Privacy Policy - MakeMyTrip KSA

1. INTRODUCTION

MakeMyTrip Arabia Travel & Tourism as a responsible data controller and data processer (where applicable), and its subsidiaries and affiliates (hereinafter “MMT”) recognize the importance of privacy of its users and also of maintaining confidentiality of the information provided by its users.

This Privacy Policy provides for the practices for handling and securing user's Personal Information (defined hereunder) by MMT and its subsidiaries and affiliates.

This Privacy Policy is applicable to any person ('User') who purchases, intend to purchase, or inquire about any product(s) or service(s) made available by MMT through any of MMT’s ('Services') customer interface channels including its website, mobile site, mobile app (collectively referred to as the 'Website' or the 'Platform') and other offline channels including call centers and offices (together with the Platform, referred to as 'Sales Channels').

For the purpose of this Privacy Policy, wherever the context so requires "you" or "your" shall mean User and the term "we", "us", "our" shall mean MMT. For the purpose of this Privacy Policy, Personal Data means any data, in whatever source or form, that leads to recognising you as a data subject specifically or makes it possible to identify you as a data subject directly or indirectly.

By using or accessing the Website or other Sales Channels, the User hereby agrees with the terms of this Privacy Policy and the contents herein.

This Privacy Policy does not apply to any website(s), mobile sites and mobile apps of third parties, even if their websites/products are linked to our Website. User should take note that information and privacy practices of MMT’s business partners, advertisers, sponsors or other sites to which MMT provides hyperlink(s), may be materially different from this Privacy Policy. Accordingly, it is recommended that you review the privacy statements and policies of any such third parties with whom they interact.

This Privacy Policy is an integral part of your User Agreement with MMT and all capitalized terms used, but not otherwise defined herein, shall have the respective meanings as ascribed to them in the User Agreement.

2. USAGE OUTSIDE THE GEOGRAPHICAL LIMITS OF KSA

Please note that due to the international nature of our business, we may need to transfer your Personal Data outside of KSA to our affiliates or third parties, including to countries that have not been granted adequacy status by the data protection supervisory authority in KSA and/or which have data protection laws that are different from those that apply in your country of residence. We may transfer your Personal Data to such jurisdictions only where we have implemented appropriate safeguards to ensure that your Personal Data remains protected and secure. This includes the use of approved Standard Contractual Clauses, Binding Corporate Rules and/or other transfer data safeguards in accordance with this Privacy Policy and applicable data protection laws.

Your Personal Data will be primarily stored and processed in India, and such other jurisdictions where a third party engaged by MMT may process the data on MMT’s behalf. The data protection laws in India or such other jurisdictions mentioned above may differ from those of your country of residence.

By using the Sale Channels and our Services, you are providing MMT with your explicit consent to the transfer of your Personal Data outside of your country of residence, to process your Personal Data for the purpose(s) defined in this Privacy Policy.

If you are a European resident with privacy concerns or wish to withdraw your consent for data processing, you may contact us at privacy@go-mmt.com. However, if the processing of your data is essential to provide services, such as booking international holiday packages, we may not be able to confirm or complete your booking. For instance, sharing certain personal details (contact, gender, dietary preferences, medical conditions, etc.) with vendors or hotels is necessary for making proper arrangements during your trip. Withdrawing consent could:

Prevent us from serving you properly, potentially resulting in refusal of booking.
Restrict our ability to service an existing booking, possibly affecting your trip or leading to cancellation.

3. TYPE OF PERSONAL DATA WE COLLECT

The Personal Data, as listed below, is collected for us to be able to provide the Services chosen by you and also to fulfill our obligations towards third parties as per our User Agreement.

MMT collects and processes Personal Data about you when you (i) access and/or use the Website; (ii) use our Services; and/or (iii) interact with us via email or use any Sale Channels.

Additionally, we may collect your Personal Data from third parties, including those involved in your travel arrangements (such as airlines, airport operators, and customs and immigration authorities), as well as service providers contracted by us to deliver services to you.

MMT collects Personal Data directly from you during your registration on the Platform, including (i) personal identification information (such as your name, gender, marital status, religion and age); (ii) contact details (such as your email address, postal addresses, frequent flyer number, telephone number and/or fax numbers); (iii) banking details; and (iv) any other information required for the registration on the Platform (such as information relating to your income, billing information, payment history etc.).

MMT also collects Personal Data collected from you in the course of our relationship with you (when you utilize our Services). The Personal Data collected depends on the nature of the relevant assistance. These include:

booking information (such as information about your travel, Trip ID, PNR details, bookings, co-passengers, travel preferences etc.);
security-related information, including usernames, passwords, email addresses and other details you use to access the Platform;
purchase and payment related information such as records of travel services purchases and prices; invoice records; payment records; payment method; cardholder or account-holder name; payment amount and payment date;
information related to any of your co-passengers or any other traveler(s) for whom you have made a booking using the Platform. In such a case, you confirm and represent that each of the other co-passengers or traveler(s) for whom a booking has been made, has agreed to have the information shared by you disclosed to us and further be shared by us with the relevant service provider(s); and
while MMT generally tries to limit the circumstances where we collect and process sensitive personal data (such as information about race, ethnicity, religion, health, sexuality or biometric information), we may collect some sensitive personal information such as your health information or Covid 19 vaccination status or certificate in case you wish to avail any services that requires us to process the certificate/vaccination status or other such similar information strictly required in order to ensure safety from the spread of communicable diseases as required under the local regulatory requirements. Your biometric information may also be collected during the security clearance process.

MMT may collect Personal Data (i) available in public domain; (ii) obtained from any third party (such as our travel partners); or (iii) obtained from social media channels (such as your name, email address, friend list, profile picture or any other information available by your account settings).

MMT collects Personal Data either created by you or by a third party and which you wish to store on our servers such as image files, documents etc.

Where possible, we indicate which fields are mandatory and which fields are optional. Failure to provide the mandatory Personal Data may have the following consequences: (i) MMT may be unable to process your orders, respond to your inquiries or provide you with certain Services; and (ii) certain features of the Platform may not be available to you, and your overall experience may be less efficient.

MMT collects and processes further Personal Data while you visit, access or use our Platform or contact us for query resolution, including information collected through cookies, pixel tags and other technologies; the type of device you are using; demographic information; I.P. address; the internet service provider; browsing history; device identity; mobile operator; WIFI Connection; service set identifier; aggregated or anonymized information and other information provided by you.

4. PURPOSE AND LEGAL BASIS FOR PROCESSING OF PERSONAL DATA

We need to collect Personal Data in order to provide you with the requested Services.

We will only collect and process Personal Data if we have a legal basis for doing so under applicable data protection or privacy laws. The legal basis will depend on the reason(s) the relevant Personal Data was collected or requires the use of your Personal Data. The legal basis will be (i) for the performance of our agreement with you; (ii) where necessary to comply with a legal obligation; (iii) for our legitimate interests (to operate and improve our business); and/or (iv) with your consent.

If the legal basis of our processing of Personal Data is consent, you may withdraw your consent at any time. In some circumstances, it may mean that we will not be able to provide all or parts of the Services requested. All Services performed before the revocation of your consent will continue to be valid and lawful (no cancellation or refund is possible for such Services).

We have set out below why we process your Personal Data and explain what data we use in each case. MMT ensures that Personal Data will not be subsequently processed in a manner inconsistent with the purposes for which it was collected. If we need to process your Personal Data for an incompatible purpose, then to the extent required by applicable law, we will provide notice to you and seek your consent.

5. WHY WE USE YOUR PERSONAL DATA

The Personal Data collected may be used in the following manner:

A. For the making of a booking

While making a booking, we may use Personal Data, including payment details (such as cardholder name, credit/debit card number (in encrypted form) with expiration date, banking details, wallet details) as shared and allowed to be collected by you. We may also use the information of travellers list as available in or linked with your account. This information is presented to you at the time of making a booking to enable you to complete your bookings expeditiously.

B. We may also use your Personal Data for several reasons including but not limited to:

satisfy your travel arrangements and deliver the Services you requested;
send booking confirmations either via SMS or WhatsApp or any other messaging service;
manage the boarding process;
send status updates and service communications to you;
send any updates or changes to your booking(s);
allow our customer service to contact you, if necessary;
customize the content of our Website;
request for reviews of Services or any other improvements;
send verification message(s) or email(s);
validate/authenticate your account and to prevent any misuse or abuse;
contact you on your birthday/anniversary to offer a special gift or offer;
maintain and improve the Website and tailor the user experience;
protect your information and the Platform;
manage our IT systems i.e., identification and mitigation of fraudulent activity; compliance with applicable law; and improving our Services;
analyze your travel or booking interests and provide promotional, special offers, coupons, etc.;
for management and administrative purposes; and
for various purposes such as fraud detection, offering bookings on credit etc., we at times may verify information of customers on selective basis, including their credit information.

C. For the conduct of surveys:

We value opinions and comments from our Users and frequently conduct surveys, both online and offline. Participation in these surveys is entirely optional. Typically, the information received is aggregated and used to make improvements to the Website, other Sales Channels, the Services and to develop appealing content, features and promotions for members based on the results of the surveys. Identity of the survey participants is anonymous unless otherwise stated in the survey.

D. For marketing promotions, research and programs:

When we have your consent, we will send you marketing (including promotions and reward programs), research and programs communications. Such communications aim to identify your preferences, develop programs and improve your user experience. MMT frequently sponsors promotions to give its Users the opportunity to win great travel and travel related prizes. We will only allow our affiliates and/or third parties to send marketing communications to you when you have consented to receive such communications from them.

Personal Data collected by us for such activities may include contact information and survey questions. We use such Personal Data to notify contest winners and survey information to develop promotions and product improvements.

As a registered User, if you agree to the terms, you will also occasionally receive updates from us about fare sales in your area, special offers, new MMT Services, other noteworthy items (like savings and benefits on airfares, hotel reservations, holiday packages, car rentals and other travel services) and marketing programs.

In addition, you may look forward to receiving periodic marketing emails, newsletters and exclusive promotions offering special deals.

You may decide at any time to revoke your consent for receiving marketing promotions. Each marketing communication sent by email will also have an “unsubscribe” option which will allow you to stop receiving further communications. You can also contact us via at privacy@go-mmt.com. We will continue to send only essential information relating to the Service(s) you have purchased to keep you informed thereon.

6. THIRD PARTY LINKS

The Website may provide links to third party links (including websites or applications of MMT’s service providers, business partners, advertisers and sponsors or other third parties). The scope of this Privacy Policy is limited to the Platform and does not apply to any third-party links you may access through the Platform. MMT is providing these links only for your convenience and does not endorse nor control such links and is not responsible for their respective contents and applicable information and privacy practices. We request you to read their privacy policies prior to disclosing any information. The use of a third-party link by a User shall be done entirely at the User's risk and MMT or its affiliates shall assume no liability or responsibility for the same.

7. HOW LONG DO WE KEEP YOUR PERSONAL DATA?

MMT will retain your Personal Data on its servers for as long as is reasonably necessary to fulfil the purposes for which the information has been collected and is being processed for (including for a period which enables us to handle or respond to any complaints, queries or concerns relating the Service provided).

In some circumstances we may retain your Personal Data for longer periods of time, for instance where we are required to do so in accordance with any legal, regulatory, tax or accounting requirements (including to protect the vital interests of a User).

When your Personal Data is no longer needed to be retained, we will ensure it is either securely deleted or is anonymized.

In case User wishes to delete their account, they can do so using this Link.

8. WITH WHOM YOUR PERSONAL DATA IS SHARED

We may share/disclose your Personal Data internally with our affiliates and/or other third parties to provide you access to products and services offered by them. We adhere to appropriate security measures to protect your Personal Data while we share with them for processing. Further, wherever applicable, we bind these third parties with appropriate agreements and require them to process your Personal Data only for specific purposes along with confidentiality and with appropriate security measures.

A. Customs and immigration authorities:

Your Personal Data may be shared with board control agencies and customs and immigration authorities of any country in a relevant itinerary (including countries of origin and destination, stop-overs and countries you may overfly to your destination).

B. Service Providers and suppliers:

Your Personal Data may be shared with the end service providers like airlines, hotels, bus service providers, cab rental, railways or any other suppliers who are responsible for fulfilling your booking and/or providing the requested Services. You may note that while making a booking with MMT you authorize us to share your Personal Data with the said service providers and suppliers. It is pertinent to note that MMT does not authorize the end service provider to use your Personal Data for any other purpose(s) except as may be for fulfilling their part of the Service. However, how the said service providers/suppliers use the information shared with them is beyond the purview and control of MMT as they process Personal Data as independent data controllers, and hence MMT and/or its affiliates cannot be made accountable for the same. You are therefore advised to review the privacy policies of the respective service provider or supplier whose services you choose to avail before sharing any information with them.

MMT does not sell Personal Data of Users to third parties except sharing of such information with our business/alliance partners or vendors who are engaged by us for providing various referral services and for sharing promotional and other benefits to our customers from time to time based on their booking history with us.

C. Companies in the same group:

In the interests of improving personalization and service efficiency, we may, under controlled and secure circumstances, share your Personal Data with our affiliate or associate entities who need to know or have access to such information in relation to provisioning of Services.

If the assets of MMT are acquired, our customer information may also be transferred to the acquirer depending upon the nature of such acquisition. In addition, as part of business expansion/development/restructuring or for any other reason whatsoever, if we decide to sell/transfer/assign our business, any part thereof, any of our subsidiaries or any business units, then as part of such restructuring exercise customer information including the Personal Data collected herein shall be transferred accordingly.

D. Business partners and third-party vendors:

We may share your Personal Data with our partners such as your name, email, or other identifier. Our partners may also: (i) collect information directly from your device, such as your IP address, device ID, advertising ID, and information about your browser or operating system; (ii) combine user information about you received from MMT with information about you from other sites or Services; and (iii) place or recognize a unique cookie on your browser.

We may also share certain filtered Personal Data to our corporate affiliates or business partners who may contact the customers to offer certain products or services, which may include free or paid products/services, which will enable the customer to have better travel experience or to avail certain benefits specially made for MMT customers. Examples of such partners are entities offering co-branded credit cards, travel insurance, insurance cover against loss of wallet, banking cards or similar sensitive information etc. If you choose to avail any such services offered by our business partners, the services so availed will be governed by the privacy policy of the respective service provider.

MMT may share your Personal Data to third party that MMT may engage to perform certain tasks on its behalf, including but not limited to payment processing, data hosting, and data processing platforms or any other third-party for the purposes of prevention, detection mitigation, and investigation of fraudulent or illegal activities related to our Services or prosecution of criminal offences or the execution of criminal penalties, including safeguarding against and the prevention of threats to public security, compliance with our legal obligations, enforcement of our user agreement, facilitate our marketing and advertising activities.

We use non-identifiable Personal Data of Users in aggregate or anonymized form to build higher quality, more useful online services by performing statistical analysis of the collective characteristics and behaviour of our customers and visitors, and by measuring demographics and interests regarding specific areas of the Platform. We may provide anonymous statistical information based on this data to suppliers, advertisers, affiliates and other current and potential business partners. We may also use such aggregate data to inform these third parties as to the number of people who have seen and clicked on links to their websites. Any Personal Data which we collect and which we may use in an aggregated format is our property. We may use it, in our sole discretion and without any compensation to you, for any legitimate purpose including without limitation the commercial sale thereof to third parties.

Occasionally, MMT will hire a third party for market research, surveys etc. and will provide information to these third parties specifically for use in connection with these projects. The information (including aggregate cookie and tracking information) we provide to such third parties, alliance partners, or vendors are protected by confidentiality agreements and such information is to be used solely for completing the specific project, and in compliance with the applicable regulations.

For various purposes such as fraud detection, offering bookings on credit etc., we at times may verify information of customers on selective basis, including their credit information. Additionally, MMT may share your Personal Data, anonymized and/ or aggregated data to a third party that MMT may engage to perform certain tasks on its behalf, including but not limited to payment processing, data hosting, data processing and assessing credit worthiness for offering bookings on credit.

E. Professional advisors:

We may share your Personal Data with outside professional advisors (such as accountants, auditors, or lawyers), subject to binding contractual obligations of confidentiality.

F. Credit and charge card companies and credit reference agencies

We may share your Personal Data with credit and charge card companies and credit reference agencies and relevant service providers to process payments.

G. Disclosure of information

In addition to the circumstances described above, MMT may disclose User's Personal Data if required to do so:

by law, required by any enforcement authority for investigation, by court order or in reference to any legal process;
to conduct our business;
for regulatory, internal compliance and audit exercise(s);
to secure our systems; or
to enforce or protect our rights or properties of MMT or any or all of its affiliates, associates, employees, directors or officers or when we have reason to believe that disclosing Personal Data of User(s) is necessary to identify, contact or bring legal action against someone who may be causing interference with our rights or properties, whether intentionally or otherwise, or when anyone else could be harmed by such activities.

Such disclosure and storage may take place without your knowledge. In that case, we shall not be liable to you or any third party for any damages howsoever arising from such disclosure and storage.

9. USER GENERATED CONTENT

MMT provides an option to its users to post their experiences by way of reviews, ratings and general poll questions. The customers also have an option of posting questions with regards to a service offered by MMT or post answers to questions raised by other users. MMT may also hire a third party to contact you and gather feedback about your recent booking with MMT. Though the participation in the feedback process is purely optional, you may still receive emails, notifications (app, SMS, WhatsApp or any other messaging service) for you to share your review(s), answer questions posted by other users. The reviews may be written or in a video format. The reviews written or posted may also be visible on other travel or travel related platforms.

The user generated content that MMT collects may be of the following kinds:

Review and Ratings
Question and Answers
Crowd Source Data Collection (poll questions).

Each User who posts review or ratings, Q&A, photographs shall have a profile, which other Users will be able to access. Other Users may be able to view the number of trips, reviews written, questions asked and answered and photographs posted.

10. RIGHTS OF DATA SUBJECT

It is important to us that you understand your rights under the law and how you can exercise them. You may have the following rights under certain circumstances:

right to be informed about the legal basis and the purpose of the collection of your Personal Data (these details are provided through this Privacy Policy);
right to request access to your Personal Data that we hold about you;
right to request your Personal Data from us in a commonly used, clear and machine-readable format, free of charge (please send your request to privacy@go-mmt.com);
right to request corrections to your Personal Data if incorrect, and/or modifications to your Personal Data if incomplete or updates where your Personal Data held by us is out of date. In this instance you may request us to restrict processing of your Personal Data that is incorrect;
right to request destruction of your Personal Data;
right to withdraw your consent you previously gave us to the extent any of your Personal Data is collected based on consent. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal;
right to lodge a complaint with the KSA supervisory authority in respect of our processing activities regarding your Personal Data; and
right to claim compensation for material or moral damage if you are harmed as a result of any violation stipulated under the applicable laws.

The above rights may be limited, for example if fulfilling your request would reveal Personal Data about another person, or if you ask us to delete information which we are required by law or have compelling legitimate interests to keep.

Responses to exercise your rights will be provided within 30 days, and there is no fee for making these requests. If your request is particularly complicated, we may extend the deadline for responding by a further 30 days.

If you have a privacy related request, complaint or have any concerns in the processing your data and wish to withdraw your consent, you may do so by writing to the following email id: privacy@go-mmt.com. We will request some information to identify you, which will only be used to process such request.

11. MEANS OF DESTRUCTION OF DATA

MMT is committed to securely destroying Personal Data when (i) the purposes for which it was collected are fulfilled; (ii) you request destruction; and/or (iii) the relevant retention period ends. The following procedures are implemented:

Personal Data will be deleted from MMT’s systems in a secure manner, ensuring that it cannot be recovered or accessed by unauthorised parties.
Any physical records containing Personal Data will be shredded or otherwise destroyed to prevent unauthorised access.

When you request destruction of Personal Data, we will remove the information that identifies you from the data we hold in our active system. However, a separate and restricted copy of the identifying information will be kept so as long as necessary to meet obligations we have to law enforcement, national authorities and legal proceedings. We may also need to retain certain elements that relate to the contract between you and MMT because we need them for our legal and audit needs.

12. HOW WE PROTECT YOUR PERSONAL DATA?

In order to protect your Personal Data, MMT has put in place industry standard security measures to protect the loss, misuse and/or alteration of Personal Data under our control, including technical and organisational security measures. These include having appropriate confidentiality clauses and data protection and security terms in its arrangements with third parties. We train and require staff who access your Personal Data to comply with our data privacy and security standards. We require our service providers, or other third parties we engage with and to whom we disclose your Personal Data to implement similar confidentiality, data privacy and security standards and measures when they handle, access or process your Personal Data.

We adhere to strict security guidelines for the storage and disclosure of Personal Data, and practice safe disposal or anonymization of Personal Data when no longer needed. We keep our systems updated from time to time to protect your Personal Data against any hacking or virus dissemination.

All payments on the Website are secured. This means all Personal Data you provide is transmitted using TLS (Transport Layer Security) encryption which is a proven coding system that enables your browser automatically to encrypt or scramble data before you send it to us.

However, please be aware that the transmission of information is not completely secure for reasons beyond our control. By using the Platform, you accept the inherent risks of data transmission over the internet and the web world.

Users are responsible for ensuring the protection of login and password records for their account.

We are not responsible for any breach of security occurring on a third-party platform that you may decide to transact with.

13. CONSENT

By providing your Personal Data and accessing our Services, you consent to the collection, use, storage, disclosure and otherwise processing of your information (including sensitive Personal Data) on the Platform in accordance with this Privacy Policy. If you disclose to us any Personal Data relating to other people or make booking on their behalf, you represent that you have the authority to do so and to permit us to use and share the information in accordance with this Privacy Policy.

You, while providing your Personal Data over the Platform or any partner platforms or establishments, consent to us (including our other corporate entities, affiliates, partners, technology partners, marketing channels, business partners and other third parties) to contact you through SMS, instant messaging apps, call and/or e-mail for the purposes specified in this Privacy Policy (except for marketing purposes which requires your express consent).

You have an option to withdraw your consent that you have already provided by writing to us at privacy@go-mmt.com. We will verify such requests before acting on our request. Please note, however, that withdrawal of consent will not be retroactive and will be in accordance with the terms of this Privacy Policy, related terms of use and applicable laws. In the event you withdraw consent given to us under this Privacy Policy, may hamper your access to the Platform or restrict provision of our Services for which we consider such information to be necessary.

For instance, if you want to book any international holiday package in fixed departures (group bookings), then certain Personal Data of yours like contact details, gender, dietary preferences, choice of room with smoking facility, any medical condition which may require specific attention or facility etc. may have to be shared by us with our vendors in each city where you will stay, and they may further process this information for making suitable arrangements for you during the holiday. Such sharing and processing of information may extend to the hotel where you will stay or the tour manager who will be your guide during the travel.

A withdrawal of consent by you for us to process your Personal Data may, if such processing is fundamental to MMT:

severely inhibit our ability to serve you properly and in such case, we may have to refuse the booking altogether, or;
restrict us to service your booking (if a booking is already made) which may further affect your trip or may compel us to cancel your booking.

14. OPTING OUT

We provide all users with the opportunity to opt-out of receiving non-essential (promotional, marketing-related) communications from us on behalf of our partners, and from us in general, after setting up an account. If you do not wish to receive promotional communications from us then please unsubscribe by clicking on the “unsubscribe link” in the email or write to us at privacy@go-mmt.com.

15. ELIGIBILITY TO TRANSACT WITH MMT

You must at least 18 years of age to transact directly with MMT and also to consent to the processing of your personal data. We do not knowingly collect Personal Data from children. If we learn that we have collected Personal Data from a child, we will delete the same from our database at the earliest. If you have shared any Personal Data of children under the age of 18 years, you represent that you have the authority to do so and to permit us to use the information in accordance with this Privacy Policy. If you believe that we may have collected personal information from a child without such authority, please contact us on privacy@go-mmt.com.

16. PERMISSIONS REQUIRED FOR USING OUR MOBILE APPLICATIONS

When the MMT app is installed on your phone or tablet, a list of permissions appears which are needed for the app to function effectively. There is no option to customize the list. The permissions that MMT requires and the data that shall be accessed and its use is as below:

A. Android permissions:

Device & App history: We need your device permission to get information about your device, like OS (operating system) name, OS version, mobile network, hardware model, unique device identifier, preferred language, etc. Basis these inputs, we intend to optimize your travel booking experience, use OS specific capabilities to drive great in-funnel experiences using components of device’s OS, etc.

Identity: This permission enables us to know about details of your account(s) on your mobile device. We use this info to auto-fill your email ID’s and provide a typing free in-funnel experience. It helps us map email ID’s to a particular user to give you the benefit of exclusive travel offers, wallet cash-backs, etc. It also allows facilitating your Facebook and Google+ login.

Location: This permission enables us to give you the benefit of location specific deals and provide you a personalized in-funnel experience. When you launch MakeMyTrip app to make a travel booking, we auto-detect your location so that your nearest airport or city is auto-filled. We also require this permission to recommend you nearest hotels in case you are running late and want to make a quick last minute booking for the nearest hotel. Your options are personalized basis your locations. For international travel, this enables us to determine your time zone and provide information accordingly.

SMS: If you allow us to access your SMS, we read your SMS to autofill or prepopulate ‘OTP’ while making a transaction and to validate your mobile number. This provides you a seamless purchase experience while making a booking and you don’t need to move out of the app to read the SMS and then enter it in the app.

Phone: The app requires access to make phone calls so that you can make phone calls to hotels, airlines and our customer contact centers directly through the app.

Contacts: If you allow us to access your contacts, it enables us to provide a lot of social features to you such as sharing your hotel/ flight/ holidays with your friends, inviting your friends to try our app, send across referral links to your friends, etc. We may also use this information to make recommendations for hotels where your friends have stayed. This information will be stored on our servers and synced from your phone.

Photo/ Media/ Files: The libraries in the app use these permissions to allow map data to be saved to your phone's external storage, like SD cards. By saving map data locally, your phone doesn't need to re-download the same map data every time you use the app. This provides you a seamless Map based Hotel selection experience, even on low bandwidth network.

Wi-Fi connection information: When you allow us the permission to detect your Wi-Fi connection, we optimize your experience such as more detailing on maps, better image loading, more hotel/ flights/ package options to choose from, etc.

Device ID & Call information: This permission is used to detect your Android ID through which we can uniquely identify users. It also lets us know your contact details using which we pre-populate specific fields to ensure a seamless booking experience.

Calendar: This permission enables us to put your travel plan on your calendar.

B. IOS Permissions:

Notifications: If you opt in for notifications, it enables us to send across exclusive deals, promotional offers, travel related updates, etc. on your device. If you do not opt for this, updates for your travel like PNR status, booking confirmation, refund (in case of cancellation), etc. will be sent through SMS.

Contacts: If you opt in for contacts permission, it enables us to provide a lot of social features to you such as sharing your hotel/ flight/ holidays with your friends, inviting your friends to try our app, send across referral links to your friends, etc. We will also use this information to make recommendations for hotels where your friends have stayed. This information will be stored on our servers and synced from your phone.

Location: This permission enables us to give you the benefit of location specific deals and provide you a personalized in-funnel experience. When you launch our app to make a travel booking, we auto-detect your location so that your nearest Airport or City is auto-filled. We require this permission to recommend your nearest hotels in case you are running late and want to make a quick last minute booking for the nearest hotel. Your options are personalized basis your locations. For international travel, this enables us to determine your time zone and provide information accordingly.

17. COOKIES AND SESSION DATA

A. Cookies:

Cookies are small pieces of information that are stored by your browser on your device's hard drive, that collect information about your interaction with the Platform and the internet. This information allows us to serve you better and more efficiently by (i) personalizing your experience on the Platform and the advertisements that maybe displayed; (ii) allowing ease of access, by logging you in without having to type your login name each time (only your password is needed); (iii) displaying advertisement(s) to you while you are on the Platform or to send you offers or similar emails (provided you have not opted out of receiving such emails) focusing on destinations which may be of your interest.

A cookie may also be placed by our advertising servers or third-party advertising companies. Such cookies are used for purposes of tracking the effectiveness of advertising served by us on any website, and also to use aggregated statistics about your visits to the Platform. The third-party advertising companies or advertisement providers may also employ technology that is used to measure the effectiveness of the advertisements. Such cookies information is anonymous collected through the use of a pixel tag, which is an industry standard technology and is used by all major websites. They may use this anonymous information about your visits to the Platform in order to provide advertisements about Services of potential interest to you. No Personal Data is collected during this process. The information so collected during this process is anonymous and does not link online actions to a User.

Most web browsers automatically accept cookies. By changing the options on your web browser or using certain software programs, you can control how and whether cookies will be accepted by your browser. MMT supports your right to block any unwanted Internet activity, especially that of unscrupulous websites. However, blocking MMT cookies may disable certain features on the Platform and may hinder an otherwise seamless experience to purchase or use certain Services available on the Platform.

B. Automatic Logging of Session Data:

Each time you access the MMT Website your session data gets logged. Session data may consist of various aspects like the IP address, operating system and type of browser software being used and the activities conducted by the User while on the Website. We collect session data because it helps us analyse User’s choices, browsing pattern including the frequency of visits and duration for which a User is logged on. It also helps us diagnose problems with our servers and lets us better administer our systems. The aforesaid information cannot identify any User personally. However, it may be possible to determine a User's Internet Service Provider (ISP), and the approximate geographic location of User's point of connectivity through the above session data.

18. CHANGES TO THE PRIVACY POLICY

Please check our Privacy Policy periodically for changes. We will notify you of changes to this Privacy Policy by publishing the updated version on https://www.makemytrip.global/sa/eng/privacy_policy.html (with the last date of update on the bottom of the page) and/or by sending you an email (as required by applicable law). Your continued access to or use of any of the Services shall be deemed your acceptance of the Privacy Policy.

19. CONTACT US

If you have questions about this Privacy Policy notice or wish to contact us for any reason in relation to our personal data processing, please contact us at privacy@go-mmt.com. In case of legal queries and concerns about your personal data please write to us at dpo@go-mmt.com.

Last updated: May 2025

Introduction:

MakeMyTrip Travel & Tourism LLC(hereinafter referred as ‘MMT’ or ‘the Company’ or ‘we’) is committed to our client’s privacy and security and to taking steps designed to secure your personal and financial information. We believe your private details should be kept just that and when you share personal information with us, we will make all reasonable endeavours to keep your details secure and private. We are committed to ensuring that your personal information is protected.

This document describes how we use and process your personal data, provided in a readable and transparent manner. It also tells you what rights you can exercise in relation to your personal data and how you can contact us. Please also read our Cookie Statement, which tells you how MMT uses cookies and other similar tracking technologies.

The processing of personal data when using the Services

MMT collects and uses information you provide to us. When you make a reservation, you are (at a minimum) asked for your name and email address.

Depending on the reservation, we may also ask for your home address, telephone number, payment information, date of birth, current location (in the case of on-demand services), the names of the people travelling/staying with you and any preferences you might have for your trip/stay (such as dietary or accessibility requirements). In some cases, you may also be able to check-in online with the Booking agency, for which we will ask you to share passport information or a driving license and signatures.

If you need to contact our customer service team, contact your booking agency through us, or reach out to us in a different way (such as social media or via a chatbot) we’ll collect information from you there, too. This applies whether you are contacting us with feedback or asking for help using our services.

You might also be invited to write reviews to help inform others about the experiences you had on your trip/stay. When you write a review on the MMT platform, we’ll collect any information you’ve included, along with your display name.

If you create a user account, we’ll also store your personal settings, uploaded photos, and reviews of previous bookings. This saved data can be used to help you plan and manage future reservations or benefit from other features only available to account holders (such as incentives or other benefits).

Personal data you give us about others

Of course, you might not simply be making a reservation for yourself. You might be taking a trip/stay with other people or making a reservation on someone else’s behalf. In both those scenarios, you will provide their details as part of the reservation.

If you have a MMT for Business account, you can keep an address book there to make it easier to plan and manage business travel/stay arrangements for others.

In some cases, you might use MMT to share information with others. This can take the form of sharing a Wishlist, taking part in a travel community or participating in a referral program, as described when you use the relevant feature.

At this point, we have to make it clear that it’s your responsibility to ensure that the person or people you have provided personal data about are aware that you’ve done so, and that they have understood and accepted how MMT uses their information (as described in this Privacy Policy).

Personal data we collect automatically.

Whether or not you end up making a reservation, when you visit our websites or apps, we automatically collect certain information. This includes your IP address, the date and time you accessed our services, and information about your computer’s hardware and software (such as the operating system, the internet browser used, software/application version data and your language settings). We also collect information about clicks and which pages have been shown to you.

If you’re using a mobile device, we collect data that identifies the device, as well as data about your device-specific settings and characteristics, app crashes and other system activity. When you make a booking arrangement using this kind of device, our system registers how you made your reservation (on which website), and/or which site you came from when you entered the MMT website or app.

Personal data we receive from other sources.

It’s not just the things you tell us, though – we may also receive information about you from other sources. These include business partners, such as affiliate partners, subsidiaries of the MMT corporate group, other companies in the MakeMyTrip (India) Private Limited. corporate group and other independent third parties.

Anything we receive from these partners may be combined with information provided by you. For example, MMT Reservation services are not only made available via MMT and the MMT apps but are also integrated into services of affiliate partners you can find online. When you use any of these services, you provide the reservation details to our business partners who then forward your details to us.

We also integrate with third party service providers to facilitate payments between you and booking agencies. These service providers share payment information so we can administer and manage your Booking arrangement, making sure everything goes as smoothly as possible for you.

Additionally, we collect information in the regrettable case that we receive a complaint about you from a Booking agency, for example in the case of misconduct.

Another way we might receive data about you, is through the communication services integrated into our platforms. These communication services offer you a way to contact the booking agency you’ve booked with to discuss your stay. In some cases, we receive metadata about these communication activities (such as who you are, where you called from, and the date and length of the call).

Why do we collect and use your personal data?

We use the information collected about you for a variety of purposes. Your personal data may be used in the following ways:

Booking Arrangement: First and foremost, we use your personal data to complete and administer your online booking arrangement– which is essential for us to provide this service for you. This includes sending you communications that relate to your booking arrangement, such as confirmations, modifications, and reminders. In some cases, this may also include processing your personal data to enable online check-in with the booking agency or processing personal data in relation to damage deposits.
Customer service: We provide international customer service from our local offices in more than twenty languages, and we’re here to help 24 hours a day, 7 days a week. Sharing relevant details, such as reservation information or information about your user account with our global customer service staff allows us to respond when you need us. This includes helping you to contact the right booking agency and responding to any questions you might have about your booking arrangement (or any other queries, for that matter).
Account facilities: MMT users can create an account on our website or apps. We use the information you give us to administer this account, allowing you to do several useful things. You can manage your booking arrangements, take advantage of unique offers, make future booking arrangements easily and manage your personal settings.

Managing personal settings gives you the ability to keep and share lists, share photos, easily see trip/stay Services you’ve searched for and check travel-related information you’ve provided. You can also see any reviews you’ve written.

If you want to, you can share certain information as part of your user account, by creating a public profile under your own first name or a screen name you choose.

If you’re a MMT for Business account holder, you can also save contact details under that account, manage business reservations and link other account holders to the same MMT for Business account.

Online groups: We give account holders the chance to connect and interact with each other through online groups or forums, such as travel communities.

Marketing activities: We use your information for marketing activities. These activities include:

Using your contact information to send you regular news about travel-related products and services. You can unsubscribe from email marketing communications quickly, easily and at any time. All you need to do is click on the ‘Unsubscribe’ link included in each newsletter or other communication.
Based on your information, individualised offers might be shown to you on the MMT website, in mobile apps or on third-party websites/apps (including social media sites) and the content of the site displayed to you might be personalised. These could be offers that you can book directly on the MMT website, on co-branded sites, or other third-party offers or products we think you might find interesting.
When you participate in other promotional activities (such as sweepstakes, referral programmes or competitions), only relevant information will be used to administer these promotions.

Communicating with you: There might be other times when we get in touch, including by email, by chatbot, by post, by phone or by texting you. Which method we choose depends on the contact information you’ve previously shared.

We process the communications you send to us. There could be several reasons for this, including:

Responding to and handling any requests you or your booking agency have made. MMT also offers customers and booking agencies several ways to exchange information, requests, and comments about Booking agencies and existing booking arrangements via MMT.

Providing the best price applicable to you, depending on where you are based: When you search our apps or website, for example to find an accommodation, a rental car, or a flight, we process your IP address to confirm whether you are in the European Economic Area (EEA) or in another country. We do this to offer you the best price for the region (EEA) or country (non-EEA) where you are based.
Customer reviews and other destination-related information: During and after your trip/stay, we might invite you to submit a review. We can also make it possible for the people you’re travelling/staying with or whom you’ve booked a reservation for to do this instead. This invite asks for information about the booking agency or the destination.
Call monitoring: When you make calls to our customer service team, MMT uses an automated telephone number detection system to match your telephone number to your existing reservations. This can help save time for both you and our customer service staff. However, our customer service staff may still ask for authentication, which helps to keep your reservation details confidential.

During calls with our customer service team, live listening might be carried out or calls might be recorded for quality control and training purposes. This includes the usage of the recordings for the handling of complaints, legal claims and for fraud detection.
We do not record all calls. In the case that a call is recorded, each recording is kept for a limited amount of time before being automatically deleted. This is unless we have determined that it’s necessary to keep the recording for fraud investigation or legal purposes. You can read more about this below.
Promotion of a safe and trustworthy service: To create a trustworthy environment for you, the people you bring with you on your trip/stay, MMT’s business partners and our booking agencies, we continuously analyse and use certain personal data to detect and prevent fraud and other illegal or unwanted activities.
Legal purposes: Finally, in certain cases, we may need to use your information to handle and resolve legal claims and disputes, for regulatory investigations and compliance, to enforce the MMT online reservation service terms of use or to comply with lawful requests from law enforcement.

Data sharing with third parties

In certain circumstances, we’ll share your personal data with third parties. These third parties include:

The booking agency you booked: To complete your booking arrangement, we transfer relevant reservation details to the booking agency you have booked. This is one of the most essential things we do for you.

Depending on the booking arrangement and the Booking agency, the details we share can include your name, contact and payment details, the names of the people accompanying you and any other information or preferences you specified when you made your booking arrangement.

In certain cases, we also provide some additional historical information about you to the Booking agency. This includes whether you’ve already booked with them in the past, the number of completed bookings you’ve made with MMT, a confirmation that no misconduct has been reported about you, the percentage of bookings you’ve cancelled in the past or whether you’ve given reviews about past bookings.

If you have a query about your trip/stay, we may contact the booking agency to handle your request. Unless payment is made during the booking process, via the MMT website, we will forward your credit card details to the booking agency for further handling (assuming you’ve provided us with those details).

In cases of Booking arrangement-related claims or disputes, we may provide the booking agency with your contact details and other information about the booking process, as needed to resolve the situation. This can include, but might not be limited to, your email address and a copy of your reservation confirmation as proof that a booking arrangement was made or to confirm reasons for cancellation.

For completeness, booking agencies will further process your personal data outside of the control of MMT. Booking agencies may also ask for additional personal data, for instance to provide additional services, or to comply with local restrictions. If available, please read the Privacy Statement of the booking agency to understand how they process your personal data.

Connectivity Providers: Please note that certain booking agencies may need us to share your personal data with a contracted Connectivity Provider to be able to finalise and administer your reservation. Connectivity providers act on behalf of booking agencies and help them to manage their reservations.
Your local MMT office: To support the use of MMT services, your details may be shared with subsidiaries of the MMT corporate group, including for customer service.
Third-party service providers: We use service providers from outside of the MMT corporate group to support us in providing our services. These include:

Customer support
Market research
Fraud detection and prevention (including anti-fraud screening)
Insurance claims
Payment

We use third parties to process payments, handle chargebacks or provide billing collection services. When a chargeback is requested for your booking arrangement, either by you or by the holder of the credit card used to make your reservation, we need to share certain reservation details with the payment service provider and the relevant financial institution so they can handle the chargeback. This may also include a copy of your reservation confirmation, or the IP address used to make your reservation. We may share information with relevant financial institutions if we consider it strictly necessary for fraud detection and prevention purposes.

Marketing services: We share personal data with advertising partners, including your email address, as part of marketing MMT services via third parties (to ensure that relevant advertisements are shown to the right audience). We use techniques such as hashing to enable the matching of your email address with an existing customer database, so that your email address cannot be used for other purposes. For information on other personalised advertisements and your choices, please read our cookie policy.
Advertising partners: We use advertising partners, such as metasearch providers, to allow you to compare our offers with offers from other Online Travel Agencies (OTAs). When you make a reservation on MMT after using an advertising partner, we will send the details of the reservation that you made on MMT to that partner.

Advertisers from Third Parties and Links to Other Websites: The MMT Services may have ads from third parties and links to other websites and apps. Advertising partners from outside our site may get information about you when you use their services, ads, and content.
Use of Third-Party Advertising Services: We give ad companies information that helps them show you more useful and relevant ads and figure out how well they're doing. When we do this, we never give out your name or any other information that could be used to find you. We instead use an advertising identifier like a cookie, a device identifier, or a code that we get from encrypting other information, like an email address, in a way that can't be reversed. Even though we don't tell ad companies exactly what you searched for, we may give them an advertising identifier and an idea of how much the ads they show you are worth so they can show you more appropriate and effective ads. You may also see ads from other advertisers that are more useful to you from some ad companies.

Competent authorities: We disclose personal data to law enforcement to the extent that it is required by law or is strictly necessary for the prevention, detection or prosecution of criminal acts and fraud, or if we are otherwise legally obliged to do so. We may need to further disclose personal data to competent authorities to protect and defend our rights or properties, or the rights and properties of our business partners.
Business partners: We work with many business partners around the world. These business partners distribute and advertise MMT services, including the services and products of our booking agencies. When you make a reservation on one of our business partners’ websites or apps, certain personal data that you give them, such as your name and email address, your address, payment details and other relevant information, will be forwarded to us to finalise and manage your booking arrangement. If customer service is provided by the business partner, MMT will share relevant reservation details with them (as and when needed) to provide you with appropriate and efficient support.

When you make a reservation through one of our business partners’ websites, the business partners can receive certain parts of your personal data related to the specific reservation and your interactions on these partner websites. This is for their commercial purposes. When you make a reservation on a business partners’ website, please also take the time to read their privacy notice if you’d like to understand how they process your personal data.

For fraud detection and prevention purposes, we may also exchange information about our users with business partners – but only when strictly necessary If an insurance claim is made, concerning you and a Booking agency, we may provide the necessary data (including personal data) to the insurance company for further processing.

Partner Offer: We may present you with a ‘Partner Offer. When you book a stay marked ‘Partner Offer,’ your reservation will be facilitated by a booking agency who is separate from the accommodation you’re booking. As part of the reservation process, we’ll need to share some relevant personal data with this business partner. If you book a Partner Offer, please review the information provided in the booking process or check your reservation confirmation for more information about the booking agency and how your personal data will be further processed by them.

MMT is a global business. The data that we collect from you, as described in this Privacy Statement, could be made accessible from, transferred to, or stored in countries which may not have the same data protection laws as the country in which you initially provided the information. In such cases, we will protect your data as described in this Privacy Statement.

This may also be applicable if you are in the European Economic Area (EEA). Countries your data may be transferred to may not have laws that provide the same level of protection for your personal data as laws within the EEA. Where this is the case, we will put appropriate safeguards in place to make sure that these transfers comply with European privacy law.

When your data is transferred to third-party service providers, we establish and implement appropriate contractual, organisational, and technical measures with them. This is done by putting in place Standard Contractual Clauses as approved by the European Commission, by examining the countries to which the data may be transferred, and by imposing specific technical and organisational security measures.

In certain specific cases, we transfer your data outside the EEA because it is in your interest or is necessary to conclude or perform the contract, we have with you. For instance, when you make a reservation on MMT or through a business partner, we might need to transfer your data to a booking agency or business partner who is located outside the EEA.

How is personal data shared within the MMT corporate group?

We may receive personal data about you from other companies in the MakeMyTrip (India) Private Limited. corporate group, or share your personal data with them, for the following purposes:

To provide services (including to make, administer and manage reservations or handle payments);
To provide customer service;
To detect, prevent and investigate fraudulent, other illegal activities and data breaches;
For analytical and product improvement purposes;
To provide personalised offers or send you marketing with your consent or as otherwise permitted by applicable law;
For hosting, technical support, overall maintenance and maintaining security of such shared data;
To ensure compliance with applicable laws;

As applicable and unless indicated otherwise, for purposes A to F, MMT relies on its legitimate interests to share and receive personal data. For purpose G, MMT relies, where applicable, on compliance with legal obligations (such as lawful law enforcement requests).

How is your personal data shared and further processed for insurance services?

When offering insurance, MMT may have to use and share personal data that is relevant to the insurance product. This data relates to you as a potential or actual policyholder, the beneficiaries under a policy, family members, claimants and other parties involved in a claim:

To provide offers, arrange insurance cover and handle insurance claims, some personal data, provided to us during the booking process, (‘General Order Data’) may have to be shared with MMT. You may also be asked to provide additional information, such as names of family members or other beneficiaries or details about a claim (‘Insurance-Specific Data’).
If you make a claim under an insurance policy, this claim may be directly handled by the insurer. This means that you may be asked to provide personal data to submit the claim directly to them. The insurer will inform you accordingly at the point of collection of your information. When your claim is handled by the insurer, MMT may receive information about the status of your claim to provide you with customer support services.

How does MMT process communications that you and your booked agency may send via MMT?

MMT can offer you and booking agencies several ways to communicate about the trip/stay Services and existing booking arrangements, directing the communications via MMT. This also allows you and your booking agency to contact MMT with questions about your booking arrangement through the website, our apps, and the other channels that we make available.

MMT accesses communications and may use automated systems to review, scan, and analyse communications for the following reasons:

Security purposes;
Fraud prevention;
Compliance with legal and regulatory requirements;
Investigations of potential misconduct;
Product development and improvement;
Research;
Customer engagement (including to provide you with information and offers that we believe may be of interest to you)
Customer or technical support

We reserve the right to review or block the delivery of communications that we, in our sole discretion, believe might contain malicious content or spam, or pose a risk to you, booking agencies, MMT or others.

All communications sent or received using MMT communication tools will be received and stored by MMT. Booking agencies and Business partners you’ve booked a booking arrangement through might also choose to communicate with you directly by email or through other channels that MMT does not control.

How does MMT make use of social media?

At MMT, we use social media in separate ways. We use it to facilitate the use of online reservation services, but also to promote our booking agencies’ travel-related products and services and to advertise, improve and facilitate our own services.

Note that the use of social media features can result in the exchange of personal data between MMT and the social media service provider, as we describe below. You are free not to use any of the social media features available to you.

Sign in with your social media account. We offer you the opportunity to sign in to a MMT user account with one of your social media accounts. We do this to reduce the need for you to remember different usernames and passwords for different online services. After you’ve signed in once, you’ll be able to use your social media account to sign into your MMT account. You can decouple your MMT user account from your chosen social media account any time you want to.
Integration of social media plugins. We have also integrated social media plugins into the MMT website and apps. This means that when you click or tap on one of the buttons (such as Facebook’s ‘Like’ button), certain information is shared with these social media providers. If you’re logged into your social media account when you click or tap one of these buttons, your social media provider may relate this information to your social media account. Depending on your settings, they might also display these actions on your social media profile, to be seen by others in your network.
Other social media services and features. We may integrate other social media services (like social media messaging) for you to interact with MMT or with your contacts about our services. We may maintain social media accounts and offer apps on several social media sites. Whenever you connect with MMT through social media, your social media service provider may allow you to share information with us.

If you choose to share, your social media provider will inform you about which information will be shared. For example, when you sign into a MMT user account using your social media account, certain information from that account may be shared with MMT. This includes your email address, your age, and the profile pictures you’ve saved – depending on what you authorise in your social media account.

When you register with a MMT social media app or connect to a social media messaging service without a MMT user account, the information you choose to share with us may include the basic information available in your social media profile (including your email address, status updates and a list of your contacts).

We’ll use this information to help provide you with the service you requested – for example, to forward a message you want to send to your contacts, or to create a personalised user experience in the app or on our websites. It means that if you want us to, we can tailor our services to suit your needs, connecting you and your friends with the best travel destinations and analysing and improving our travel-related services.

Your social media provider will be able to tell you more about how they use and process your data when you connect to MMT through them. This can include combining the personal data they collect when you use MMT through them with information they collect when you use other online platforms you have also linked to your social media account.

If you decide to connect using your Facebook or Google account, please review the following links for information about how these parties use data they receive: Facebook and Google.

What security and retention procedures does MMT put in place to safeguard your personal data?

We have procedures in place to prevent unauthorised access to, and the misuse of, personal data.

We use appropriate business systems and procedures to protect and safeguard the personal data you give us. We also use security procedures and technical and physical restrictions for accessing and using the personal data on our servers. Only authorised personnel are permitted to access personal data in the course of their work.

We’ll keep your personal data for as long as is necessary to enable you to use our services or to provide our services to you (including maintaining any MMT user accounts you may have), to comply with applicable laws, resolve any disputes and otherwise to allow us to conduct our business, including to detect and prevent fraud and/or other illegal activities. All personal data we keep about you as a MMT customer is covered by this Privacy Statement.

For added protection, we strongly recommend that you set up two-factor authentication for your MMT user account. This adds an extra authentication step, to make sure that anyone who gets hold of your username and password (e.g., through phishing or social engineering) won’t be able to get into your account. You can set this up in the Security section of your account settings.

How does MMT treat personal data belonging to children?

Our services aren’t intended for children under 16 years old, and we’ll never collect their data unless it’s provided by (and with the consent of) a parent or guardian. The limited circumstances we might need to collect the personal data of children under 16 years old include: as part of a reservation, the purchase of other travel-related services, or in other exceptional circumstances (such as features addressed to families). Again, this will only be used and collected as provided by a parent or guardian and with their consent.

If we become aware that we’ve processed the information of a child under 16 years old without the valid consent of a parent or guardian, we will delete it.

Your rights

You have the following rights with respect to your personal data:

General rights

You have the right to information, access, correction, deletion, restriction of processing, objection to processing, and data portability. If processing is based on your consent, you have the right to revoke it at any time.

Rights to object to processing of data based on legitimate interests

Article 21(1) EU General Data Protection Regulation (EU) 2016/679 (“GDPR”) gives you the right to object at any time for reasons arising out of your particular situation against the processing of personal data relating to you when your data is processed under Article 6(1)(e) or Article 6 (1)(f) GDPR. This also applies to profiling. If you object, we will no longer process your personal data unless we can establish compelling and legitimate grounds for processing that outweigh your interests, rights, and freedoms, or if the processing aids the enforcing, exercising, or defending of legal claims.

Rights to object to direct marketing

If we process your personal data for the purpose of direct marketing Article 21(2) GDPR gives you the right to object at any time to the processing of your personal data for the purpose of direct marketing; this also applies to profiling, as far as it is associated with direct marketing.

If you object to processing for the purpose of direct marketing, we will no longer process your personal data for this purpose.

The Data Rights of the Citizens of California

You may have certain data rights under state privacy laws, such as the ability to request information regarding the manner in which MMT collects your personal information, to obtain your personal information in a portable format, and to have your personal information amended or deleted.

Additionally, you may have the right to opt out of the processing of your personal data for targeted advertising, by managing your browser settings or by contacting us at dpo@makemytrip.com.

Consent is required for customers under the age of 16 to be exposed to cross-context behavioural advertising. We do not serve cross-context behavioural ads in customers' child profiles.

If we deny a data request, you to appeal the denial of any of these rights by completing a form that we will furnish you with. Depending on the data options selected, specific services might be restricted or inaccessible. We will typically request that you authenticate your request using the contact information you have already provided in order to safeguard your MMT account.

No sale of personal information.

Personal information of consumers, as defined by the California Consumer Privacy Rights Act, has not been sold by MMT as of now.

Sensitive Personal Information Disclosure.

MMT gathers and divulges certain types of data for some business purposes which includes "sensitive personal information" but this Sensitive personal information is not utilized or disclosed by MMT for any purpose that is not explicitly authorized by the California Consumer Privacy Rights Act.

Retention Disclosure

In order to facilitate your ongoing utilization of MMT Services, we shall retain your personal information for the duration necessary to fulfil the objectives outlined in this Privacy Notice, in accordance with legal requirements, as otherwise instructed to you.

Non-discrimination Declaration

Any consumer who exercises their rights under the California Consumer Privacy Rights Act will not be subject to discrimination at MMT.

How can you exercise your rights and control the personal data you’ve given to MMT?

We want you to be in control of how your personal data is used by us. You can do this in the following ways:

You can ask us for a copy of the personal data we hold about you,
You can inform us of any changes to your personal data, or you can ask us to correct any of the personal data we hold about you. As explained below, you can make some of these changes yourself, online, when you have a user account,
In certain situations, you can ask us to erase, block, or restrict the processing of the personal data we hold about you, or object to ways in which we are using your personal data,
In certain situations, you can also ask us to send the personal data you have given us to a third party,
Where we are using your personal data based on your consent, you are entitled to withdraw that consent at any time subject to applicable law, and
Where we process your personal data based on legitimate interest or the public interest, you have the right to object to that use of your personal data at any time, subject to applicable law.

We rely on you to make sure that your personal information is complete, accurate and current. Please do let us know about any changes to, or inaccuracies in, your personal information as soon as possible.

If you have a MMT user account, you can access a lot of your personal data through our website or apps. You’ll find the option to add, update or remove information we have about you in your account settings.

Contact by e-mail

When you contact us by e-mail, we will store the data you provide (your e-mail address, possibly your name and telephone number) so we can answer your questions. As far as we use our contact form to request entries that are not required for contacting you, we have always marked these as optional. This information serves to substantiate your inquiry and improve the handling of your request. Your message may be linked to various actions taken by you on the MMT website. Information collected will be solely used to provide you with support relating to your booking and better understand your feedback. A statement of this information is expressly provided on a voluntary basis and with your consent, art. 6 par. 1a GDPR. As far as this concerns information about communication channels (such as your e-mail address or telephone number), you also agree that we may also, where appropriate, contact you via this communication channel to answer your request. You may of course revoke this consent for the future at any time.

We delete the data that arises in this context after saving is no longer required, or limit processing if there are statutory retention requirements.

Use of cookies

Cookies will be stored on your device during the use of our website. Cookies are small text files that are stored on your hard drive assigned to the browser you use, and through which the place where the cookie is set accrues certain information. They serve to make the website more user-friendly and efficient overall. We also use cookies to be able to identify you in subsequent visits.

This website uses the following types of cookies, whose extent and function are explained in the following:

Persistent / Permanent cookies:Persistent cookies helps us recognise you as an existing user, so it’s easier for you to return to our sales channel without signing in again. After signing in, the persistent cookies stay on your browser and will be read when you return to our sales channel. These remain on your computer/device for a pre-defined period.
Session cookies:Session cookies only last for as long as the session exists, (they are erased when the user closes the browser).

Data transmission

When we use service providers who process data outside the EU/EEA, we use appropriate safeguards such as standard data protection clauses adopted by the EU, or an EU adequacy decision to transfer and process your personal data outside of the EU.

Data security

We have taken extensive technical and operational security precautions to protect your data from being accidentally or intentionally manipulated, lost, destroyed, or accessed by unauthorized persons. Our security measures are reviewed regularly and updated in keeping with technological advances.

Data Storage

We retain your personal data for as long as it is required for you to use our Services, to provide our Services to you, to comply with laws. We will anonymise and/or aggregate your data if we intend to use it for analytical statistical purposes over longer periods.

Data Retention

We will retain the personal information we collect from you where we have a justifiable business need to do so and/or for as long as is needed to fulfil the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law (such as tax, legal, accounting, or other purposes).

Notice for Individuals Located in Europe

‘If you are in the European Economic Area, United Kingdom and/or Switzerland, the policies in this section are specific to you. They describe how we market to you, our legal bases for processing your information and your rights.’

This section only applies to individuals that access or use our Services while located in the European Economic Area, United Kingdom and/or Switzerland (collectively “Europe”). We may ask you to identify which country you are in when you use some of the Services or we may rely on your IP address to identify in which country you are located. When we rely on your IP address, we cannot apply the terms of this section to any individual that masks or otherwise hides their location information from us so as not to appear located in Europe.

We are a controller regarding any personal information collected from individuals accessing or using our Services. A “controller” is an entity that determines the purposes for which and the way any personal information is processed.

Marketing. We will only contact individuals located in Europe by electronic means (including email or SMS) based on our legitimate interests, as permitted by applicable law or the individual’s consent. When we rely on legitimate interest, we will only send you information about our Services that are like those which were the subject of a previous offer or negotiations of an offer to you. If you do not want us to use your personal information in this way or to disclose your personal information to third parties for marketing purposes. You can object to direct marketing at any time and free of charge. Direct marketing includes any communications to you that are only based on advertising or promoting products and services.
Legal Bases for Processing. Our legal bases for the processing activities identified in this Policy are:
- We rely on our contract with you as our legal basis for processing in relation to the following: to provide and maintain our services, to provide customer support or respond to you, to enforce compliance with our Terms, agreements, or policies, and to share your information with service providers.
- Depending on the specific circumstances, we rely on your consent or legitimate interest in relation to the following processing activities: to send you marketing and promotional emails, to advise you of other services, and to share your information with business partners, sponsors, or within our corporate organization.
- We rely on legitimate interest in relation to the following processing activities: to personalize your experience, for research and development, and when we share your information with board members or volunteers or in relation to business transfers or bankruptcy.

How to contact us

MMT’s Data Protection Officer is responsible for monitoring compliance with relevant legislation in relation to the protection of personal data. Please contact us atdpo@makemytrip.com You can contact us for any concerns or questions about your personal information, those we process or store.

Our cookie statement may also be updated from time to time. If these updates are substantial, particularly relevant to you or impact your data protection rights, we’ll contact you about them. However, we recommend that you visit this page regularly to stay up to date with any other (less substantial or relevant) updates.