Privacy Policy

Last updated: 10 Nov 2025 • Applies to the TripYatra website and mobile apps.
Secure checkout (Razorpay & Cashfree) Data encrypted in transit Account & data deletion on request
What we collect How we use data Sharing App permissions Payments Security Your rights Cookies Delete account/data Contact

Welcome to TripYatra.com (“TripYatra”, “we”, “us”, or “our”). This Privacy Policy describes how we collect, use, share, and protect information when you use our website (tripyatra.com) and mobile apps for hotel bookings, tours/activities, rentals, and car hire.

This page also satisfies Google Play’s disclosures for sensitive app permissions (Camera, Location, Microphone, Photos/Media, and Notifications) and our payments/financial features.

1) Information We Collect

Personal Information

  • Contact: name, email, phone, address
  • Account: username, password, profile details
  • Bookings: dates, guests, preferences, history, invoices
  • Identification (where required by partners): passport/ID

Non-Personal & Technical

  • Device & log data (IP, OS, browser, app version)
  • Usage analytics (pages, screens, searches, clicks)
  • Cookies & similar tech for preferences and performance

2) How We Use Information

  • To process bookings and provide customer support
  • To communicate updates, trip changes, and confirmations
  • To personalize results (e.g., deals, language/currency)
  • To secure payments, prevent fraud, and comply with law
  • To improve product quality via performance/crash analytics

3) How We Share Information

  • Booking partners: hotels, tour/activity/rental providers, and car operators
  • Payment processors: Razorpay, Cashfree
  • Service vendors: cloud hosting, push notifications, analytics, support tools
  • Legal/Compliance: when required by law or to protect our users and services

We require third parties to handle data lawfully and securely, and only for the purposes described here.

4) App Permissions (Mobile)

We request only the permissions needed to provide features. All are user-initiated and foreground only unless stated.

PermissionPurposeRequired?Background use
ACCESS_COARSE/ACCESS_FINE_LOCATION Map view, nearby search, distance sorting Optional (enables location-aware features) No
CAMERA Capture profile/listing photos (when you choose “Take photo”) Optional (gallery/file picker also available) No
READ_MEDIA_IMAGES / file picker Upload images from your device (profile, listings, verification) Optional No
RECORD_AUDIO Voice search/assistant (on explicit tap to speak) Optional No
POST_NOTIFICATIONS Booking updates, reminders, promotional alerts (opt-out anytime) Optional

We do not access SMS, contacts, call logs, or background location.

5) Payments & Financial Features

  • We support purchases of travel services (goods/services), processed by Razorpay and Cashfree.
  • We do not store full card numbers, CVV, or UPI PIN. Payment data is handled by the gateway.
  • Invoices, taxes/GST, refunds/chargebacks, and fraud-prevention logs may be retained per law.

6) Security

  • Encryption in transit (HTTPS/TLS) for data sent between app/site and servers.
  • Access controls and monitoring to reduce unauthorized access.
  • While no method is 100% secure, we continually improve safeguards.

7) Your Privacy Choices & Rights

  • Access/Correction: request a copy or correction of your data
  • Opt-out: unsubscribe marketing, adjust notifications
  • Deletion: request account/data deletion (see below)

Your rights may vary by region (e.g., GDPR/UK GDPR/CCPA). We will verify your request (email or OTP).

8) Cookies & Similar Technologies

  • Essential: sign-in, security, preferences
  • Analytics & performance: usage trends, crash/perf diagnostics
  • Personalization: language, currency, saved choices

Manage cookies in your browser/device settings. Disabling may impact some features.

9) Account & Data Deletion

How to request deletion
  • In-app: Profile → Settings → Legal & Info → Delete account/data (if available)
  • Email: write to support@tripyatra.com from your registered email
What we delete / what we may retain
  • We delete or anonymize profile, contact, preferences, and app activity tied to your account.
  • We may retain records required for law, audits, tax/GST invoices, disputes, or fraud prevention with restricted access and limited retention.

Target timeline: 7–30 days depending on scope and legal duties.

10) International Transfers & Third-Party Links

Your data may be processed in other countries with different protections; we use appropriate safeguards. Third-party sites have their own policies—please review them before sharing data.

11) Changes to this Policy

We may update this policy. We’ll revise the “Last updated” date and, where required, provide additional notice.

12) Contact

Questions or requests? Email support@tripyatra.com • Website: www.tripyatra.com