Privacy Policy

This Privacy Policy describes how Calma Dinner Cruise ("we," "us," "our"), a third-party booking partner operating the website calmadinnercruise.in and the WhatsApp booking service at +91 9817363968, collects, uses, stores, and protects the personal information of visitors and customers ("you," "your").

By using our Platform, making a booking, or communicating with us via WhatsApp, you consent to the collection, use, and processing of your personal data as described in this Privacy Policy. If you do not agree with this Policy, please do not use our services.

1.1 Personal Information Provided by You:

• Contact Details: Full name, phone number (primary and alternate), email address.
• Booking Information: Preferred cruise date, number of guests (adults, children, infants), transportation preference (pickup/direct), hotel name and pickup location (if applicable).
• Payment Information: Payment method, transaction ID, payment status. Note: We do not store credit/debit card numbers or CVV — all payment data is processed directly by Razorpay.
• Communication Data: Messages exchanged via WhatsApp, including text, images, and voice notes sent during the booking process.
• Special Requests: Dietary preferences, celebration details (birthdays, anniversaries), cake orders, decoration requests.

1.2 Information Collected Automatically:

• Device Information: IP address, browser type and version, operating system, device type.
• Usage Data: Pages visited, time spent on pages, click data, referral source.
• Cookies: Session cookies, preference cookies, and analytics cookies (see Section 5 for details).
• Location Data: Approximate geographic location based on IP address (not precise GPS).

We use the information we collect for the following purposes:

• Booking Processing: To process, confirm, and manage your cruise bookings.
• Payment Processing: To process payments securely through our payment gateway partner (Razorpay).
• Communication: To send booking confirmations, reminders, cancellation notices, refund updates, and cruise details via WhatsApp, SMS, and email.
• Customer Support: To respond to your queries, complaints, and requests for assistance.
• Transportation Coordination: To share your pickup location and contact details with the Cruise Service Provider's transportation team for pickup and drop-off arrangements.
• Service Improvement: To analyze usage patterns and improve our Platform, booking experience, and customer service.
• Legal Compliance: To comply with applicable laws, regulations, and legal processes.
• Fraud Prevention: To detect and prevent fraudulent transactions and unauthorized access.

We do not sell, rent, or trade your personal information to any third party for marketing purposes.

We may share your personal information with the following parties, strictly for the purposes outlined above:

• Cruise Service Provider: Your booking details (name, phone, guest count, date, transportation preference) are shared with the Cruise Service Provider to facilitate the cruise experience.
• Payment Gateway (Razorpay): Payment details are processed by Razorpay. We recommend reviewing Razorpay's Privacy Policy.
• Communication Providers: We use WhatsApp Business API (operated by Meta) and SMS providers to send transactional messages. Your phone number is shared with these platforms for message delivery.
• Hosting & Analytics: We use third-party hosting (Vercel) and analytics services that may process anonymized usage data.
• Law Enforcement: We may disclose your information if required by law, court order, or government request.

We implement industry-standard security measures to protect your personal information, including:

• SSL/TLS Encryption: All data transmitted between your browser and our servers is encrypted using SSL/TLS protocols.
• Secure Database: Personal data is stored in encrypted databases hosted on Supabase with row-level security (RLS) policies.
• PCI-DSS Compliance: Payment processing is handled by Razorpay, which is PCI-DSS Level 1 compliant. We never store card details on our servers.
• Access Control: Access to personal data is restricted to authorized personnel only, on a need-to-know basis.

While we strive to protect your data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

Our website uses cookies and similar technologies to:

• Essential Cookies: Required for the website to function (authentication, session management). These cannot be disabled.
• Functional Cookies: Remember your preferences (selected dates, payment options) for a better user experience.
• Analytics Cookies: Help us understand how visitors use our website so we can improve it.

You can manage cookie preferences through your browser settings. Disabling cookies may affect the functionality of certain features.

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, including:

• Booking Records: Retained for a minimum of 3 years from the booking date for accounting and legal compliance purposes.
• Payment Records: Retained as required by applicable tax and financial regulations.
• Communication Logs: WhatsApp conversation logs are retained for up to 1 year for customer support and dispute resolution purposes.
• Analytics Data: Aggregated and anonymized data may be retained indefinitely for analytical purposes.

Subject to applicable laws, you have the following rights regarding your personal data:

• Right to Access: Request a copy of the personal data we hold about you.
• Right to Correction: Request correction of inaccurate or incomplete data.
• Right to Deletion: Request deletion of your personal data, subject to legal retention requirements.
• Right to Object: Object to processing of your data for specific purposes.
• Right to Withdraw Consent: Withdraw consent for marketing communications at any time.

To exercise any of these rights, contact us at calmadinnercruise@gmail.com.

Our Platform is not intended for use by individuals under the age of 18 without parental or guardian consent. We do not knowingly collect personal data from children under 13. If we become aware that a child under 13 has provided us with personal data, we will take steps to delete such information.

We may update this Privacy Policy from time to time. Any changes will be posted on this page with the updated "Last updated" date. We encourage you to review this Policy periodically. Continued use of our Platform after changes constitutes acceptance of the updated Policy.

For any privacy-related questions, concerns, or data requests, please contact us: