Back to Home

Privacy Policy

Last updated: 22 March 2026

This Privacy Policy describes how Langsat Technologies Private Limited ("BluKeys", "we", "us", or "our") collects, uses, shares, and protects your personal information when you use our platform, websites, and mobile applications.

BluKeys operates across Southeast Asia, including India and Singapore. We are committed to complying with applicable data protection laws including India's Digital Personal Data Protection Act (DPDPA) 2023 and Singapore's Personal Data Protection Act (PDPA) 2012.

1. Information We Collect

1.1 Information You Provide

  • Account Information: Name, email address, phone number, password, and profile photo when you create an account.
  • Booking Information: Date, time, number of guests, activity preferences, and special requests when you make a booking.
  • Payment Information: Payment method details processed through our PCI-compliant payment partners (Razorpay, Stripe). We do not store full card numbers.
  • Hotel Partner Information: Business name, registration details, tax identification numbers, bank account information, staff details, and property information provided during partner onboarding.
  • Communications: Messages, feedback, reviews, and support requests you send to us.

1.2 Information Collected Automatically

  • Device Information: Device type, operating system, browser type, unique device identifiers, and mobile network information.
  • Location Data: Approximate location based on IP address, and precise location when you grant permission (used for nearby property discovery).
  • Usage Data: Pages visited, features used, search queries, booking history, time spent on the platform, and interaction patterns.
  • Cookies and Tracking: Information collected through cookies, pixels, and similar technologies as described in our Cookie Policy.

2. How We Use Your Information

  • Service Delivery: Processing bookings, facilitating payments, managing your account, and providing customer support.
  • Personalisation: Recommending properties and activities based on your preferences, location, and booking history.
  • Communications: Sending booking confirmations, reminders, receipts, and service updates via email and push notifications.
  • Hotel Partner Analytics: Providing aggregated, anonymised insights to hotel partners about amenity utilisation, booking trends, and customer demographics.
  • Platform Improvement: Analysing usage patterns to improve features, fix bugs, and develop new services.
  • Safety and Security: Fraud detection, account security, and enforcing our Terms of Service.
  • Legal Compliance: Meeting regulatory requirements, responding to legal requests, and resolving disputes.

3. How We Share Your Information

  • Hotel Partners: When you make a booking, we share your name, contact information, booking details, and guest count with the hotel property to fulfil your reservation.
  • Payment Processors: Payment information is shared with Razorpay (India) and Stripe (Singapore) to process transactions securely.
  • Service Providers: We work with cloud hosting (AWS), email delivery (SendGrid), push notifications (Firebase), error monitoring (Sentry), and analytics providers who process data on our behalf.
  • Legal Requirements: We may disclose information when required by law, regulation, legal process, or governmental request.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

We do not sell your personal data to third parties for advertising or marketing purposes.

4. Data Retention

We retain your personal information for as long as your account is active or as needed to provide services. After account deletion, we retain certain data for up to 7 years as required by tax and financial regulations in India and Singapore. Anonymised, aggregated data may be retained indefinitely for analytics.

5. Data Security

We implement industry-standard security measures including:

  • Encryption of data in transit (TLS 1.2+) and at rest (AES-256)
  • PCI-DSS compliant payment processing
  • Regular security audits and vulnerability assessments
  • Role-based access controls for internal systems
  • Encrypted storage of sensitive credentials

6. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your personal data, subject to legal retention requirements.
  • Portability: Request your data in a machine-readable format.
  • Withdraw Consent: Withdraw consent for data processing where consent is the legal basis.
  • Opt-out: Unsubscribe from marketing communications at any time via account settings or email preferences.

To exercise these rights, contact us at privacy@blukeys.com.

7. International Data Transfers

Your data may be processed in India, Singapore, and other countries where our service providers operate. We ensure adequate safeguards are in place through contractual data processing agreements.

8. Children's Privacy

BluKeys is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If we become aware of such collection, we will promptly delete the data.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or in-app notification. Continued use of the platform after changes constitutes acceptance of the updated policy.

10. Contact Us

For privacy-related inquiries or to exercise your data rights: