Jungleciti

Privacy Policy

Last Revised: 19-11-2025
Applies to: Website & App Users Regions: India, Asia, EU/EEA, UK, USA & Other

This Privacy Policy explains how Jungleciti Hospitality India Pvt. Ltd. (“Jungleciti”, “JHIPL”, “we”, “us”, or “our”) collects, uses, shares, and protects your personal data when you visit our websites (including jungleciti.com and related subdomains), use our mobile apps, communicate with us, or purchase our products and services.

This Policy is designed to be consistent with major privacy frameworks, including (as applicable):

  • EU/EEA & UK General Data Protection Regulation (“GDPR” / “UK GDPR”);
  • US state privacy laws such as California Consumer Privacy Act as amended by CPRA (“CCPA/CPRA”), where applicable;
  • India’s and other Asian jurisdictions’ data protection expectations and hospitality regulations; and
  • Other applicable local privacy and consumer protection laws in countries where our guests reside.

This Privacy Policy is informational and does not constitute legal advice. Your specific rights may differ based on your place of residence and applicable law.

1. Data Controller & Contact Details

For most activities described in this Policy, Jungleciti Hospitality India Pvt. Ltd. is the “data controller” (under GDPR terminology) or the “business” (under CCPA) responsible for determining how and why your data is processed.

Legal Entity: Jungleciti Hospitality India Pvt. Ltd. (“JHIPL”)
Address: 2nd Floor, Zila Parishad Market Complex, Panigaon, Nagaon – 782003, Assam, India
General Enquiries: 123@jhipl.com
Privacy / Data Protection Enquiries: grc@jhipl.com

2. Scope: When Does This Policy Apply?

This Policy applies when you:

  • Visit our websites, web apps, or mobile apps;
  • Make a reservation or purchase our products or services online, by phone, or via our partners, where we act as controller;
  • Contact our customer support, concierge, or live chat;
  • Interact with us on social media or sign up for marketing communications;
  • Visit Jungleciti House or other properties managed by JHIPL and provide personal data at check-in or during your stay.

This Policy does not apply where we process data solely as a processor/service provider on behalf of another company (for example, certain B2B arrangements) or where a third-party platform acts as an independent controller (e.g. OTAs, airlines, payments providers). In those cases, their privacy policies apply.

3. Types of Personal Data We Collect

Depending on how you interact with us, we may collect the following categories of data:

  • Identification & contact data: name, title, postal address, email address, phone number, nationality, government ID details where required by law (e.g. for hotel registration in India), and emergency contact.
  • Booking & stay data: reservation details, stay dates, room type, preferences (e.g. bed type, dietary requests), travel companions, loyalty numbers (if applicable), and communication records related to your stay.
  • Payment & billing data: masked payment card details, billing address, transaction identifiers, and limited billing history. Full card details are handled by PCI-DSS compliant providers and not stored in plain text by us.
  • Digital usage data: IP address, browser type, device identifiers, pages visited, referring pages, clickstream data, app usage data, approximate location derived from IP, and cookie identifiers.
  • Communications & support data: messages you send us via email, web forms, chat, social media, call recordings (where permitted by law and with notice), and survey responses.
  • Marketing preferences: your subscription status for newsletters, offers, and notification preferences.
  • Special categories (limited & optional): dietary restrictions, accessibility requirements, or health-related information you voluntarily share so we can serve you safely. We use such information only with your consent or where permitted by law.

4. How We Collect Personal Data

  • Directly from you: when you make a booking, create an account, contact us, fill forms, chat with our team, or visit our property.
  • Automatically: via cookies, pixels, and similar technologies on our websites and apps (see “Cookies & Similar Technologies”).
  • From third parties: such as online travel agents (OTAs), payment processors, marketing partners, social networks (when you connect with us), and other service providers involved in your travel arrangements.

5. Purposes & Legal Bases for Processing

We only process personal data where we have a lawful basis under applicable law. Under GDPR, these bases include consent, contract, legal obligation, legitimate interests, and, where applicable, vital interests or public interest. Under US and other laws, we align our practices with analogous concepts.

We process your data for the following purposes:

  • To provide our services & manage bookings: creating and managing reservations, check-in/check-out, room allocation, billing, and guest services.
    Legal basis (GDPR): performance of a contract; legitimate interests.
  • To communicate with you: operational emails, SMS/WhatsApp regarding your booking, support responses, and service updates.
    Legal basis: contract; legitimate interests.
  • To personalise your stay & improve quality: record preferences (e.g. room type, food preferences), gather feedback, and improve services.
    Legal basis: legitimate interests; in some cases consent.
  • For marketing (where permitted): sending offers, newsletters, and promotional messages about Jungleciti services. You can opt out at any time.
    Legal basis: consent (where required), or legitimate interests.
  • For security & fraud prevention: safeguarding our systems, detecting and investigating fraud or misuse, securing payments, and ensuring property safety.
    Legal basis: legitimate interests; legal obligation in some cases.
  • For legal & regulatory compliance: obligations under local tourism laws, tax regulations, KYC/ID requirements for hotel guests, and record-keeping.
    Legal basis: legal obligation.
  • For analytics & product development: understanding usage patterns, improving our websites/apps, and planning services.
    Legal basis: legitimate interests; consent where cookies/identifiers are non-essential.

6. Cookies & Similar Technologies

We use cookies, pixels, and similar technologies to operate our site, remember your preferences, secure your session, and — with your consent where required — analyse usage and enable features such as translations and live chat.

  • Essential cookies: required for basic site functionality, security, and reservations. These may be used without consent where permitted by law.
  • Functional & analytics cookies: help us understand how visitors use the site and improve user experience.
  • Marketing & third-party cookies: used in limited cases for remarketing, affiliate tracking, or embedded widgets.

Our cookie banner allows you to accept or decline non-essential cookies. Your choices are stored in your browser (local storage or cookies). You may also adjust your browser settings to manage cookies.

7. How We Share Personal Data

We do not sell your personal data in exchange for money. We may share personal data with:

  • Service providers & processors: IT hosting, payment processors, email/SMS providers, analytics tools, on-site systems, and verified partners who act on our instructions.
  • Travel & booking partners: OTAs, travel agents, channel managers, and other intermediaries that you use to book our services.
  • Legal & regulatory bodies: where required by law, court order, or government/regulatory request (e.g. guest registration information required by local authorities).
  • Business transfers: in the context of a merger, acquisition, or reorganisation, subject to appropriate safeguards.

We require recipients to protect your data and only use it for specified purposes, except where they act as independent controllers (e.g. OTAs, payment networks) under their own privacy policies.

8. International Data Transfers

Jungleciti is based in India and may process data in India and other countries. If you are located in the EU/EEA, UK, or other regions with data export restrictions, we will rely on appropriate safeguards for transfers, such as:

  • Standard Contractual Clauses (SCCs) adopted by the European Commission / UK Addendum, where applicable;
  • Data processing agreements with service providers that include appropriate security and privacy commitments;
  • Transfers necessary for the performance of a contract (e.g. to provide your hotel reservation in India).

9. Data Retention

We retain personal data only for as long as necessary for the purposes described in this Policy, including:

  • For bookings and stays: typically for the duration of your stay plus an appropriate period afterwards for legal, tax, and accounting requirements, and to handle disputes;
  • For marketing: until you withdraw consent or opt out. We may keep a record of your opt-out to honour your request;
  • For legal, security, or regulatory purposes: as required by applicable law.

10. Your Privacy Rights

Your privacy rights depend on your jurisdiction. Wherever possible, we aim to honour reasonable requests globally, even if not legally required.

10.1 Rights Under GDPR (EU/EEA & UK)

If you are in the EU/EEA or UK, you may have the following rights under GDPR/UK GDPR (subject to conditions and exemptions):

  • Access: to obtain confirmation whether we process your personal data and to receive a copy.
  • Rectification: to correct inaccurate or incomplete personal data.
  • Erasure (“Right to be Forgotten”): to request deletion in certain circumstances.
  • Restriction: to request restriction of processing in certain circumstances.
  • Portability: to receive personal data you provided in a structured, commonly used, machine-readable format and to request that we transmit it to another controller where technically feasible.
  • Object: to object to processing based on legitimate interests, including profiling; and separately, to object at any time to processing for direct marketing.
  • Withdraw consent: where processing is based on consent, you may withdraw it at any time (without affecting prior lawful processing).
  • Complaint: to lodge a complaint with a supervisory authority in the EU/EEA or the UK Information Commissioner’s Office.

10.2 Rights for US Residents (e.g., California CCPA/CPRA)

Where US state privacy laws apply (for example, if you are a California resident), you may have rights including:

  • Right to know/access: to request information about the categories and specific pieces of personal information we have collected, used, disclosed, or (where applicable) “sold or shared”.
  • Right to deletion: to request deletion of personal information, subject to certain exceptions.
  • Right to correction: to request correction of inaccurate information.
  • Right to opt out of “sale” or “sharing”: where we engage in activities defined as “sale” or “sharing” under relevant US laws (for cross-context behavioural advertising), you may have the right to opt out. At present, Jungleciti does not sell personal information for monetary value.
  • Right to non-discrimination: we will not discriminate against you for exercising your privacy rights.

10.3 India & Asia-Pacific

For guests in India and other Asia-Pacific countries, we follow applicable local regulations and hospitality norms, including requirements under Indian IT/telecom/tourism rules and evolving data protection standards. Depending on your country, you may have rights comparable to access, correction, objection, and deletion.

10.4 How to Exercise Your Rights

To exercise any of the rights described above (as applicable to your region), please contact us at:

Privacy Email: grc@jhipl.com
Subject Line Example: “Privacy Request – Access / Deletion / Other”.

We may need to verify your identity (for example, by confirming booking details or requesting identification) before fulfilling your request. You may also authorise an agent (where permitted by law) to submit a request on your behalf, subject to verification.

11. Children’s Privacy

Our websites and online services are not directed to children under 16 years of age. We do not knowingly collect personal data from children under 16 online without appropriate parental or guardian consent as required by law. If you believe a child has provided us with personal data without such consent, please contact us so we can delete it.

12. Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or destruction. These measures include access controls, encryption in transit where appropriate, secure hosting, and staff training.

However, no system can be guaranteed as 100% secure. You are responsible for keeping your account credentials confidential and for alerting us if you suspect any unauthorised use of your account or personal data.

13. Third-Party Services & Links

Our website may contain links to third-party websites or integrate third-party tools (for example, OTAs, payment gateways, mapping providers, Trip.com widgets, or communication tools). These third parties have their own privacy policies, and we are not responsible for their practices. We encourage you to review their policies before providing personal data.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements. When we do so, we will update the “Last Revised” date at the top of this page. In certain cases (for example, material changes), we may provide additional notice, such as by email or prominent banner.

Your continued use of our websites, apps, or services after the effective date of the updated Policy constitutes your acceptance of the changes.

15. Contact Us

If you have questions about this Privacy Policy, our privacy practices, or wish to exercise your rights, you can contact us at:

  • Email (General): 123@jhipl.com
  • Email (Privacy): grc@jhipl.com
  • Postal Address: GRC, Jungleciti Hospitality India Pvt. Ltd., 2nd Floor, Zila Parishad Market Complex, Panigaon, Nagaon – 782003, Assam, India.

By using this Website or our services, you acknowledge that you have read this Privacy Policy and understand how we process your personal data.