Privacy Policy

At Kinglayang Homestay ("we", "us", or "our"), we respect your privacy and are committed to protecting your personal data. This privacy policy will inform you as to how we look after your personal data when you visit our website (regardless of where you visit it from) and tell you about your privacy rights and how the law protects you.

---

1. Information We Collect

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together follows:

• Identity Data: First name, last name, username or similar identifier, and government-issued ID details (required for check-in compliance).
• Contact Data: Billing address, email address, and telephone numbers.
• Transaction Data: Details about payments to and from you and other details of products and services you have purchased from us.
• Technical Data: Internet protocol (IP) address, your login data, browser type and version, time zone setting and location.

2. Password Security & Hashing

We utilize industry-standard Cryptographic Hashing Algorithms (such as Bcrypt or Argon2) to convert your password into an irreversible string of characters before it is saved to our secure servers.

What this means for you:

• Zero Knowledge: No one at Kinglayang Homestay—including our owners, developers, or server administrators—can see, read, or retrieve your actual password.
• Breach Protection: In the unlikely event of a data breach, your password remains unreadable and secure.

3. How We Use Your Personal Data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

• To Perform a Contract: Processing your booking, managing payments, and providing the accommodation services you requested.
• To Comply with Legal Obligations: We are required by local authorities (Foreigner Regional Registration Office / Local Police) to maintain guest logs including ID proofs.
• Communication: To send you booking confirmations, invoices, and essential travel updates regarding your stay.

4. Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed.

• SSL Encryption: All data transmitted between your browser and our website is encrypted using Secure Socket Layer (SSL) technology.
• Access Control: Access to your personal data (Name, Phone, Email) is limited to employees, agents, contractors, and other third parties who have a business need to know. They are subject to a duty of confidentiality.

5. Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

For tax and legal purposes, we are required to keep basic information about our customers (including Contact, Identity, and Transaction Data) for a minimum period as mandated by Indian Law after they cease being customers.

6. Your Legal Rights

Under certain circumstances, you have rights under data protection laws in relation to your personal data, including the right to:

• Request access to your personal data.
• Request correction of your personal data.
• Request erasure of your personal data (where applicable).
• Object to processing of your personal data.

7. Third-Party Links

This website may include links to third-party websites (e.g., Google Maps, Payment Gateways). Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements.

---

Contact Us

If you have any questions about this privacy policy or our privacy practices, please contact us: