Privacy Policy

Last Updated: December 2024

BookOnZaatio ("Company", "We", "Us", "Our") operates an online platform and mobile application that enables users to discover, purchase, and manage tickets for events across India.

We are committed to protecting your privacy and handling your personal data responsibly in compliance with Indian laws, including the IT Act 2000, IT Rules 2011, DPDPA 2023, and applicable consumer protection regulations.

By accessing or using BookOnZaatio, you ("User", "Customer") agree to the practices described in this Privacy Policy.

1. Information We Collect

1.1 Personal Information (PII)

As defined under IT Rules 2011:

Full name
Email address
Phone number
Date of birth (optional)
Location / city
Address (if needed for physical ticket delivery)

1.2 Sensitive Personal Data or Information (SPDI)

(As per IT Rules 2011)

Financial information:

UPI ID
Card details (not stored by us; processed securely by payment gateways)
Payment transaction IDs

We do not store complete payment card numbers or CVV.

1.3 Automatically Collected Data

When you use our platform:

IP address
Device type & OS
Browser type
App version
Cookies & tracking pixels
Session logs & usage behavior
Location (if you grant permission)

1.4 Third-Party Data

Received from:

Payment gateways
Event organizers
Analytics partners (e.g., Google Analytics)

2. How We Use Your Information

2.1 To Facilitate Ticket Purchases

Process payments
Generate and deliver tickets
Send booking confirmations
Enable entry verification (QR codes, ticket validity)

2.2 To Provide Customer Support

Resolve issues
Assist with refunds/cancellations
Respond to queries

2.3 To Improve Our Services

Analytics and performance monitoring
Bug detection and security enhancements
User behavior insights

2.4 To Communicate with You

Event updates
Transactional alerts
Important announcements (cancellations, schedule changes)

2.5 Marketing & Personalization (with consent)

Offers, promotions, event recommendations
Remarketing ads on platforms like Google/Facebook

You may opt out anytime.

2.6 Legal Compliance

Fraud detection
Regulatory reporting
Compliance with law enforcement requests

3. Lawful Basis for Processing (Under DPDPA 2023)

We process data based on:

Consent (account creation, marketing communication)
Performance of contract (fulfilling ticket purchases)
Legal obligation
Legitimate interests (fraud prevention, platform security)

Users may withdraw consent anytime by contacting us.

4. Data Sharing & Third Parties

We may share your data with:

4.1 Event Organizers

To:

Verify bookings
Manage entry
Share event-related updates
Handle refund/cancellation approvals

Organizers receive only the necessary attendee information.

4.2 Payment Gateways

(UPI, Razorpay, Paytm, Stripe, etc.)

Used for secure payment processing.

4.3 Analytics & Technology Partners

(e.g., Google Analytics, Firebase)

Used to analyze performance and usage.

4.4 Government or Law Enforcement

When required under applicable laws.

4.5 Service Providers

For:

Email/SMS delivery
Cloud hosting
Fraud detection
Customer communication

We do not sell your personal data to any third party.

5. Cookies & Tracking Technologies

We use:

Cookies
Web beacons
Pixel tags
App trackers

These help with:

User login
Session continuity
Personalized recommendations
Analytics

You may disable cookies, but some features may not function correctly.

6. Data Storage & Security

We follow Reasonable Security Practices including:

Encryption (data in transit & at rest)
Secure cloud hosting (ISO-certified servers)
Restricted access controls
Regular audits & vulnerability scanning

We comply with ISO/IEC 27001 requirements (industry standard) and IT Rules 2011 guidelines.

7. Data Retention

We retain your data only as long as:

Required to provide services
Required under applicable laws (tax, accounting, compliance)
Necessary for dispute resolution or fraud prevention

Users may request deletion subject to legal limitations.

8. Your Rights (Under Indian Law & DPDPA 2023)

You have the right to:

Access your data
Correct inaccurate information
Withdraw consent
Request deletion (where legally permitted)
Opt-out of marketing communications
Know how your data is processed

Submit requests at:

official@bookonzaatio.in

We will respond within reasonable timelines as per applicable laws.

9. Children's Privacy

BookOnZaatio does not knowingly collect data from individuals below 18 years of age. Users must be adults to purchase tickets.

10. Data Transfer Outside India

If we use cloud servers or processors located outside India, we ensure:

Equivalent security standards
Compliance with DPDPA cross-border rules

11. Third-Party Links

Our platform may contain links to third-party websites. We are not responsible for their privacy practices.

12. Changes to This Policy

We may update this Policy periodically.

Material changes will be communicated via:

Email
App notifications
Website announcement

13. Contact Us

For concerns, complaints, or requests:

official@bookonzaatio.in

BookOnZaatio ("Company", "We", "Us", "Our") operates an online platform and mobile application that enables users to discover, purchase, and manage tickets for events across India.

By accessing or using BookOnZaatio, you ("User", "Customer") agree to the practices described in this Privacy Policy.

1. Information We Collect

1.1 Personal Information (PII)

As defined under IT Rules 2011:

Full name
Email address
Phone number
Date of birth (optional)
Location / city
Address (if needed for physical ticket delivery)

1.2 Sensitive Personal Data or Information (SPDI)

(As per IT Rules 2011)

Financial information:

UPI ID
Card details (not stored by us; processed securely by payment gateways)
Payment transaction IDs

We do not store complete payment card numbers or CVV.

1.3 Automatically Collected Data

When you use our platform:

IP address
Device type & OS
Browser type
App version
Cookies & tracking pixels
Session logs & usage behavior
Location (if you grant permission)

1.4 Third-Party Data

Received from:

Payment gateways
Event organizers
Analytics partners (e.g., Google Analytics)

2. How We Use Your Information

2.1 To Facilitate Ticket Purchases

Process payments
Generate and deliver tickets
Send booking confirmations
Enable entry verification (QR codes, ticket validity)

2.2 To Provide Customer Support

Resolve issues
Assist with refunds/cancellations
Respond to queries

2.3 To Improve Our Services

Analytics and performance monitoring
Bug detection and security enhancements
User behavior insights

2.4 To Communicate with You

Event updates
Transactional alerts
Important announcements (cancellations, schedule changes)

2.5 Marketing & Personalization (with consent)

Offers, promotions, event recommendations
Remarketing ads on platforms like Google/Facebook

You may opt out anytime.

2.6 Legal Compliance

Fraud detection
Regulatory reporting
Compliance with law enforcement requests

3. Lawful Basis for Processing (Under DPDPA 2023)

We process data based on:

Consent (account creation, marketing communication)
Performance of contract (fulfilling ticket purchases)
Legal obligation
Legitimate interests (fraud prevention, platform security)

Users may withdraw consent anytime by contacting us.

4. Data Sharing & Third Parties

We may share your data with:

4.1 Event Organizers

To:

Verify bookings
Manage entry
Share event-related updates
Handle refund/cancellation approvals

Organizers receive only the necessary attendee information.

4.2 Payment Gateways

(UPI, Razorpay, Paytm, Stripe, etc.)

Used for secure payment processing.

4.3 Analytics & Technology Partners

(e.g., Google Analytics, Firebase)

Used to analyze performance and usage.

4.4 Government or Law Enforcement

When required under applicable laws.

4.5 Service Providers

For:

Email/SMS delivery
Cloud hosting
Fraud detection
Customer communication

We do not sell your personal data to any third party.

5. Cookies & Tracking Technologies

We use:

Cookies
Web beacons
Pixel tags
App trackers

These help with:

User login
Session continuity
Personalized recommendations
Analytics

You may disable cookies, but some features may not function correctly.

6. Data Storage & Security

We follow Reasonable Security Practices including:

Encryption (data in transit & at rest)
Secure cloud hosting (ISO-certified servers)
Restricted access controls
Regular audits & vulnerability scanning

We comply with ISO/IEC 27001 requirements (industry standard) and IT Rules 2011 guidelines.

7. Data Retention

We retain your data only as long as:

Required to provide services
Required under applicable laws (tax, accounting, compliance)
Necessary for dispute resolution or fraud prevention

Users may request deletion subject to legal limitations.

8. Your Rights (Under Indian Law & DPDPA 2023)

You have the right to:

Access your data
Correct inaccurate information
Withdraw consent
Request deletion (where legally permitted)
Opt-out of marketing communications
Know how your data is processed

Submit requests at:

official@bookonzaatio.in

We will respond within reasonable timelines as per applicable laws.

9. Children's Privacy

BookOnZaatio does not knowingly collect data from individuals below 18 years of age. Users must be adults to purchase tickets.

10. Data Transfer Outside India

If we use cloud servers or processors located outside India, we ensure:

Equivalent security standards
Compliance with DPDPA cross-border rules

11. Third-Party Links

Our platform may contain links to third-party websites. We are not responsible for their privacy practices.

12. Changes to This Policy

We may update this Policy periodically.

Material changes will be communicated via:

Email
App notifications
Website announcement

13. Contact Us

For concerns, complaints, or requests:

official@bookonzaatio.in