नौवहन महानिदेशालय
Directorate General of Shipping
Ministry of Ports, Shipping and Waterways
Government of India
image image

Privacy Policy – Visitor Access Management System (VAMS)


The Visitor Access Management System (VAMS) has been developed for the Directorate General of Shipping (DGS), Ministry of Ports, Shipping and Waterways, Government of India, to facilitate secure visitor registration, visitor verification, and QR code-based gate pass management for entry into Directorate General of Shipping premises.

The Directorate General of Shipping is committed to protecting the privacy, confidentiality, and security of personal information collected through the VAMS mobile application. This Privacy Policy explains the nature of information collected, the purposes for which it is collected, how it is processed, stored, disclosed, retained, and protected, and the rights available to users in relation to their personal information.

Information Collected


The VAMS mobile application collects only the information necessary for providing its intended services, including:

  • Mobile number for One-Time Password (OTP)-based authentication.
  • Visitor's full name.
  • Identity proof details such as Aadhaar, PAN, Passport, or Driving License.
  • Identity proof document uploaded by the visitor.
  • Visitor photograph.
  • Visit-related information including purpose of visit, host details, and date and time of visit.
  • Device-generated technical information necessary for secure functioning, such as device identifier, operating system version, application version, IP address, and system logs.

The application does not collect personal information beyond what is necessary for visitor authentication, visitor pass processing, identity verification, and access management.

Purpose of Collection


The information collected through the application is used solely for official purposes, including:

  • Authenticating users through OTP verification.
  • Processing visitor registration and visitor pass requests.
  • Verifying visitor identity.
  • Generating and validating QR code-based gate passes.
  • Facilitating secure access to Directorate General of Shipping premises.
  • Maintaining visitor records for administrative, operational, and security purposes.
  • Auditing system usage and ensuring compliance with applicable Government policies.
  • Supporting security monitoring, incident investigation, and access control management.

Personal information shall not be used for marketing, promotional, advertising, profiling, or commercial purposes.

Processing of Data


The personal information collected through the VAMS application is processed strictly for official, administrative, operational, and security purposes associated with visitor management and access control.

Processing activities may include visitor registration, OTP-based authentication, identity validation, QR code-based visitor pass management, security screening, access authorization, visitor monitoring, record maintenance, incident investigation, and compliance with applicable laws and Government directives.

Personal information is processed only by authorized personnel and authorized systems on a role-based and need-to-know basis.

Cookies Management


The VAMS mobile application generally does not use cookies in the manner commonly associated with web browsers. However, the application may use limited technical mechanisms such as session tokens, device identifiers, application preferences, or similar technologies necessary for authentication, security, performance, and operational logging.

Such technologies do not track users for advertising, profiling, analytics, or commercial marketing purposes.

Disclosure of Information


The personal information collected through the VAMS application is used exclusively for the official functions of the Directorate General of Shipping and shall not be sold, rented, traded, or otherwise disclosed to any third party except where required by law, competent Government authority, security investigation, audit, lawful administrative purpose, or to protect Government infrastructure.

Access to visitor information is strictly restricted to authorized officials responsible for processing, approving, monitoring, or verifying visitor requests.

Children's Privacy


The VAMS application is not intended for use by children under 18 years of age. Personal information of children under 18 years of age is not knowingly collected, processed, or stored through the application. If such information is inadvertently collected, appropriate steps shall be taken in accordance with applicable legal and administrative requirements.

Data Localization / Cross-Border Transfer


Visitor information collected through the VAMS application is stored and processed within infrastructure authorized by the Government of India. Personal information is not transferred outside India except where required under applicable laws, judicial orders, Government directives, or Government-approved processes and safeguards.

Permissions Disclosure


Camera

  • To capture visitor photographs.
  • To scan or capture identity proof documents.
  • To facilitate QR code scanning and verification.

Storage / Media Access

  • To upload identity proof documents and supporting files where applicable.
  • To temporarily store files required for visitor registration and verification.

Internet Access

  • To communicate with backend servers.
  • To support authentication, visitor pass generation, and system operations.

Notifications

  • To provide visitor registration status updates.
  • To notify users regarding approval, rejection, gate pass issuance, or other application-related events, where enabled.

Authorized Technology Service Provider (TSP)


The Directorate General of Shipping may engage authorized Technology Service Providers, system integrators, managed service providers, cloud service providers, or technical support agencies for the development, hosting, operation, maintenance, monitoring, and security of the VAMS application.

Limited access to personal information may be provided to such authorized entities strictly on a need-to-know basis and solely for authorized services. All service providers shall be contractually bound by confidentiality, privacy, security, and data protection obligations.

Data Security


Reasonable administrative, technical, and organizational safeguards have been implemented to protect personal information against unauthorized access, disclosure, alteration, destruction, misuse, or accidental loss.

  • Access controls and role-based authorization.
  • Authentication and identity verification mechanisms.
  • Secure communication protocols and encryption where applicable.
  • Audit logging and monitoring.
  • Security reviews and incident management procedures.
  • Backup and disaster recovery mechanisms.

While every reasonable effort is made to secure the information collected, no electronic transmission or storage system can be guaranteed to be completely secure.

Data Retention


Personal information collected through the VAMS application is retained only for as long as necessary to provide requested services or as required under applicable laws, Government regulations, security requirements, audit obligations, administrative requirements, and record-retention policies.

For users selecting the Multiple Visit option, the application allows them to choose a retention period such as 6 months, 1 year, 3 years, or 5 years to save visit information for future visits.

User Personal Data Breach


Any personal data breach shall be managed in accordance with the Directorate General of Shipping's incident management and response procedures and shall be reported to the appropriate regulatory, governmental, or statutory authorities wherever required under applicable laws, regulations, or directives.

User Rights


Users may request correction of inaccurate or incomplete information, wherever permissible under applicable laws and administrative procedures. Requests relating to visitor records may be submitted to the Directorate General of Shipping through the contact details provided below.

Third-Party Services


The VAMS application does not use personal information for advertising, commercial analytics, profiling, or marketing purposes. Where the application relies upon standard platform services such as OTP delivery, notification services, security services, or hosting infrastructure, such services shall operate in accordance with their respective privacy and security policies.

Grievance Redressal


Any concerns relating to the processing of personal information, privacy-related grievances, correction requests, deletion requests, or complaints may be submitted to the Directorate General of Shipping through the contact details provided in this Privacy Policy.

The Directorate General of Shipping shall make reasonable efforts to review and address such grievances in accordance with applicable laws, Government policies, and administrative procedures.

Policy Updates


The Directorate General of Shipping reserves the right to revise, amend, or update this Privacy Policy from time to time to reflect changes in legal requirements, Government policies, operational requirements, technological developments, security considerations, or improvements to the application.

Any updated version of this Privacy Policy shall become effective from the date of its publication within the application.

Contact Information


Directorate General of Shipping

Ministry of Ports, Shipping and Waterways
Government of India

dgship-dgs@nic.in

Governing Law and Jurisdiction


This Privacy Policy shall be governed by and construed in accordance with the laws of the Republic of India. Any dispute arising out of or relating to the use of the VAMS application shall be subject to the jurisdiction of the competent courts and authorities in India.

User Consent


By downloading, accessing, registering, or using the Visitor Access Management System (VAMS) mobile application, you acknowledge that you have read, understood, and agreed to the terms of this Privacy Policy.

You consent to the collection, processing, storage, use, retention, disclosure, archival, and deletion of your information for the purposes described herein and in accordance with applicable laws, Government policies, and administrative requirements.

Compliance Statement


The collection, processing, storage, retention, disclosure, transfer, and protection of personal information through the VAMS application shall be carried out in accordance with applicable laws of India, including the provisions of the Digital Personal Data Protection Act, 2023 (DPDP Act) and other applicable Government rules, policies, cybersecurity guidelines, and administrative instructions, as amended from time to time.