Privacy Policy

Overview

This Privacy policy explains how Kowju Airport Hotel Calicut (“we”, “us”, “our”) collects, uses, stores, and shares personal data when you use this website, enquire or book a stay, visit the property, or otherwise interact with our services. Stay rules, check-in and check-out times, conduct expectations, and similar house rules are summarised on our [Hotel policies](/hotel-policies) page. If you do not agree with this policy, please stop using our services and contact us before submitting personal data.

Data fiduciary and contact

For personal data covered by this policy, Kowju Airport Hotel Calicut is the data fiduciary (controller) responsible for decisions about processing. Correspondence address: Aeropolis Pazhayangadi Road, Kondotty, Malappuram district, Kerala 673638, India. For privacy requests, grievances, or questions about how we handle your personal data, contact our Grievance / Data protection contact at hello@kowjuhotels.com (please use the subject line “Privacy”) or call +91 483 271 1010. We will acknowledge genuine requests without undue delay and handle them in line with applicable law. Where the law allows, you may nominate another individual to exercise certain rights on your behalf by writing to us from the email address we hold for your booking or enquiry.

Information we collect

Depending on how you interact with us, we may collect: - **Identity and contact** — name, email, phone, postal address, country, company or GST details when you provide them. - **Reservation and stay** — dates, rates, room type, guest counts, preferences, dietary or accessibility notes, flight or vehicle details if you supply them, and correspondence about your stay. - **Payment information** — we use payment service providers; we do not store complete payment card numbers on our own servers. We may retain transaction references, partial card identifiers, and invoice data as required for accounting and disputes. - **Website and device** — IP address, browser type, device identifiers, pages viewed, approximate region, and similar technical data collected through cookies or similar technologies where permitted. - **Communications** — content of emails, contact forms, chat, calls logged for quality or training where disclosed to you, and social messages you send us. - **CCTV and security** — camera footage in public and back-of-house areas where signage and law allow.

How we use personal data

We use personal data for purposes such as: - Providing accommodation, food and beverage, events, airport shuttle, and other hotel services you request. - Processing payments, deposits, refunds, and invoices. - Communicating about your booking, stay, safety notices, and service updates. - Safety, fraud prevention, credit checks where permitted, and protecting guests, staff, and property. - Improving our website, services, and guest experience through analytics when enabled. - Compliance with law, regulatory requests, court orders, and defending legal claims.

Lawful grounds (including India)

If you are in India, processing is carried out in accordance with the Digital Personal Data Protection Act, 2023 and rules issued thereunder, where they apply. Depending on the activity, we rely on consent where required, performance of a contract or steps prior to contract (such as taking a booking), compliance with legal obligations, or legitimate interests that are not overridden by your rights (for example network security or aggregated analytics). Guests in other regions may have additional rights under local law; we apply this policy consistently and address requests as applicable law requires.

Sharing, subprocessors, and cross-border transfers

We share personal data only as needed with categories of recipients such as: - Reservation, channel management, and property-management systems. - Payment processors and banks. - Email, SMS, and hosting or content delivery providers that support this website. - Professional advisers (lawyers, accountants) and insurers when required. - Public authorities when the law requires disclosure. Some providers may process data outside India or your home country. Where cross-border transfer is restricted, we use mechanisms recognised under applicable law (such as standard terms or government-approved transfers) when required.

Retention

We keep personal data only as long as necessary for the purposes above, including statutory retention for tax, immigration, anti-money laundering, and litigation. Retention periods vary by record type; contact us for a high-level summary relating to your stay.

Security and incidents

We implement reasonable technical and organisational measures designed to protect personal data against unauthorised access, loss, or alteration. These include access controls, secure transmission where appropriate for our systems, staff training, and vendor review. No method of transmission or storage is completely secure. If we become aware of a personal data breach that is likely to affect your rights, we will notify you and relevant regulators when the law requires us to do so.

Your rights and grievances

Subject to applicable law, you may have rights to access, correct, update, or request deletion of your personal data; to restrict or object to certain processing; to withdraw consent where processing is consent-based; and to receive a copy of data you provided in a portable format where required. Indian residents may also have rights and remedies under the Digital Personal Data Protection Act, 2023, including raising concerns with our Grievance contact above and, where permitted, with the Data Protection Board of India. We may need to verify your identity before fulfilling a request. We will explain if a request cannot be granted and why.

Marketing

Where permitted, we may send promotional messages about offers and events. You can opt out at any time using the unsubscribe link in marketing emails or by writing to us at the Grievance contact with “Unsubscribe” in the subject line. Service and transactional messages (for example booking confirmations) may continue as needed to perform our contract with you.

Cookies and similar technologies

We use cookies and similar technologies to operate the site, remember preferences, and measure performance. You can control cookies through your browser; blocking strictly necessary cookies may affect checkout or forms. Examples of cookies we or our partners may set include: | Cookie / technology | Purpose | Typical duration | | --- | --- | --- | | Strictly necessary | Site operation, security, load balancing, cookie consent storage where used. | Session up to 12 months (varies by cookie). | | Functional | Remember preferences such as language or form progress. | Up to 12 months. | | Analytics / performance | Aggregated statistics on visits and errors when an analytics tool is enabled. | Typically up to 13 months; see vendor documentation if deployed. |

Children

Our services are not directed at individuals who have not completed eighteen years of age within the meaning of applicable Indian law, and we do not knowingly collect their personal data for marketing. If you believe we have collected personal data from a child without appropriate authority, contact us and we will take steps to delete it where the law requires.

Changes to this policy

We may update this policy to reflect legal, technical, or business changes. The “Last updated” date at the top of this page will change when we publish a revision. Material changes will be highlighted here or communicated where the law requires.

Contact

Email [hello@kowjuhotels.com](mailto:hello@kowjuhotels.com?subject=Privacy%20enquiry) (subject “Privacy”), call [+91 483 271 1010](tel:+914832711010), or use our [contact page](/contact) and mention privacy so your message is routed correctly.