Data Controller & DPO
Seeyatrip Global LLP is the Data Controller for all personal data processed through the Seeyatrip platform, including the website at seeyatrip.com and any associated mobile applications.
| Detail | Information |
|---|---|
| Company | Seeyatrip Global LLP |
| GSTIN | 36AFFFS7872C1ZQ |
| Registered Address | 3rd Floor KNR Square, Gachibowli, Hyderabad, Telangana, India |
| DPO Email | privacy@seeyatrip.com |
| Phone | +91 8096365247 |
| Response SLA | Within 30 days (extendable to 90 days for complex requests) |
| Regulator (India) | Data Protection Board of India (DPDP Act 2023) |
| Regulator (EU) | Relevant EU/EEA supervisory authority of your member state |
Personal Data We Collect
We collect personal data when you register, search, book, or interact with the platform. We collect only what is necessary for the services you use.
| Category | Examples |
|---|---|
| Identity Data | Full name, date of birth, gender, passport/ID number, photograph |
| Contact Data | Email address, phone number, postal address |
| Payment Data | Payment method type, masked card details, billing address, transaction ID (full card data is never stored by Seeyatrip) |
| Booking Data | Travel dates, destinations, accommodation preferences, co-traveller names |
| Technical Data | IP address, device ID, browser type, operating system, cookies, session data |
| Usage Data | Pages visited, searches conducted, features used, click-stream data |
| Communications Data | Support tickets, chat transcripts, emails, review content |
| Location Data | Approximate location (if enabled), destination search patterns |
| Special Categories | Dietary preferences, accessibility/disability requirements, health data β only where voluntarily provided and strictly necessary |
Lawful Basis for Processing
We process your personal data only where we have a valid legal basis under GDPR Article 6 and the Digital Personal Data Protection Act 2023 (India).
| Legal Basis | When We Rely on It |
|---|---|
| Contractual Necessity | Processing required to complete your booking and deliver purchased travel services |
| Legitimate Interests | Fraud prevention, platform security, analytics, and service improvement β where our interests are not overridden by your rights |
| Legal Obligation | Tax reporting (TCS, GST), AML compliance, regulatory disclosures, court orders |
| Consent | Marketing communications, non-essential cookies, location tracking β withdrawable at any time |
| Vital Interests | Emergency health or safety situations affecting you as a traveller |
How We Use Your Data
- Processing and managing your bookings and travel arrangements
- Communicating with you about bookings, itineraries, and travel documents
- Processing payments and managing refunds
- Providing customer support and resolving disputes
- Sending service notifications β confirmation emails, booking reminders, schedule changes
- Fraud detection, security monitoring, and account protection
- Personalising platform content, recommendations, and search results
- Conducting platform analytics and improving user experience
- Complying with legal, regulatory, and tax obligations under Indian and applicable international law
- Sending marketing communications β only with your consent where required by law
- Facilitating community travel features and group coordination
Data Sharing & Third-Party Disclosures
| Recipient | Data Shared |
|---|---|
| Hotels & Accommodation Suppliers | Name, contact, booking details β required to fulfil your booking |
| Airlines & Transport Operators | Passenger name records (PNR) as required for ticketing |
| Payment Processors | Transaction data β processed by PCI-DSS v4.0 certified providers only |
| Visa Authorities | Application data submitted at your direction |
| Technology Partners | Cloud hosting, analytics, CRM, customer support tools β under DPA |
| Legal Authorities | Where required by court order, law enforcement request, or regulatory mandate |
| Travel Insurance Providers | Where you purchase insurance through the platform |
| Group Organisers | For community and group travel coordination β with your consent |
International Data Transfers
Your personal data may be transferred to and processed in countries outside India β including the EU/EEA, UK, UAE, Singapore, and the United States β for booking fulfilment, cloud hosting, and analytics purposes. All international transfers are conducted under:
- GDPR Chapter V safeguards β Standard Contractual Clauses and/or Adequacy Decisions
- Digital Personal Data Protection Act 2023 cross-border transfer provisions
- Applicable bilateral or multilateral data transfer frameworks
Data Retention
We retain personal data only for as long as necessary for the purposes it was collected, or as required by applicable law.
| Data Type | Retention Period |
|---|---|
| Booking Records | 7 years β tax and audit compliance under Indian law |
| Account Data | Duration of account + 2 years post-closure |
| Payment Records | 7 years β financial records regulatory requirement |
| Marketing Consent | Until withdrawn + 1 year record-keeping |
| Support Interactions | 3 years from resolution |
| Technical / Security Logs | 90 days |
| Anonymised Analytics | Indefinitely β no personal identifiers retained |
Your Data Subject Rights
We will respond to all valid requests within 30 days. Submit requests to privacy@seeyatrip.com.
Request a copy of all personal data we hold about you (DSAR)
Request correction of inaccurate or incomplete personal data
Request deletion of your data where no legal basis for retention applies
Request that we limit processing of your data in certain circumstances
Receive your data in a structured, machine-readable format
Object to processing based on legitimate interests or direct marketing
Withdraw any previously given consent at any time without affecting prior processing
Lodge a complaint with the Data Protection Board of India or relevant EU/UK supervisory authority
Data Security
Seeyatrip implements technical and organisational security measures proportionate to the risk of processing. These include:
- TLS/SSL encryption for all data in transit
- AES-256 encryption for data at rest
- PCI-DSS v4.0 compliant payment infrastructure
- Multi-factor authentication for platform access
- Regular penetration testing and vulnerability assessments
- Role-based access controls and data authorisation
- Employee data protection training and confidentiality obligations
In the event of a personal data breach likely to result in high risk to your rights and freedoms, Seeyatrip will notify you without undue delay and notify the Data Protection Board of India within 72 hours of becoming aware of the breach, as required by the DPDP Act 2023. For security concerns, contact security@seeyatrip.com.
Children's Privacy
The Seeyatrip platform is intended for use by adults aged 18 and over. We do not knowingly collect personal data from children under the age of 13 without verifiable parental consent, in compliance with COPPA and applicable Indian law. If you believe a child has provided personal data to us, contact privacy@seeyatrip.com and we will delete it promptly.
Contact Us & DPO
| Contact Type | Details |
|---|---|
| Data Protection / DPO | privacy@seeyatrip.com |
| Grievance Officer | grievance@seeyatrip.com |
| General Support | support@seeyatrip.com |
| Legal & Compliance | legal@seeyatrip.com |
| Phone | +91 8096365247 β MonβFri, 10:00β18:00 IST |
| Postal Address | Seeyatrip Global LLP, 3rd Floor KNR Square, Gachibowli, Hyderabad, Telangana, India |
We will acknowledge your request within 48 hours and resolve within 30 days (extendable to 90 days for complex requests) in accordance with GDPR Article 12 and the DPDP Act 2023.
You also have the right to lodge a complaint with the Data Protection Board of India or the supervisory authority in your EU/UK member state at any time.