TRAVELKEEDA — PRIVACY POLICY

Last Updated: November, 2025

1. INTRODUCTION

This Privacy Policy (“Policy”) explains how TravelKeeda (“TravelKeeda,” “Company,” “we,” “us,” or “our”) collects, processes, stores, shares, and protects personal data when you access or use:

• Our website: www.travelkeeda.com
• Our email newsletters
• Our affiliate-linked content
• Any tools, widgets, or services offered by us (“Services”)

By accessing our Services, you acknowledge that you have read and understood this Policy.

2. DEFINITIONS (LEGAL)

• “Personal Data”: Any information relating to an identified or identifiable individual (GDPR Art. 4).
• “Processing”: Any operation performed on personal data (collection, storage, deletion, etc.).
• “User” or “Data Subject”: Any visitor accessing our website.
• “Data Controller”: TravelKeeda — we determine the purpose and means of processing.
• “Data Processor”: Third parties who process data on our behalf (e.g., hosting providers, email services, analytics tools).
• “Third Party”: Any external company not controlled by us.

3. DATA CONTROLLER INFORMATION

TravelKeeda
Website: https://www.travelkeeda.com
Email: [Insert email]
Location/Jurisdiction: India (Compliant globally)

For GDPR matters, TravelKeeda acts as the Data Controller.

4. TYPES OF DATA WE COLLECT

A. Data Provided Directly by Users

We may collect:

• Full name
• Email address
• Country/region
• Voluntary messages submitted via contact forms
• Newsletter subscription details

We do not collect financial details, sensitive personal data, or identity documents.

B. Automatically Collected Data

Using cookies, server logs, and tracking technologies, we may collect:

• IP address
• Browser type & version
• Device identifiers
• Operating system
• Referring/exit pages
• Time spent on pages
• Clickstream data
• Geo-approximation (non-precise)
• Affiliate tag tracking (e.g., Booking.com ID)

C. Cookies and Tracking Technologies

We classify cookies into:

1. Essential (Strictly Necessary)

Used for:

• Basic site functionality
• Security
• Affiliate link tracking (to calculate commissions)

2. Analytical / Performance Cookies

Used to analyze user behavior (Google Analytics, etc.).

3. Advertising Cookies

Used by third parties such as Google Ads.

4. Affiliate Tracking Cookies

Used by partners such as:

• Booking.com
• Agoda
• Skyscanner
• Klook
• Viator
• Amazon Associates

Once a user clicks on these links, their privacy policies take over.

A complete cookie table can be provided on request.

5. PURPOSE OF DATA COLLECTION (GDPR ARTICLE 6 TABLE)

6. USE OF DATA

We use personal data to:

• Provide and maintain the website
• Improve performance and user experience
• Personalize content
• Deliver newsletters
• Detect misuse, fraud, or security threats
• Track affiliate link performance
• Comply with legal obligations
• Serve relevant advertising
• Analyze usage patterns and market trends

We do not sell personal data.

7. DISCLOSURE OF DATA TO THIRD PARTIES

We work with the following categories of third parties:

A. Affiliate Partners

Affiliate clicks may redirect users to third-party platforms. These partners may independently collect data:

• Booking.com
• Agoda
• Skyscanner
• Klook
• Viator
• MakeMyTrip
• GetYourGuide
• Amazon Associates
• Other travel or commerce partners

When you leave our site, their policies apply.

We DO NOT receive:

• Booking details
• Payment information
• Traveler history
• Identity data

B. Service Providers (Processors)

We may share data with:

• Email newsletter tools (Mailchimp, SendGrid, etc.)
• Web hosting providers
• Cloud storage providers
• Analytics tools (Google Analytics)
• Security tools (Cloudflare)

These providers are bound by strict data processing agreements.

C. Legal Authorities

Only when required by:

• Court orders
• Legal obligations
• Fraud investigations
• Governmental requests

8. INTERNATIONAL DATA TRANSFERS

Data may be stored or processed in:

• India
• Europe
• United States
• Global cloud servers

Compliance mechanisms include:

✔ Standard Contractual Clauses (SCC)
✔ DPDP Act compliance (India)
✔ GDPR cross-border rules
✔ Adequacy decisions
✔ Secure hosting environments

9. DATA RETENTION POLICY

We retain data only as long as needed for legal, operational, or security purposes.

10. USER RIGHTS

Under GDPR (EU/UK)

Users have the right to:

• Access
• Correction
• Deletion
• Restriction
• Data portability
• Withdraw consent
• Object to processing
• Lodge complaints with supervisory authorities

Under CCPA/CPRA (California)

Users may:

• Request data disclosure
• Request deletion
• Opt-out of data selling
• Non-discrimination rights

TravelKeeda does not sell personal data.

Under DPDP Act (India)

Users may request:

• Correction
• Erasure
• Consent withdrawal
• Nomination (post-death data rights)

To exercise any rights:

📩 Email: [Insert Email]

We respond within:

• 30 days (GDPR)
• 45 days (CCPA)
• 30 days (DPDP)

11. CHILDREN’S PRIVACY

Our services are not intended for children under 13.
We do not knowingly collect data from minors.

If you believe a minor submitted data, contact us for immediate deletion.

12. SECURITY MEASURES

We use:

• SSL encryption
• Firewall protection
• Malware scanning
• Restricted database access
• Secure hosting
• Data minimization principles
• Regular audits

Despite safeguards, no system is entirely secure.

13. LINKS TO EXTERNAL WEBSITES

We are not responsible for:

• Privacy practices
• Cookies
• Data collection
• Policies

of third-party platforms linked from our website.

Users must review those policies separately.

14. AUTOMATED DECISION MAKING

We do not perform:

• Automated profiling
• AI-based decision-making
• Automated marketing decisions based on personal data

15. CHANGES TO THIS POLICY

We reserve the right to update this Policy.
Changes become effective upon posting.

Continued use constitutes acceptance.