Augustine Travel

Privacy Notice

1. Introduction

  • 1.1 Augustine Travels India Private Limited (“we,” “us,” “our”) is the primary Data Controller for
    services on our Platforms.
  • 1.2 Specific Controllers may vary by service/domain (e.g., flights, hotels).
  • 1.3 We commit to lawful, fair, transparent processing per data protection laws.
  • 1.4 Contact via Privacy form for questions; Help Centre for non-privacy.

2. Data Protection Officer

  • 2.1 We have a Data Protection Officer overseeing compliance.
  • 2.2 Exercise rights via Privacy form; verification required.

3. Definitions

  • 3.1 Key terms: Automated Decisions, Data Controller, Data Processor, Privacy Rights, Lawful Bases, Personal Data, Platforms, Sensitive Personal Data, Third Countries.

4. Why We Process Your Data

  • 4.1 Purposes based on Lawful Bases (Contract, Legitimate Interest, Consent, Legal Obligation).
  • 4.2 Booking: Manage bookings, communications; retrieve data with consent.
  • 4.3 User Account: Manage accounts, subscriptions.
  • 4.4 Travel-Related Services: Assist with incidents; customise searches.
  • 4.5 Communications: Contract-related, queries, reminders.
  • 4.6 Marketing: Newsletters, customised offers (opt-out available).
  • 4.7 Call/Chat Recordings: Quality, contractual purposes.
  • 4.8 Improving Services: Analytics, statistics.
  • 4.9 Safe Service: Fraud prevention, security.
  • 4.10 Legal/Compliance: Disputes, requests.
  • 4.11 No significant Automated Decisions.

5. Types of Data

  • 5.1 Categories: Identification/Contact, Account/Settings, Payment, Travel-Related,
    Communications, Browsing/Device.
  • 5.2 Minimal Sensitive Data; avoid unless necessary.
  • 5.3 No services for minors; delete if collected without consent.
  • 5.4 Data from third parties (e.g., fraud prevention).

6. Recipients

  • 6.1 Service Providers (e.g., Travel Providers, payment, IT).

  • 6.2 Group Companies for administration.

  • 6.3 Authorities for legal reasons.

  • 6.4 Others with consent.

7. Security Measures

  • 7.1 Encryption, pseudonymisation, audits; ISO 9001:2015, PCI DSS compliant.

8. Retention

  • 8.1 Up to 10 years post-trip/interaction; shorter for specific purposes.

9. International Transfers

  • 9.1 To EEA/adequate countries or via SCCs.

10. Protecting Your Data

  • 10.1 Do not share IDs; use strong passwords; beware phishing.

11. Control and Rights

  • 11.1 Manage via Account/Help Centre.
  • 11.2 Rights: Access, rectify, erase, object, withdraw consent via Privacy form.

12. Updates

  • 12.1 Posted changes effective upon update.
Scroll to Top