Privacy Policy

Privacy policy

[Travomint] (“we,” “us,” “our”) is committed to safeguarding your privacy and ensuring that your personal information is handled responsibly, transparently, and securely. We understand the importance of maintaining your trust, and we take our obligations seriously.

A. This Privacy Policy explains in detail how we collect, use, disclose, store, and protect your personal information when you interact with us in any capacity. This includes when you use:

  • our websites and online booking platforms,
  • our mobile applications,
  • our customer service channels (phone, email, chat),
  • our social media pages,
  • marketing communications or promotional content you access,
  • any travel, booking, or related services we provide, and
  • any other platforms or tools through which we operate our travel service (collectively, the “Services”).

B. By accessing or using our Services, you acknowledge that you have read and understood this Privacy Policy and consent to the handling of your personal information as described herein.

PERSONAL DATA WE COLLECT

1. Information You Provide Directly

  • We collect the personal information you share with us when you:
    • Create an account or user profile
    • Make a booking or reservation
    • Provide payment information
    • Fill out an inquiry, booking, feedback, or registration form
    • Sign up for newsletters, promotions, or marketing updates
    • Contact our support team by phone, email, chat, or social media.
  • Participate in surveys, contests, or loyalty programs. This may include:
    • Full name
    • Email address
    • Phone number
    • Residential or mailing address
    • Date of birth
    • Gender (only if necessary for travel)
    • Passport details or identification documents
    • Nationality and visa-related information
    • Travel preferences, itineraries, and special requests
    • Transaction details and payment information
    • Information related to special assistance needs
  • We only ask for information that is required to provide our services and deliver a seamless travel experience.

2. Sensitive Information

  • We may collect certain types of sensitive information, but only when:
    • It is necessary to arrange your travel or related services, and
    • You voluntarily provide it or consent to its collection.

This may include:

  • Health or medical details required for travel;
  • Disability-related information for assistance.
  • Dietary preferences based on personal, cultural, or religious needs;
  • Special travel assistance requirements;
  • Any other information you choose to share that is sensitive in nature;
  • Such information is handled with the highest level of care and security.

3. Information Collected Automatically

  • When you use our website, mobile app, or other digital platforms, certain information is automatically collected. This includes your IP address, browser type and version, device type and operating system, access times, session duration, pages you view, navigation patterns, referring websites or links, location data (if enabled), and cookie identifiers or similar tracking technologies.
  • We use this information to improve the performance of our website and app, enhance your overall user experience, personalize content and offers, understand how users interact with our services through analytics, and maintain security while preventing fraudulent activity. You may adjust your browser or device settings at any time to manage cookies and tracking preferences.

4. Information from Third Parties

We may receive your personal information from third parties who assist us in delivering our services. This can include airlines, hotels, tour operators, and transportation partners involved in your travel arrangements, as well as payment gateways, financial institutions, fraud-prevention services, marketing partners, analytics providers, and publicly available sources such as social media. We may also receive information from family members, friends, employers, or agents who make bookings or inquiries on your behalf. When someone provides your information to us, we assume they have your permission; however, if this is not the case, please contact us so we can assist you.

5. How We Use Your Personal Information?

We use your personal information to provide and improve our services. This includes processing your bookings, reservations, cancellations, and payments; issuing confirmations, tickets, and itineraries; delivering customer support; and communicating important service-related updates or alerts. We also use your information to enhance user experience, improve website and app performance, conduct analytics, optimize our business operations, and prevent fraudulent or unlawful activity. Where permitted, we may also use your information to send marketing communications.

6. We process your information based on the following purposes

  • Your consent, when you choose to provide information for specific services
  • To deliver travel and booking services requested by you
  • To fulfil our contractual obligations when you make a booking
  • To comply with mandatory requirements, such as verification or reporting
  • For our legitimate business operations, such as analytics, optimization, and fraud prevention

7. Direct Marketing

1. We may send marketing communications about our services, promotions, offers, and travel updates where allowed. We will only send marketing messages such as emails, SMS alerts, or newsletters if you have opted in, or where you have not opted out in situations where soft opt-in rules apply.

2. You can unsubscribe at any time through:

  • The “unsubscribe” link in emails
  • Your account settings
  • Contacting us directly

3. We do not sell your personal information to any third party for marketing purposes.

8. Sharing and Disclosure

1. We do not sell personal data. We only share your information when necessary to deliver travel services, with your consent, when required for safety or compliance, or when working with trusted service providers.

2. We share information in the following situations:

  • To Provide Travel Services: Airlines, Hotels, Tour or transport operators, Visa and immigration service providers, Travel insurance partners, Payment processors.
  • With Your Consent: When you request optional or add-on services.
  • When Required: Government authorities, Border control agencies, Law enforcement, Regulatory, or reporting purposes.
  • Safety and Emergency Situations: To protect health, safety, or security.
  • Service Providers: We work with reliable external partners who help us with: Payment processing, IT hosting and cloud storage, Email and SMS delivery, Marketing support, Analytics, and fraud monitoring.

    • 3. All service providers are required to maintain strong privacy and security standards.

9. International Transfers

Where personal data is transferred across borders, we implement appropriate safeguards as required by applicable national law, including contractual protections and security measures.

European Union / European Economic Area (EEA)

If you are located in the European Union or European Economic Area, we process your personal data in accordance with the General Data Protection Regulation (“GDPR”).

Under the GDPR:

  • Personal data is processed lawfully, fairly, and transparently.
  • Processing is limited to specific, legitimate purposes.
  • We rely on lawful bases, including consent, contractual necessity, legal obligation, or legitimate interests.
  • You have the right to:
    • Access your personal data
    • Rectify inaccurate data
    • Erase data (“right to be forgotten”)
    • Restrict processing
    • Object to processing
    • Data portability
    • Withdraw consent at any time
    • Lodge a complaint with your local supervisory authority

Where personal data is transferred outside the EEA, we implement appropriate safeguards such as Standard Contractual Clauses or rely on adequacy decisions issued by the European Commission.

10. Data Security

1. We use a range of administrative, technical, and physical safeguards to protect your information. These include:

  • Encryption of data during transfer and storage
  • Firewalls and intrusion-detection systems
  • Strict access controls
  • Staff training and confidentiality requirements
  • Regular monitoring and security audits

2. If a data breach occurs that is likely to cause harm, we will notify you promptly and take appropriate action.

11. Data Retention

1. We retain your personal information only for as long as necessary to:

  • Provide travel and booking services
  • Meet regulatory, financial, and record-keeping requirements
  • Resolve disputes or complaints
  • Prevent fraud

2. When the information is no longer required, we securely delete or de-identify it.

12. Travel-Specific Considerations

1. Transparency and Service Delivery

We strive to maintain clear communication about pricing, refunds, service terms, and booking conditions.

2. Payments

Payments are processed securely through authorized gateways. We do not store full card details. Transaction records may be retained for compliance and accounting purposes.

3. Third-Party Partners

When you book travel services, some providers may process your information under their own privacy policies. We encourage you to review those policies when applicable.

4. Cookies & Tracking Technologies

We use cookies and similar technologies to:

  • Operate and support site functionality
  • Improve user experience
  • Analyse website and app usage
  • Personalize content, advertisements, and offers

5. You can control cookie settings through your browser. A detailed Cookie Policy is available on our website.

13. Data Protection

We are committed to protecting personal information in accordance with the applicable data protection laws of the country in which you reside. Depending on your location, the following laws apply:

  • If you are located in Sri Lanka, we comply with the Personal Data Protection Act No. 9 of 2022.
  • Personal data is processed lawfully, fairly, and transparently.
  • You have right to access, rectification, erasure, objection, and withdrawal of consent.
  • We implement appropriate security safeguards and, where required, cooperate with the Data Protection Authority of Sri Lanka.

14. Access & Correction Rights

You may contact us at any time to exercise your rights under applicable law. We will respond within the timeframe required by the relevant jurisdiction.

15. Children’s Privacy

Where required by local law, parental or guardian consent will be obtained before collecting personal data from minors. Age thresholds may vary by jurisdiction.

16. Updates to This Policy

We may update this Privacy Policy from time to time. Any revised version will be posted on our website with an updated “Last Updated” date.

17. Contact Us

If you have questions, concerns, complaints, or requests about your personal information, please contact:

Data Protection Officer (DPO)

davemaan@travomint.com

partner-icon-iataveri12mas12visa12