Privacy Policy
Last Updated: December 27, 2025
Introduction
MyRameswaramTrip (operated by Arunijone) is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your information.
Legal Compliance:
- Information Technology Act 2000 and IT Rules 2011
- Digital Personal Data Protection Act 2023
- Payment and Settlement Systems Act 2007
Data Controller
- Company Name
- Arunijone
- Udyam Number
- UDYAM-TN-19-0044257
- Address
- Kattu Pillaiyar Kovil, Rameswaram, Ramanathapuram Dist, TN - 623526
- Contact
- [email protected] • myrameswaramtrip.com
Information We Collect
Personal Information
- Name, email address, phone number
- Rashi/Nakshatra information (optional, for puja customization)
- Puja preferences and special requirements
- Attraction preferences (guided tours, special access)
Payment Information (PCI-DSS Level 1 via Cashfree)
We do not store your card details, CVV, or any sensitive payment information. All payment processing is handled securely by our payment partner.
We only receive: Transaction ID, payment status, payment method, amount, and timestamp.
Technical and Booking Data
- Booking details, service type, service provider assignment
- Consent records (timestamp, IP address, terms version)
- Browser type, device information, usage patterns
How We Use Your Data
- Service Delivery: Processing bookings and facilitating communication with service providers
- Payment Processing: Managing transactions, transfers, and refunds
- Legal Compliance: Maintaining consent records, audit trails, and fraud prevention
- Platform Improvement: Usage analysis and feature development
- Communications: Sending confirmations, updates, and customer support
Data Sharing and Third Parties
Google OAuth Integration
MyRameswaramTrip uses Google OAuth for secure application login and calendar integration. Users must authenticate with their Google account to access puja booking, attraction booking, and support hub features. When you connect your Google account, we access your basic profile information and calendar data solely for the purposes of:
- Secure user authentication and account access
- Creating calendar events when bookings are confirmed
- Deleting calendar events when bookings are cancelled or rejected
- Scheduling temple visit timings and puja appointments
- Sending reminders for important spiritual activities
- Avoiding scheduling conflicts during your pilgrimage
Data Sharing Policy: We do not share, transfer, or disclose your Google user data (including calendar information) with any third parties, affiliates, or external organizations. Your Google data remains private and is only used within our platform to enhance your pilgrimage experience.
Service Providers
We share necessary booking and contact information with verified service providers (hotels, temples, and transportation partners) solely for fulfilling your reservations. This includes:
- Hotel bookings with accommodation partners
- Puja bookings with temple authorities
- Attraction bookings with local guides and operators
All service providers are contractually obligated to maintain data confidentiality and comply with applicable privacy laws.
Payment Processing
Payment information is processed securely through our payment partner Cashfree. We do not store your payment details, and Cashfree's privacy policy governs the handling of payment data.
Your Control Over Data Sharing
You can revoke Google OAuth access at any time through your Google account settings or by contacting us. Service provider data sharing is limited to active bookings and ceases upon completion or cancellation.
Data Security
Technical Security Measures
- SSL/TLS Encryption: Encrypted data transmission
- Database Encryption: Data encrypted at rest
- Access Control: Role-based access limitations
- Regular Audits: Security scanning and monitoring
- PCI-DSS Level 1: Certified payment security
- Multi-Factor Authentication: OTP verification
Data Breach Notification
In the event of a data breach, affected users will be notified within 72 hours via email and SMS as required by applicable law.
Your Rights Under DPDP Act 2023
- Right to Access
- Request a copy of your personal data (processed within 30 days)
- Right to Correction
- Request correction of inaccurate data (processed within 7 days)
- Right to Erasure
- Request deletion of your data (processed within 30 days, subject to legal requirements)
- Right to Data Portability
- Request data export in JSON/CSV format (within 30 days)
- Right to Withdraw Consent
- Stop marketing communications at any time
- Right to Grievance Redressal
- 48-hour acknowledgment, 30-day resolution timeline
* Data deletion subject to legal retention requirements and active booking obligations
How to Exercise Your Rights
Send an email to [email protected] with your name, registered contact information, and the specific action you wish to take.
This document is compliant with the Information Technology Act 2000, IT Rules 2011, Digital Personal Data Protection Act 2023, and Payment and Settlement Systems Act 2007.