Privacy Policy

Privacy Policy

Welcome to the privacy policy of Zeko (“Company”) which is a SaaS- based guest interactions platform by providing a range of services to users including digital check-in room service orders, housekeeping requests, spa bookings and other related services (“Service”). This privacy policy applies to user who access our website ( or web application (“Platform”) and to users who obtain our Services (“Privacy Policy”).

This Privacy Policy is applicable to Company and is incorporated into and subject to our terms of service (“Terms”) and shall be read harmoniously and in conjunction with the Terms. Unless specifically defined herein, all capitalised terms used herein but not defined in this Privacy Policy shall have the meaning ascribed to them under the Terms.

At Zeko, we are committed to protecting your personal data and respecting your privacy. Please read the following terms of the Policy carefully to understand our practices regarding your personal data and how we will treat it. This policy sets out the basis on which any personal data we collect from you or about you, or that you provide to us, will be processed by us.

This Privacy policy is in compliance with the Information Technology Act, 2000 and the rules, regulations, guidelines and clarifications framed thereunder, including the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (“IT Rules”).

At Zeko, we value your privacy and are committed to protecting it. This Privacy Policy explains how we collect, use, and disclose your personal information when you use our Services or access our Platform.

  1. Definitions – This Privacy Policy seeks to protect the Personal Information and Sensitive Personal Data or Information of the user which is defined thereunder.

As per the IT Rules-

  1. Personal Information: means any information that relates to a natural person, which, either directly or indirectly, in combination with other information available or likely to be available with a body corporate, is capable of identifying such person;
  1. Sensitive personal data or information: Sensitive personal data or information of a person means such personal information which consists of information relating to -
  1. password;
  2. financial information such as Bank account or credit card or debit card or other payment instrument details;
  3. physical, physiological and mental health condition;
  4. sexual orientation;
  5. medical records and history;
  6. Biometric information;
  7. any detail relating to the above clauses as provided to body corporate for providing service; and
  8. any of the information received under above clauses by body corporate for processing, stored or processed under lawful contract or otherwise.

Please note that any information that is freely available or accessible in public domain or furnished under the Right to Information Act, 2005 or any other law for the time being in force will not be regarded as sensitive personal data.

  1. Information we collect - We collect various types of personal information from you when you use our Services or access our Platform. This includes:
  1. Contact information such as name, email address, phone number and address;
  2. Valid Government ID card details;
  3. User preferences and requests;
  4. Device information such as IP address; and
  5. Login ID and password;

We collect this information when you use our Services, make a reservation, or sign up for an account. We may also collect information from third-party sources such as hotels or travel agencies.

Transactional data - This includes payment details and other information regarding payments you make available to us and other details of products and Services you have accessed or used through the Platform. We do not store card details on our servers. Credit and debit card payments are processed by Third Party Service Providers engaged by us, including payment aggregators or gateways on their secure payment server and all card details are fully encrypted and stored by them.

  1. How we use your information – We use your personal information for the following purposes:
  1. Provide and improve our Services;
  2. Process hotel reservations and payments;
  3. Communicate our services with you;
  4. Customize your experience based on your personal information by providing personalised recommendation and offers;
  5. Monitor and analyse usage of our Services;
  6. Conduct data analysis and research to improve our Platform;
  7. Verification of users’ identity and to perform checks to prevent frauds;
  8. Comply with our legal obligations.

We may also use your information to send you promotional or marketing materials, but you can opt-out of receiving these communications at any time.

  1. How do we protect your information - We take reasonable measures to protect your personal data against unauthorized access, disclosure, use, loss, or alteration. This includes:
  1. Using industry-standard security measures such as encryption, firewalls, and secure servers to protect your data;
  2. Conducting regular security audits and risk assessments;
  3. Ensuring authorized personnel access only to personal information of users;
  4. Ensuring our employees and contractors are trained on data protection and security protocols.
  1. Do we share your information - We may share your personal information with third parties in the following circumstances:
  1. With hotels or other service providers to fulfil your reservations or requests;
  2. With payment processors to process payments;
  3. With our affiliates and subsidiaries for business purposes;
  4. With law enforcement or government agencies if required by law or to protect our rights or the rights of others;
  5. With third parties to defend and protect the rights and property of the Company;

We may also share anonymous or aggregated data with third parties for research or marketing purposes.

  1. Data Retention - The information that you provide to us would be stored until you have an account with us or until such time as we are required to provide Services to you or till it is necessary in relation to the purposes for which such data was collected or to store the information to resolve disputes, enforce our agreements, and as required under applicable law. We may also store your data indefinitely until you exercise your right of erasure as provided in Clause 7 below.
  1. Right to Erasure - This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your Personal Information where there’s no compelling reason for us to keep it. Such right of erasure can be exercised by writing to us at [*]. This is not a general right to erasure; there are exceptions, such as when the law requires us to retain certain Personal Information about you or where such retention is required for providing our Services to you, etc.
  1. Users Rights – The users of our Platform and Services will have rights such as:
  1. Access and obtain copy of your personal data that we hold;
  2. Request correction of any incorrect or incomplete personal data;
  3. Object to the processing of your personal data for certain purposes;
  4. Request erasure of your personal data in certain circumstances;
  5. Request restriction of processing of your personal data;
  6. Withdraw your consent for processing your personal data at any time.

Please contact us if you wish to exercise any of these rights.

  1. Links to third party sites and collection of information – Our Platform may link you to other third party platforms (“Third Party Sites”) that may collect your Personal Information including your IP address, browser specification, or operating system. The Company is not in any manner responsible for the security of such information or the privacy practices or content of those Third Party Sites. Additionally, you may also encounter “cookies” or other similar devices on certain pages of the Third Party Sites. Please note that the Platform does not control the use of cookies by these Third Party Sites. These Third Party Sites may have their own privacy policies governing the storage, processing, and retention of your information that you may be subject to. This Privacy Policy does not govern any information provided to, stored on, or used by these Third Party Sites. We recommend that when you enter a Third Party Site, you review the Third Party Site’s privacy policy as it relates to safeguarding of your information.

If you are a Guest, the Third Party Service Providers may require you to comply with certain additional requirements for processing payments including the fulfilment of know-your-customer requirements. This may involve or require you to directly provide such Third Party Service Providers with certain Personal Information as may be required by them for such purpose. Please note that the treatment (including storage, processing and retention) of such additional Personal Information shared by you with such Third Party Service Providers, shall be governed by the privacy policies of such Third Party Service Providers and not this Privacy Policy.

  1. Legal Basis for Processing Data- We rely upon a number of legal bases to enable our processing of your personal data.

  1. Contractual and Pre-Contractual Business Relationships. We process Personal Data for the purpose of entering into business relationships with prospective users and to perform the respective contractual obligations that we have with these users. Activities include:
  1. Legal Compliance. We process Personal Data to verify the identity of our users in order to comply with fraud monitoring, prevention and detection obligations, laws associated with the identification and reporting of illegal and illicit activity, such as "Anti-Money Laundering ("AML") and Know-Your-Customer ("KYC")" obligations, and financial reporting obligations. For example, we may be required to record and verify a user’s identity for the purpose of compliance with legislation intended to prevent money laundering and financial crimes. These obligations are imposed on us by the operation of law, industry standards, and by our financial partners, and may require us to report our compliance to third parties, and to submit to third party verification audits.
  1. Legitimate Business Interests. Where allowed under applicable law, we rely on our legitimate business interests to process Personal Data about you. The following list sets out the business purposes for which we have a legitimate interest in processing your data:
  1. Consent - In certain scenarios, Zeko will process personal data from you only after you have provided your consent for that specific purpose. For example, before sending direct marketing materials to customers and/or potential customers. Such consent can be withdrawn, anytime by you.
  1. Definition and usage of cookies
  1. A "cookie" is a small piece of information that is stored on your device (such as your computer) and which records the way that you use a website so that, when you revisit that website, it allows Company to provide tailored options based on the information that has been collected from your last visit. Cookies can also be used to analyse traffic and, in some cases, for providing you with tailored advertising and marketing.
  1. Users of Company websites accept cookies, when visiting Company website for the first time. However, they are not required to turn on cookies in order to have a functioning website. Only after accepting to turn on the cookies, personal data will be processed. A different option is that the user sets his/her browser to warn him/her with a message for each cookie, only the cookies that have been accepted will be processing personal data. Whilst essential cookies are necessary to run Company websites, the rest are not compulsory and require your consent.
  1. Following are the broad categories of cookies used on our website:
  1. Company has relationships with online advertisers and social media networks. These partners use cookies and similar technologies for marketing purposes and may serve you with targeted advertising about Company services while you are on their website, at our request and only with your consent. You can choose to decline the Third-Party Cookies that enable this type of marketing at any time by not accepting the cookies when visiting Company websites. We encourage you to learn more about how companies use advertising on social media and how to adjust your marketing preferences by checking their privacy statement and opt out options.
  1. How to manage cookies- Our performance, functionality and third-Party cookies are not strictly necessary for our website to work but will provide you with a better browsing experience. You can delete or block these cookies, but if you do this, you may have to manually adjust some preferences every time you visit our website and some features of the site may not work as intended. Most internet browsers are initially set up to automatically accept cookies, however you can decide at any time what type of cookies you want to accept. You can change the settings on your browser to block cookies or to alert you when cookies are being sent to your device.
  1. Changes to the Policy - We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We encourage users to review this policy periodically to stay informed of our privacy practices.
  1. Complaints and Grievance Redressal – Any discrepancies or grievances of the user will be address and resolved by a Grievance officer. The name and contact details of the Grievance officer is as follows –

Manit Deep Prashar