TrackInn
TrackInn
Log in Sign up

Legal

Privacy Policy

Last Updated: March 1, 2026 · Effective Date: March 1, 2026

Your privacy matters. TrackInn is committed to protecting your personal information and being transparent about how we collect and use it. This policy explains our practices clearly -- no legal jargon.

1. Overview

TRACKINN Technologies Pvt. Ltd. ("TrackInn", "we", "us", or "our") operates a hotel booking platform at trackinn.in. This Privacy Policy explains how we collect, use, store, and protect information about guests, travellers, and visitors to our website and platform.

By using the TrackInn platform, you agree to the collection and use of information in accordance with this policy. If you do not agree, please discontinue use of our services.

2. Data We Collect

We collect the following categories of information:

2.1 Guest / Traveller Data

  • Full name, email address, and phone number during registration
  • Aadhaar, PAN, Passport, or Driving License details (for KYC and SARAI compliance)
  • Check-in and check-out dates, room selection, and booking details
  • Payment information (card last 4 digits, UPI ID -- never full card numbers)
  • Family member details (name, phone, ID documents) added for group bookings
  • Profile photo, date of birth, gender, and address (optional)

2.2 Automatically Collected Data

  • Log data: IP address, browser type, time of access, pages viewed
  • Cookies and session data for authentication and preferences
  • Performance analytics to improve platform speed and stability

3. How We Use Your Data

We use the data we collect for the following purposes:

  • Service Delivery: To provide hotel search, booking, payment processing, and check-in features.
  • SARAI Compliance: Guest KYC data is transmitted to hotel properties for submission to the Ministry of Tourism's SARAI system as required by law.
  • Payment Processing: Booking payment data is processed via Razorpay in compliance with PCI-DSS standards.
  • Communication: We send booking confirmations, check-in reminders, and cancellation receipts. With your permission, we may send promotional updates.
  • Security: To detect and prevent fraudulent access or suspicious activity on the platform.
  • Product Improvement: Anonymized, aggregated usage data helps us build better features.

4. Data Sharing

We do not sell your personal data. We share data only in these specific circumstances:

  • Hotel Properties: Your booking details and KYC information are shared with the specific hotel you book with, for check-in and SARAI compliance.
  • Government & Legal Requirements: SARAI system (guest data as mandated by Indian law) and law enforcement when legally compelled.
  • Payment Processors: Razorpay receives minimal payment data required to process transactions. They are PCI-DSS compliant.
  • Cloud Infrastructure: Data is stored in India-based data centers.
  • No Advertising Partners: We do not share data with advertisers or data brokers.

5. Data Storage & Security

  • All data is stored within India's geographic boundaries.
  • Guest KYC documents (Aadhaar, Passport scans) are encrypted using AES-256 encryption.
  • Payment details are tokenized -- never stored in plaintext.
  • All data in transit is protected by TLS 1.3 encryption.
  • We conduct regular security audits and penetration tests.
  • Inactive accounts are deleted after 3 years of no login activity, with prior notice.

6. Your Rights

Under India's Digital Personal Data Protection (DPDP) Act and GDPR principles, you have the right to:

  • Access: Request a copy of all your personal data we hold.
  • Correction: Update or correct inaccurate information at any time via your profile settings or by contacting us.
  • Deletion: Request deletion of your account and associated data (subject to legal retention requirements).
  • Portability: Export your booking history and profile data.
  • Opt-out: Unsubscribe from marketing communications at any time via the unsubscribe link in emails.
  • Grievance Redressal: Contact our Grievance Officer within 30 days for any privacy concerns.

To exercise any of these rights, email us at privacy@trackinn.in with the subject "Data Rights Request".

7. Cookies, Local Storage & Tracking Technologies

TrackInn uses cookies and similar browser storage technologies. By using our platform, you consent to their use as described below.

7.1 Cookies We Set

Cookie Name Purpose Type Duration
sessionid Keeps you logged in Essential 14 days / browser close
csrftoken Prevents cross-site request forgery Essential 1 year
pms_token API authentication (stored in session) Essential Until logout

7.2 Third-Party Cookies

  • Google Sign-In / OAuth: When you use "Sign in with Google", Google sets cookies to manage the authentication session. These cookies are controlled by Google and governed by Google's Privacy Policy.
  • Razorpay Payment Gateway: During payment checkout, Razorpay may set cookies to secure and track the payment transaction. Governed by Razorpay's Privacy Policy.

7.3 What We Do NOT Use

  • No Google Analytics, Google Ads, or Google Tag Manager
  • No Meta/Facebook Pixel or any social media tracking pixels
  • No advertising, retargeting, or cross-site tracking cookies
  • No fingerprinting or invisible tracking technologies

7.4 Managing Cookies

You can manage, disable, or delete cookies through your browser settings. Disabling essential cookies (sessionid, csrftoken) will prevent you from logging in.

8. Google Sign-In & Third-Party Authentication

TrackInn offers "Sign in with Google" (Google OAuth 2.0) as an authentication option for guest accounts.

8.1 Data We Receive from Google

When you authenticate via Google, we receive the following information from your Google account:

  • Your full name (as set in your Google profile)
  • Your email address (primary Gmail or Google Workspace email)
  • Your profile picture URL (optional, used for avatar display)

8.2 What We Do NOT Access

  • Your Google password (never transmitted to us)
  • Your Gmail inbox, contacts, or calendar
  • Your Google Drive files or documents
  • Your Google search history or YouTube activity
  • Any data beyond the openid, email, and profile OAuth scopes

8.3 How We Use Google Data

  • To create a new TrackInn account using your Google email and name
  • To authenticate you on subsequent visits without requiring a password
  • To display your name within the TrackInn dashboard
  • We do not share your Google data with third parties

8.4 Revoking Google Access

You can disconnect Google Sign-In from your TrackInn account at any time:

  • Visit Google Account Permissions and remove TrackInn
  • This will not delete your TrackInn account -- you can still log in with email/password
  • To fully delete your account, contact us at privacy@trackinn.in

8.5 Google's Policies

Your use of Google Sign-In is additionally governed by:

9. Children's Privacy

TrackInn is designed for adult users. We do not knowingly collect personal data from individuals under 18 years of age. If we discover that a child has provided us with personal information, we will delete it immediately. Contact us at privacy@trackinn.in if you believe a child's data has been submitted.

10. DPDP Act Compliance (India)

TrackInn fully complies with India's Digital Personal Data Protection Act, 2023 (DPDP Act). Specifically:

  • We process personal data lawfully, with explicit consent or for legitimate purposes.
  • Our Data Fiduciary is TRACKINN Technologies Pvt. Ltd., registered in Bangalore, India.
  • Our Grievance Officer is available at: grievance@trackinn.in | +91 98765 43210
  • We respond to data grievances within 30 calendar days as mandated by the Act.
  • Cross-border data transfers (if any) comply with Section 16 of the DPDP Act.

11. Contact & Updates

For privacy-related queries, contact our Data Protection Officer:

privacy@trackinn.in
+91 98765 43210
TRACKINN Technologies Pvt. Ltd., WeWork Galaxy, 43 Residency Road, Bangalore -- 560025

We may update this Privacy Policy from time to time. We will notify registered users by email at least 30 days before any material changes take effect.