Travalong
Your privacy,
Privacy Policy

Your privacy,
quietly protected.

A clear account of what we collect, why we collect it, and how we keep it safe.

Last updated · 12 May 2026

This Privacy Policy describes how Travalong Stays (operated by TRAVALONG, “Travalong”, “we”, “our”) collects, uses, discloses and protects your personal information when you visit stays.travalong.co.in (“Website”) or transact with us. This policy is published in accordance with the Information Technology Act, 2000 and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011.

1. Information We Collect

1.1 Information you provide

  • Booking & enquiry information: name, email, phone, requested villa, dates of stay, number of guests, special requests.
  • Payment information: payment is processed by our payment gateway partner (Razorpay Software Pvt. Ltd.). Travalong does not store full card numbers, CVV or UPI PINs. We retain only the transaction ID and last 4 digits where shared by the gateway, for reconciliation.
  • Identity verification: at check-in, the property caretaker may collect a copy of a government-issued ID, as required by Indian hospitality regulations and Form-C registration with the local Foreigners' Registration Office where applicable.
  • Communication: WhatsApp messages, email correspondence and any feedback or reviews you submit.

1.2 Information collected automatically

  • Technical data: IP address, device type, browser, operating system, pages viewed, referrer, timestamps.
  • Cookies and similar technologies: used for essential site functionality (admin login session), to remember your preferences, and to measure aggregate site usage. You can disable cookies in your browser; some features may not work.

2. How We Use Your Information

  • To process bookings, payments, refunds and provide the stay experience;
  • To send transactional communications (confirmations, check-in details, receipts);
  • To respond to enquiries and provide customer support;
  • To send occasional marketing communications about new villas, offers and editorial content — only where you have opted in. You may opt out at any time;
  • To comply with applicable laws and respond to lawful requests from public authorities;
  • To prevent fraud, abuse and security incidents;
  • To improve the Website, our services and our hospitality.

3. Sharing of Information

We share personal information only as follows:

  • Villa owners and on-site caretakers: guest name, check-in and check-out dates, party size and contact details, so they can prepare and host the stay.
  • Payment gateway partners: to process payments and refunds (Razorpay, PhonePe). Each partner has its own privacy policy.
  • Service providers: hosting (Cloudflare), database (Supabase), email (Resend) and analytics, each under contractual confidentiality obligations.
  • Legal authorities: where required by Indian law, court order or regulatory authority.

We do not sell your personal information. We do not rent it to third parties for their marketing.

4. Data Retention

  • Booking records: 7 years from check-out, to comply with Indian tax and accounting laws.
  • Enquiry submissions that did not convert to a booking: 24 months.
  • Marketing-list contacts: until you opt out.
  • Technical logs: 90 days.

5. Data Security

We implement reasonable security practices including encrypted transport (HTTPS/TLS), encrypted-at-rest databases, signed session tokens, principle-of-least-privilege access for staff, and routine review of access logs. No system is impervious; in the event of a breach affecting your data, we will notify affected users promptly in accordance with applicable law.

6. Your Rights

You may, by writing to bookings@travalong.co.in:

  • Request a copy of the personal information we hold about you;
  • Request correction of inaccurate information;
  • Request deletion of your personal information, subject to legal retention requirements;
  • Withdraw consent to marketing communications;
  • Raise a grievance — see Section 10.

7. Cookies

We use first-party cookies only. The two cookies set by our website are:

  • tv_admin — secure, HTTP-only session cookie used solely for admin login. Set only for administrators. Expires after 7 days.
  • Cloudflare cookies — set by our hosting provider for bot protection and traffic routing. See Cloudflare's Cookie Policy.

8. Third-Party Links

The Website may contain links to third-party sites (e.g. Instagram, Facebook, Google Maps, Razorpay/PhonePe checkout). We are not responsible for the privacy practices of these sites. We encourage you to review their privacy policies.

9. Children

The Website is not directed to children under 18. We do not knowingly collect personal information from children. Where a parent or guardian books a stay including minors, the information is provided by the booking adult under their responsibility.

10. Grievance Officer

In accordance with the Information Technology Act, 2000 and the rules made thereunder, the name and contact details of the Grievance Officer are:

Name: Nakul Karwa
Designation: Operations Lead, Travalong Stays
Email: bookings@travalong.co.in
Phone: +91 93223 90341
Address: B-401, The Hub, Parijat Nagar Signal, Nashik – 422005, Maharashtra, India

We will acknowledge complaints within 48 hours and resolve them within 30 days of receipt.

11. Updates to This Policy

We may update this Privacy Policy from time to time. Material changes will be notified by email to registered users or via a prominent notice on the Website. The “Last updated” date at the top of this page reflects the current version.

Questions? Reach us at bookings@travalong.co.in or WhatsApp +91 93223 90341.

Chat with us