PRIVACY POLICY

Privacy Policy

This Privacy Policy explains how Triptrails.co.in collects, uses, stores, shares, and protects personal data when you use our website and services.

We are committed to protecting your privacy and comply with applicable data protection laws, including:

  • General Data Protection Regulation (GDPR) (EU & UK)
  • Digital Personal Data Protection Act, 2023 (India)
  • Other applicable data protection laws in jurisdictions where we operate

1. Personal Data We Collect

We may collect the following categories of personal data:

  • Identity Information: Name, date of birth, gender
  • Contact Information: Email address, phone number, postal address
  • Travel Information: Booking details, itineraries, preferences, travel history
  • Identification Documents: Passport or visa details where required
  • Payment Information: Billing details (processed via secure third-party gateways)
  • Technical Information: IP address, browser type, device details, usage data

2. How We Use Your Personal Data

We process personal data for the following purposes:

  • To process and manage travel bookings
  • To confirm reservations, cancellations, and refunds
  • To communicate service updates and booking-related notifications
  • To provide customer support and grievance handling
  • To comply with legal, regulatory, and tax obligations
  • To improve our website, services, and user experience
  • To send marketing communications where consent has been provided

3. Legal Basis for Processing

We process personal data based on one or more of the following:

  • User consent
  • Performance of a contract
  • Legal obligations
  • Legitimate interests (GDPR)
  • Lawful purposes permitted under the DPDP Act (India)

You may withdraw consent at any time, subject to legal or contractual limitations.

4. Sharing of Personal Data

We may share personal data with:

  • Airlines, hotels, tour operators, and travel service providers
  • Payment processors and financial institutions
  • IT, hosting, analytics, and customer support service providers
  • Government authorities or regulators when legally required

All third parties are required to process personal data securely and only for authorized purposes.

5. International Data Transfers

Where personal data is transferred outside your country:

  • GDPR safeguards such as adequacy decisions or Standard Contractual Clauses are applied
  • Transfers involving Indian users comply with the DPDP Act and applicable safeguards

6. Data Retention

  • Personal data is retained only as long as necessary to fulfill its purpose or legal obligations.
  • Once no longer required, data is securely deleted, anonymized, or archived.

7. Your Rights

7.1 GDPR Rights (EU/UK Users)

You have the right to:

  • Access your personal data
  • Rectify inaccurate or incomplete data
  • Request erasure (“Right to be Forgotten”)
  • Restrict or object to processing
  • Request data portability
  • Withdraw consent
  • Lodge a complaint with a Data Protection Authority (DPA)

7.2 DPDP Act Rights (Indian Users)

You have the right to:

  • Access information about personal data processed
  • Request correction or erasure
  • Withdraw consent
  • Nominate another person to exercise your rights
  • Register grievances with our Grievance Redressal Officer
  • Escalate unresolved complaints to the Data Protection Board of India

8. User Responsibilities

Users agree to:

  • Provide accurate, complete, and up-to-date information
  • Not impersonate another individual
  • Not misrepresent or suppress material information

9. Data Security

We implement reasonable technical and organizational safeguards, including:

  • Secure servers and encryption
  • Access controls and authentication
  • Periodic security reviews

However, no data transmission or storage system is completely secure.

10. Data Breach Notification

In the event of a personal data breach:

  • We will take immediate steps to mitigate harm
  • Notify relevant authorities as required by law
  • Inform affected users where legally required

11. Children’s Privacy

  • We do not knowingly collect personal data of children without verifiable parental or guardian consent.
  • Any such data will be deleted in accordance with applicable law.

12. Cookies & Tracking Technologies

We use cookies and similar technologies to:

  • Ensure website functionality
  • Analyze traffic and usage
  • Personalize content and marketing (with consent)

You can manage cookie preferences through browser settings or our cookie consent tool.

13. Grievance Redressal & Contact Information

For privacy or data protection concerns, contact us at:

Email: [info@triptrails.co.in]

Grievance Redressal Officer (India)

Name: GAURAV GARG
Email: ggarg@triptrails.co.in]

EU/UK users may also lodge complaints with their local Data Protection Authority.

14. Updates to This Policy

We may update this Privacy Policy periodically. Changes will be effective upon posting. Continued use of our services constitutes acceptance of the updated policy.