Privacy Policy

Last updated: 10-01-2026

This Privacy Policy explains how Ramblersindia Outdoors (OPC) Pvt. Ltd. (“Ramblersindia”, “Ramblers India”, “we”, “us”, or “our”) collects, uses, discloses, stores, transfers, and protects personal data when you visit www.ramblersindia.com (the “Site”), register for or purchase our guided hiking, trekking, climbing, camping, cycling, tours, outdoor adventure activities, corporate events, or customized services (the “Services”), or otherwise interact with us. By using the Site or our Services you agree to the terms of this Policy.

Scope

Who this covers: visitors to the Site, registered users, ticket purchasers, event participants, corporate clients, vendors, job applicants, and other individuals whose data we process.
Geographic scope: data processed in India and in jurisdictions where our service providers operate.
Relationship to other notices: this Policy supplements any specific notices, consent forms, waivers, or event-specific privacy statements.

Data Fiduciary and Grievance Officer

Data Fiduciary: Ramblersindia Outdoors (OPC) Pvt. Ltd.
Grievance Officer: Team Ramblers
Grievance email: hi@ramblersindia.com
Acknowledgement timeline: we will acknowledge grievances within 7 days and use best efforts to resolve within 30 days.

Legal Framework

We process personal data in accordance with applicable Indian law, including the Digital Personal Data Protection Act, 2023, the Information Technology Act, 2000, the SPDI Rules, 2011, and other relevant regulations and guidelines.

Categories of Personal Data Collected

Data you provide directly

Identity and contact: name, email, phone number, postal address.
Account credentials: username, hashed password, profile photo.
Booking and payment: booking details, billing address, payment instrument metadata (we do not store full card numbers; payment processors handle card data).
Health and safety: emergency contact, medical conditions, fitness declarations, allergies.
Profile and preferences: adventure interests, skill level, dietary preferences, communication preferences.
Corporate data: company name, corporate contact details.
Recruitment data: resume, certifications, interview notes, references.
Media: photographs, videos, testimonials provided with consent.

Data collected automatically

Technical and usage: IP address, device identifiers, browser type, operating system, pages visited, session timestamps, referrer URL.
Analytics: aggregated usage metrics, crash logs, performance data.
Cookies and tracking: see Cookies section.

Sensitive data

Health-related information provided for safety or medical reasons; processed only where necessary and with appropriate safeguards.

Wix Hosting and Payment Processing

Platform provider: our Site and online store are hosted on the Wix.com platform. Wix provides the infrastructure, data storage, databases, and general applications that enable us to sell products and services. Your data may be stored through Wix’s systems on secure servers behind firewalls.
Payment security: all direct payment gateways offered by Wix and used by us adhere to PCI-DSS standards managed by the PCI Security Standards Council. PCI-DSS helps ensure secure handling of credit card information by our store and its service providers.
Role of Wix: Wix acts as a data processor for hosting and platform services. We also use third-party payment processors and other vendors; these parties process data on our behalf under contractual obligations.

How We Use Personal Data

We use personal data for the following purposes and lawful bases:

Service delivery: process bookings, issue confirmations, manage cancellations and refunds; lawful basis: contract performance.
Safety and emergency response: share health and emergency contact details with medical responders when necessary; lawful basis: vital interests and legitimate interests.
Operational communications: send itinerary changes, safety advisories, and service-critical messages; lawful basis: contract performance and legitimate interests.
Marketing and promotions: send newsletters, offers, and event announcements; lawful basis: legitimate interests and consent where required. Default subscription: account holders, subscribers, and ticket purchasers are automatically subscribed to marketing communications; you may opt out at any time.
Analytics and improvement: analyze usage to improve the Site and Services; lawful basis: legitimate interests.
Fraud prevention and security: detect and prevent fraud, abuse, and security incidents; lawful basis: legitimate interests and legal obligations.
Legal compliance: respond to lawful requests from authorities and retain records for tax and audit; lawful basis: legal obligation.
Recruitment: evaluate candidates and manage hiring; lawful basis: legitimate interests and consent for sensitive checks.
Corporate events: plan and execute events and share logistics with corporate contacts; lawful basis: contract performance.

Marketing Communications and Opt-Out

Default subscription policy: when you create an account, subscribe, or purchase tickets you are automatically subscribed to receive marketing communications such as event announcements, promotions, newsletters, and community updates.
Service messages: transactional and safety messages necessary for bookings and participant safety are sent regardless of marketing preferences.
How to opt out: click the unsubscribe link in marketing emails; update communication preferences in your account settings; or contact hi@ramblersindia.com. Opt-out requests are processed promptly and do not affect service-critical communications.
Profiling and targeted marketing: where we use profiling to personalize offers, you will be informed and given an opt-out option for profiling-based marketing.

Cookies and Tracking Technologies

Cookie categories:
- Essential cookies required for login, booking, and security.
- Preference cookies to remember language and display settings.
- Analytics cookies to measure Site performance and usage.
- Marketing cookies to enable personalized promotions and remarketing.
Cookie banner: we display a cookie banner on first visit with options to accept all, reject non-essential cookies, or manage preferences.
Third-party trackers: analytics and advertising providers may set cookies; we list major providers in our cookie table and provide opt-out links where available.
Managing cookies: you can manage cookies via your browser settings and our cookie preference center.

Data Sharing and Third-Party Processors

Who we share with: payment processors, Wix as platform provider, email delivery services, booking platforms, insurance companies, emergency services, venue partners, transportation and catering vendors, analytics providers, legal advisors, and law enforcement when required.
Processor safeguards: we enter into written Data Processing Agreements with third-party processors requiring confidentiality, security measures, and limits on use.
Subprocessors: we maintain a list of subprocessors and will notify customers of material changes where required by law or contract.
No sale policy: we do not sell, rent, or trade personal data to third parties for their own marketing use.

International Transfers

Cross-border processing: data may be processed in India and in other countries where our service providers operate.
Safeguards: transfers are governed by contractual protections, standard contractual clauses, or other lawful mechanisms to ensure adequate protection.

Data Security and Breach Response

Security measures: encryption in transit (TLS/SSL), encryption at rest where feasible, role-based access controls, multi-factor authentication for administrative access, regular security audits, vulnerability scanning, and secure disposal procedures.
Breach notification: in the event of a confirmed data breach, we will notify affected individuals and relevant authorities as required by law, provide details of the incident, mitigation steps, and recommended actions for affected individuals.

Data Retention

Retention principles: we retain personal data only as long as necessary for the purpose collected, to comply with legal obligations, or to resolve disputes.
Typical retention periods:
- Booking and payment records: retained for 5 years for tax and audit purposes.
- Event media and marketing assets: retained for 3 years by default; extended only with explicit consent.
- Recruitment records: retained only as necessary for hiring and statutory obligations.
- Support and correspondence: retained for a reasonable period to resolve issues.
Deletion and anonymization: after retention periods expire we securely delete or irreversibly anonymize data. Users may request deletion subject to legal or operational constraints.

Data Subject Rights and Request Procedure

Rights available: access, correction, portability where applicable, deletion, restriction of processing, objection to processing, withdraw consent, and lodge a grievance.
How to submit a request: email hi@ramblersindia.com with subject line Data Subject Request and include proof of identity.
Verification: we may request reasonable information to verify identity before fulfilling requests.
Response timeline: we will acknowledge requests within 7 days and respond substantively within 30 days, or as required by applicable law.
Exceptions: we may refuse or limit requests where permitted by law (for example to preserve records for legal obligations).

Automated Decision Making and Profiling

Use of automation: we may use automated tools for analytics and personalized marketing.
Human review: we do not use fully automated decision-making that produces legal or similarly significant effects without human review.
Right to object: you may object to profiling-based marketing and request human review where applicable.

Special Processing Scenarios

Corporate events

Data collected: corporate contact details, attendee registrations, dietary and medical needs, media captured during events.
Use and sharing: used to plan and execute events; shared with vendors and venue partners as necessary.
Credentials for due diligence: corporate clients may request company registration documents; we provide these securely by email to authorized contacts.

Recruitment

Applicant consent: we request consent for interview recordings.
Storage: applicant data retained only as necessary; applicants may request deletion.

Media and testimonials

Consent required: we obtain explicit consent before using photographs, videos, or testimonials in marketing. Consent forms specify scope, duration, and revocation process.

Children and Minors

Age policy: our Services are not directed to children under 18. We do not knowingly collect personal data from minors. If we learn we have collected data from a minor without appropriate consent, we will delete it promptly.

Transparency and Notices at Collection

Point of collection notices: we provide concise notices at booking forms, registration pages, recruitment forms, and media release forms explaining purpose, retention, and contact details.
Sample consent text for forms:
- Booking form: “By completing this booking you consent to Ramblersindia processing your contact and health information to provide the Services and for safety communications. You are automatically subscribed to marketing communications and may opt out anytime.”
- Media release: “I consent to Ramblersindia using my image and testimonial for promotional purposes as described. I may revoke this consent by contacting hi@ramblersindia.com.”

Changes to This Policy

We may update this Policy to reflect changes in law, business practices, or technology. Revised versions will be posted on the Site with a new “Last updated” date. If we make material changes, we will notify users on the Site so you are aware of what information we collect, how we use it, and under what circumstances we disclose it.

Contact Information

Ramblersindia Outdoors OPC Pvt. Ltd. Email: hi@ramblersindia.com Phone: +91 91374 25730

If you have questions, requests, or concerns about this Privacy Policy or your personal data, please contact us at the email above.

Thank you for trusting Ramblersindia with your personal information. We are committed to protecting your privacy as you embark on your next adventure.

This element will not be visible on your live website - it works in the background to help protect your content.

Privacy Policy

Last updated: 10-01-2026

​

Scope

Who this covers: visitors to the Site, registered users, ticket purchasers, event participants, corporate clients, vendors, job applicants, and other individuals whose data we process.

Geographic scope: data processed in India and in jurisdictions where our service providers operate.

Relationship to other notices: this Policy supplements any specific notices, consent forms, waivers, or event-specific privacy statements.

Data Fiduciary and Grievance Officer

Data Fiduciary: Ramblersindia Outdoors (OPC) Pvt. Ltd.

Grievance Officer: Team Ramblers

Grievance email: hi@ramblersindia.com

Acknowledgement timeline: we will acknowledge grievances within 7 days and use best efforts to resolve within 30 days.

Legal Framework

We process personal data in accordance with applicable Indian law, including the Digital Personal Data Protection Act, 2023, the Information Technology Act, 2000, the SPDI Rules, 2011, and other relevant regulations and guidelines.

Categories of Personal Data Collected

Data you provide directly

Identity and contact: name, email, phone number, postal address.

Account credentials: username, hashed password, profile photo.

Booking and payment: booking details, billing address, payment instrument metadata (we do not store full card numbers; payment processors handle card data).

Health and safety: emergency contact, medical conditions, fitness declarations, allergies.

Profile and preferences: adventure interests, skill level, dietary preferences, communication preferences.

Corporate data: company name, corporate contact details.

Recruitment data: resume, certifications, interview notes, references.

Media: photographs, videos, testimonials provided with consent.

Data collected automatically

Technical and usage: IP address, device identifiers, browser type, operating system, pages visited, session timestamps, referrer URL.

Analytics: aggregated usage metrics, crash logs, performance data.

Cookies and tracking: see Cookies section.

Sensitive data

Health-related information provided for safety or medical reasons; processed only where necessary and with appropriate safeguards.

Wix Hosting and Payment Processing

Platform provider: our Site and online store are hosted on the Wix.com platform. Wix provides the infrastructure, data storage, databases, and general applications that enable us to sell products and services. Your data may be stored through Wix’s systems on secure servers behind firewalls.

Payment security: all direct payment gateways offered by Wix and used by us adhere to PCI-DSS standards managed by the PCI Security Standards Council. PCI-DSS helps ensure secure handling of credit card information by our store and its service providers.

Role of Wix: Wix acts as a data processor for hosting and platform services. We also use third-party payment processors and other vendors; these parties process data on our behalf under contractual obligations.

How We Use Personal Data

We use personal data for the following purposes and lawful bases:

Service delivery: process bookings, issue confirmations, manage cancellations and refunds; lawful basis: contract performance.

Safety and emergency response: share health and emergency contact details with medical responders when necessary; lawful basis: vital interests and legitimate interests.

Operational communications: send itinerary changes, safety advisories, and service-critical messages; lawful basis: contract performance and legitimate interests.

Analytics and improvement: analyze usage to improve the Site and Services; lawful basis: legitimate interests.

Fraud prevention and security: detect and prevent fraud, abuse, and security incidents; lawful basis: legitimate interests and legal obligations.

Legal compliance: respond to lawful requests from authorities and retain records for tax and audit; lawful basis: legal obligation.

Recruitment: evaluate candidates and manage hiring; lawful basis: legitimate interests and consent for sensitive checks.

Corporate events: plan and execute events and share logistics with corporate contacts; lawful basis: contract performance.

Marketing Communications and Opt-Out

Default subscription policy: when you create an account, subscribe, or purchase tickets you are automatically subscribed to receive marketing communications such as event announcements, promotions, newsletters, and community updates.

Service messages: transactional and safety messages necessary for bookings and participant safety are sent regardless of marketing preferences.

How to opt out: click the unsubscribe link in marketing emails; update communication preferences in your account settings; or contact hi@ramblersindia.com. Opt-out requests are processed promptly and do not affect service-critical communications.

Profiling and targeted marketing: where we use profiling to personalize offers, you will be informed and given an opt-out option for profiling-based marketing.

Cookies and Tracking Technologies

Cookie categories:

Essential cookies required for login, booking, and security.

Preference cookies to remember language and display settings.

Analytics cookies to measure Site performance and usage.

Marketing cookies to enable personalized promotions and remarketing.

Cookie banner: we display a cookie banner on first visit with options to accept all, reject non-essential cookies, or manage preferences.

Third-party trackers: analytics and advertising providers may set cookies; we list major providers in our cookie table and provide opt-out links where available.

Managing cookies: you can manage cookies via your browser settings and our cookie preference center.

Data Sharing and Third-Party Processors

Who we share with: payment processors, Wix as platform provider, email delivery services, booking platforms, insurance companies, emergency services, venue partners, transportation and catering vendors, analytics providers, legal advisors, and law enforcement when required.

Processor safeguards: we enter into written Data Processing Agreements with third-party processors requiring confidentiality, security measures, and limits on use.

Subprocessors: we maintain a list of subprocessors and will notify customers of material changes where required by law or contract.

No sale policy: we do not sell, rent, or trade personal data to third parties for their own marketing use.

International Transfers

Cross-border processing: data may be processed in India and in other countries where our service providers operate.

Safeguards: transfers are governed by contractual protections, standard contractual clauses, or other lawful mechanisms to ensure adequate protection.

Data Security and Breach Response

Security measures: encryption in transit (TLS/SSL), encryption at rest where feasible, role-based access controls, multi-factor authentication for administrative access, regular security audits, vulnerability scanning, and secure disposal procedures.

Breach notification: in the event of a confirmed data breach, we will notify affected individuals and relevant authorities as required by law, provide details of the incident, mitigation steps, and recommended actions for affected individuals.

Data Retention

Retention principles: we retain personal data only as long as necessary for the purpose collected, to comply with legal obligations, or to resolve disputes.

Typical retention periods:

Booking and payment records: retained for 5 years for tax and audit purposes.

Event media and marketing assets: retained for 3 years by default; extended only with explicit consent.

Recruitment records: retained only as necessary for hiring and statutory obligations.

Support and correspondence: retained for a reasonable period to resolve issues.

Deletion and anonymization: after retention periods expire we securely delete or irreversibly anonymize data. Users may request deletion subject to legal or operational constraints.

Data Subject Rights and Request Procedure

Rights available: access, correction, portability where applicable, deletion, restriction of processing, objection to processing, withdraw consent, and lodge a grievance.

How to submit a request: email hi@ramblersindia.com with subject line Data Subject Request and include proof of identity.