Privacy Policy

Last updated: April 2026

Privacy Policy

Your data is trusted, protected, and handled with care.

Wanderphilia collects only what is necessary, shares data only with trusted travel partners, and gives you clear control over how your information is used across our website, app, WhatsApp, email, and booking channels.

Transparent

Clear definitions, purposes, and lawful processing bases.

Secure

Encrypted storage, access controls, and breach response.

Control

Rights to access, correct, delete, and opt out of marketing.

Wanderphilia Experiences Private Limited ("Wanderphilia", "Company", "we", "us", "our") values the trust you place in us when you choose our services. This Privacy Policy ("Policy") explains how we collect, use, store, share and protect your personal data when you engage with our website, mobile application, booking channels (including WhatsApp and email) or otherwise interact with us.

This Policy applies to our customers, travellers, website visitors, prospective clients, and any other individuals whose information is received or processed by Wanderphilia in connection with our services.

1. Definitions

  • Personal Data: any information relating to an identified or identifiable person, such as name, contact details, government identification, or online identifiers.
  • Sensitive Personal Data: passport numbers, health details, financial information, or information relating to minors.
  • Processing: collection, storage, use, disclosure, or deletion of personal data.
  • Cookies: small text files stored on your device to recognise repeat users and improve functionality.
  • Minor: an individual under 18 years of age.

2. Collection of Personal Data

We collect data when you:

  • book or enquire about trips;
  • use our website, mobile app, WhatsApp, email, or phone channels;
  • provide details through authorised sales representatives or enquiry forms.

The information we collect may include:

  • name, email, phone number, postal address, and date of birth;
  • passport and visa details, ID proofs, travel history, and payment information;
  • health or medical details, dietary preferences, and emergency contact information;
  • details of co-travellers for group bookings.

We also automatically collect technical data such as:

  • IP address, browser type, operating system, device identifiers, and session IDs;
  • referral URLs, cookies, geolocation (approximate), and clickstream data;
  • analytics data from tools like Google Analytics, Facebook Pixel, Mixpanel, and Google Tag Manager.

We do not buy data from third-party brokers or affiliates. Leads generated through our enquiry or advertising campaigns may be routed into our CRM systems.

Sensitive personal data such as passport details, visa forms, or health certificates is collected only when strictly necessary and with your explicit consent.

3. Categories of Data Collected

  • Contact Information: full name, email, phone number, and emergency contacts.
  • Identity Information: passport details, government ID, nationality, date of birth, and gender.
  • Financial Information: billing address, limited payment details via secure gateways, and tax-related details where required.
  • Travel & Booking Information: destination preferences, accommodation details, flight schedules, co-traveller information, and booking history.
  • Health & Medical Information: voluntary disclosures of medical conditions, allergies, and fitness declarations for travel suitability.
  • Children's Information: limited minor data such as name, age, and identity proof, collected only with verified parental or guardian consent.
  • Technical & Usage Information: IP address, browser, device type, cookies, and online identifiers.

These categories reflect our current practices and may change with technology, business needs, or legal requirements. Material changes will be updated here and notified where required.

4. Use of Cookies and Session Data

We use cookies, pixels, tags, and similar tracking technologies to enhance our website experience, analyse traffic, personalise content, and measure marketing performance.

  • Essential cookies support website functionality, session security, and payment processing.
  • Performance and analytics cookies help us understand user behaviour and improve our services.
  • Functional cookies remember preferences like language settings or saved itineraries.
  • Marketing cookies deliver relevant promotions and manage advertising frequency.

You can manage or disable cookies in your browser settings, but this may reduce website functionality. Continued use of the website without disabling cookies means you consent to our cookie use.

We also collect technical session data such as IP address, device identifiers, operating system, referral URLs, session duration, clickstream data, and log information for analytics, fraud prevention, and security.

5. Purpose and Use of Data

  • facilitate and manage travel bookings including hotels, flights, transfers, insurance, and visas;
  • provide trip communications, pre-departure support, and on-trip assistance;
  • offer customer service, dispute resolution, and grievance handling;
  • comply with legal obligations such as tax reporting, TCS declarations, and RBI remittance rules.

Lawful bases for processing include your consent, contract performance, legal compliance, and our legitimate interests in fraud prevention, service improvement, and security.

With your consent, we may send newsletters, promotional offers, personalised recommendations, and marketing communications via email, WhatsApp, or SMS. You may opt out at any time.

We also aggregate and anonymise data to analyse trends, run surveys, and develop services. Anonymised data cannot identify you personally.

6. Sharing and Disclosure of Data

We share data with trusted travel partners only as needed to deliver services. This may include airlines, hotels, transport operators, insurers, visa consultants, local guides, and destination management companies.

Third parties are required to keep your information confidential and process it only for the service they provide. Wanderphilia is not responsible for misuse or breaches caused by third-party vendors.

Cross-border transfers of personal data are protected by contractual safeguards and aligned with international standards, including GDPR principles where applicable.

We do not sell or rent your data to advertisers or marketing agencies. Any retargeting or campaign analytics are based on aggregated and anonymised tracking data.

We may disclose your information if required by law or valid legal process to comply with regulatory authorities or protect our operations.

7. Storage, Retention and Security

Your data is stored securely in cloud services and CRM systems with access limited to authorised team members in marketing, technology, and operations.

  • Technical safeguards include encryption, secure API logging, and intrusion monitoring.
  • Organisational safeguards include role-based access, password protection, and confidentiality undertakings.

We retain data only as long as necessary for the purpose it was collected and longer if required by law. Typical retention lasts until the end of the client relationship and for statutory record-keeping.

While we work to keep your data secure, no system is completely immune to cyber threats. In case of a breach, we will investigate promptly, mitigate impact, and notify affected parties and regulators as required by law.

8. User Rights and Choices

  • You can review, correct, or request deletion of your personal data.
  • You may withdraw marketing consent by unsubscribing or contacting us, while still receiving essential booking communications.
  • Where GDPR applies, you may request processing restrictions, data portability, and objection to significant automated decisions.

If you wish to restrict or object to processing in specific cases, including sensitive health information, we will review your request based on feasibility and legal requirements.

We do not knowingly collect personal data from minors under 18 without verified parental or guardian consent. If you believe a minor’s data has been collected without consent, please contact us to take corrective action.

9. Protection of Data of Overseas Clients

For overseas clients, we apply safeguards consistent with Indian law and international best practices. Personal data is processed only for travel services and shared with partners as needed for bookings or when required by law.

Where stricter standards like GDPR apply, we aim to provide equivalent protections, including enhanced rights around access, correction, and deletion.

10. Use of Images, Testimonials and Media

During trips, photographs or videos may be captured for operational or promotional purposes. Participation in our trips indicates consent for reasonable use of this media by Wanderphilia.

If you want to opt out of identifiable image use, notify us in writing before your trip begins.

11. Compliance with Law

We comply with Indian privacy and data protection laws, including the Digital Personal Data Protection Act, 2023 and the Information Technology Act, 2000. For overseas clients, we also align with GDPR where applicable.

12. Changes to this Policy

This Policy may change over time to reflect new technology, business operations, or legal requirements. Updates are published on our website with an updated "Last Updated" date.

13. Contact and Grievance Redressal

For concerns, requests, or grievances regarding your personal data, contact our Grievance Officer:

Grievance Officer: Bhavin Thakker
Email: experiences@wanderphilia.com
Phone: +91 9217664099