Privacy Policy
Overview
At Avoota, your privacy is fundamental to how we build our platform. This Privacy Policy explains what data we collect, why we collect it, how we use it, and the choices you have over your information when you use Avoota's hotel booking platform — including our website, mobile apps, and related services.
Avoota Travel Technologies Pvt. Ltd. (“Avoota”, “we”, “us”) is the data controller responsible for your personal data. By using our platform, you acknowledge this policy. If you do not agree, please discontinue use of our services.
Security First
We use industry-standard encryption and PCI-DSS compliant payment handling to protect your data.
We Don't Sell Your Data
We never sell your personal information to advertisers or third parties for their own marketing use.
You're in Control
Access, correct, or delete your personal data anytime from your account settings or by contacting us.
1 Information We Collect
We collect the following categories of personal information to provide, improve, and personalise our hotel booking services:
| Category | Examples | Purpose |
|---|---|---|
| Identity Data | Full name, date of birth, nationality | Account creation, booking fulfilment, ID verification |
| Contact Data | Email address, phone number, billing/shipping address | Booking confirmations, customer support, notifications |
| Booking Data | Check-in/out dates, room type, number of guests, special requests | Reservation management, hotel communication |
| Payment Data | Card type, masked card number, UPI ID, transaction ID | Payment processing (we do not store full card numbers) |
| Usage Data | Pages visited, search queries, clicks, session duration | Platform improvement, personalisation |
| Device & Technical Data | IP address, browser type, OS, device ID, location (if permitted) | Security, fraud prevention, performance optimisation |
| Communications Data | Support chat transcripts, emails, call recordings | Customer service, dispute resolution, quality assurance |
| Preferences & Reviews | Saved hotels, wishlist, written reviews, star ratings | Personalised recommendations, community trust |
2 How We Collect Your Information
2.1 Directly from You
When you register for an account, make a booking, contact our support team, submit a review, or fill in any form on our platform, you provide us with personal data directly.
2.2 Automatically
As you use Avoota, we automatically collect technical and usage data via cookies, web beacons, pixels, and similar tracking technologies. This includes your IP address, browsing behaviour on our platform, and device information.
2.3 From Third Parties
- Hotel & supply partners (TBO and others) — To confirm availability and pricing.
- Payment gateways — Transaction confirmation data.
- Social login providers — If you sign in with Google or another social account, we receive your name and email as permitted by your social profile settings.
- Analytics providers — Aggregated, anonymised usage insights from Google Analytics and similar tools.
- Fraud prevention services — To protect against fraudulent transactions.
3 How We Use Your Personal Data
We use your personal data only for legitimate purposes with an appropriate legal basis (contract, consent, legal obligation, or legitimate interest). Key uses include:
- Processing your bookings — Confirming reservations, issuing vouchers, communicating with hotels on your behalf.
- Account management — Creating and maintaining your Avoota profile, managing preferences, and providing access to booking history.
- Payment processing — Facilitating secure transactions and refunds.
- Customer support — Resolving queries, complaints, and disputes.
- Platform improvement — Analysing how users interact with Avoota to fix bugs, improve features, and optimise performance.
- Communications — Sending booking confirmations, check-in reminders, offer alerts (with your consent), and policy updates.
- Legal compliance — Meeting obligations under Indian law, tax regulations, and regulatory requirements.
- Fraud & security — Detecting and preventing fraudulent, abusive, or unauthorised activity.
4 Personalisation & Advertising
We use your data to personalise your experience on Avoota — showing relevant hotels, destinations, and deals based on your search history, past bookings, and browsing behaviour.
We also display travel-related advertisements from partner brands (e.g., airlines, travel insurance, car rentals) on our platform. These are served based on contextual and interest-based signals derived from your usage data.
You can manage your personalisation preferences and marketing consent in your Account Settings → Privacy.
5 Sharing Your Information
We share your personal data only with trusted parties as necessary to provide our services:
5.1 Hotels & Accommodation Providers
When you make a booking, we share relevant guest details (name, contact, arrival date, special requests) with the hotel to fulfil your reservation.
5.2 Supply & Technology Partners
We share data with our supply partners (including TBO as our primary inventory and technology provider) strictly for the purpose of fetching live rates, availability, and completing reservations.
5.3 Payment Processors
Payment data is shared with our PCI-DSS compliant payment gateway partners (e.g., Razorpay, PayU) solely to process transactions.
5.4 Service Providers
We engage trusted third-party service providers for cloud hosting, email delivery, analytics, fraud detection, and customer support tools. These providers process your data on our behalf under strict data processing agreements.
5.5 Legal & Regulatory
We may disclose your data to government authorities, law enforcement, or courts when required by law, a valid legal process, or to protect the rights and safety of Avoota and its users.
6 Your Privacy Rights
Under applicable data protection laws (including the Digital Personal Data Protection Act, 2023), you have the following rights regarding your personal data:
Request a copy of the personal data we hold about you.
Ask us to correct inaccurate or incomplete personal data.
Request deletion of your personal data, subject to legal retention requirements.
Object to processing of your data for direct marketing or profiling.
Receive your data in a structured, machine-readable format.
Request restriction of certain processing activities while a complaint is under review.
Withdraw any previously given consent for marketing or data processing at any time.
Lodge a complaint with the Data Protection Board of India or a relevant authority.
To exercise any of these rights, contact our Privacy Team at privacy@avoota.com. We will respond within 30 days.
7 Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, as outlined in this policy, or as required by applicable law.
- Booking records — Retained for 7 years as required by Indian tax and financial regulations.
- Account data — Retained for the duration of your account plus 2 years after closure.
- Communications — Support emails and chat transcripts retained for 3 years.
- Analytics data — Aggregated, anonymised analytics data may be retained indefinitely as it cannot identify you.
When your data is no longer required, we securely delete or anonymise it.
8 Cookies & Tracking Technologies
Avoota uses cookies and similar technologies (web beacons, pixels, local storage) to operate and improve our platform. These help us:
- Keep you logged in across sessions.
- Remember your search preferences and wishlisted properties.
- Analyse traffic patterns and measure the effectiveness of our features.
- Serve relevant personalised content and offers.
- Detect and prevent fraud and abusive activity.
Cookie Categories
- Essential cookies — Required for the platform to function. Cannot be disabled.
- Functional cookies — Remember your preferences (language, currency, saved searches).
- Analytics cookies — Help us understand how users interact with Avoota (e.g., Google Analytics).
- Marketing cookies — Used to show you relevant ads and measure campaign effectiveness.
You can manage cookie preferences through your browser settings or via our Cookie Preferences Centre. Disabling non-essential cookies may affect some platform features.
9 Data Security
We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it, including:
- SSL/TLS encryption for all data transmitted between your device and our servers.
- PCI-DSS compliant payment processing — we do not store full card numbers on our systems.
- Regular security audits and penetration testing.
- Role-based access controls limiting who within Avoota can access your data.
- Multi-factor authentication options for user accounts.
Despite our best efforts, no system is 100% secure. In the unlikely event of a data breach that poses a risk to your rights, we will notify you and relevant authorities in accordance with applicable law, typically within 72 hours of becoming aware.
10 Children's Privacy
Avoota's services are intended for users who are 18 years of age or older. We do not knowingly collect personal data from children under 18. If we become aware that a minor has provided us with personal information, we will promptly delete that data and close the associated account.
If you believe a child under 18 has registered on Avoota, please contact us immediately at privacy@avoota.com.
11 Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, services, or applicable law. When we make material changes, we will:
- Update the “Effective from” date at the top of this page.
- Send you an email notification if the changes significantly affect how we process your data.
- Display a prominent notice on our platform for at least 30 days before changes take effect.
We encourage you to review this policy periodically. Continued use of Avoota after changes take effect constitutes your acceptance of the revised policy.
12 Contact Us & Grievance Officer
If you have questions, concerns, or requests regarding this Privacy Policy or the handling of your personal data, please contact:
Avoota Travel Technologies Pvt. Ltd.
Tirupati, Andhra Pradesh, India
📧 Email: privacy@avoota.com
📧 Support: support@avoota.com
⏰ Response time: Within 30 business days
In accordance with the Information Technology Act, 2000 and the Digital Personal Data Protection Act, 2023, our Grievance Officer will acknowledge your complaint within 24 hours and resolve it within 30 days.
You also have the right to escalate complaints to the Data Protection Board of India if you feel your concerns have not been adequately addressed.

