Wayy

      This policy is issued by Wayyverse Travel Technologies Private Limited. Wayyverse acts as a Data Fiduciary under the Digital Personal Data Protection (DPDP) Act, 2023. For any data-related questions, contact us at support@wayy.co.in.
    

1. Introduction

Welcome to Wayyverse ("Wayy", "we", "our", or "us"), operated by Wayyverse Travel Technologies Private Limited. We act as a Data Fiduciary under the Digital Personal Data Protection (DPDP) Act, 2023. We are committed to protecting your personal information and your right to privacy.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Wayy mobile application, the Creator Studio, the Partner CRM, and the website (collectively, the "Service"). Please read this policy carefully.

2. Information We Collect

We collect information you provide directly to us based on clear, affirmative consent, including:

Account & Profile Information: Your name, email address, username, password, profile photo, bio, and travel preferences (budget, pacing style).
Trip & Algorithmic Data: Destinations, dates, itineraries, and activities. This includes data processed by our proprietary "Pacing Engine" to suggest timeline adjustments.
Financial & Transactional Data: Billing details required for our "Split-Bill" group feature. Payment processing is handled by secure, PCI-DSS compliant third-party gateways (e.g., Razorpay/Cashfree); we do not store full credit card numbers.
Communications: Messages, polls, and decisions sent within trip-specific group workspaces.
Live Location Data: Opt-in GPS and geospatial data used exclusively during active trips for group tracking, safety, and map integration.
Platform Analytics (For Creators & Partners): Performance metrics, conversion data, and booking patterns, which remain the exclusive property of Wayyverse.

3. How We Use Your Information

We process your data strictly for legitimate operational purposes:

To create your account and facilitate end-to-end multi-modal travel bookings.
To enable real-time collaborative trip planning, group chat coordination, and automated split-bill checkout processing.
To calculate and optimize travel routes via our Pacing Engine, including 24-hour spillover logic.
To track "Eligible Bookings" and calculate commission payouts for verified Creators.
To provide local hospitality partners and vendors with necessary guest arrival data via our B2B Partner CRM.

4. How We Share Your Information

We do not sell your personal data. We share data only under the following frameworks:

With Your Travel Group: Display names, live locations (when enabled), and chat messages are visible to users you explicitly invite to your trip-specific group.
With Service Providers & API Partners: We transmit necessary booking details (name, dates, ID proofs if required) to airlines, inter-city bus operators, and direct hotel partners to fulfil your reservations.
With Infrastructure Partners: We utilise trusted third parties (e.g., Google Firebase, AWS) for encrypted data storage and authentication.
Legal Compliance: We may disclose data if required by law, court order, or governmental authority under Indian jurisdiction.

5. Data Security & Storage

We implement rigorous security architectures:

All group chat messages are end-to-end encrypted using XSalsa20-Poly1305 (NaCl) before server storage.
Data is transmitted via HTTPS/TLS protocols.
We utilise role-based internal access controls and localised cloud storage infrastructure within India to comply with national data sovereignty expectations.

While we use commercially acceptable means to protect your data, no internet transmission is entirely infallible.

6. Data Retention & Deletion

We retain your personal data only as long as your account is active or as required by Indian tax and corporate laws (e.g., GST transaction ledgers). You may delete your account at any time via the Settings screen. Upon request, non-transactional personal data is purged within 30 days.

7. Your Rights (Under the DPDP Act, 2023)

As a Data Principal, you possess the right to:

Access & Information: Request a summary of the personal data we process.
Correction & Erasure: Request the correction of inaccurate data or the deletion of your data once its purpose is served.
Grievance Redressal: Escalate data concerns to our designated Grievance Officer.
Nomination: Nominate an individual to exercise your data rights in the event of death or incapacity.

8. Contact & Grievance Officer

In accordance with Indian Law, if you have questions or data-related grievances, please contact our Grievance Officer:

Email: support@wayy.co.in
Address: Wayyverse Travel Technologies Private Limited, Bengaluru, Karnataka, India.

Data-related grievances?

Contact our Grievance Officer at support@wayy.co.in — we respond within 72 hours.