Privacy policy

This Privacy Policy explains how The Cognitive Technologies, a sole proprietorship registered in India (“HawkLine”, “we”, “us”, or “our”), collects, uses, shares, and protects personal data in connection with the HawkLine platform and its modules, including RoRo Tally (the “Service”), accessible at hawkline.io.

We process personal data in accordance with applicable data protection laws in the jurisdictions where we operate and serve customers — including the EU General Data Protection Regulation (GDPR) and other international data protection laws, as well as India’s Digital Personal Data Protection Act, 2023 (DPDP Act).

1. Who we are

The Service is operated by The Cognitive Technologies. Depending on the personal data and the law that applies to you, we act as a Data Controller under the GDPR — a Data Fiduciary under India’s DPDP Act — for personal data where we determine the purpose and means of processing, and as a Data Processor for the operational data that our business customers submit through the Service.

2. Data we collect

Account and contact data: name, business email address, organisation name, role, and login credentials.

Subscription and billing data: plan details, transaction records, and billing contact information. Card and payment-instrument details are collected and processed directly by our payment processor (see Section 5); we do not store full card numbers on our systems.

Operational data: content and records that you or your organisation enter into the Service (for example, inspections, approvals, voyage and cargo records, and equipment data). This data belongs to your organisation; we process it on your organisation’s behalf to provide the Service.

Usage and technical data: log data, device and browser information, IP address, and product usage events, used to operate, secure, and improve the Service.

3. How we use personal data

We use personal data to:

• provide, maintain, and support the Service;
• authenticate users and secure accounts;
• process subscriptions, renewals, and invoices;
• communicate about the Service, including service, security, and billing notices;
• comply with legal, tax, and regulatory obligations (including export-of-services requirements); and
• detect, prevent, and address fraud, abuse, and technical issues.

4. Legal basis

We process personal data on the basis of your consent, the performance of our contract with you, our legitimate business interests in operating and securing the Service, and compliance with our legal obligations — the lawful bases recognised under the GDPR, India’s DPDP Act, and other relevant law, as applicable to you.

5. Sharing and sub-processors

We do not sell personal data. We share personal data only with:

• Payment processing: our third-party payment processor, which handles card and payment data under its own security and compliance standards;
• Cloud and hosting providers that store and run the Service on our behalf;
• Professional advisers and authorities where required for legal, tax, audit, or regulatory purposes.

All sub-processors are engaged under obligations of confidentiality and data protection consistent with this policy.

6. International transfers

The Service serves customers located outside India and may involve transfer or access of data across borders. Where personal data is transferred internationally, we take reasonable steps to ensure it remains protected consistent with this policy and applicable law.

7. Data retention

We retain personal data for as long as your account is active and for as long thereafter as needed to meet legal, tax, accounting, and regulatory obligations, resolve disputes, and enforce our agreements. Operational data is retained and deleted in accordance with our agreement with your organisation.

8. Security and standards

We apply reasonable technical and organisational measures designed to protect personal data against unauthorised access, alteration, disclosure, or destruction. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

We set our own privacy and security bar above the baseline these frameworks define. We treat leading international standards — the EU General Data Protection Regulation (GDPR), India’s Digital Personal Data Protection Act 2023 (DPDP Act), and the ISO/IEC 27001 (information-security) and ISO/IEC 42001 (AI-management) standards — as our starting point, and hold HawkLine to a higher internal standard than they require. It is an ongoing commitment, embedded in how we design, build, and operate the product, and we keep raising the bar.

9. Your rights

Subject to applicable law — including the GDPR, where it applies to you, and India’s DPDP Act — you may have the right to access, correct, update, or request erasure of your personal data, to restrict or object to certain processing, to data portability, to withdraw consent, and to raise a grievance or lodge a complaint with a supervisory authority. To exercise these rights, contact us using the details below.

10. Grievance Officer & data protection contact

For any privacy or data protection concern — including GDPR-related requests — you can reach our data protection contact, who also serves as our Grievance Officer under India’s DPDP Act:

Grievance Officer
The Cognitive Technologies
Email: info@tctcorp.co.in
The Executive Centre, Level 5, Keppel One Paramount, No 110, Mount Poonamallee Road, Porur, Chennai, Tamil Nadu 600116, India

11. Cookies

The Service uses cookies and similar technologies necessary to operate, secure, and improve it, including to keep you signed in and to understand usage. You can control cookies through your browser settings, though some features may not function without them.

12. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be reflected by updating the “Last updated” date above and, where appropriate, by notice through the Service.