Privacy Policy

Last updated: 1 March 2025  ·  Effective for loma.co.in

Table of Contents

  1. Who We Are
  2. Data We Collect
  3. How We Use Your Data
  4. Sharing of Data
  5. Cookies & Tracking
  6. Data Retention
  7. Your Rights (DPDP Act 2023)
  8. Security
  9. Children's Privacy
  10. Changes to This Policy
  11. Contact & Grievances

1. Who We Are

LomaRoomz ("we", "us", or "our") operates the hotel booking platform at loma.co.in. We act as a Data Fiduciary under the Digital Personal Data Protection (DPDP) Act, 2023 (India) with respect to personal data collected through our platform.

2. Data We Collect

We collect personal data only when you interact with our platform. The categories are:

CategoryExamplesHow Collected
Identity Data Full name, guest name on booking Booking form
Contact Data Email address, mobile number Booking form, contact form
Booking Data Hotel, dates, room type, rate plan, special requests Booking form
Financial Data Total amount, GSTIN (optional) Booking form — no payment card data is collected
Technical Data IP address, browser type, device type, pages visited, timestamps Automatically via server logs and cookies
Communications Messages sent via the contact form Contact form

We do not collect: payment card numbers, Aadhaar numbers, biometric data, or sensitive personal data beyond GSTIN for GST invoicing.

3. How We Use Your Data

We process your personal data for the following legitimate purposes:

  • Booking fulfilment — processing your booking, sending confirmation emails, and sharing necessary details with the hotel.
  • Customer support — responding to enquiries, resolving disputes, and assisting with booking modifications or cancellations.
  • Booking history — allowing you to retrieve your past bookings via email or mobile number.
  • Legal compliance — meeting requirements under the DPDP Act 2023, GST law, and other applicable Indian regulations.
  • Platform improvement — analysing aggregated, anonymised usage data to improve features.
  • Security — detecting fraud, abuse, and spam through IP and rate-limit monitoring.

We do not use your personal data for behavioural advertising, profiling, or automated decision-making that produces legal effects.

4. Sharing of Data

Your personal data is shared only in the following limited circumstances:

  • With the booked hotel — your name, email, mobile number, check-in/out dates, room type, and special requests are shared with the hotel where you have made a booking, so they can prepare for your stay.
  • With channel managers — where a hotel uses a connected channel manager (e.g. Channex), booking data is synchronised to update availability. Only the minimum data required is shared.
  • Service providers — email delivery services and hosting providers process data on our behalf under strict data processing agreements. They may not use your data for their own purposes.
  • Legal requirements — we may disclose data if required by Indian law, court order, or government authority.

We do not sell, rent, or trade your personal data to any third party.

5. Cookies & Tracking

We use the following types of cookies:

  • Strictly Necessary — Session cookie for CSRF protection and booking session state. Cannot be disabled.
  • Functional — Remembers your search preferences and dismissed announcements (sessionStorage). No personal data stored.
  • Analytics — Anonymised server-side logging only. We do not use Google Analytics or third-party tracking pixels.

No third-party advertising cookies are placed on our platform.

6. Data Retention

  • Booking records — retained for 7 years to comply with GST and accounting obligations under Indian law.
  • Contact messages — retained for 2 years, then deleted.
  • Server logs & IP data — retained for 90 days, then purged.
  • Session data — expires on browser close or after 24 hours of inactivity.

7. Your Rights Under the DPDP Act 2023

As a Data Principal under India's Digital Personal Data Protection Act, 2023, you have the following rights:

  • Right to Information — know what personal data we hold about you and how it is processed.
  • Right of Correction — request correction of inaccurate or incomplete personal data.
  • Right of Erasure — request deletion of your personal data, subject to legal retention obligations.
  • Right to Grievance Redressal — raise a complaint with our Grievance Officer (details below).
  • Right to Nominate — nominate another individual to exercise your rights in the event of death or incapacity.

To exercise any of these rights, email us at support@loma.co.in with the subject line "DPDP Rights Request" and your booking reference or registered email address. We will respond within 30 days.

8. Security

We implement reasonable technical and organisational measures to protect your personal data, including: HTTPS encryption in transit, hashed session tokens, CSRF protection on all forms, IP-based rate limiting, prepared statements to prevent SQL injection, and restricted access to production databases. No system is entirely secure; we cannot guarantee absolute security.

9. Children's Privacy

Our platform is not directed at children under 18 years of age. We do not knowingly collect personal data from minors. If you believe a minor has submitted data through our platform, please contact us and we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be announced on our platform. The "Last updated" date at the top indicates when the policy was last revised. Continued use of our platform after changes constitutes acceptance of the updated policy.

11. Contact & Grievances

Grievance Officer (as required under DPDP Act 2023 & IT Act 2000):

LomaRoomz

Email: support@loma.co.in

Phone: +91 97909 93245

Response time: within 30 days of receipt

If you are not satisfied with our response, you may escalate to the Data Protection Board of India once constituted under the DPDP Act.

📱 Coming Soon

Book hotels faster with the
LomaRoomz App

Exclusive app-only deals, instant booking confirmation, and 24/7 support — all in your pocket.

Get it onGoogle Play Download onApp Store