Privacy Policy

1. Who we are

Tropisoul Services ("we", "us", "our") is a registered company in India and a sub-brand of Sparkling Sandset (UAE). We provide travel planning, holiday packages, activity bookings, cruise reservations and visa-assistance services.

The data controller is Tropisoul Services, India.

2. Information we collect

• Identity & contact details: name, email, phone, WhatsApp number, nationality, passport number.
• Booking details: destinations, travel dates, traveller count, preferences, special requests.
• Document uploads: passport scans, photographs and supporting documents you upload for visa or booking purposes.
• Account data: login credentials managed by our authentication provider.
• Payment metadata: transaction IDs and amounts (we do not store card numbers).

3. How we use your information

• To prepare quotes, itineraries and visa applications you request.
• To communicate booking status, document requirements and travel updates.
• To comply with legal, tax and regulatory obligations in India and the UAE.
• To improve our services and personalise recommendations.

4. Sharing

We share data only with: (a) airlines, hotels, ground operators and embassies needed to fulfil your booking; (b) regulated payment processors; (c) authorities when legally required. We never sell your data.

5. Storage & security

Data is stored on managed cloud infrastructure with encryption in transit and at rest. Access is limited to staff working on your booking. Document uploads are private and visible only to you and our internal operations team.

• Database: row-level security (RLS) so each user can only read and modify their own bookings, profile, itineraries and uploads.
• Document storage: per-user folders enforced at the storage layer; admin staff need an explicit policy to access.
• Authentication: industry-standard OAuth and bcrypt-hashed passwords; we never store passwords in plain text.
• Backups: encrypted daily snapshots retained for 30 days.
• Internal access: restricted to the planner assigned to your booking and a small operations team, audited via change logs.

6. Your rights

You may request access, correction or deletion of your data at any time by emailing hello@tropisoul.in. Note that records tied to completed bookings may be retained as required by tax and travel-industry regulations.

For users in the EU/UK we honour the GDPR/UK-GDPR rights of access, rectification, erasure, restriction, portability and objection. Response window: 30 days.

7. Data retention

• Active accounts: as long as the account exists.
• Completed bookings: retained for 7 years to comply with GST/tax record-keeping in India.
• Visa application files: retained for the period required by the relevant embassy, then deleted.
• Marketing emails: until you unsubscribe.

8. International transfers

Some sub-processors (cloud hosting, email delivery, payment gateways) operate outside India. We rely on standard contractual clauses and equivalent safeguards where required.

9. Cookies

We use only essential cookies (authentication, currency preference). We do not use third-party advertising cookies.

10. Children

Our services are intended for adults (18+). We do not knowingly collect data from children except as part of a parent's family booking.

11. Changes to this policy

We will post material changes here with a new "last updated" date and email registered users where the change is significant.

12. Contact

Questions about this policy? Email hello@tropisoul.in or message us on WhatsApp at +91 87929 22783.