (MFA) for platform access by users and staff
Role-based access controls (RBAC) limiting data access to authorised personnel only
Intrusion detection systems, firewalls, and anti-malware infrastructure
Regular penetration testing and vulnerability assessments
Data privacy training for all staff handling personal data
Non-disclosure agreements with employees, agents, and vendors
Data Processing Agreements (DPAs) with all third-party processors
Incident response procedures including breach notification protocols
Access-controlled premises for offices and warehouses
Secured physical document storage with restricted access
Secure disposal of physical documents containing personal data
In the event of a personal data breach that is likely to result in a risk to the rights or freedoms of individuals, MOVTEK will notify the affected Data Principals and the appropriate regulatory authority (Data Protection Board of India or equivalent) within the timeframes mandated by applicable law.
Under the Digital Personal Data Protection Act, 2023 and applicable Indian data protection law, you have the following rights in respect of your personal data held by MOVTEK:
Right to Access: Request confirmation of whether MOVTEK processes your personal data and obtain a copy of it.
Right to Correction: Request rectification of inaccurate or incomplete personal data.
Right to Erasure: Request deletion of your personal data, subject to legal obligations that require retention.
Right to Grievance Redressal: Lodge a grievance with MOVTEK's designated Grievance Officer (see Section 15).
Right to Withdraw Consent: Withdraw consent for processing at any time, without affecting lawfulness of prior processing.
Right to Nomination: Nominate another individual to exercise data rights in the event of incapacity or death.
To exercise your rights, submit a written request to support@movtek.com with your full name, a description of your request, and proof of identity. MOVTEK will respond within 30 days of receiving a complete request. Where requests are complex or numerous, we may extend this period by a further 30 days with prior notice.
Note: Certain rights may be limited where processing is required for compliance with legal obligations, enforcement of lawful claims, or national security and law enforcement purposes.
Our services are not directed to individuals below the age of 18 years. We do not knowingly collect personal data from minors. Where MOVTEK discovers that personal data of a minor has been collected without verified parental consent, we will promptly delete such data. If you believe we have inadvertently collected data relating to a minor, please contact us at support@movtek.com immediately.
Our digital platform may contain links to third-party websites, carrier tracking portals (e.g., shipping line tracking, airline cargo tracking), customs portals (ICEGATE, DGFT e-portal), and payment gateways. These third-party services are governed by their own privacy policies, and MOVTEK is not responsible for their data practices. We recommend reviewing the privacy policy of any third-party service before providing personal data.
When you visit the MOVTEK website or digital platform, we use cookies and similar tracking technologies. The types of cookies we use are:
Strictly Necessary Cookies: Essential for platform functionality, login sessions, and security. These cannot be disabled.
Functional Cookies: Store your preferences (language, region, unit of measure) to improve your experience.
Analytics Cookies: Collect anonymised data about how users interact with our platform (e.g., Google Analytics). Help us improve performance and usability.
Marketing Cookies: Used (with consent) to deliver relevant advertisements on our platform or third-party networks.
You may manage cookie preferences via our Cookie Consent Manager available on the platform, or through your browser settings. Disabling certain cookies may affect platform functionality. For more information, refer to our detailed Cookie Policy available on our website.
MOVTEK may send you promotional communications about our services, offers, regulatory updates, and industry insights. We will only send marketing communications:
Where you are an existing client and we are communicating about related services (legitimate interest basis, subject to your right to opt-out), or
Where you have given explicit consent to receive such communications.
You may opt out of marketing communications at any time by:
Clicking the 'Unsubscribe' link in any marketing email
Sending an email to support@movtek.com with the subject line 'Opt-Out'
Updating your communication preferences in your platform account settings
Opting out of marketing communications does not affect essential service-related communications (e.g., shipment status, invoices, customs alerts).
In accordance with the Information Technology Act, 2000 and the Digital Personal Data Protection Act, 2023, MOVTEK has designated a Grievance Officer to address data privacy concerns:
If you are not satisfied with our response, you may escalate your grievance to the Data Protection Board of India (once constituted and operational under the DPDPA, 2023) or any other applicable regulatory authority.
Given the international nature of freight forwarding, MOVTEK acknowledges and, where applicable, complies with or accommodates the requirements of the following international frameworks when processing data of non-Indian Data Principals:
General Data Protection Regulation (GDPR) – European Union & UK: Where we process data of EU/UK residents, we adhere to GDPR standards including lawful basis, data minimisation, purpose limitation, and rights of data subjects.
US Customs-Trade Partnership Against Terrorism (C-TPAT) and Transportation Security Administration (TSA) requirements for air cargo security.
Advance Manifest Regulations: AMS (USA), ACI (Canada), ENS (EU Import Control System), ACAS (UK), AFR (Japan) – cargo data submitted to foreign customs as legally required.
IATA Cargo 2000 and e-AWB standards for electronic air waybill data.
FIATA Model Rules and standard trading conditions applicable to international freight.
International Maritime Organization (IMO) regulations including SOLAS verified gross mass (VGM) requirements.
US OFAC, EU Consolidated Sanctions List, UN Security Council Sanctions – screened against for all transactions.
Where a conflict arises between Indian law and international obligations, MOVTEK will comply with Indian law while endeavouring to meet the highest applicable standard of data protection.
MOVTEK may use automated tools for the following purposes in the freight forwarding context:
Sanctions and denied parties screening (automated matching against global watchlists)
Fraud and risk scoring for new customer onboarding
Dynamic freight rate calculation algorithms on our digital platform
Automated shipment routing and carrier selection suggestions
Where automated decisions have significant legal or similar effects on individuals, MOVTEK will provide a mechanism to request human review of such decisions. To request a review, contact support@movtek.com.
MOVTEK reserves the right to update this Privacy Policy periodically to reflect changes in our operations, legal obligations, or regulatory environment. Changes will be:
Posted on our website at www.movtek.com/privacy-policy with the updated effective date
Notified to registered users via email for material changes
Effective 30 days after publication for existing users and immediately for new users unless otherwise stated
We encourage you to review this Policy regularly. Continued use of our platform or services after the effective date of any update constitutes acceptance of the revised Policy.
This Privacy Policy is governed by the laws of the Republic of India. The primary legislation applicable includes:
Information Technology Act, 2000 and Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011
Digital Personal Data Protection Act, 2023 (DPDPA) and rules thereunder
Customs Act, 1962
Foreign Exchange Management Act (FEMA), 1999
Prevention of Money Laundering Act (PMLA), 2002
Indian Contract Act, 1872
Any disputes arising out of or in relation to this Privacy Policy shall be subject to the exclusive jurisdiction of competent courts in New Delhi, India.
For any privacy-related queries, contact us at support@movtek.com
MOVTEK Private Limited | New Delhi, India | www.movtek.com