Privacy Policy

Welcome to Sorath Travels. We are an online travel service provider specializing in group tours and private travel packages. We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, disclose, and safeguard your information when you use our online booking platform and services.

The data controller responsible for your personal information is:

2.1 Personal Information

We may collect the following personal information:

• Name and contact information (email address, phone number, mailing address)
• Travel preferences and requirements
• Passport information and travel documents (when required for bookings)
• Emergency contact information
• Account credentials (username, password)
• Payment information (processed through Google Business Profile)
• Special requests (dietary requirements, accessibility needs, etc.)
• Group tour participant information
• Customer reviews and feedback

2.2 Usage Data

We automatically collect certain information when you use our software:

• IP address
• Browser type and version
• Operating system
• Usage patterns and preferences
• Log data and analytics

2.3 Facebook Lead Ads Information

When you submit a lead form on Facebook, we collect the following information:

• Name
• Email address
• Phone number
• Travel Person Number
• Best Time to talk

By submitting a form through Facebook Lead Ads, you consent to Facebook sharing your information with us as described in Facebook's Data Policy and this Privacy Policy.

We use the collected information for the following purposes:

• To process and manage your tour bookings and travel packages
• To process payments through Google Business Profile
• To communicate with you about your bookings, itineraries, and travel updates
• To provide customer support and handle inquiries
• To send booking confirmations, reminders, and travel documents
• To organize group tours and coordinate with tour participants
• To customize private packages based on your preferences
• To improve our services and travel offerings
• To send promotional offers and travel deals (with your consent)
• To comply with legal obligations and travel regulations
• To prevent fraud and ensure security
• To respond to your travel inquiries submitted through Facebook Lead Ads
• To provide quotes and service information
• To follow up on your requests

Sorath Travels integrates with Google Business Profile to facilitate payment processing and booking management. When you use this integration:

• We access your Google Business Profile information as authorized by you
• Payment transactions for tour bookings are processed through Google's secure payment systems
• We comply with Google's API Services User Data Policy
• Your Google account credentials are managed directly by Google, not stored by us
• You may view our business profile and customer reviews through Google

Payment processing for tour bookings and travel packages is handled through Google Business Profile's payment systems. We do not directly store your complete payment card information. Payment data is encrypted and processed securely according to PCI-DSS standards through Google's infrastructure.

6.1 Security Measures

We implement appropriate technical and organizational security measures to protect your personal data:

• Encryption: All data transmitted between your device and our servers is encrypted using SSL/TLS protocols
• Data Encryption at Rest: Sensitive data is encrypted when stored in our databases
• Access Controls: Strict access controls limit who can access your personal information
• Authentication: Secure authentication mechanisms including password hashing and multi-factor authentication options
• Regular Security Audits: We conduct regular security assessments and vulnerability testing
• Secure Infrastructure: Our servers are hosted in secure data centers with physical security measures
• Monitoring: Continuous monitoring for suspicious activities and potential security breaches
• Employee Training: Our staff receives regular security and privacy training

6.2 Data Breach Notification

In the event of a data breach that affects your personal information, we will notify you and relevant authorities as required by applicable laws within 72 hours of becoming aware of the breach.

6.3 Security Limitations

While we implement strong security measures, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data.

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this privacy policy, unless a longer retention period is required by law. Your data is stored securely in our CRM system and retained for 6 months from the date of collection, after which it is securely deleted or anonymized unless a longer retention period is required for legal or business purposes.

We do not sell your personal information. We may share your data with:

• Google: For Google Business Profile integration and payment processing
• Travel Partners: Hotels, transport providers, tour operators, and other service providers necessary to fulfill your bookings
• Service Providers: Third-party vendors who assist in operating our platform (under strict confidentiality agreements)
• Group Tour Participants: Basic contact information may be shared among group tour participants for coordination purposes
• Legal Requirements: When required by law or to protect our rights and safety
• Business Transfers: In connection with a merger, acquisition, or sale of assets

You have the following rights regarding your personal data:

• Access: Request a copy of your personal data
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your personal data
• Portability: Request transfer of your data to another service
• Objection: Object to certain types of data processing
• Withdraw Consent: Withdraw previously given consent

To exercise these rights, please contact us using the information provided below.

We use cookies and similar tracking technologies to enhance your experience. You can control cookie settings through your browser preferences.

We collect leads through Facebook Lead Ads. When you submit a lead form on Facebook, the information you provide (including name, email address, phone number, travel person number, and best time to talk) is shared with us by Facebook in accordance with Facebook's Data Policy.

By submitting a form through Facebook Lead Ads, you consent to Facebook sharing your information with us as described in Facebook's Data Policy and this Privacy Policy. We use this information to respond to your travel inquiries, provide quotes and service information, and follow up on your requests.

For more information about how Facebook handles your data, please review Facebook's Data Policy at https://www.facebook.com/privacy/policy.

Our online booking platform is not intended for children under 13 years of age to use independently. We do not knowingly collect personal information from children under 13 without parental consent. Parents or guardians may provide information about minors traveling as part of a group tour or private package booking.

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers in compliance with applicable data protection laws.

We may update this privacy policy from time to time. We will notify you of any significant changes by posting the new privacy policy on this page and updating the "Last Updated" date.

If you have any questions about this privacy policy or our data practices, please contact us:

For privacy concerns specifically: Please contact us at privacy@sorathtravels.com or call us at +91 9723219994.

This privacy policy is designed to comply with:

• General Data Protection Regulation (GDPR)
• Google API Services User Data Policy
• Other applicable privacy laws and regulations