Stop planning, start packing. SyncTrip App is now live!
LEGAL DOCUMENT

Privacy Policy

Effective Date: June 20, 2026  ·  Governs all SyncTrip Platform services

SyncTrip respects your privacy. This Policy explains how we collect, use, share, and protect your personal information in compliance with India's Digital Personal Data Protection Act, 2023 (DPDP Act) and IT (SPDI) Rules, 2011. By using the Platform, you consent to the practices described here.

Contents

1. Information We Collect2. How We Use Your Information3. How We Share Your Information3A. Biometric & Face Verification Data3B. Advertising Technologies (Meta SDK & Conversions API)4. Data Retention5. Your Rights and Choices6. Security7. International Data Transfers8. Children's Privacy9. Updates to This Policy
1

Information We Collect

a. Information You Provide

Account details: Name, email, phone number, profile photo, gender, age (for verification), and activity preferences.
Group & Activity details: Activity type (trips, riders, movies, sports, outings), destinations, dates, group preferences, and itineraries.
Face Verification Data: When accessing group chat, you may be required to submit a selfie for one-time face verification. This image is processed solely to verify your identity against your profile photo. Raw selfie images are deleted within 24 hours of processing. Verification status (pass/fail) may be retained for account integrity purposes.
Communications: Chat messages and shared plans within groups.

b. Automatically Collected

Usage data: Device info (model, OS version, app version), IP address, browser type, pages viewed, and interaction logs.
Advertising identifiers: With your consent, we collect your device's advertising identifier (Apple IDFA on iOS, Google Advertising ID on Android) and limited in-app event data for the purposes described in Sections 2 and 3B. You can disable this at any time via the in-app “Personalized ads & audience matching” toggle in Settings → Privacy, or by denying App Tracking Transparency permission on iOS.
Location data (SyncMaps): If you enable SyncMaps, your real-time location is collected and shared with nearby SyncTrip users on the map. By default, location is shared at approximate precision (~500 meters). You may switch to precise sharing (~150 meters) or hidden mode (not visible to others) at any time within the app. Location is collected only while SyncMaps is active.
Analytics: Interaction logs via tools like Google Analytics.

c. From Third Parties

Login providers: Verification data from login providers (e.g., Google).

d. Subscription & Billing Data

Subscription details: When you purchase SyncTrip Plus we collect the plan selected, billing period, transaction ID, payment method type (e.g., UPI, card type, wallet - but not the full card number or UPI VPA), subscription status, renewal date, and the platform that processed the payment (Razorpay, Apple, or Google).
What we never see: Card numbers, CVVs, and UPI PINs are never seen or stored by SyncTrip. They go directly from your device to the payment processor over a secured channel.

Face verification data constitutes sensitive personal data under the DPDP Act 2023 and IT (SPDI) Rules, 2011. We do not collect other sensitive personal data (e.g., health details) unless voluntarily shared. Payment is handled by our payment processors; we store only billing metadata, never full payment-instrument details.

2

How We Use Your Information

Core services: Group creation and management, activity coordination (trips, riders, movies, sports, outings), chat, and itinerary collaboration.
Face Verification: To verify your identity before enabling chat access within groups, ensuring only profile-verified users can communicate.
SyncMaps & Proximity: To display your approximate or precise location (per your chosen setting) to other nearby SyncTrip users and enable in-person meetups for group activities.
Platform improvement: Analytics, feature development, and performance monitoring.
Communications: Notifications, updates, and support.
Safety: Detect fraud, enforce policies, and protect the community.
Marketing: Optional promotional emails (opt-out available at any time).
Advertising & Audience Matching: With your consent, we use limited identifiers (such as a hashed email address, hashed phone number, and device/advertising identifiers) and in-app activity signals to measure the performance of our advertising, to show you relevant SyncTrip ads on third-party platforms, and to build “lookalike” audiences that help us reach people similar to our existing users. You can withdraw this consent at any time in the app settings or by contacting us, after which we stop using your data for these purposes.
3

How We Share Your Information

With Group Members: When you join or create a group (trips, riders, movies, sports, outings), your profile and relevant activity details are visible to other members of that group.
SyncMaps Visibility: Your location on SyncMaps is visible to nearby SyncTrip users at the precision level you have chosen (hidden, approximate ~500m, or precise ~150m). You control this at all times.
Service Providers: Hosting (e.g., AWS) and analytics providers, all bound by confidentiality obligations.
Payment Processors: Razorpay (Android and web payments), Apple Inc. (iOS in-app purchases), and Google LLC (Play Billing where applicable). These processors receive the minimum data needed to charge your subscription and operate under their own privacy commitments.
Advertising Partners: With your consent, we share limited identifiers (hashed email, hashed phone number, device/advertising identifiers) and in-app event data with advertising platforms — currently Meta Platforms, Inc. (Facebook/Instagram) and Google LLC — solely to measure advertising performance, deliver relevant ads, and create audience segments. Identifiers are hashed before sharing where supported. These platforms process this data under their own terms. We do not share your name, chat content, photos, or precise location with advertising partners, and we do not sell your personal data.
Legal Requirements: When required by law, court order, or to protect rights and safety.
Business Transfers: In case of merger, acquisition, or asset sale, with appropriate notice to users.

We do not sell your personal data.

3A

Biometric & Face Verification DataSENSITIVE DATA

SyncTrip collects facial image data solely for the purpose of verifying your identity before granting chat access within groups. This constitutes sensitive personal data under the DPDP Act 2023 and IT (SPDI) Rules, 2011. We commit to the following: • Raw selfie images are deleted within 24 hours of verification processing. • We do not use facial data for recognition beyond one-time identity verification. • We do not share facial data with any third party. • Verification status (pass/fail) may be retained for account security during your account's lifetime. • You may refuse face verification, but group chat access will be restricted. • You may request deletion of any stored verification data by contacting synctripofficial@gmail.com.

3B

Advertising Technologies (Meta SDK & Conversions API)

To measure our advertising and show you relevant SyncTrip ads, our mobile app integrates the Meta SDK (software provided by Meta Platforms, Inc., operator of Facebook and Instagram). With your consent, this SDK collects and transmits to Meta certain in-app events (such as app installs, sign-ups, and key actions) together with device and advertising identifiers. We also use server-side tracking through Meta's Conversions API (CAPI), which sends the same categories of event data to Meta from our servers, with identifiers such as email and phone number hashed before transmission. Google's equivalent advertising and measurement tools may be used in the same way. This data is used to attribute ad performance, deliver relevant ads, and build "lookalike" audiences — it is not used to share your name, chat content, photos, or precise location. Meta processes this information as an independent controller under its own terms; you can review how Meta handles it in the Meta Privacy Policy. You can turn off personalized advertising and audience matching at any time through the advertising-consent toggle in the app settings or by contacting synctripofficial@gmail.com, after which we stop sending your data for these purposes.

Meta Privacy Policy
4

Data Retention

We retain your data for as long as your account is active or as needed for legal and compliance purposes. • Deleted accounts: Data is anonymized or removed within 30 days (except where required for legal holds or backups). • Face verification images: Deleted within 24 hours of processing. • Verification status: Retained for account integrity for the duration of your account. • Location data: Not stored persistently beyond the active SyncMaps session unless required for dispute resolution. • Billing and tax records: As required by the Companies Act 2013 and the GST Act, transaction records, invoices, and subscription-status history are retained for 8 years from the end of the financial year, even after account deletion. This applies only to billing metadata - not to your profile, chats, or photos, which follow the standard 30-day deletion rule. • Advertising event data shared with Meta and Google is retained by those platforms per their own retention policies. We do not store individual ad-event records ourselves beyond status flags used to prevent duplicate reporting.

5

Your Rights and Choices

Under applicable laws (including the DPDP Act 2023): • Access, correct, or delete your personal data. • Withdraw consent at any time (may limit certain features). • Opt out of marketing communications. • Opt out of personalized advertising and audience matching at any time (in-app settings or by contacting us). • Request data portability. • File complaints with the Data Protection Board of India. • Location precision control: Change your SyncMaps visibility (hidden, approximate, precise) at any time within the app. • Face verification data: Request deletion of stored verification data at any time. Contact synctripofficial@gmail.com to exercise any of these rights. We respond within 30 days.

6

Security

We use industry-standard security measures including encryption in transit and at rest, access controls, and regular security audits. Face verification data is handled with heightened security given its sensitive nature. No system is fully secure. You are responsible for maintaining the security of your device and account credentials. Report any suspected unauthorized access immediately to synctripofficial@gmail.com.

7

International Data Transfers

Data may be processed outside India (e.g., on cloud infrastructure) with appropriate safeguards such as standard contractual clauses, ensuring your data receives equivalent protection.

8

Children's Privacy

SyncTrip is strictly for users aged 18 and above. We do not knowingly collect data from minors. Face verification is used as an additional safeguard. If during verification or through a credible report we determine a user may be a minor, their account will be immediately suspended pending review. If you believe a minor has registered, contact us immediately at synctripofficial@gmail.com.

9

Updates to This Policy

We may update this Policy as our features and legal obligations evolve. Material changes will be notified via email or in-app notification at least 7 days before taking effect. Continued use after changes constitutes acceptance.

Questions about this Policy?

Grievance Officer: Rahul Kaushal, Founder & Grievance Officer, SyncTrip Digital Private Limited.
Contact: synctripofficial@gmail.com  ·  Data Protection Board of India complaints accepted.

synctripofficial@gmail.com