Privacy Policy

Scope

This Privacy Policy applies to personal data collected by Voya Trail through our website, contact forms, booking requests, customer support, marketing communications, and related online services. It does not apply to third-party websites, platforms, or services that we do not own or control.

Key Definitions

"Personal data" means any information about an individual who is identifiable by or in relation to that information. "Sensitive personal data or information" (SPDI) under the SPDI Rules may include passwords, financial information such as bank account or card details, physical or mental health condition, medical records and history, biometric information, and other categories recognized by applicable law.

Information We Collect

We may collect account and contact details such as your name, email address, phone number, and communication preferences.

We may collect booking and travel details such as destinations, travel dates, traveler information, special requests, and service history, including information you provide for co-travelers where relevant to a booking.

Payment information is handled through our payment partners. We do not store full card details on our servers, although limited references or tokens may be retained for refund processing and reconciliation.

In limited cases and only where necessary for a lawful booking purpose, we may collect optional SPDI with your explicit consent, such as health details relevant to travel support, government identification where required for bookings, or other information mandated by service providers or authorities.

We may also collect device and usage data such as IP address, browser type, device identifiers, visited pages, and interactions through analytics tools and cookies.

We collect communications data when you contact us for queries, feedback, or support, and marketing preference data such as subscription choices, opt-ins, unsubscribes, and campaign engagement.

Please avoid sharing SPDI unless we specifically request it for a lawful and necessary travel-related purpose. If you share such information inadvertently, you may request deletion using the contact details below.

How We Use Your Information

We use your data to provide, personalize, and manage bookings, itineraries, and related travel services.

We use it to communicate about inquiries, quotations, confirmations, travel updates, and support requests.

We process data to manage payments, refunds, fraud prevention, and misuse detection.

We may use information to comply with legal and regulatory obligations, including identity verification and partner requirements where applicable.

We also use data to improve website performance, customer experience, service quality, and internal operations, and to send marketing communications where you have provided consent.

Our legal grounds may include consent, performance of a contract, compliance with legal obligations, and legitimate interests such as service improvement and security.

Cookies and Tracking

We use cookies and similar technologies for essential website functions, analytics, and to remember your preferences. Where required by law, we will seek your consent. You can manage cookies through your browser settings, although disabling certain cookies may affect website functionality.

Sharing and Disclosure

We may share data with service providers and trusted partners such as hotels, airlines, local operators, payment gateways, CRM providers, and analytics vendors that support our services under appropriate safeguards.

We may disclose information to law enforcement agencies, regulators, courts, or other authorities where legally required or where necessary to protect our rights, users, or the public.

In the event of a merger, acquisition, restructuring, or business transfer, personal data may be transferred subject to this Privacy Policy or equivalent safeguards.

We do not sell personal data. We share SPDI only with consent, where necessary for a lawful purpose, or as otherwise permitted or required by applicable law.

International Transfers

Your information may be transferred to and processed in countries outside India where our partners or service providers operate. Where required, such transfers are made with your consent and with reasonable security practices, contractual protections, and appropriate safeguards.

Security Practices

We maintain reasonable security practices and procedures in line with applicable law, including organizational, technical, and physical safeguards designed to protect personal data against unauthorized access, alteration, disclosure, misuse, or destruction. These may include encryption in transit, role-based access controls, and periodic security reviews.

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes described in this Privacy Policy, comply with legal, accounting, or regulatory obligations, resolve disputes, and enforce our agreements. When data is no longer required, it is deleted, anonymized, or de-identified in accordance with our retention practices.

Your Rights and Choices

Subject to applicable law, including the Digital Personal Data Protection Act, 2023, you may have the right to access, correct, update, or delete your data, withdraw consent, and raise a grievance regarding processing. To exercise your rights, contact us using the details provided below. We may need to verify your request before taking action.

You may also opt out of marketing communications at any time by using the unsubscribe link in our emails or by contacting us directly.

Children's Privacy

Our services are not directed to children under the age of 18. We do not knowingly collect personal data from children without appropriate consent from a parent or guardian where required by law. If you believe a child has provided personal data to us without valid consent, please contact us so we can take appropriate action.

Grievance Redressal

In accordance with applicable law, including the SPDI Rules where relevant, you may contact our Grievance Officer with questions or complaints regarding the processing of your personal data or this Privacy Policy.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, technology, business practices, or our services. Any material updates will be reflected by revising the effective date above and, where appropriate, by posting a notice on our website or contacting you directly.

Contact Us

For privacy-related questions, rights requests, or concerns, please contact Voya Trail using the details below.

support@voyatrail.com