Privacy Policy
Trip To Temples

Section 1 Who We Are and Why This Policy Exists

This Privacy Policy is published by Divine Mantra Private Limited, incorporated under the Companies Act, 2013, having its registered office at 201, JOP Plaza, Sector 18, Noida – 201301, Uttar Pradesh, India. We operate under the brand name Trip To Temples through the website kailashmansarovaryatra.in.

Legal Entity: Divine Mantra Private Limited, 201, JOP Plaza, Sector 18, Noida – 201301, UP, India. Brand: Trip To Temples.

Contact for Privacy Matters: Email: info@kailashmansarovaryatra.in  |  Phone: +91-8510007751 / +91-9871144976  |  Website: kailashmansarovaryatra.in

This policy governs the collection, storage, processing, use, disclosure and protection of personal information submitted by visitors and users of our website and pilgrimage services. It is published in compliance with:

1. The Information Technology Act, 2000 and the IT (Amendment) Act, 2008
2. The IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (SPDI Rules)
3. The Consumer Protection Act, 2019 and Consumer Protection (E-Commerce) Rules, 2020
4. The IT (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021

Your Consent: By accessing or using this website, making an enquiry or booking a pilgrimage package, you agree to the terms of this Privacy Policy. If you do not agree, please discontinue use of this website and contact us at info@kailashmansarovaryatra.in for any bookings already made.

Section 2 What Personal Information We Collect

We collect the following categories of personal information — directly from you and, in certain cases, automatically through your use of the website.

• Basic Contact Information: Full name, mobile number (Indian and international), email address, city and state of residence, preferred departure date and package.
• Booking & Travel Information: Passport number, date of issue, expiry and place of issue (mandatory for China/Tibet visa processing). Date of birth, age, gender, Aadhaar Card number (required for Adi Kailash inner-line permits), Voter ID (accepted for Aerial Darshan), number of travellers, and emergency contact details.
• Medical & Health Information (SPDI): Medical fitness certificate details, pre-existing conditions disclosed for high-altitude clearance, blood group, and any chronic conditions declared voluntarily for safety purposes. This is classified as Sensitive Personal Data under the SPDI Rules, 2011 and is handled with heightened protection.
• Financial Information (SPDI): Bank account details or UPI ID (for EMI or refund processing only), payment transaction reference numbers, and GST number (if booking under a business entity). We do not store full credit or debit card numbers on our servers — payment gateway transactions are handled by PCI-DSS compliant processors.
• Communication Records: WhatsApp messages sent to +91-8510007751 or +91-9871144976, enquiry form submissions on the website, and email correspondence with info@kailashmansarovaryatra.in.
• Information Collected Automatically: IP address and approximate geolocation, browser type and version, device type, pages visited and time spent, referring URL, and cookies and similar tracking technologies.

Section 3 Why We Collect It — Purpose of Processing

We collect and process your personal information strictly for the following purposes. We do not use your information for any purpose beyond what is listed here.

• Booking & Visa Processing: Your name, passport details, medical certificate and contact information are required to register you on a Yatra batch and to process Chinese Group Visa, Tibet Travel Permit and Alien Travel Permit applications.
• Booking Communications: We use your mobile number and email to send booking confirmations, pre-departure briefings, batch updates, document checklists, weather advisories and emergency communications.
• Government Subsidy Assistance: If you are eligible for state government subsidies, we assist in preparing your Yatra Completion Certificate and related documentation, which requires your Aadhaar, boarding passes, permit copies and bank details.
• Legal Compliance: Passport and identity documents are submitted to the Chinese Embassy, Tibet Tourism Bureau and the Uttarakhand Administration as mandated by law. We do not control how these government bodies process your information.
• Emergency Support: Your emergency contact details, blood group and medical information are held by your Tour Manager throughout the journey for use only in the event of a medical emergency.
• Marketing (With Consent): With your explicit consent, we may send you information about new packages, seasonal offers and Yatra updates by WhatsApp, email or SMS. You may opt out of marketing communications at any time.

Service Communications Cannot Be Opted Out: Booking updates, itinerary changes, weather alerts and safety advisories are essential service communications. These are not marketing communications and cannot be opted out of while your booking is active.

Section 4 Legal Basis for Processing

As a matter of transparency and in alignment with applicable Indian law, we process your personal information on the following legal bases.

• Contract Performance: Processing necessary to provide the pilgrimage services you have booked. Without this processing, we cannot complete your booking or deliver the service.
• Legal Obligation: Processing required to comply with visa, permit and government subsidy regulations imposed by the Indian government and Chinese authorities.
• Legitimate Interests: Processing for fraud prevention, security and improving our services, where our legitimate business interest does not override your rights and interests.
• Consent: Processing for marketing communications, where your prior and explicit consent has been obtained. You may withdraw this consent at any time by emailing us or replying STOP to any communication.

Section 5 Sensitive Personal Data or Information

Under Rule 3 of the SPDI Rules, 2011, certain categories of information we collect are classified as Sensitive Personal Data or Information (SPDI) and attract a higher standard of protection.

SPDI Category	What We Hold	Why We Hold It
Medical / Health Information	Fitness certificate details, chronic conditions declared, blood group	High-altitude clearance; emergency support during journey
Financial Information	Bank account details used for refunds; UPI ID if applicable	Processing of refunds in accordance with cancellation policy
Biometric Data	Aadhaar-linked data (if authentication is used)	Inner-line permit verification for Adi Kailash route

1. SPDI is collected only with your prior written or digital consent.
2. SPDI is used only for the stated purpose and is not shared beyond what is strictly necessary.
3. You have the right to withdraw consent to use of SPDI at any time — however, withdrawal may affect our ability to complete your booking.
4. SPDI is retained only for the period necessary to fulfil the booking purpose and comply with applicable law, after which it is securely deleted.
5. Access to SPDI is restricted to designated staff only and is not accessible to general marketing or administrative personnel.

Section 6 Who We Share Your Information With

We do not sell, rent or trade your personal information to any third party for commercial purposes. We share your information only in the following limited and necessary circumstances.

We Never Sell Your Data: We do not share your information with advertising networks, data brokers, social media platforms for targeting purposes, or any other commercial third parties.

• Chinese Embassy / Consulate: Your passport, photographs and application forms are submitted to the Chinese Embassy in India for Group Visa processing. This is a mandatory legal requirement outside our control.
• Tibet Tourism Bureau (Lhasa): Your passport and visa details are submitted for Tibet Travel Permit (TTP) processing through our licensed Tibetan partner agency.
• Uttarakhand Administration / ITBP: For Adi Kailash route bookings, your Aadhaar and identity documents are submitted for inner-line permit verification as required by the Government of India.
• Payment Gateway Processors: Your payment information is processed by PCI-DSS compliant payment gateway operators. We do not store full card details on our servers.
• Ground Operations Partners (Nepal & Tibet): Your name, passport number and arrival details are shared with our Nepalese and Tibetan ground operations partners strictly for logistics and permit coordination. These partners are bound by confidentiality obligations.
• Emergency Services: In the event of a medical emergency, your name, blood group, emergency contact and medical details may be shared with local emergency services, hospitals or the Indian Embassy.

Section 7 Data Retention

We retain your personal information only for as long as is necessary for the purpose for which it was collected, or as required by applicable law. After the applicable retention period, your data is securely and permanently deleted.

Data Category	Retention Period	Reason
Booking records and correspondence	7 years from date of travel	GST compliance; Consumer Protection Act
Passport and permit copies	3 years from date of travel	Possible subsidy and legal queries
Medical certificates	2 years from date of travel	Liability documentation
Payment transaction records	7 years	IT Act and GST requirements
Marketing consent records	Until withdrawn + 1 year	Proof of consent
Website analytics (anonymised)	26 months	Standard analytics retention
Emergency contact information	Deleted within 30 days of journey completion	No retention required after travel

Section 8 Cookies and Tracking Technologies

Our website uses cookies and similar technologies to improve your experience. You can control and delete cookies through your browser settings. Detailed cookie settings can be managed through the cookie consent banner on your first visit.

• Strictly Necessary Cookies: Required for the website to function. These include session cookies that maintain your browsing session. Disabling these will prevent the site from working properly. These cannot be disabled.
• Analytics Cookies (Google Analytics): Used to understand how visitors use the website — pages visited, time spent, source of traffic. Analytics data is anonymised and does not identify individual users.
• Preference Cookies: Used to remember your language and region preferences so you do not have to reset them on each visit.

Marketing Cookies Require Your Consent: Marketing cookies are used to show relevant content. These are only placed on your device with your explicit consent, which you can provide or withdraw at any time through the cookie settings on the website.

Section 9 Your Rights

Under Indian law and as a matter of our policy, you have the following rights with respect to your personal information. To exercise any of these rights, write to us at info@kailashmansarovaryatra.in with the subject line "Privacy Rights Request — [Your Name]". We will respond within 30 days.

• Right to Access: You may request a copy of the personal information we hold about you at any time.
• Right to Correction: You may request correction of any inaccurate or incomplete information we hold. For bookings in progress, corrections must be made promptly as visa and permit documents require accurate details.
• Right to Withdraw Consent: You may withdraw consent to marketing communications at any time by emailing info@kailashmansarovaryatra.in or by replying STOP to any WhatsApp or SMS message.
• Right to Deletion: You may request deletion of your personal information, subject to our legal obligations to retain certain records (see the Data Retention section). Deletion requests for active booking records cannot be fulfilled until after the completion of the journey and the applicable retention period.
• Right to Grievance Redressal: In accordance with Rule 5(9) of the SPDI Rules, 2011, you have the right to address a grievance to our designated Grievance Officer (see the Grievance Officer section).

Section 10 Data Security

We implement reasonable security practices as required under Rule 8 of the SPDI Rules, 2011. While we take all reasonable measures to protect your information, no method of electronic transmission or storage is 100% secure.

• SSL/TLS Encryption: All data transmitted through the website is encrypted using SSL/TLS protocols, protecting your information in transit from interception.
• Need-to-Know Access: Access to personal data is restricted on a need-to-know basis. Sensitive personal data is accessible only to designated staff — not to general marketing or administrative personnel.
• Secure Systems: Booking records are held on secure, password-protected systems. Regular security reviews of our data handling processes are conducted to ensure continued compliance.
• PCI-DSS Payment Processing: All payment transactions are handled by third-party processors with PCI-DSS compliance. We do not store full credit or debit card numbers on our servers at any time.

Breach Notification: In the event of a data security breach affecting your personal information, we will notify you promptly in accordance with applicable law. No electronic security measure can guarantee 100% protection — we encourage you to use strong passwords and to notify us immediately if you suspect unauthorised access to your data.

Our website contains links to third-party websites including government portals (kmy.gov.in for MEA Yatra registration), payment gateways, and social media platforms. We are not responsible for the privacy practices of these third-party websites and encourage you to read their privacy policies before providing any personal information.

Section 11 Grievance Officer

In accordance with the Information Technology Act, 2000 and the SPDI Rules, 2011, we have designated a Grievance Officer to address privacy-related complaints and queries.

Grievance Officer: Ashutosh Mishra, Sales Manager, Divine Mantra Private Limited
Email: info@kailashmansarovaryatra.in  |  Phone: +91-8510007751
Address: 201, JOP Plaza, Sector 18, Noida – 201301, UP, India

Response Timeline: We will respond to all privacy complaints within 30 days of receipt. If your grievance is not resolved to your satisfaction within 30 days, you may approach the Adjudicating Officer appointed under Section 46 of the Information Technology Act, 2000.

How to Contact Us for Privacy Rights: To exercise any of your privacy rights or to raise a complaint, write to us at info@kailashmansarovaryatra.in with the subject line: "Privacy Rights Request — [Your Full Name]". We will acknowledge your request within 5 working days and respond fully within 30 days.

Section 12 Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

1. When we make material changes, we will update the "Last Updated" date at the top of this page.
2. Where appropriate, we will notify you of material changes by email or WhatsApp.
3. Your continued use of the website after any changes constitutes acceptance of the updated Privacy Policy.