Jatra

Privacy Policy

Effective Date: Jan 31, 2025

CrazyEngineers Technologies Private Limited (“Company,” “we,” “us,” or “our”) operates the Jatra platform (“Service” or “Platform”). This Privacy Policy describes how we collect, use, disclose, and protect your information when you use our Service. Please read it carefully. If you disagree with any part of this policy, do not access or use the Service.

1. Information Collection

1.1 Personal Information

We collect personal information to provide and improve our services. Examples include:

  • Name
  • Email address
  • Social login identifiers (e.g., Google, LinkedIn)
  • Billing information (such as invoices or transaction IDs)
  • Address (if you choose to provide it)

1.2 Payment and Subscription Information

We rely on trusted third-party payment processors (Stripe, LemonSqueezy, Paddle) to handle credit card, debit card, or other electronic payments. For Indian consumers, we also accept direct bank-to-bank transfers. We do not store any payment card details on our servers (including the last four digits or security codes). Our payment processors comply with PCI-DSS standards to ensure secure handling of payment data.

1.3 Non-Personal Information

We collect non-personal information to understand how users interact with our Service. This includes:

  • IP address
  • Device type and browser information
  • Usage patterns and interactions with our Platform
  • Usage data collected through tools like Google Analytics or PostHog
  • Cookies and similar tracking technologies

2. Use of Information

2.1 Use of Personal Information

We use personal information for the following purposes:

  • To operate and maintain our Platform
  • To manage user accounts, subscriptions, and billing
  • To create a better overall product experience

2.2 Marketing and Promotional Purposes

We may use your email address to send marketing communications, such as newsletters, product updates, or special offers. Each marketing email will include an “unsubscribe” link you can click to opt out. If required by law, we will only send these messages with your prior consent.

2.3 Use of Non-Personal Information

We use non-personal information and usage data to analyze how our services are accessed and used. This helps us improve our Platform’s features and performance, troubleshoot issues, and enhance security.

3. Data Sharing and Disclosure

3.1 Sharing with Third Parties

We share your personal information with third parties only in these circumstances:

  • Payment Processors: We work with Stripe, LemonSqueezy, and Paddle for secure payment processing. They follow PCI-DSS standards.
  • Analytics Providers: We use tools like Google Analytics and PostHog to understand user behavior and improve our Platform.
  • Legal Requirements: We may disclose personal information when required by law or in response to lawful requests by public authorities.
  • Business Transfers: If our company is involved in a merger, acquisition, or sale of assets, we may transfer your personal information. We will notify you before your information is transferred and becomes subject to a different Privacy Policy.
  • Protection of Company: We may disclose personal information to protect our rights or property, investigate wrongdoing, or ensure the safety of our users or the public.

4. Data Security

4.1 Security Measures

We take reasonable administrative, technical, and physical precautions to protect your information from unauthorized access or misuse, including:

  • Using HTTPS to secure data transmitted over the internet
  • Storing personal information on secured servers
  • Regularly reviewing and updating our security practices to address new threats

All payment transactions are processed by third parties (Stripe, LemonSqueezy, and Paddle), which comply with PCI-DSS standards. No online transmission or electronic storage is completely secure, so we cannot guarantee absolute security.

5. User Rights

5.1 Access, Update, and Deletion

You have the right to access and update your personal information in your account settings or by contacting us. If you want your data deleted, let us know. We will respond within a reasonable timeframe unless we must keep certain data for legal or operational reasons.

5.2 Restriction and Objection

You have the right to restrict or object to our processing of your personal information in certain cases. Contact us with your request, and we will review it based on applicable laws.

5.3 Additional Rights (EU/EEA or Similar Jurisdictions)

If you reside in the EU/EEA or in a region with similar data protection laws, you may have additional rights, such as:

  • The right to access your personal data
  • The right to rectify inaccuracies in your personal data
  • The right to erase your personal data (right to be forgotten)
  • The right to restrict or object to processing
  • The right to data portability
  • The right to lodge a complaint with a supervisory authority

If you wish to exercise these rights, please contact us using the information provided below.

6. Cookies and Tracking Technologies

6.1 Use of Cookies

We use cookies and similar technologies to track activity on our Platform. Cookies are small data files sent to your device to store data that can help improve your experience. You can disable cookies or set your browser to alert you when cookies are in use. Some features of our Service may not work if you disable cookies entirely.

6.2 Managing Cookie Preferences

You can manage your cookie preferences through your browser settings or our cookie consent banner (if available). Disabling cookies may affect the functionality of our Service, particularly features that require authentication or personalization.

7. Data Retention

7.1 Retention Periods

We keep personal information only as long as needed for the purposes in this Privacy Policy. We also retain data as required by law or to resolve disputes and enforce agreements.

7.2 Data Deletion

When we no longer need your personal information, we delete it securely. If you request deletion, we will handle your request in a reasonable timeframe unless we need to keep it for legal or operational reasons.

8. Children’s Privacy

8.1 Collection from Children

Our Service is not intended for children under 13, or individuals under 18 without parental consent. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently gathered such data, please contact us so we can remove it promptly.

9. International Data Transfers

9.1 Data Transfer Procedures

Your information may be transferred to and processed in countries where data protection laws differ from those in your jurisdiction. Our primary operations are in India. You agree to these transfers by using our Service. We take steps to ensure your data remains protected and aligned with this Privacy Policy, including implementing safeguards like Standard Contractual Clauses (SCCs) where applicable.

10. Changes to the Privacy Policy

10.1 Notification of Changes

We may update this Privacy Policy from time to time. We will post changes here and update the “Effective Date” at the top. You should review this policy periodically to stay informed. Changes become effective once posted on this page.

11. Contact Information

11.1 Privacy Inquiries

Please contact us if you have questions or concerns about this Privacy Policy: