Privacy Policy
Trekking Miles Adventure Tours LLP
Effective Date: 1st July 2025
Last Updated: 1st July 2025
GSTIN: 32AASFT1159M1ZP
Company Details
Legal Name
Trekking Miles Adventure Tours LLP
Corporate Office
First Floor, ISC, Kerala Startup Mission, Kinfra, Kochi — 683503
Registered Address
XXI-152, PANADANS, Cochin University Post, Kalamassery, Ernakulam, Kerala — 682022
Support
+91 9633779922
1. Introduction
Trekking Miles Adventure Tours LLP ('Trekking Miles', 'we', 'our', or 'us') operates as a responsible sustainable tourism platform connecting travellers with local hosts, eco-experiences, farm stays, wellness retreats, cultural journeys, and adventure activities across India.
This Privacy Policy explains how we collect, use, store, share, and protect your personal information when you visit www.trekkingmiles.com, use our mobile application, or engage with any of our services ('Platform').
This Policy is governed by and compliant with the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 ('SPDI Rules'), and the Digital Personal Data Protection Act, 2023 ('DPDPA'), as applicable.
By accessing or using our Platform, you consent to the practices described in this Privacy Policy. If you do not agree, please discontinue use of the Platform.
2. Information We Collect
2.1 Information You Provide Directly
- Full name, email address, phone number, and date of birth when you register or sign up.
- Travel preferences, dietary requirements, and accessibility needs when making bookings.
- Identity documents (Aadhaar, Passport, PAN) where required for verification or group travel.
- Payment information (processed securely via third-party payment gateways; we do not store card details).
- Communications you send us — enquiries, reviews, complaints, or feedback.
- Host registration details including business information, experience descriptions, and bank account details for payouts.
2.2 Information We Collect Automatically
- IP address, browser type, device type, and operating system.
- Pages visited, time spent on pages, referring URLs, and clickstream data.
- Location data (only when you grant explicit permission on your device).
- Cookies and similar tracking technologies (see Section 8).
2.3 Information from Third Parties
- Login data if you choose to sign in via Google or other OAuth providers.
- Analytics data from Google Analytics and Meta Pixel to understand platform usage.
- Payment confirmation data from our payment gateway partners.
3. How We Use Your Information
We use your personal data only for lawful purposes and to the extent necessary. Specifically:
- To process bookings, payments, and issue confirmations and itineraries.
- To verify your identity and eligibility for certain experiences.
- To communicate with you about your bookings, account, and support requests.
- To send travel updates, curated offers, newsletters, and sustainable travel stories (you may opt out at any time).
- To improve our platform, troubleshoot technical issues, and develop new features.
- To conduct analytics and understand user behaviour for service improvement.
- To comply with legal obligations including tax records, GST filings, and regulatory requirements.
- To investigate and resolve disputes, enforce our Terms and Conditions, or respond to legal process.
- To onboard, verify, and manage host partners listing experiences on our Platform.
4. Legal Basis for Processing (DPDPA 2023)
Under the Digital Personal Data Protection Act, 2023, we process your personal data on the following lawful bases:
- Consent — where you have explicitly agreed to processing (e.g., marketing emails, location access).
- Contractual necessity — to fulfil a booking or service agreement with you.
- Legal obligation — where we are required by law to retain or process your data (e.g., GST records for 7 years).
- Legitimate interests — for platform security, fraud prevention, and analytics, where such interests do not override your rights.
You have the right to withdraw consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.
5. Sharing of Your Information
We do not sell your personal data. We may share your information in the following circumstances:
5.1 With Host Partners
When you make a booking, necessary details (name, contact number, group size, travel dates, dietary or accessibility needs) are shared with the relevant host to facilitate your experience. Hosts are bound by confidentiality obligations and may not use your data for any purpose beyond fulfilling the booked experience.
5.2 With Service Providers
We engage trusted third-party service providers for payment processing (Razorpay or equivalent), cloud hosting, email delivery, customer support tools, and analytics. These partners are bound by data processing agreements and may only use data as instructed by us.
5.3 With Authorities
We may disclose your information to law enforcement agencies, courts, or government authorities in India if required to do so by applicable law, court order, or to protect the rights, property, or safety of Trekking Miles, our users, or the public.
5.4 Business Transfers
In the event of a merger, acquisition, restructuring, or sale of assets, your data may be transferred to the successor entity. We will notify you before such a transfer takes effect and provide you the option to delete your account.
6. Data Retention
We retain your personal data for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable law:
- Account data is retained for the duration of your account and for 3 years after account deletion.
- Booking and transaction records are retained for 7 years as required under GST and accounting regulations.
- Marketing preferences and opt-out records are retained for 3 years.
- Grievance and complaint records are retained for 2 years from resolution.
After the applicable retention period, your data will be securely deleted or anonymised.
7. Your Rights as a Data Principal
Under the DPDPA 2023 and SPDI Rules 2011, you have the following rights:
- Right to Access — Request a summary of personal data held by us and how it is processed.
- Right to Correction — Request correction of inaccurate or incomplete personal data.
- Right to Erasure — Request deletion of your personal data, subject to legal retention requirements.
- Right to Grievance Redressal — Raise a grievance with our Grievance Officer (details below).
- Right to Nominate — Nominate another individual to exercise your rights in the event of death or incapacity.
- Right to Withdraw Consent — Withdraw consent previously given for specific processing activities.
To exercise any of these rights, please write to us at Connect@trekkingmiles.com. We will respond within 30 days. For complex requests, we may require identity verification before processing.
8. Cookies and Tracking Technologies
Our Platform uses cookies and similar technologies to enhance your experience:
- Essential Cookies — Required for the Platform to function (login sessions, booking cart).
- Analytics Cookies — Google Analytics tracks aggregated usage data to help us improve the Platform.
- Marketing Cookies — Meta Pixel enables us to measure the effectiveness of our advertising campaigns.
- Preference Cookies — Remember your language, location, and display preferences.
You may manage cookie preferences through your browser settings. A cookie consent banner is presented to all users on first visit.
9. Data Security
We implement reasonable technical and organisational measures to protect your personal data against unauthorised access, disclosure, alteration, or destruction:
- HTTPS encryption for all data transmitted between your browser and our servers.
- Secure cloud storage with access controls and audit logs.
- PCI-DSS compliant payment processing through third-party gateways.
- Regular security reviews and access management practices.
No method of transmission over the internet is completely secure. In the event of a data breach, we will notify affected users as required by law.
10. Cross-Border Data Transfers
Trekking Miles primarily operates within India and processes data on servers located in India. Some third-party service providers (such as Google Analytics and Meta) may process data outside India. Where such transfers occur, we ensure appropriate safeguards are in place in compliance with applicable Indian data protection law.
11. Children's Privacy
Our Platform is not directed at children under the age of 18. We do not knowingly collect personal data from minors without verifiable parental consent. Group bookings that include minors must be made by a responsible adult, who takes responsibility for the minor's participation.
If you believe we have inadvertently collected data from a minor, please contact us immediately at Support@trekkingmiles.com and we will delete such data promptly.
12. Third-Party Links
Our Platform may contain links to third-party websites, social media pages, or partner platforms. This Privacy Policy does not apply to those external sites. We encourage you to read the privacy policies of any third-party site you visit. We are not responsible for the privacy practices or content of third-party sites.
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal obligations, or the services we offer. When we make material changes, we will:
- Update the 'Last Updated' date at the top of this Policy.
- Notify registered users via email or a prominent notice on the Platform.
- Where required by law, obtain fresh consent for new processing activities.
We encourage you to review this Policy periodically. Continued use of the Platform after changes are notified constitutes acceptance of the updated Policy.
14. Contact Us & Grievance Officer
Corporate Address
Trekking Miles Adventure Tours LLP
First Floor, ISC, Kerala Startup Mission, Kinfra, Kochi — 683503