LoomStay logo
LoomStay

Updated November 17, 2025

Privacy Policy

This privacy policy explains how Loomstay collects, uses, shares, and safeguards personal information when you visit loomstay.in, create or manage an account, make reservations, or interact with our support teams.

Who we are

Loomstay is operated by [Legal Entity], located at Pratibha-tower, South City-1, Sector-41, Gurgaon, Haryana, providing an online platform to search, compare, and book hotel and homestay accommodations and related travel services. You can contact us at roomsopo@gmail.com or +91 7073660519.

This policy explains how personal information is collected, used, shared, and protected when you visit loomstay.in, create an account, make a booking, or contact support.

Scope

This policy applies to our website loomstay.in, web applications, and communications related to reservations, payments, check-in, loyalty, and customer support, including bookings made via partners that share data with us for fulfillment.

Partner services such as payment gateways, online travel agencies, analytics providers, and marketing platforms maintain their own privacy policies that apply in addition to ours.

Personal data we collect

  • Identifiers and contact: full name, email address, phone number, postal address, nationality, and government ID where required for check-in under local laws.
  • Account data: username, hashed password, preferences, and loyalty identifiers where applicable.
  • Booking data: stay dates, property name, room type, guest count, special requests, arrival time, and transaction references.
  • Payment data: masked card details or tokens and billing information processed by PCI-compliant providers. Loomstay does not store full card numbers or CVV codes.
  • Device and usage data: IP address, device identifiers, browser type, pages viewed, referrers, approximate location, and cookie or SDK identifiers for analytics and security.
  • Sensitive information you provide: accessibility needs or health-related requests, processed only to fulfill your request with appropriate safeguards.

How we collect data

  • Directly from you: via forms, account creation, booking checkout, support chats or emails, reviews, surveys, and feedback tools.
  • Automatically: via cookies, pixels, and mobile identifiers for performance, analytics, personalization, and security. For more information, review our Cookie Policy.
  • From third parties: including online travel agencies, channel managers, payment processors, identity or KYC providers, and marketing partners where lawful.

Why we use your data

We process personal data for the following purposes under applicable legal bases such as contract, legitimate interest, consent, legal obligation, or vital interests:

  • Booking and operations: process reservations, send confirmations, facilitate check-in and check-out, and provide customer support.
  • Payments and fraud: process payments via third-party gateways, prevent fraud or abuse, and resolve chargebacks.
  • Communication: send pre-arrival instructions, updates, feedback requests, service notices, and marketing messages with consent or where permitted by law.
  • Personalization and analytics: remember preferences, improve user experience, measure performance, and optimize content or ads where consented.
  • Legal compliance: meet tax and accounting obligations, respond to regulatory or law-enforcement requests, and complete guest registry or ID verification where required.

Cookies and tracking

Essential cookies support core site functions. Additional cookies or SDKs for analytics, performance, personalization, and marketing are used with consent where required. Manage preferences via our cookie banner, browser settings, and the controls described in our Cookie Policy.

Sharing your information

  • Properties and service providers: hotel or homestay partners, channel managers, property management systems, and operational staff necessary to fulfill bookings.
  • Payment and security vendors: payment gateways, fraud detection tools, and identity verification providers.
  • Analytics and marketing platforms: solutions for analytics, A/B testing, email, SMS, push communication, and advertising measurement per your consent and applicable law.
  • Legal and corporate purposes: authorities, regulators, or parties to a business transaction such as a merger or acquisition when permitted by law.

International transfers

Data may be processed in countries different from your residence. Where required, we implement safeguards such as standard contractual clauses or equivalent mechanisms to protect transferred data.

Data retention

Personal data is retained only as long as necessary for services, legal obligations, dispute resolution, and enforcement. When information is no longer needed, we securely delete, de-identify, or archive it according to our retention schedule.

Your rights

Depending on your location and applicable law, you may request access, correction, deletion, restriction, data portability, or object to certain processing, and withdraw consent without affecting prior lawful processing. Contact us using the details below to exercise these rights.

California residents

You may exercise rights to know, delete, correct, and opt out of the sale or sharing of personal information for cross-context behavioral advertising where applicable. We honor opt-out signals and provide tools to manage preferences.

EU and UK residents

You may exercise GDPR rights and contact your supervisory authority. International transfers rely on safeguards such as standard contractual clauses or the UK international data transfer agreement.

Children's privacy

Our services are not directed to children under the age thresholds set by local law. Bookings must be made by adults or with verifiable guardian consent. Contact us if you believe a child's data was provided so we can delete it.

Security

We implement administrative, technical, and physical safeguards appropriate to the risk, including encryption in transit, access controls, least-privilege practices, and vendor due diligence. Payments are handled by PCI-compliant providers, though no security method is entirely fail-safe.

Third-party links and platforms

Third-party sites and applications follow their own privacy practices. Review their policies before sharing data. If you book through an online travel agency or partner, that entity may independently control certain processing activities.

Automated decisions and profiling

Automated systems may be used for fraud detection, personalization, or marketing audience segmentation. You can object to profiling for direct marketing and request human review where a decision significantly affects you and the law grants such a right.

How to exercise your rights

Submit requests by emailing roomsopo@gmail.com, calling +91 7073660519, or writing to Pratibha-tower, South City-1, Sector-41, Gurgaon, Haryana. Include your name, booking reference, contact details, and jurisdiction. Authorized agents may act where permitted by law with proof of authorization; identity verification may be required.

Data controller and contact

Controller: [Legal Entity], Pratibha-tower, South City-1, Sector-41, Gurgaon, Haryana.

Privacy contact or DPO: Loomstay Privacy Team, roomsopo@gmail.com, +91 7073660519.

Where required, EU or UK representative details will be provided here.

India-specific notice (DPDP Act 2023)

Where India's Digital Personal Data Protection Act applies, you may access, correct, or erase personal data, withdraw consent, and file grievances with our Data Protection Officer. We implement reasonable security safeguards, and cross-border transfers follow applicable government notifications and contractual safeguards.

California notice (CCPA/CPRA)

Categories collected may include identifiers, customer records, commercial information, internet or analytics data, and limited inferences. Sensitive personal information is used only for necessary and permitted purposes. Opt-out tools for sale or sharing (cross-context advertising) requests will be honored where applicable.

EEA and UK GDPR notice

Legal bases include contract, legal obligation, legitimate interests such as security and service improvement, consent for marketing cookies, and vital interests in emergencies. International transfers rely on standard contractual clauses, the UK international data transfer agreement, or equivalent safeguards.

Changes to this policy

We may update this policy periodically. Material changes will be highlighted on this page and, where appropriate, notified via email or site banners. Continued use of our services after the effective date constitutes acceptance of the updated policy.

How to contact us

  • Brand: Loomstay
  • Website: loomstay.in
  • Email: roomsopo@gmail.com
  • Phone: +91 7073660519
  • Address: Pratibha-tower, South City-1, Sector-41, Gurgaon, Haryana

Implementation notes

  • Add links to this privacy policy in the site footer, booking flow, account creation steps, and cookie banner.
  • Maintain a separate Cookie Policy with granular consent options and ensure it stays current.
  • Keep an up-to-date vendor list and data processing agreements with payment gateways, property systems, analytics providers, and communication platforms.