Privacy Policy

MpuntainFit LLP - Privacy Policy

Last updated: 21 May 2026

1. Introduction
   Mountainfit LLP (“Mountainfit”, “we”, “us”, or “our”) is committed to protecting the privacy and security of visitors to mountainfit.in and any related websites, mobile apps, booking portals, or services (collectively, the “Site”). This Privacy Policy explains what personal information we collect, why we collect it, how we use and share it, and the choices and rights available to you. Please read it carefully before using our services or making a booking.

2. Who we are and contact
   Mountainfit LLP, registered in India. For questions about this policy, to exercise your rights, or to report a data incident, contact: Akshay Gokhale or Sameer Divekar, Email: contact@mountainfit.in, Phone: +91 7798885559, Office Address: 4/5, Krishna Kamal, Karve Road, near Telephone Exchange, Nal Stop, Sahakar Vasahat, Erandwane, Pune, Maharashtra 411004 .

3. What information we collect
   We collect the minimum personal information necessary to provide travel, adventure, and booking services, ensure safety, and process payments. Categories include:

• Identity and contact data: name, date of birth, email address, mobile number, emergency contact details.

• Booking and travel data: trip dates, group size, accommodation choices, special requests, dietary and medical information provided for safety planning.

• Payment and billing data: payment card details or payment token, billing address, transaction identifiers (collected via our payment gateway).

• Government ID and travel documents: passport, ID number, visa details when required for permits or bookings (only where necessary).

• Communications data: messages, support tickets, and correspondence through phone, email, chat, or contact forms.

• Device and usage data: IP address, browser type, operating system, device identifiers, session logs, cookies and similar tracking technologies.

• Photos and media: photographs or videos you provide (for identification, promotional use, or trip records) only when you consent or when required for safety/verification.

1. How we collect information
   We collect information:

• Directly from you when you register, create a booking, sign waivers, contact support, or provide emergency/medical details.

• From third parties such as payment processors, travel partners, accommodation/resort partners, government permit authorities, and health/insurance providers when required for service delivery.

• Automatically through cookies and analytics when you use the Site.

• From publicly available sources or with your consent (for example, when uploading ID or health certificates).

1. Purposes and lawful basis for processing
   We process personal data for these core purposes:

• To provide and manage bookings, itineraries, check-ins, permits, and trip logistics.

• To process payments, refunds, and billing through secure payment gateways.

• To ensure safety and emergency response: medical and emergency contact information is used to manage on-trip risks and assist in emergencies.

• To comply with legal obligations (tax, permits, visas, and safety regulations).

• To communicate with you about bookings, changes, safety notices, and service updates.

• To improve the Site, marketing (with consent), and customer experience through analytics.
  Legal bases include contract performance (booking and payment), compliance with legal obligations, legitimate interests (safety, fraud prevention, service improvement), and consent where required (marketing, photos).

1. Online payments and financial data

• We do not store raw payment card data on our servers unless explicitly required and only when using PCI-compliant services. Payment card details are processed by our third-party payment gateway(s) that are PCI-DSS compliant. Our Site may store payment tokens or masked card details for repeat bookings only if you opt in.

• We log transaction IDs, payment status, billing address, and the minimum payment metadata needed to administer refunds and disputes.

• Fraud prevention: payment and transaction data may be analyzed to detect and prevent fraud.

1. Data sharing and third parties
   We share personal information only as necessary to operate services:

• Service providers and vendors: payment processors, booking engines, travel and accommodation partners, transport providers, insurance companies, guide and activity partners, and permitted subcontractors.

• Safety and emergency services: local rescue, medical providers, or authorities in the event of an emergency or where legally required.

• Legal and regulatory authorities: to comply with laws, court orders, tax authorities, or government permit requests.

• Business transfers: in the event of a sale, merger, acquisition, or reorganization, personal data may be transferred under confidentiality and security obligations.
  We require third parties to use reasonable security measures and restrict their use of your data to the purposes we specify.

1. International transfers
   Your data may be processed or stored in India and in other jurisdictions where our service providers operate. When data is transferred across borders, we use legal safeguards such as standard contractual clauses or other methods required by applicable law to ensure an adequate level of protection.

2. Data retention
   We retain personal data only as long as necessary to provide services, meet contractual and legal obligations, resolve disputes, and enforce agreements. Retention periods vary by category (for example, booking records and tax documents are retained to meet legal requirements; safety incident records may be retained longer). When no longer needed, we securely delete or anonymize the data.

3. Security
   We implement reasonable technical, administrative, and physical safeguards to protect personal information, including encryption in transit (TLS/HTTPS) and at rest where appropriate, access controls, regular security reviews, and staff training. However, no method of transmission or storage is 100% secure; in the unlikely event of a data breach affecting your personal data, we will notify you and the relevant authorities as required by law.

4. Cookies and tracking
   We use cookies and similar technologies for essential site functions, analytics, performance, and marketing (with consent where required). You can control cookie preferences via the cookie banner or your browser settings. Disabling non-essential cookies may affect Site functionality, including booking convenience.

5. Children and minors
   Our services are not intended for children under 18. We do not knowingly collect personal data from children without parental consent. Where minors participate in trips, we will collect parental/guardian contact and consent for safety reasons.

6. Your rights and choices
   Depending on your jurisdiction, you may have rights including:

• Access: request a copy of personal data we hold about you.

• Correction: ask us to correct inaccurate or incomplete data.

• Deletion: request deletion of personal data where there is no legal requirement for retention.

• Restriction and objection: request limits on processing or object to certain uses.

• Portability: receive a machine-readable copy of data you provided.

• Withdraw consent: when processing is based on consent (for example, marketing).
  To exercise your rights, contact us at [privacy@mountainfit.in] or use the help form on the Site. We may ask for identity verification. We will respond within the timeframes required by applicable law.

1. Marketing and communications
   We will only send promotional communications with your consent where required by law. You can opt out of marketing emails and SMS at any time using the unsubscribe link or by contacting us. Transactional messages (booking confirmations, safety updates, itinerary changes) are necessary communications and cannot be opted out of if you have an active booking.

2. Photos, testimonials and social media
   If you provide photos, reviews, or testimonials, you grant MountainFit LLP a royalty-free license to use them for promotional and operational purposes unless you withdraw consent. We will respect requests to remove promotional content where reasonable; contact us to request removal.

3. Travel safety, medical, and emergency information
   We may ask for health, medical, or fitness information necessary to safely manage trips (allergies, medical conditions, fitness limitations). This data is treated as sensitive and is accessed only by personnel and partners directly involved in trip safety and emergency response, or where legally required. By providing this information, you consent to its use for safety planning and emergency care.

4. Third-party links and partner sites
   Our Site may include links to third-party websites (suppliers, permits, or partners). We are not responsible for their privacy practices. Review their privacy policies before providing personal information.

5. Changes to this policy
   We may update this Privacy Policy to reflect changes in law, our practices, or new services. Notice of material changes will be posted on the Site with the revised “Last updated” date; for significant changes we will attempt to notify affected users directly.

6. Complaints and supervisory authority
   If you are located in a jurisdiction with a data protection authority and you are not satisfied with our response to a privacy request, you have the right to lodge a complaint with your local supervisory authority.

7. How to contact us
   For privacy inquiries, data requests, or to report a breach: Email: contact@mountainfit.in, Phone: +91 7798885559, Office Address: 4/5, Krishna Kamal, Karve Road, near Telephone Exchange, Nal Stop, Sahakar Vasahat, Erandwane, Pune, Maharashtra 411004 .