Privacy Policy

Meru Himal

Last updated: 20 January 2026

Meru Himal (“we,” “our,” or “us”) respects your privacy and is committed to protecting personal data collected through our website. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or interact with our services.

1. What Is a Privacy Statement?

A privacy statement explains how an organization collects, processes, stores, and protects personal data of its website visitors and customers. It also outlines the rights individuals have regarding their personal data.
This Privacy Policy applies to all visitors, users, and customers of Meru Himal.

2. When This Privacy Policy Applies

This Privacy Policy applies whenever:

  • You visit our website

  • You submit information through forms (e.g., enquiries, bookings, contact forms)

  • You interact with us via email, phone, or messaging platforms

  • We collect data indirectly through cookies, analytics tools, or embedded services

3. Personal Data We Collect

We may collect the following categories of personal data:

a. Information You Provide Directly

  • Full name

  • Email address

  • Phone number

  • Travel preferences or enquiry details

  • Any information submitted through contact or booking forms

b. Information Collected Automatically

  • IP address

  • Browser type and device information

  • Pages visited and interaction data

  • Date and time of access

c. Cookies and Tracking Technologies

We use cookies and similar technologies for:

  • Website functionality

  • Performance and analytics

  • Improving user experience

Details are provided in our Cookie Policy.

4. Purpose and Legal Basis of Processing

We process personal data for the following purposes:

PurposeLegal Basis
Responding to enquiriesConsent
Managing bookings and travel coordinationContractual necessity
Website analytics and improvementLegitimate interest
Compliance with legal obligationsLegal obligation

Where we rely on legitimate interest, this includes operating, maintaining, and improving our tourism services while respecting user privacy.

 

5. Disclosure of Personal Data

We may share personal data with:

  • Service providers (hosting, analytics, email services)

  • Travel partners, where necessary, to fulfill a booking

  • Legal or regulatory authorities, if required by law

We do not sell personal data.

6. International Data Transfers

Personal data may be processed outside your country of residence, including outside the European Union. Where applicable, we ensure appropriate safeguards such as:

  • Standard Contractual Clauses (SCCs)

  • Adequate data protection agreements

7. Data Security

We implement appropriate technical and organizational measures to protect personal data, including:

  • Secure hosting infrastructure

  • Access controls

  • Encryption where applicable

However, no transmission over the internet is completely secure.

8. Data Retention

We retain personal data only for as long as necessary:

  • Enquiry data: up to 24 months

  • Booking-related data: as required by legal or accounting obligations

  • Analytics data: anonymized or aggregated where possible

9. Automated Decision-Making

Meru Himal does not use automated decision-making or profiling that produces legal or significant effects on users.

10. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access your personal data

  • Rectify inaccurate data

  • Request erasure (“right to be forgotten”)

  • Restrict or object to processing

  • Data portability

  • Withdraw consent at any time

Requests can be sent to the contact details below.

11. Regional Privacy Law Disclosures

a. GDPR (European Union / UK)

We comply with the General Data Protection Regulation (GDPR). EU users may lodge complaints with their local Data Protection Authority.

b. CPRA / CCPA (California)

California residents have rights under the California Privacy Rights Act (CPRA), including:

  • Right to know

  • Right to delete

  • Right to limit sensitive personal information

  • Right to opt out of sharing personal data

Meru Himal honors Global Privacy Control (GPC) signals where applicable.

c. Quebec Bill 64 (Law 25)

Residents of Quebec have enhanced rights, including transparency, consent, and access rights regarding personal data.

d. CTDPA, CPA, UCPA, CDPA, NRS 603A

We comply with applicable US state privacy laws, including:

  • Connecticut Data Privacy Act (CTDPA)

  • Colorado Privacy Act (CPA)

  • Utah Consumer Privacy Act (UCPA)

  • Virginia Consumer Data Protection Act (CDPA)

  • Nevada Revised Statutes (NRS 603A)

12. Accessibility and ADA Compliance

We strive to ensure our website is accessible and usable for all users, including those with disabilities. Where applicable:

  • ARIA labels may be used for accessibility

  • Website content is structured for assistive technologies

13. Contact Information

Data Controller:
Meru Himal

Contact Email: contact@meruhimal.in
Location: India

If required, a Data Protection Officer (DPO) will be appointed in accordance with applicable law.

14. Changes to This Privacy Policy

We may update this Privacy Policy periodically. Updates will be posted on this page with a revised “Last updated” date.

India-Specific Privacy Notice

This section supplements the Privacy Policy of Meru Himal and applies specifically to personal data processed within India or relating to individuals located in India.

1. Applicable Indian Laws

Meru Himal complies with the following Indian data protection and technology laws:

  • Information Technology Act, 2000

  • Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011

  • Digital Personal Data Protection Act, 2023 (DPDP Act), where applicable

Where there is any conflict between international privacy standards and Indian law, Indian law shall prevail for users located in India.

2. Types of Personal Data Collected (India Context)

In accordance with Indian regulations, we may collect and process:

a. Personal Information

  • Name

  • Contact details (email, phone number)

  • Travel enquiry details

b. Sensitive Personal Data (if voluntarily provided)

  • Government-issued ID details (only if required for travel arrangements)

  • Emergency contact information

Note:
We do not collect financial information (credit/debit card details) directly on the website unless explicitly stated.

3. Purpose of Processing (India)

Personal data collected from Indian users is processed for:

  • Responding to travel and pilgrimage enquiries

  • Organising Char Dham Yatra and trekking services

  • Communication regarding bookings and itineraries

  • Legal, accounting, and regulatory compliance

  • Website analytics and service improvement

4. Consent Under Indian Law

Under Indian law, consent:

  • Is obtained through voluntary submission of information

  • May be withdrawn at any time by contacting us

  • Is limited to the specific purpose for which data is collected

By submitting personal data on our website, you consent to its processing in accordance with this Privacy Policy.

5. Data Storage & Security (India)

We follow reasonable security practices as required under Indian law, including:

  • Secure hosting infrastructure

  • Restricted internal access

  • Regular system updates and monitoring

While we take all reasonable measures, absolute security cannot be guaranteed.

6. Data Retention (India)

Personal data of Indian users is retained:

  • Only as long as necessary for service delivery

  • As required under applicable Indian laws

  • Or until consent is withdrawn, unless retention is legally required

7. Data Sharing & Transfers

  • Personal data may be shared with trusted service providers solely for fulfilling travel services.

  • Data may be stored or processed outside India where necessary, subject to reasonable safeguards.

  • Meru Himal does not sell or commercially exploit personal data.

8. Rights of Indian Data Principals (DPDP Act)

Indian users have the right to:

  • Access personal data

  • Request correction or updating of personal data

  • Withdraw consent

  • Request deletion of personal data, subject to legal requirements

  • Grievance redressal

Requests can be made using the contact details below.

9. Grievance Redressal Officer

In compliance with Indian law, grievances related to personal data may be addressed to:

Grievance Officer
Meru Himal
Email: contact@meruhimal.in

We aim to resolve grievances within a reasonable timeframe as prescribed by law.

10. Children’s Data (India)

Meru Himal does not knowingly collect personal data from children without verifiable parental or guardian consent, where required under Indian law.

11. Updates to This India Notice

This India-specific notice may be updated to reflect changes in Indian data protection laws or regulatory guidance. Updates will be published on this page.

Thoughtful journeys across the Himalayas, Char Dham Yatra, treks, and cultural routes.
Rooted in local experience and insight. Designed with humility, safety, and care

Pages

About Us
Char Dham Yatra
Explore Uttarakhand
Privacy Policy
Cancellation and Refund Policy
Risk & Safety Disclaimer
Terms and Conditions
Contact Us

Stay Connected

Receive seasonal yatra updates, planning guidance, and important travel advisories.

We respect your privacy

Contact US

© 2026 Meru Himal. All rights reserved.