Privacy Policy

1. Introduction

Polaris Commerce Group Private Limited operates the Tripsure platform ("Tripsure", "we", "our" or "us"). We are committed to handling your personal information responsibly and transparently.

This Privacy Policy explains what information we collect when you use the Tripsure website, mobile site or application (collectively, the "Platform"), how we use it, with whom we share it, and what rights you have in relation to it. It should be read alongside our Terms of Service.

By accessing or using the Platform, you acknowledge that you have read and understood this Privacy Policy. If you do not agree, please discontinue use of the Platform.

2. Who We Are

For the purposes of applicable data protection law, the data fiduciary responsible for your personal information is:

3. Information We Collect

We collect only the information necessary to operate the Platform and facilitate your bookings. This falls into two broad categories.

Information You Provide

When you register, make a booking or contact us, you may provide:

• – Identity and contact details — name, email address, phone number;
• – Travel documentation — passport number or government-issued identification, where required for international booking fulfilment or regulatory compliance;
• – Payment information — processed securely through our payment gateway partners; we do not store full card details on our systems; and
• – Correspondence — communications you send us, including support queries and feedback.

Information Collected Automatically

When you use the Platform, we may automatically collect certain technical information, including device type and identifiers, browser type and version, operating system, IP address, pages visited and actions taken on the Platform, and referral URLs. This information is used for platform security, analytics and service improvement.

Information from Third Parties

We may receive booking-related information from accommodation suppliers and payment partners in connection with the fulfilment of your reservation. We do not purchase or acquire personal data from unrelated third-party data brokers.

4. How We Use Your Information

We use the information we collect for the following purposes:

• – To process and confirm your bookings and communicate booking status to you;
• – To verify your identity and comply with applicable legal and regulatory requirements, including tax and anti-money laundering obligations;
• – To process payments and manage refunds, disputes and chargebacks;
• – To respond to your queries, complaints and support requests;
• – To send transactional communications relating to your bookings — such as confirmations, reminders and updates;
• – To send promotional communications where you have consented or where we are otherwise permitted to do so under applicable law;
• – To detect, investigate and prevent fraud, misuse, suspicious activity or security incidents;
• – To improve, personalise and develop the Platform and our services; and
• – To comply with our legal obligations and enforce our Terms of Service.

We process your personal information on the following legal bases: performance of a contract with you (primarily for booking fulfilment); compliance with a legal obligation; our legitimate interests (such as fraud prevention, security and service improvement); and, where required, your consent.

5. Travel Documents and Sensitive Information

Passport numbers and government-issued identification details fall within categories of personal information that warrant heightened care. We collect this information only where it is strictly necessary — for example, to fulfil international hotel bookings that require guest identification, or to comply with applicable legal obligations.

Such information is shared only with the relevant accommodation supplier or authority to whom disclosure is legally required or contractually necessary for your booking. It is not used for marketing and is not shared with any unrelated third party.

We retain such information only for as long as necessary for the purpose for which it was collected, or as required by law, following which it is securely deleted.

6. Sharing Your Information

We do not sell your personal information. We share it only in the following circumstances:

Accommodation Suppliers and Partners

We share booking-related information — including your name, contact details and, where required, travel documentation — with the relevant hotel or accommodation supplier to fulfil your reservation. Suppliers are required to handle your information in accordance with applicable law.

Payment Processors

Payment information is processed by our PCI-DSS compliant payment gateway partners. These partners operate under strict data security obligations and are not permitted to use your payment data for their own purposes.

Technology and Service Providers

We engage third-party service providers for functions such as cloud hosting, analytics, communications and customer support. These providers process data on our behalf and are bound by contractual obligations to protect it.

Legal and Regulatory Disclosure

We may disclose your information where required by law, court order, regulatory authority or government directive, or where we believe disclosure is necessary to protect our legal rights, prevent fraud or ensure the safety of our users.

Business Transfers

In the event of a merger, acquisition, restructuring or sale of all or part of our business, your information may be transferred as part of that transaction. We will notify you of any such change as required by law.

7. International Transfer of Data

Tripsure operates in connection with global accommodation suppliers and technology partners. Your information may be transferred to and processed in countries outside India in connection with booking fulfilment. Where such transfers occur, we take reasonable steps to ensure that your information receives an adequate level of protection consistent with applicable Indian data protection law.

8. Data Retention

We retain your personal information for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting and regulatory requirements. Booking records and associated personal data are generally retained for a period of seven years following the date of the booking, in line with standard financial record-keeping obligations under Indian law.

Technical and usage data collected automatically is retained for shorter periods as appropriate for its purpose. Where you request deletion of your account, we will delete or anonymise your personal information within a reasonable period, except where retention is required by law or for the resolution of outstanding disputes.

9. Your Rights

Subject to applicable law, including the Digital Personal Data Protection Act, 2023 ("DPDP Act"), you have the following rights in relation to your personal information:

• – Access — the right to request confirmation of whether we process your personal data and to obtain a summary of such data;
• – Correction — the right to request correction of inaccurate or incomplete personal data;
• – Erasure — the right to request deletion of your personal data, subject to applicable legal exceptions;
• – Grievance redressal — the right to have your data-related grievances addressed in a timely and effective manner; and
• – Nomination — the right to nominate an individual to exercise your rights in the event of your death or incapacity, as provided under the DPDP Act.

To exercise any of these rights, please contact our Grievance Officer at grievances@tripsure.com. We will respond within the timeframe required by applicable law.

10. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to operate and improve the Platform, remember your preferences, analyse usage patterns and deliver relevant content. You can control cookie settings through your browser preferences; however, disabling certain cookies may affect the functionality of the Platform.

We do not use tracking technologies to build detailed profiles for the purpose of selling such profiles to third parties.

11. Children's Privacy

The Platform is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from minors. If we become aware that we have inadvertently collected information from a minor, we will take steps to delete it promptly. If you believe a minor has provided us with their personal information, please contact us at contact@tripsure.com.

12. Security

We implement appropriate technical and organisational measures to protect your personal information against unauthorised access, loss, destruction or alteration. Payment data is processed through PCI-DSS compliant infrastructure. However, no method of transmission over the internet or electronic storage is entirely secure, and we cannot guarantee absolute security.

In the event of a personal data breach that is likely to result in harm to you, we will notify you and the relevant authorities as required under applicable law.

13. Third-Party Websites and Services

The Platform may contain links to third-party websites or services. This Privacy Policy does not apply to those third parties. We encourage you to review the privacy policies of any third-party sites you visit, as we have no control over their content or data practices.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology or legal obligations. The "Last Updated" date at the top of this document will reflect the most recent revision. Where changes are material, we will take reasonable steps to bring them to your attention. Your continued use of the Platform following any update constitutes acceptance of the revised Policy.

15. Grievance Officer

In accordance with applicable law, including the DPDP Act 2023 and the Information Technology Act, 2000, we have appointed a Grievance Officer to address complaints and queries relating to the processing of your personal data.

16. Contact Us

For general privacy-related queries or to exercise your rights, you may also reach us at: