BOARD MYTRIP (hereinafter “BMYT”) recognizes the importance of privacy of its users and also of maintaining confidentiality of the information provided by its users as a responsible data controller and data processor.
B. USERS OUTSIDE THE GEOGRAPHICAL LIMITS OF INDIA
Please note that the data shared with BMYT shall be primarily processed in India and such other jurisdictions where a third party engaged by GI may process the data on its behalf. By agreeing to this policy, you are providing BMYT with your explicit consent to process your personal information for the purpose(s) defined in this policy. The data protection regulations in India or such other jurisdictions mentioned above may differ from those of your country of residence.
If you have any concerns in the processing your data and wish to withdraw your consent, you may do so by writing to the following email id:
However, if such processing of data is essential for us to be able to provide a service(s) to you, then we may not be able to serve or confirm your bookings after your withdrawal of consent. For instance, if you make a booking (flight or hotel), then certain personal information of yours like contact details, gender, dietary preferences, choice of room with smoking facility, any medical condition which may require specific attention or facility etc. may have to be shared by us with our vendors, and they may further process this information for making suitable arrangements for you during your trip.
A withdrawal of consent by you for us to process your information may:
Severely inhibit our ability to serve you properly and in such case, we may have to refuse the booking altogether, or
Unreasonably restrict us to service your booking (if a booking is already made) which may further affect your trip or may compel us to cancel your booking.
C. TYPE OF INFORMATION WE COLLECT AND ITS LEGAL BASIS
The information as detailed below is collected for us to be able to provide the services chosen by you and also to fulfil our legal obligations as well as our obligations towards third parties as per our User Agreement.
"Personal Information" of User shall include the information shared by the User and collected by us for the following purposes:
Registration on the Website: Information which you provide while subscribing to or registering on the Website, including but not limited to information about your personal identity such as name, gender, marital status, religion, age etc., your contact details such as your email address, postal addresses, frequent flyer number, telephone (mobile or otherwise) and/or fax numbers. The information may also include information such as your banking details (including credit/debit card) and any other information relating to your income and/or lifestyle; billing information payment history etc. (as shared by you).
Other information: We many also collect some other information and documents including but not limited to:
Transactional history (other than banking details) about your e-commerce activities, buying behaviour.
Your usernames, passwords, email addresses and other security-related information used by you in relation to our Services.
Data either created by you or by a third party and which you wish to store on our servers such as image files, documents etc.
Data available in public domain or received from any third party including social media channels, including but not limited to personal or non-personal information from your linked social media channels (like name, email address, friend list, profile pictures or any other information that is permitted to be received as per your account settings) as a part of your account information.
Information pertaining any other traveller(s) for who you make a booking through your registered GI account. In such case, you must confirm and represent that each of the other traveller(s) for whom a booking has been made, has agreed to have the information shared by you disclosed to us and further be shared by us with the concerned service provider(s).
If you wish to avail the auto-check in facility at hotels, you will be required to upload your identity documents like PAN Card, Aadhaar card, driving license, voter ID or any other permissible document for us to be able to provide you with the auto-check in facility.
D. HOW WE USE YOUR PERSONAL INFORMATION
The Personal Information collected maybe used in the following manner:
While making a booking:
While making a booking, we may use Personal Information including, payment details which include cardholder name, credit/debit card number (in encrypted form) with expiration date, banking details, wallet details etc. as shared and allowed to be stored by you. We may also use the information of travelers list as available in or linked with your account. This information is presented to the User at the time of making a booking to enable you to complete your bookings expeditiously.
We may also use your Personal Information for several reasons including but not limited to:
Confirm your reservations with respective service providers;
keep you informed of the transaction status;
Send booking confirmations either via sms or Whatsapp or any other messaging service;
Send any updates or changes to your booking(s);
Allow our customer service to contact you, if necessary;
Customize the content of our website, mobile site and mobile app;
Request for reviews of products or services or any other improvements;
Send verification message(s) or email(s);
Validate/authenticate your account and to prevent any misuse or abuse.
Contact you on your birthday/anniversary to offer a special gift or offer.
We value opinions and comments from our Users and frequently conduct surveys, both online and offline. Participation in these surveys is entirely optional. Typically, the information received is aggregated, and used to make improvements to Website, other Sales Channels, services and to develop appealing content, features and promotions for members based on the results of the surveys. Identity of the survey participants is anonymous unless otherwise stated in the survey.
Marketing promotions, research and programs:
Marketing promotions, research and programs help us to identify your preferences, develop programs and improve user experience. BMYT frequently sponsors promotions to give its Users the opportunity to win great travel and travel related prizes. Personal Information collected by us for such activities may include contact information and survey questions. We use such Personal Information to notify contest winners and survey information to develop promotions and product improvements. As a registered User, you will also occasionally receive updates from us about fare sales in your area, special offers, new services, other noteworthy items (like savings and benefits on airfares, hotel reservations, holiday packages, car rentals and other travel services) and marketing programs.
In addition, you may look forward to receiving periodic marketing emails, newsletters and exclusive promotions offering special deals.
From time to time we may add or enhance services available on the Website. To the extent these services are provided, and used by you, we will use the Personal Information you provide to facilitate the service(s) requested. For example, if you email us with a question, we will use your email address, name, nature of the question, etc. to respond to your question. We may also store such Personal Information to assist us in making the Website the better and easier to use for our Users.
BMYT may from time to time launch reward programs by way of which users may stand to win travel related rewards or other rewards. We may use your Personal Information to enroll you in the rewards program and status of the same will be visible each time you log in to the Website. Depending on the reward program, each time you win a reward, GI may share your Personal Information with a third party that will be responsible for fulfilling the reward to you. You may however choose to opt out of such reward programs by writing to us. For various purposes such as fraud detection, offering bookings on credit etc., we at times may verify information of customers on selective basis, including their credit information. Additionally, BMYT may share your Personal Information, anonymized and/ or aggregated data to a third party that BMYT may engage to perform certain tasks on its behalf, including but not limited to payment processing, data hosting, data processing and assessing credit worthiness for offering bookings on credit.
E. HOW LONG DO WE KEEP YOUR PERSONAL INFORMATION?
GI will retain your Personal Information on its servers for as long as is reasonably necessary for the purposes listed in this policy. In some circumstances we may retain your Personal Information for longer periods of time, for instance where we are required to do so in accordance with any legal, regulatory, tax or accounting requirements.
Where your personal data is no longer required we will ensure it is either securely deleted or stored in a way which means it will no longer be used by the business.
F. COOKIES AND SESSION DATA
Cookies are small pieces of information that are stored by your browser on your device's hard drive. Cookies allow us to serve you better and more efficiently. Cookies also allow ease of access, by logging you in without having to type your login name each time (only your password is needed); we may also use such cookies to display any advertisement(s) to you while you are on the Website or to send you offers (or similar emails – provided you have not opted out of receiving such emails) focusing on destinations which may be of your interest.
A cookie may also be placed by our advertising servers, or third party advertising companies. Such cookies are used for purposes of tracking the effectiveness of advertising served by us on any website, and also to use aggregated statistics about your visits to the Website in order to provide advertisements in the Website or any other website about services that may be of potential interest to you. The third party advertising companies or advertisement providers may also employ technology that is used to measure the effectiveness of the advertisements. All such information is anonymous. This anonymous information is collected through the use of a pixel tag, which is an industry standard technology and is used by all major websites. They may use this anonymous information about your visits to the Website in order to provide advertisements about goods and services of potential interest to you. No Personal Information is collected during this process. The information so collected during this process, is anonymous, and does not link online actions to a User.
Most web browsers automatically accept cookies. Of course, by changing the options on your web browser or using certain software programs, you can control how and whether cookies will be accepted by your browser. BMYT supports your right to block any unwanted internet activity, especially that of unscrupulous websites. However, blocking BMYT cookies may disable certain features on the Website, and may hinder an otherwise seamless experience to purchase or use certain services available on the Website. Please note that it is possible to block cookie activity from certain websites while permitting cookies from websites you trust.
Automatic Logging of Session Data:
Each time you access the Website your session data gets logged. Session data may consist of various aspects like the IP address, operating system and type of browser software being used and the activities conducted by the User while on the Website. We collect session data because it helps us analyze User’s choices, browsing pattern including the frequency of visits and duration for which a User is logged on. It also helps us diagnose problems with our servers and lets us better administer our systems. The aforesaid information cannot identify any User personally. However, it may be possible to determine a User's Internet Service Provider (ISP), and the approximate geographic location of User's point of connectivity through the above session data.
G. WITH WHOM YOUR PERSONAL INFORMATION
Service Providers and suppliers:
Your information shall be shared with the end service providers like airlines, hotels, bus service providers, cab rental, railways or any other suppliers who are responsible for fulfilling your booking. You may note that while making a booking with BMYT you authorize us to share your information with the said service providers and suppliers. It is pertinent to note that BMYT does not authorize the end service provider to use your information for any other purpose(s) except as may be for fulfilling their part of service. However, how the said service providers/suppliers use the information shared with them is beyond the purview and control of BMYT as they process Personal Information as independent data controllers, and hence we cannot be made accountable for the same. You are therefore advised to review the privacy policies of the respective service provider or supplier whose services you choose to avail.
BMYT does not sell or rent individual customer names or other Personal Information of Users to third parties except sharing of such information with our business / alliance partners or vendors who are engaged by us for providing various referral services and for sharing promotional and other benefits to our customers from time to time basis their booking history with us.
COMPANIES IN THE SAME GROUP:
In the interests of improving personalization and service efficiency, we may, under controlled and secure circumstances, share your Personal Information with our affiliate or associate entities. . This will enable us to provide you with information about various products and services, both leisure- and travel-related, which might interest you; or help us address your questions and requests in relation to your bookings.
If the assets of BMYT are acquired, our customer information may also be transferred to the acquirer depending upon the nature of such acquisition. In addition, as part of business expansion/development/restructuring or for any other reason whatsoever, if we decide to sell/transfer/assign our business, any part thereof, any of our subsidiaries or any business units, then as part of such restructuring exercise customer information including the Personal Information collected herein shall be transferred accordingly.
BUSINESS PARTNERS and THIRD-PARTY VENDORS:
BMYT may share your Personal Information to third party that BMYT may engage to perform certain tasks on its behalf, including but not limited to payment processing, data hosting, and data processing platforms.
We use non-identifiable Personal Information of Users in aggregate or anonymized form to build higher quality, more useful online services by performing statistical analysis of the collective characteristics and behaviour of our customers and visitors, and by measuring demographics and interests regarding specific areas of the Website. We may provide anonymous statistical information based on this data to suppliers, advertisers, affiliates and other current and potential business partners. We may also use such aggregate data to inform these third parties as to the number of people who have seen and clicked on links to their websites. Any Personal Information which we collect and which we may use in an aggregated format is our property. We may use it, in our sole discretion and without any compensation to you, for any legitimate purpose including without limitation the commercial sale thereof to third parties.
Occasionally, GI will hire a third party for market research, surveys etc. and will provide information to these third parties specifically for use in connection with these projects. The information (including aggregate cookie and tracking information) we provide to such third parties, alliance partners, or vendors are protected by confidentiality agreements and such information is to be used solely for completing the specific project, and in compliance with the applicable regulations.
DISCLOSURE OF INFORMATION
In addition to the circumstances described above, GI may disclose User's Personal Information if required to do so:
By law, required by any enforcement authority for investigation, by court order or in reference to any legal process;
To conduct our business;
For regulatory, internal compliance and audit exercise(s)
To secure our systems; or
To enforce or protect our rights or properties of GI or any or all of its affiliates, associates, employees, directors or officers or when we have reason to believe that disclosing Personal Information of User(s) is necessary to identify, contact or bring legal action against someone who may be causing interference with our rights or properties, whether intentionally or otherwise, or when anyone else could be harmed by such activities.
Such disclosure and storage may take place without your knowledge. In that case, we shall not be liable to you or any third party for any damages howsoever arising from such disclosure and storage.
H. USER GENERATED CONTENT
BMYT provides an option to its users to post their experiences by way of reviews, ratings and general poll questions. The customers also have an option of posting questions w.r.t a service offered by BMYT or post answers to questions raised by other users. BMYT may also hire a third party to contact you and gather feedback about your recent booking with BMYT. Though the participation in the feedback process is purely optional, you may still receive emails, notifications (app, sms, Whatsapp or any other messaging service) for you to share your review(s), answer questions posted by other users or a. The reviews may be written or in a video format. The reviews written or posted may also be visible on other travel or travel related platforms.
The UGC that BMYT collects may be of the following kinds:
Review and Ratings
Question and Answers
Crowd Source Data Collection (poll questions).
Each User who posts review or ratings, Q&A, photographs shall have a profile, which other Users will be able to access. Other Users may be able to view the number of trips, reviews written, questions asked and answered and photographs posted.
I. HOW CAN YOU OPT-OUT OF RECEIVING OUR PROMOTIONAL E-MAILS?
You will occasionally receive e-mail updates from us about fare sales in your area, special offers, new BMYT services, and other noteworthy items. We hope you will find these updates interesting and informative. If you wish not to receive them, please click on the "unsubscribe" link or follow the instructions in each e-mail message.
J. PERMISSIONS REQUIRED FOR USING OUR MOBILE APPLICATIONS
When the BMYT app is installed on your phone or tablet, a list of permissions appear and are needed for the app to function effectively. There is no option to customize the list. The permissions that BMYT requires and the data that shall be accessed and its use is as below:
Device & App history: We need your device permission to get information about your device, like OS (operating system) name, OS version, mobile network, hardware model, unique device identifier, preferred language, etc. Basis these inputs, we intend to optimize your travel booking experience, use OS specific capabilities to drive great in-funnel experiences using components of device’s OS, etc.
Identity: This permission enables us to know about details of your account(s) on your mobile device. We use this info to auto-fill your email ID’s and provide a typing free in-funnel experience. It helps us map email ID’s to a particular user to give you the benefit of exclusive travel offers, wallet cash-backs, etc. It also allows facilitating your Facebook and Google+ login.
Location: This permission enables us to give you the benefit of location specific deals and provide you a personalized in-funnel experience. When you launch BMYT app to make a travel booking, we auto-detect your location so that your nearest airport or city is auto-filled. We also require this permission to recommend you nearest hotels in case you are running late and want to make a quick last minute booking for the nearest hotel. Your options are personalized basis your locations. For international travel, this enables us to determine your time zone and provide information accordingly
SMS: If you allow us to access your SMS, we read your SMS to auto fill or prepopulate ‘OTP’ while making a transaction and to validate your mobile number. This provides you a seamless purchase experience while making a booking and you don’t need to move out of the app to read the SMS and then enter it in the app. SMS is also used to show a customer upcoming PNR status confirmations.
Phone: The app requires access to make phone calls so that you can make phone calls to hotels, airlines and our customer contact centres directly through the app.
Contacts: If you allow us to access your contacts, it enables us to provide a lot of social features to you such as sharing your hotel/ flight/ holidays with your friends, inviting your friends to try our app, send across referral links to your friends, etc. We may also use this information to make recommendations for hotels where your friends have stayed. This information will be stored on our servers and synced from your phone.
Photo/ Media/ Files: The libraries in the app use these permissions to allow map data to be saved to your phone's external storage, like SD cards. By saving map data locally, your phone doesn't need to re-download the same map data every time you use the app. This provides you a seamless Map based Hotel selection experience, even on low bandwidth network.
Wi-Fi connection information: When you allow us the permission to detect your Wi-Fi connection, we optimize your experience such as more detailing on maps, better image loading, more hotel/ flights/ package options to choose from, etc.
Device ID & Call information: This permission is used to detect your Android ID through which we can uniquely identify users. It also lets us know your contact details using which we pre-populate specific fields to ensure a seamless booking experience.
Calendar: This permission enables us to put your travel plan on your calendar.
Notifications: If you opt in for notifications, it enables us to send across exclusive deals, promotional offers, travel related updates, etc. on your device. If you do not opt for this, updates for your travel like PNR status, booking confirmation, refund (in case of cancellation), etc. will be sent through SMS.
Contacts: If you opt in for contacts permission, it enables us to provide a lot of social features to you such as sharing your hotel/ flight/ holidays with your friends, inviting your friends to try our app, send across referral links to your friends, etc. We will also use this information to make recommendations for hotels where your friends have stayed. This information will be stored on our servers and synced from your phone.
Location: This permission enables us to give you the benefit of location specific deals and provide you a personalized in-funnel experience. When you launch our app to make a travel booking, we auto-detect your location so that your nearest Airport or City is auto-filled. We require this permission to recommend your nearest hotels in case you are running late and want to make a quick last minute booking for the nearest hotel. Your options are personalized basis your locations. For international travel, this enables us to determine your time zone and provide information accordingly.
Camera & Photo Library: The access to your camera is required to enable you to be able to click, review and upload your profile photo. Alternately, access to your photo library is required for to enable you to upload an existing photograph as a profile picture.
K. HOW WE PROTECT YOUR PERSONAL INFORMATION?
All payments on the Website are secured. This means all Personal Information you provide is transmitted using TLS (Transport Layer Security) encryption. TSL is a proven coding system that lets your browser automatically encrypt, or scramble, data before you send it to us. Website has stringent security measures in place to protect the loss, misuse, and alteration of the information under our control. Whenever you change or access your account information, we offer the use of a secure server. Once your information is in our possession we adhere to strict security guidelines, protecting it against unauthorized access.
L. WITHDRAWAL OF CONSENT AND PERMISSION
You may withdraw your consent to submit any or all Personal Information or decline to provide any permissions on its Website as covered above at any time. In case, you choose to do so then your access to the Website may be limited, or we might not be able to provide the services to you. You may withdraw your consent by sending an email to
M. YOUR RIGHTS QUA PERSONAL INFORMATION
You may access your Personal Information from your user account with GI. You may also correct your personal information or delete such information (except some mandatory fields) from your user account directly. If you don’t have such a user account, then you write to
N. ELIGIBILITY TO TRANSACT WITH GI
You must at least 18 years of age to transact directly with BMYT and also to consent to the processing of your personal data.
BMYT shall endeavour to respond to all reasonable concerns and inquires.