Legal

Privacy Policy

Last updated: May 11, 2026

1UPVMS ("1UPVMS", "we", "us", or "our") respects your privacy and is committed to protecting the personal information we collect through our visitor management platform, mobile apps, terminal apps, web portals, and related services (collectively, the "Services"). This Privacy Policy explains what information we collect, how we use it, with whom we share it, and the rights you have over it.

View Terms of Service

1. Introduction

At 1UPVMS, we prioritise the privacy and security of our users' personal information. We safeguard the data entrusted to us and never share your personal information with advertisers, spammers, or unauthorised third parties. We process personal data based on agreements with the organisations to whom we provide Services. If you interacted with our Services through your employer, a business you provided services to, or through a company you visited, please contact that organisation directly with any concerns regarding your data.

This Policy applies to all products and services offered by 1UPVMS, including:

  • 1UPVMS Visitor Management Platform

We may update this Policy periodically to reflect changes in laws or data practices. Please check this page regularly for the latest version.

2. Contact Information

If you have any questions about this Policy or wish to exercise your privacy rights, please contact us:

3. How We Collect Your Personal Information

We collect and process your information when you:

  • Install the 1UPVMS user app to access visitor management and related features.
  • Install the 1UPVMS terminal app on tablets placed at entrances or exits for visitor check-in and check-out.
  • Are added by an administrator via manual upload, Active Directory sync, HRMS, or API/file-based integrations.
  • Are invited as a visitor through our web portal or mobile app, or check in at a 1UPVMS-powered location.
  • Authenticate via the 1UPVMS user app, web portal, or other 1UPVMS applications.

4. Information We Collect

"Personal Information" means information that identifies, relates to, describes, or could reasonably be linked with a particular individual. We collect:

  • Contact information such as your name, organisation, job title, email address, phone number, and photo.
  • Usage data including login times, IP address, door unlocks (where integrated with access control), support requests, and feedback.
  • Identity verification data from scans of government-issued IDs such as Aadhaar — first and last name, date of birth, photograph, and other identifying details.
  • Biometric identifiers such as facial profile, fingerprint, or voice print, only with your explicit consent.
  • Device data such as unique device identifiers, IP address, device model, and operating system, based on terms agreed with our Customer.
  • Location data from GPS, Bluetooth, or Wi-Fi when you access a premise or reserve a desk, meeting room, or parking space, with your consent.
  • CCTV footage if you enter premises where 1UPVMS operates CCTV integrations, your image and movements may be captured for access and authentication.

5. Sources of Information

We collect information directly from you (registration, ID scans, biometric authentication), automatically when you interact with the Services (cookies, IP addresses, app usage), and from our Customers (your employer or host organisation) who add you to their account.

6. Purpose of Collection

  • To create, maintain, and authenticate user accounts and enable communication within the Services.
  • To validate identity using personal, biometric, or government-issued data for secure physical and logical access.
  • To analyse usage trends, improve service quality, generate internal reports, and optimise user experience.
  • To enable secure access to participating organisations' systems, third-party platforms, and physical locations.
  • To comply with applicable laws, prevent unauthorised access, and protect our Customers and users from security threats.

7. Third-Party Sites and Integrations

Our Services may integrate with third-party platforms such as HRMS, SSO providers, access control systems, and communication tools. If you integrate 1UPVMS with a third-party service, your data sharing with that service is governed by its own privacy policy. We strongly recommend reviewing the privacy practices of any third-party site you use with 1UPVMS.

8. Cookies

We use cookies and similar technologies to operate the Services and to analyse site usage. Types of cookies we use include:

  • Session cookies — required to operate the Services.
  • Preference cookies — to remember your settings.
  • Security cookies — used for authentication and security.
  • Analytics cookies — to help us measure and improve performance.

You can configure your browser to refuse cookies, but parts of the Services may not function correctly without them.

9. How We Use User Data

  • To enable login, authentication, and use of 1UPVMS applications.
  • To contact you when a host invites you to a 1UPVMS-powered location.
  • To validate identity using Aadhaar or another government-issued ID, with your explicit consent.
  • To integrate your 1UPVMS account with a third-party site or to enable SSO.
  • To enable secure physical or logical access to locations, devices, or systems associated with your 1UPVMS credentials.
  • To send you transactional notifications via SMS, email, push, or WhatsApp.
  • To provide technical support and respond to your inquiries.
  • To generate reports for your organisation's administrators.
  • To prevent fraud and enforce our Terms of Service.
  • To improve the Services and tailor your experience.

10. How We Share Your Information

  • Affiliates and service providers — cloud hosting, analytics, biometric verification, and communication providers, only as needed to deliver the Services.
  • Third-party sites — when you have explicitly integrated 1UPVMS with another platform.
  • Authorised users within your organisation — including hosts, security personnel, and administrators.
  • As required by law — to comply with legal process, regulations, or governmental requests.
  • To protect legitimate business interests — including investigation of fraud or breach.
  • In connection with a sale or transfer of all or part of our business.

11. Data Retention

As per DPDP Law and standards, we retain data up to 1 year or as specified by the organisation.

12. How We Protect Your Data

We maintain administrative, technical, and physical safeguards to protect personal information against accidental, unlawful, or unauthorised destruction, loss, alteration, access, or disclosure. Our security practices include data encryption (AES-256 at rest and TLS 1.3 in transit), strict access controls, regular audits, and secure software development practices aligned with ISO 27001 and SOC 2 principles. We engage independent third parties to conduct regular Vulnerability Assessment and Penetration Testing (VAPT) following OWASP guidelines.

13. Your Privacy Rights and Choices

You may request access to, correction of, restriction on, portability of, or deletion of your personal information by contacting us at info@1upvms.com. If you accessed our Services through your employer or a host, please also contact that organisation.

DPDPA (India)

If you reside in India, the Digital Personal Data Protection Act, 2023 gives you the right to:

  • Access information about the personal data we hold about you.
  • Request correction or erasure of inaccurate or unnecessary personal data.
  • Register a grievance with us regarding the processing of your data.
  • Nominate another individual to exercise your rights in the event of death or incapacity.

14. Children's Privacy

Our Services are not intended for use by children under the age of 18. We do not knowingly collect personal information from minors. If you believe a minor has provided us with personal information without parental consent, please contact us and we will take steps to delete it.

15. Verifying Identity for Access or Deletion Requests

Before responding to a request to access or delete your data, we may ask for at least two or three pieces of personal information to verify your identity. If we cannot verify identity with sufficient certainty, we may decline the request and notify you of the reason.

16. Links to Other Sites

Our Services may contain links to third-party websites not operated by 1UPVMS. We are not responsible for the content or privacy practices of any third-party site. We recommend reviewing the privacy policy of every site you visit.

17. Updates to This Policy

This Policy may be updated periodically and without prior notice to reflect changes in our practices or applicable law. We will indicate the date of the most recent update at the top of this page. Significant changes will be highlighted on our website.