Privacy Policy

A. Information You Provide Directly

• Corporate & Account Data: Company name, GST registration details, authorized contact person's name, business address, email address, and phone numbers.
• Traveler Information: To process bookings, we act as a Data Processor for our B2B partners. We collect end-traveler data including full names, dates of birth, passport/visa details, gender, contact details, and frequent flyer/loyalty program information.
• Financial Data: Bank account details, corporate credit card information, wallet balances, and transaction histories required for billing, top-ups, and automated reconciliation.

B. Information Collected Automatically

• System & API Logs: IP addresses, browser types, operating systems, API request/response logs, timestamp data, and error rates.
• Usage Data: Information on how you interact with our dashboard, Travo Flex workflows, and AI resolution features.
• Cookies & Tracking: We use cookies and similar tracking technologies to maintain session states, remember preferences, and analyze platform traffic.

• Service Execution: To process real-time flight, hotel, and rail reservations across Global Distribution Systems (GDS) and aggregators.
• Workflow Automation: To facilitate rapid booking amendments, cancellations, and re-issuances via Travo Flex, minimizing manual intervention and financial leakage.
• AI & Real-Time Resolution: To power our AI Action Engine to detect anomalies, resolve ticketing discrepancies, and prevent GDS penalties.
• Account Management & Billing: To maintain corporate wallets, process invoices, and execute automated reconciliation.
• Security: To detect fraudulent activities, unauthorized API access, and ensure the integrity of our infrastructure.
• Legal & Regulatory Compliance: To comply with applicable tax laws, aviation security mandates, and government regulations.

• Suppliers & Travel Providers: Airlines, hotels, rail networks, and GDS platforms require specific traveler details to confirm and manage reservations.
• Payment Gateways: Secure third-party financial processors to handle corporate top-ups and billing.
• Cloud & Infrastructure Partners: Trusted third-party hosting and cybersecurity providers who support our technological infrastructure under strict confidentiality agreements.
• Legal Authorities: We may disclose data to law enforcement, regulators, or government agencies if compelled by a subpoena, court order, or formal legal requirement.

• End-to-end encryption for API transmissions (HTTPS/TLS).
• Encrypted database storage for sensitive traveler and financial data.
• Role-based access controls (RBAC) ensuring only authorized TravoMatrix personnel can access critical systems.
• Continuous monitoring of network traffic to prevent cyber threats and unauthorized intrusions.

• Access: Request a summary of the personal/business data we hold about you.
• Rectification: Update or correct inaccuracies in your account profile.
• Erasure: Request the deletion of your data (subject to our legal obligations to retain specific records).
• Withdraw Consent: Opt-out of non-essential communications or data processing.