Last Updated: January 2026
At AutoKart, the security of our users’ information, transactions, and digital assets is a top priority. This Security Policy outlines the measures, practices, and guidelines adopted by AutoKart to safeguard personal data, financial information, and platform integrity.
This policy applies to all users, visitors, customers, sellers, dealers, service providers, and any individual accessing or interacting with the AutoKart website, mobile application, or related platforms (collectively referred to as the “Platform”).
This Security Policy covers physical, technical, administrative, and operational security controls implemented to protect data and systems against unauthorized access, misuse, loss, alteration, or destruction.
AutoKart follows industry-standard security practices and adopts a layered approach to security, including preventive, detective, and corrective controls. Our security framework is designed to ensure confidentiality, integrity, and availability of information.
Sensitive information transmitted between users and our servers is protected using secure encryption protocols. Encryption is applied to data in transit using HTTPS and SSL/TLS technologies wherever applicable.
Certain sensitive data may also be encrypted at rest to reduce the risk of unauthorized access.
Access to systems, databases, and sensitive information is restricted to authorized personnel only. Role-based access controls are implemented to ensure that employees and service providers access only the information necessary to perform their duties.
Access credentials are reviewed periodically and revoked immediately upon termination of employment or engagement.
Users are responsible for maintaining the confidentiality of their account credentials, including usernames, passwords, and one-time passwords (OTPs). AutoKart shall not be responsible for any loss arising from unauthorized access resulting from compromised credentials.
Users are advised to:
All payment transactions on the Platform are processed through secure and PCI-DSS compliant third-party payment gateways. AutoKart does not store sensitive payment information such as credit card or debit card details on its servers.
Payment data is handled in accordance with applicable regulatory and industry standards to ensure confidentiality and integrity.
AutoKart employs automated systems and manual reviews to detect and prevent fraudulent transactions, account misuse, and unauthorized activities. This may include monitoring transaction patterns, device behavior, and user activity.
In cases of suspected fraud, AutoKart reserves the right to suspend accounts, cancel orders, or initiate additional verification processes.
Our systems are continuously monitored for security events, vulnerabilities, and performance issues. Logs are maintained to track access, changes, and system activities for audit and investigation purposes.
AutoKart conducts periodic security assessments, vulnerability scans, and internal reviews to identify and address potential security weaknesses. Appropriate corrective actions are taken in a timely manner.
AutoKart may engage third-party service providers for hosting, payment processing, logistics, analytics, and customer support. Such third parties are required to adhere to reasonable security practices and comply with applicable data protection laws.
AutoKart is not responsible for security practices of third-party platforms linked from or integrated with the Platform.
In the event of a suspected or confirmed data breach, AutoKart will take reasonable steps to investigate, mitigate impact, and comply with applicable legal and regulatory notification requirements.
Physical access to servers, offices, and infrastructure is restricted and controlled through appropriate security measures such as access badges, monitoring systems, and authorized entry protocols.
AutoKart conducts security awareness training for employees to promote safe handling of data, recognize security threats, and comply with internal security policies and procedures.
Users play an important role in maintaining platform security. Users agree not to:
If you believe you have identified a security vulnerability or incident, please report it immediately to AutoKart. Responsible disclosure helps us maintain a secure environment for all users.
Data is retained only for as long as necessary to fulfill business, legal, or regulatory requirements. When data is no longer required, it is securely deleted or anonymized in accordance with our data retention policies.
AutoKart complies with applicable Indian laws relating to information security, data protection, and cyber security, including the Information Technology Act, 2000 and related rules.
While AutoKart implements reasonable security measures, no system can be guaranteed to be completely secure. AutoKart shall not be liable for damages arising from events beyond its reasonable control, including cyber attacks or unauthorized access despite safeguards.
AutoKart reserves the right to update this Security Policy at any time to reflect changes in practices, technology, or legal requirements. Updated versions will be posted on the Platform with a revised “Last Updated” date.
For any questions, concerns, or reports related to security, please contact us at support@autokart.com.