Privacy Policy

This Privacy Policy describes how November Travels Pvt Ltd, operating bus services under the November Travels brand (“the Bus Operator”, “we”, “us”, “our”), collects, uses, shares, and protects personal data of passengers and visitors of our website https://novembertravels.com and our mobile applications (collectively, the “Service”). By using the Service or making a Booking, you consent to the practices described in this Policy.

1. Personal Data We Collect

We collect personal data necessary to provide bus services to you, comply with applicable law, and operate the Service securely. The categories of data we collect include:

• Identification data: name, age, gender, date of birth, government-issued ID details (when required for travel).
• Contact data: mobile number, email address, postal address.
• Booking data: route, date, time, Boarding Point, Dropping Point, seat selection, passenger list, fare, payment status, ticket number.
• Payment data: transaction reference, payment method type, last four digits of card, UPI handle. We do not store full card numbers, CVVs, or banking passwords; payments are processed by PCI-DSS-compliant payment partners.
• Device and usage data: IP address, browser, operating system, pages viewed, referrer, cookies, device identifiers (for our mobile app).
• Location data: device location during a journey, where you have granted permission, used to show your bus on the map and for safety alerts.
• Communication data: records of calls, emails, WhatsApp messages, and chat support transcripts you exchange with us.

2. How We Use Personal Data

• To process Bookings, issue Tickets, and operate the bus service you have booked.
• To verify your identity at the Boarding Point and check the validity of your Ticket.
• To process payments, refunds, and billing for the services you avail.
• To send Booking confirmations, departure reminders, change-of-plan notifications, and post-trip messages by SMS, email, WhatsApp, or in-app push notification.
• To provide customer support, including responding to queries, complaints, and grievances.
• To improve service safety and operations — for example, route planning, on-time-performance monitoring, and incident investigation.
• To prevent and detect fraud, abuse, and unauthorised access to the Service.
• To comply with legal obligations under the Motor Vehicles Act, the Information Technology Act, the Goods and Services Tax Act, and other applicable laws.

3. Sharing of Personal Data

We do not sell your personal data. We share it only as necessary to operate the Service:

• Authorised service providers: payment processors, SMS / email / WhatsApp notification gateways, IT and hosting providers, cloud-storage providers, customer-support platforms, fraud-detection services. These providers process data only on our instructions and under contractual confidentiality obligations.
• Crew and bus staff: the Passenger's name, contact number, seat allocation, and Boarding Point are shared with the driver/conductor of the relevant Scheduled Service, solely to operate the trip safely.
• Government and law-enforcement authorities: where disclosure is required by law, court order, or in response to a lawful request from a government authority, or where reasonably necessary to protect the safety of any person or to prevent or investigate fraud or unlawful activity.
• Statutory authorities: for tax compliance, statutory audits, and regulatory reporting.

4. Cookies and Similar Technologies

We use cookies and similar technologies to remember your preferences (e.g. recent search, language), to keep you signed in, to measure how visitors use the Service, and to detect fraud. You can control cookies through your browser settings; disabling certain cookies may affect site functionality.

5. Security

We adopt reasonable technical and organisational security measures to protect personal data against unauthorised access, alteration, disclosure, or destruction — including encryption in transit (HTTPS), access controls, audit logging, and regular security reviews. However, no method of transmission over the internet or electronic storage is completely secure; we cannot guarantee absolute security.

6. Retention

We retain personal data only for as long as necessary for the purposes set out in this Policy, or for a longer period if required to comply with applicable law (e.g. tax, accounting, regulatory), to enforce our agreements, to defend legal claims, or to prevent fraud. Booking and payment records are typically retained for at least eight (8) years to meet statutory obligations.

7. Your Rights

Subject to applicable law, you have the following rights regarding your personal data:

• Access: request a copy of the personal data we hold about you.
• Correction: request correction of any inaccurate or out-of-date data.
• Deletion: request deletion of your account and personal data, subject to our retention obligations.
• Withdrawal of consent: withdraw consent previously given for processing, where consent was the lawful basis for that processing.
• Grievance: raise a complaint with our Grievance Officer (see Section 9 below).

To exercise any of these rights, contact us using the details below. We may need to verify your identity before acting on a request.

8. Changes to this Policy

We may update this Privacy Policy from time to time. The current version is always published on https://novembertravels.com. Material changes will be notified to registered users by email or in-app notification.

9. Grievance Officer

In compliance with the Information Technology Act, 2000 and the rules thereunder, the following is the designated Grievance Officer for November Travels: