Welcome to our store
Login Account
Cart
Rs. 0.00

Start typing to find products

Looking for something? Try searching by category, product name, or brand.

Home Products Blogs Contact

Your cart is empty

Continue shopping

DPA Policy

Data Processing Agreement (DPA)

 

Roboi Edge Kit, VMS & AI Analytics Platform
Operated by Roboi Private Limited
Effective Date: 12th Apr 2026
1. Introduction
This Data Processing Agreement (“DPA”) forms part of and supplements the applicable:
  • Terms of Service,
  • Master Service Agreement (MSA),
  • Subscription Agreement,
  • Purchase Order, or
  • Other commercial agreement
between Roboi Private Limited (“Roboi”, “Processor”, “Service Provider”, “we”, “our”, or “us”) and the customer entity (“Customer”, “Controller”, or “you”).
This DPA governs the processing of Personal Data by Roboi in connection with:
  • Roboi Edge Kit
  • Roboi VMS Platform
  • AI Video Analytics Systems
  • Roboi Dashboard
  • Roboi APIs
  • AI/ML event detection systems
  • Related cloud, on-premise, or hybrid services

 

2. Scope
This DPA applies where Roboi processes Personal Data on behalf of the Customer during the provision of services involving:
  • CCTV/video feeds
  • Video analytics
  • AI-generated metadata
  • Event detection
  • ANPR (Automatic Number Plate Recognition)
  • Face detection or face matching
  • Occupancy analytics
  • Smart surveillance systems
  • Edge AI processing
  • Security and operational monitoring

 

3. Definitions
“Personal Data”
Any information relating to an identified or identifiable individual.
“Processing”
Any operation performed on Personal Data including:
  • collection
  • storage
  • analysis
  • transmission
  • deletion
  • retrieval
  • indexing
“Controller”
The entity determining the purposes and means of processing Personal Data.
“Processor”
The entity processing Personal Data on behalf of the Controller.
“Applicable Data Protection Laws”
Includes applicable laws relating to privacy, data protection, surveillance, and cybersecurity, including where applicable:
  • India DPDP Act
  • GDPR
  • UAE data protection laws
  • Other applicable local regulations

 

4. Roles of Parties
For purposes of applicable privacy laws:
  • The Customer acts as the Data Controller
  • Roboi acts as the Data Processor
The Customer retains sole responsibility for:
  • legality of surveillance activities;
  • obtaining required permissions and consents;
  • compliance with employment laws;
  • CCTV signage and notices;
  • lawful deployment of biometric or surveillance systems.
Roboi acts solely as a technology and infrastructure provider unless otherwise agreed in writing.
5. Nature of Processing
Roboi may process the following categories of data:
a. Video and Image Data
  • CCTV footage
  • Video streams
  • Snapshot frames
  • Event clips
b. AI-Generated Metadata
  • Object detection metadata
  • Event classifications
  • Occupancy analytics
  • Behavioral analytics
  • Motion events
c. Identification Data
Where enabled by Customer:
  • Face embeddings
  • Face match results
  • Vehicle number plates (ANPR)
  • Identity-linked metadata
d. Device and System Data
  • Camera identifiers
  • Edge device logs
  • IP addresses
  • User activity logs
  • Dashboard access logs

 

6. Purpose of Processing
Roboi processes Personal Data solely for purposes authorized by the Customer, including:
  • AI video analytics
  • Security monitoring
  • Operational automation
  • Event detection and notifications
  • Smart infrastructure monitoring
  • Dashboard visualization
  • Reporting and analytics
  • System administration and troubleshooting
Roboi shall not process Personal Data for unrelated purposes except where required by law.
7. Customer Responsibilities
The Customer represents and warrants that it:
  • Has lawful authority to collect and process Personal Data;
  • Has provided required notices and disclosures;
  • Has obtained required permissions or consents where applicable;
  • Will comply with applicable surveillance, employment, privacy, and biometric laws;
  • Will configure retention settings responsibly;
  • Will not use the Services for unlawful surveillance or discriminatory purposes.
The Customer is solely responsible for:
  • camera placement,
  • surveillance legality,
  • biometric compliance,
  • employment-related monitoring compliance,
  • data subject requests.

 

8. Roboi Security Measures
Roboi implements commercially reasonable administrative, technical, and organizational safeguards aligned with industry standards.
Security controls may include:
  • Role-based access control (RBAC)
  • Authentication controls
  • Encryption in transit where applicable
  • VPN/private network deployment options
  • Audit logging
  • Edge-first architecture
  • Secure API access
  • Infrastructure monitoring
  • Incident response procedures
Roboi maintains security practices aligned with:
  • ISO 27001
  • SOC 2 Type II

 

9. Edge and On-Premise Architecture
Roboi supports:
  • On-premise deployments
  • Hybrid deployments
  • Edge AI processing
Depending on deployment configuration:
  • video footage may remain entirely within Customer infrastructure;
  • only metadata or alerts may be transmitted externally.
Customers remain responsible for configuring deployments according to their compliance obligations.

 

10. Subprocessors
Roboi may engage subprocessors including:
  • cloud infrastructure providers,
  • hosting providers,
  • support vendors,
  • analytics or monitoring providers.
Roboi shall take reasonable measures to ensure subprocessors are subject to confidentiality and security obligations.
A list of major subprocessors may be provided upon reasonable request.
11. Cross-Border Transfers
Where data is transferred across jurisdictions, Roboi shall implement reasonable safeguards consistent with applicable law.
Customers acknowledge that certain support, monitoring, or infrastructure operations may involve international data processing.
12. Confidentiality
Roboi personnel authorized to process Personal Data are subject to confidentiality obligations.
Roboi shall not disclose Customer Personal Data except:
  • as required to provide services;
  • as instructed by Customer;
  • as required by law.

 

13. Data Retention and Deletion
Customers control retention configurations wherever technically supported.
Upon termination of services, Roboi may:
  • delete Customer data,
  • return Customer data where applicable,
  • retain limited records where legally required.
Customers are responsible for exporting required footage or records before service termination.
14. Security Incident Notification
In the event of a confirmed security incident involving unauthorized access to Customer Personal Data, Roboi shall make commercially reasonable efforts to:
  • notify the Customer without undue delay;
  • provide relevant incident information reasonably available.
Notification timelines may vary depending on:
  • nature of the incident,
  • legal obligations,
  • forensic investigations.

 

15. AI and Analytics Disclaimer
The Customer acknowledges that:
  • AI outputs are probabilistic in nature;
  • detections and analytics may generate false positives or false negatives;
  • environmental factors may affect performance;
  • AI outputs should not be solely relied upon for enforcement, safety, employment, or legal decisions.
Human review and operational validation remain the responsibility of the Customer.
Roboi does not guarantee:
  • uninterrupted detection,
  • 100% accuracy,
  • complete prevention of incidents.

 

16. Prohibited Use
The Customer shall not use Roboi services for:
  • unlawful surveillance,
  • discriminatory profiling,
  • social scoring,
  • illegal biometric tracking,
  • unauthorized employee surveillance,
  • human rights violations,
  • unlawful law enforcement activities,
  • activities prohibited under applicable law.

 

17. Audit Rights
Where required under applicable agreements, Customers may request reasonable information regarding Roboi’s security practices and compliance measures.
Roboi may satisfy such obligations through:
  • certifications,
  • audit summaries,
  • security documentation,
  • compliance reports.
Direct audits may be subject to:
  • confidentiality obligations,
  • reasonable notice,
  • operational limitations.

 

18. Limitation of Liability
To the maximum extent permitted by law, Roboi shall not be liable for:
  • indirect damages,
  • consequential losses,
  • surveillance misuse by Customer,
  • Customer non-compliance,
  • third-party hardware failures,
  • Customer deployment decisions.
Liability shall remain subject to limitations contained in the applicable commercial agreement.
19. Governing Law
This DPA shall be governed by the laws of India unless otherwise agreed in writing.
Disputes shall be subject to the jurisdiction of courts located in Gurugram, Haryana, India.
20. Changes to this DPA
Roboi may update this DPA periodically.
Updated versions shall be published on:
Roboi.ai
Continued use of services after updates constitutes acceptance of the revised DPA.
21. Contact Information
For privacy, compliance, or data processing inquiries:
Roboi Private Limited
Email: privacy@roboi.ai
Website: Roboi.ai
Platform: Roboi Shop