NIVSET - Set a date, Set a rule, Set a price

Details/Room type	No. of Pax
Adult (Twin Sharing)	30 0
Adult (Triple Sharing)	200
Adult (Single Room)	10 0
Quad (Four Sharing)	10 0
Quint (Five Sharing)	10 0
Hexa (Six Sharing)	10 0
Child (5-11 Yrs.) No Bed	10 0
Child (5-11 Yrs.) With Bed	10 0
Child (2-4 Yrs.) No Bed	10 0
Child (2-4 Yrs.) With Bed	10 0
Infant	10 0
Total (No. of Pax)	INR 00

Effective Date: 1 December 2025

Last Updated: 1 December 2025

1. Introduction

1.1 Our Commitment to Your Privacy

At N16 Travel Services Private Limited (trading as NIVSET), we recognise that privacy is not just a legal requirement but a fundamental component of trust. We understand that when you choose to engage with our services - whether browsing our website, booking a holiday, arranging a flight, or signing up for our promotional offers - you are entrusting us with personal information that is sensitive, valuable, and deserving of protection. This Privacy Policy has been developed to explain in clear and comprehensive terms how we collect, use, store, share, and protect your personal data, as well as the rights you have in relation to that data.

Our goal is to ensure that our processing of personal data is lawful, fair, and transparent at all times.

1.2 Why This Privacy Policy Matters

This Privacy Policy is an important document that sets out both your rights and our responsibilities. It explains what types of personal data we collect, the lawful bases on which we process that data, the purposes for which it is used, and the measures we take to protect it. It also informs you about your rights to access, rectify, or erase your personal data.

1.3 When This Policy Applies

This policy applies to all personal data collected by us in the course of our business as a travel agency, including but not limited to:

Use of our websites and mobile applications.
Booking of travel-related products and services through our platforms or customer service channels.
Interactions with our customer service team via phone, email, live chat, or in person.
Participation in our marketing campaigns, promotions, or competitions.

This Privacy Policy does not apply to information collected by third parties, including airlines, hotels, car hire companies, insurance providers, or other suppliers whose services you may purchase through us. These parties are independent controllers of your data, and you should review their privacy policies to understand their practices.

2. Who We Are

N16 Travel Services Private Limited (trading as NIVSET) is a private limited company registered in India with Corporate Identity Number U79110HR2025PTC134299. Our registered office address is 1590, Sector 57, Gurugram - 122003, Haryana, India. We operate throughout India, offering travel booking services to both individuals and corporate clients.

3. Scope of This Privacy Policy

This Privacy Policy applies to all personal data we process in connection with our travel services, regardless of the channel through which you interact with us. This includes:

Information collected via our websites, mobile applications, and online booking platforms.
Data obtained during customer service interactions, whether by phone, email, webchat, or face-to-face meetings.
Personal data provided when subscribing to our marketing communications, participating in promotions, or completing customer satisfaction surveys.
Data received from third-party service providers that is necessary for the fulfilment of your travel bookings.

It does not apply to aggregated or anonymised information that cannot reasonably be used to identify an individual.

4. Definitions

For clarity, the following definitions apply:

“Personal Data” refers to any information that relates to an identified or identifiable individual. This includes direct identifiers such as a name or passport number and indirect identifiers such as booking reference numbers or travel itineraries.

“Processing” encompasses any operation performed on personal data, including collection, recording, organisation, structuring, storage, alteration, retrieval, consultation, use, disclosure, or erasure.

“Sensitive Personal Data” is a subset of personal data that requires additional protection due to its sensitive nature. This includes data revealing racial or ethnic origin, political opinions, religious beliefs, trade union membership, genetic data, biometric data for identification purposes, health data, or information concerning an individual’s sex life or sexual orientation.

“Controller” means the natural or legal person that determines the purposes and means of processing personal data.

“Processor” means a natural or legal person that processes personal data on behalf of the Controller.

“Consent” means any freely given, specific, informed, and unambiguous indication of an individual’s wishes signifying agreement to the processing of personal data relating to them.

5. Data We Collect

We collect and process different types of personal data depending on the nature of your interaction with us. These include:

Identification Data: Your full name, date of birth, nationality, gender, and official identification details such as passport number, national ID card number or PAN information (for certain international bookings).
Contact Data: Residential address, billing address, email address, and telephone numbers.
Travel Data: Details of your bookings including flight numbers, hotel reservations, car hire arrangements, and special requests. This may also include your travel history and loyalty programme membership details.
Payment Data: Credit or debit card details, billing address, and transaction history.
Technical Data: IP address, device type, operating system, browser type, and settings.
Communication Data: Records of correspondence with our customer service team, including emails, call recordings, and webchat transcripts.
Sensitive Personal Data: Health-related information necessary for providing specific travel assistance, such as wheelchair access or dietary requirements linked to religious beliefs.

We will only collect Sensitive Personal Data when strictly necessary for the provision of services and with your explicit consent.

6. How We Collect Your Data

6.1 Direct Interactions

The majority of personal data we collect comes directly from you. This occurs when you actively provide information to us in various contexts, including but not limited to:

Completing an online booking form on our website or mobile application.
Creating an account in our customer portal.
Calling or emailing our customer service team with a booking request or enquiry.
Signing up for our newsletters or marketing communications.
Entering a promotional competition or responding to a survey we send you.

When you provide information in these contexts, we process it in accordance with the purposes stated at the time of collection and in this Privacy Policy.

6.2 Automated Technologies

When you visit our website or use our mobile applications, we automatically collect technical data using cookies, log files, and analytics tools. This includes your IP address, browser type, operating system, device settings, and browsing patterns. We collect this information to improve the performance of our platforms, enhance security, and better tailor our services to user needs. While much of this data is aggregated, some of it may be linked to you as an individual and therefore qualifies as personal data under data protection laws.

6.3 Third-Party Sources

In some cases, we receive personal data from trusted third parties. For example:

Airlines, hotels, and car hire companies may provide us with details of your bookings to ensure proper service delivery.
Payment processors may supply confirmation of transactions for fraud prevention and reconciliation purposes.
Business partners may forward information about joint promotions or co-branded products in which you participate. We take steps to ensure that these third parties have the right to share your personal data with us and that they do so in compliance with applicable laws.

6.4 Publicly Available Sources

Where permitted by law, we may collect personal data from publicly accessible sources such as official government databases or professional directories. This may be necessary for identity verification, fraud prevention, or compliance with legal obligations.

7. Legal Bases for Processing

Under Indian law, we process your data based on:

7.1 Contract

We process your personal data when it is necessary for the performance of a contract to which you are a party, or in order to take steps at your request prior to entering into such a contract. This includes processing data to make and manage bookings, issue travel documents, and provide customer support.

7.2 Legal Obligation

In certain circumstances, we are required to process personal data to comply with our legal obligations. Examples include retaining transaction records for tax purposes, sharing data with customs or immigration authorities, or complying with requests from regulatory bodies.

7.3 Legitimate Interests

We process personal data when it is necessary for our legitimate interests or those of a third party, provided such interests are not overridden by your fundamental rights and freedoms. Examples include:

Improving our services through analysis of user behaviour.
Ensuring the security of our systems and platforms.
Preventing fraud and other unlawful activities.
7.4 Consent

Where required, we will obtain your explicit consent before processing your personal data. This applies particularly to the processing of Sensitive Personal Data and to sending you marketing communications by email or SMS. You may withdraw your consent at any time without affecting the lawfulness of processing carried out before withdrawal.

8. Purposes of Data Processing

We process personal data for the following purposes:

To facilitate travel bookings and related transactions.
To send booking confirmations, updates, and travel documentation.
To manage customer accounts and loyalty programmes.
To provide customer service and resolve complaints.
To detect and prevent fraudulent activities.
To comply with applicable laws, regulations, and court orders.
To send marketing and promotional communications (where permitted).
To analyse website and application usage for service improvement.

Each purpose is linked to one or more lawful bases as described in Section 7.

9. Sensitive Personal Data

In certain circumstances, we may need to collect and process Sensitive Personal Data, which may include:

Health information, such as details about medical conditions, allergies, or disabilities that are relevant to your travel arrangements.
Dietary requirements that may reveal religious beliefs (e.g., halal or kosher meals) or health conditions (e.g., gluten intolerance).
Information regarding mobility assistance or the use of medical devices during travel.

We will only process Sensitive Personal Data when one of the following lawful bases applies:

1.Explicit consent – We have obtained your clear and informed agreement to process the data for a specific purpose, such as arranging special travel assistance.

2.Vital interests – Processing is necessary to protect your life or physical wellbeing, particularly where you are unable to give consent.

3.Legal obligations in employment, social security, or social protection law – Rare, but may occur if we are required by law to provide certain accommodations.

4.Public interest in public health – For example, where authorities require proof of vaccinations for entry to certain destinations.

Plainly put: if we ask for sensitive details about your health or beliefs, it is only because it’s directly relevant to your travel and you’ve agreed, or because the law requires it for safety or public health reasons.

10. Cookies and Tracking Technologies

We use cookies and similar technologies to improve the functionality, performance, and security of our website and mobile applications. These technologies help us remember your preferences, understand how you interact with our services, and deliver relevant content and advertising.

Essential cookies are necessary for the operation of our platforms and cannot be disabled. Non-essential cookies include those used for analytics or marketing.

A cookie may be placed by our advertising servers, or third-party advertising companies. Such cookies are used for purposes of tracking the effectiveness of advertising served by us on any website, and also to use aggregated statistics about your visits to the Website in order to provide advertisements in the Website or any other website about services that may be of potential interest to you. The third-party advertising companies or advertisement providers may also employ technology that is used to measure the effectiveness of the advertisements. All such information is anonymous. They may use this anonymous information about your visits to the Website in order to provide advertisements about goods and services of potential interest to you. No Personal Information is collected during this process. The information so collected during this process, is anonymous, and does not link online actions to a User.

Most web browsers automatically accept cookies. Of course, by changing the options on your web browser or using certain software programs, you can control how and whether cookies will be accepted by your browser. We support your right to block any unwanted Internet activity, especially that of unscrupulous websites. However, blocking our cookies may disable certain features on the Website, and may hinder an otherwise seamless experience to purchase or use certain services available on the Website. You can manage your cookie preferences through your browser settings.

11. Data Sharing and Disclosure

We will not sell your personal data. However, in order to fulfil our services and meet our legal obligations, we may share your personal data with:

Travel Service Providers – This includes airlines, hotels, tour operators, car rental agencies, and other entities directly involved in fulfilling your travel arrangements. They require relevant booking details to provide their services.

Payment Processors and Financial Institutions – We use trusted third-party payment providers to process payments securely. Your payment details are transmitted using encryption and are not stored by us beyond what is necessary for transaction confirmation and dispute resolution.

Technology Providers – These include companies providing IT hosting, analytics, marketing automation, and customer relationship management systems. They process data strictly according to our instructions and under data processing agreements that comply with data protection laws.

Government and Regulatory Authorities – In some cases, we may be legally required to disclose information to immigration, customs, security, or law enforcement agencies.

12. International Data Transfers

In the course of providing our travel services, it may be necessary to transfer your personal data to countries outside India. For example, if you book travel to a destination outside India, we may need to share your data with suppliers or authorities in that destination.

Please note that the data shared with us shall be primarily processed in India and such other jurisdictions where a third party engaged by us may process the data on our behalf. By agreeing to this policy, you are providing us with your explicit consent to process your personal information for the purpose(s) defined in this policy. The data protection regulations in India or such other jurisdictions mentioned above may differ from those of your country of residence in case you are a user based outside the geographic limits of India

13. Data Retention

13.1 General Retention Principles

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying any legal, accounting, or reporting requirements. The specific retention period depends on the nature of the data and the reason for its collection.

13.2 Travel Booking Data

Booking-related information, including your contact details, payment data, and travel itinerary, is generally retained for eight years from the end of the financial year in which your booking was completed for accounting, taxation, and dispute resolution purposes.

13.3 Sensitive Personal Data

Health information and other Sensitive Personal Data are deleted as soon as the related travel has been completed and no further assistance is required, unless retention is necessary for legal purposes.

13.4 Marketing Data

We will retain your contact information until you unsubscribe.

14. Your Data Protection Rights

You have a number of rights under data protection laws. These include:

Right of Access: You can request a copy of the personal data we hold about you.
Right to Rectification: You can ask us to correct any inaccurate or incomplete data.
Right to Erasure: You can request the deletion of your personal data, subject to legal limitations.
Right to Restrict Processing: You can ask us to limit how we use your data in certain circumstances.
Right to Withdraw Consent: You can withdraw your consent at any time by contacting us directly.
Right to Nominate: You can nominate another individual to exercise rights on your behalf.

It is important to note that withdrawing consent or limiting the usage of your personal data may severely inhibit our ability to serve you properly and in such case, we may have to refuse the booking altogether. It may also unreasonably restrict us to service your booking (if a booking is already made) which may further affect your trip or may compel us to cancel your booking.

15. Exercising Your Rights

If you wish to exercise any of your rights, you can contact us using the details provided in Section 22. To protect your privacy, we may require you to verify your identity before fulfilling your request. We aim to respond to all legitimate requests within one month, although this period may be extended if the request is complex.

16. Security Measures

We have implemented stringent security measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

Encryption of personal data in transit and at rest.
Secure network architecture with firewalls and intrusion detection systems.
Access controls and authentication procedures for employees.
Regular security audits and vulnerability testing.
Staff training on data protection and confidentiality obligations.

While we take every reasonable precaution to protect your data, no method of transmission over the internet or method of electronic storage is completely secure, and we cannot guarantee absolute security.

17. Marketing Communications

We will only send you marketing messages if you have provided your consent. In case you want to discontinue receiving such communication, you can opt out at any time by clicking the unsubscribe link in our emails or contacting us directly.

18. Children’s Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal data about individuals under that age (collectively, "minors") unless that data is provided by (and with the consent of) a parent or guardian. Limited circumstances in which we may need to collect personal data about minors from parents or guardians includes as part of a reservation or any purchase of travel-related services.

If we become aware that we have processed personal data about minors without the valid consent of their parents or guardians, we will delete it.

19. Automated Decision-Making and Profiling

We do not carry out automated decision-making that produces legal or similarly significant effects without human involvement. Where profiling is used - for example, to tailor offers based on your past bookings - it is done to enhance your customer experience.

20. Links to Third-Party Websites

Our website and communications may contain links to external websites operated by third parties. We are not responsible for the privacy practices of these external sites, and you should review their privacy policies before providing any personal data to them.

21. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will revise the “Last Updated” date and, where appropriate, notify you by email or through a notice on our website.

22. Contact Information

If you have any questions or concerns about this Privacy Policy or our data practices, or if you wish to exercise your rights, you may contact us via email at privacy@nivset.in.