Privacy Policy
Last updated: February 2026 · Effective immediately upon registration
Table of Contents
Information We Collect
We collect information you provide directly when using Trivasta, as well as data generated automatically through your use of our platform.
Information you provide:
- Account details: name, email address, username and password
- Trip planning data: destinations, dates, budget preferences and travel style
- Payment information: processed securely by Razorpay — we never store card details
- Agency information: business name, location, description and contact details
- Communications: messages sent through our platform between users and agencies
Information collected automatically:
- Device information: browser type, operating system, IP address
- Usage data: pages visited, features used, time spent on platform
- Cookies and similar tracking technologies (see Section 4)
How We Use Your Information
- To generate personalized AI travel itineraries based on your preferences
- To connect you with relevant travel agencies and facilitate bookings
- To process payments and send booking confirmations
- To send service-related communications (booking updates, receipts)
- To improve our AI models and platform features
- To prevent fraud and ensure platform security
- To comply with legal obligations
We do not use your data for targeted advertising and we never sell your personal information.
Information Sharing
We share your information only in the following limited circumstances:
- With travel agencies: When you request offers, agencies see your trip requirements (destination, duration, budget, travel type) but not your personal contact details until you confirm a booking
- Payment processors: Razorpay receives payment data necessary to process transactions
- AI service providers: Trip planning data is sent to Groq/Google Gemini APIs to generate itineraries — no personal identifiers are included
- Legal requirements: When required by law, court order or government authority
- Business transfers: In the event of a merger or acquisition, with appropriate privacy protections
Cookies & Tracking
Trivasta uses cookies to maintain your login session, remember preferences and analyse platform usage. We use:
- Essential cookies: Required for login sessions and CSRF security — cannot be disabled
- Analytics cookies: Help us understand how users navigate the platform (anonymised)
- Preference cookies: Remember your settings and preferences
You can control cookie settings through your browser. Disabling essential cookies will prevent you from logging in.
Data Security
We implement industry-standard security measures to protect your information:
- All data transmitted via 256-bit SSL/TLS encryption
- Passwords hashed using Django's PBKDF2 algorithm with SHA256
- Payment data handled exclusively by PCI-DSS compliant Razorpay
- Regular security audits and vulnerability assessments
- Access to personal data restricted to authorised team members only
No system is perfectly secure. In the event of a data breach affecting your rights, we will notify you within 72 hours.
Your Rights
Under applicable Indian data protection law, you have the right to:
- Access: Request a copy of all personal data we hold about you
- Correction: Request correction of inaccurate or incomplete data
- Deletion: Request deletion of your account and associated data
- Portability: Request your data in a machine-readable format
- Objection: Object to processing of your data for marketing purposes
To exercise any of these rights, email us at privacy@trivasta.com. We respond within 30 days.
Data Retention
We retain your personal data for as long as your account is active. After account deletion:
- Profile data deleted within 30 days
- Booking and payment records retained for 7 years (legal requirement)
- AI-generated itineraries anonymised and may be retained for model improvement
- Backup copies purged within 90 days
Children's Privacy
Trivasta is not intended for users under 18 years of age. We do not knowingly collect personal information from minors. If you believe a minor has created an account, please contact us immediately at privacy@trivasta.com.
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify registered users of material changes via email at least 14 days before they take effect. Continued use of Trivasta after changes constitutes acceptance of the updated policy.
Contact Us
For any privacy-related questions or to exercise your data rights:
- Email: privacy@trivasta.com
- Founder: Surya Pramanik — leosuryaof7@gmail.com
- Response time: within 30 business days