Last updated on April 30, 2026
Introduction:
Scapia Technology Private Limited ("Scapia", "the Company", "We", "Us", or "Our"), a private limited company with its registered office at 2nd Floor, Tower B, Mantri Commercio, Kariyammana Agrahara, Bellandur, Bengaluru, Karnataka 560103, India, owns and operates the website www.scapia.cards and the Scapia mobile application (collectively, the "Platform"), through which various services ("Platform Services") are made available to You.
We maintain robust and industry-standard security measures for securing transactions and Your information and implement reasonable security safeguards as required under applicable laws.
This Privacy Policy explains how the Company collects, uses, stores, processes, shares, and protects personal data and other information in connection with the Platform Services and Your use of the Platform.
This Privacy Policy does not apply to information that You provide to, or that is collected by, third-party websites, applications, or services that are not owned or controlled by Us. Such information is governed by the privacy policies of the respective third parties.
Please read this Privacy Policy carefully prior to using or registering on the Platform or accessing any material, information, or availing any Platform Services through the Platform.
By clicking the "I accept" button provided at the sign-up page for the Platform, You ("You", "Your" as applicable) accept and agree to be bound by the terms and conditions of this Privacy Policy and Your information being collected, used, stored, processed, and shared in accordance with this Privacy Policy.
This Privacy Policy is incorporated into and subject to Our terms of use ("Terms") and shall be read harmoniously and in conjunction with the Terms. All capitalized terms used and not defined in this Privacy Policy shall have the meanings ascribed to them in the Terms.
This Privacy Policy (i) is an electronic record under the Information Technology Act, 2000 read with rules and regulations made thereunder, and is generated by a computer system; (ii) shall not require any physical, electronic, or digital signature; and (iii) is published in accordance with the provisions of applicable law.
Collection of Information:
Personal information is any information about an individual if such individual is identifiable by such information, or in relation to such information.
We collect Personal Information when You register or set up an Account on the Platform. You may browse certain sections of the Platform without being registered with Us. However, to avail Platform Services, You may need to register with Us by creating an account.
This Privacy Policy applies to the following information:
2.1 Information You give Us: You may provide information voluntarily while registering on Our Platform and creating an account for availing Platform Services, or by contacting Us to address a query, such as Your name, address, mobile number, email ID, date of birth, gender, PAN, financial information and any other information necessary to provide You with the Platform Services ("Personal Information").
2.2 Non-Personal Information: While You browse, access, or use the Platform, We may collect non-personal information such as Your internet protocol address, approximate geographic location (through a one-time location capture), device information, browser type, operating system, referral source, length of visit, page views, and similar usage data.
We may also place permanent and temporary cookies in Your device to collect device-related information (such as device ID, make and model, operating system etc.) for facilitating app functionality, usage analytics, and personalization.
2.3 Transactional Information: When You choose to avail Platform Services, or when You make or receive payments, We may collect Your bank account details and the details of transactions undertaken through the Platform.
If You are a user of the co-branded credit card facilitated by the Company in partnership with a Partner Bank, Scapia does not act as the primary controller of credit card transaction ledgers, settlement, billing, or interchange data, which are managed by the Partner Bank in accordance with applicable banking laws and regulations.
Scapia may, however, process limited transactional or servicing-related information strictly to the extent necessary to enable Platform features such as account visibility, customer support, dispute facilitation, rewards, and other services associated with the Platform.
2.4 User Communication: If You choose to post messages on Our message boards, chat rooms, feedback sections, or other message areas, We will collect and store such information ("User Communication"). This information may also be used in aggregate form to improve the Platform.
2.5 Other Information: We may request additional information as necessary ("Other Information"). This includes:
• Data created by You or a third party and stored on Our Platform/servers (e.g., images, documents);
• Data from public domain or third parties, including social media channels, as permitted by Your account settings (e.g., name, email, profile picture);
• Information about any other traveller(s) for whom You make a booking, subject to adequate consents sought by You from such other travellers;
• Copies of government identification documents (driving license, voter ID, passport etc., as required);
• Any other information reasonably required for providing Platform Services or required under applicable law.
Public domain data may also include Your publicly available reviews, ratings, display name, and images published on app stores or other platforms. We may collect and display such information in the same form for relevant purposes connected with the Platform Services.
You agree that permissions You grant at the time of creating Your Account (including camera access, location access, or access to other device features) shall be used solely for providing Platform Services and improving Your experience on the Platform.
Where Your Personal Information, Non-Personal Information, Transactional Information, or Other Information is required to be collected, processed, or shared with regulatory authorities, government agencies, banking partners, or law enforcement agencies under applicable law, Scapia shall do so in accordance with such requirements.
Information provided by You is collected on the basis of representations made by You. While reasonable verification measures may be undertaken where required under applicable law or for the Platform Services, the accuracy and completeness of such information is Your responsibility.
Our primary goal in collecting the aforementioned information is to provide You a safe, efficient, smooth, and customized experience on the Platform. The information collected allows Us to provide Platform Services and features that are most likely to meet Your needs.
In general, You may browse the Platform without revealing any Personal Information. In such cases, only Non-Personal Information may be collected. Once You provide Us with Personal Information, You are no longer anonymous to Us.
Where We process Your Personal Information on the basis of a legitimate use or legal obligation under applicable law, such processing may continue even if You choose not to use certain Platform Services, to the extent permitted by applicable law.
We retain Personal Information and other information for such duration as may be required for the purposes described in this Privacy Policy or under applicable laws. If We determine that any information is no longer required, We will delete or anonymise it in accordance with applicable law.
Use of Information
We use Personal Information, Non-Personal Information, Transactional Information, User Communication, and Other Information provided by You for the following purposes:
• to provide and improve Platform Services and features;
• to create Your login credentials or establish Your account;
• for authenticating Your transactions on the Platform;
• to meaningfully interact with You on the Platform;
• to resolve disputes and troubleshoot problems;
• to promote Your safety and the safety of other users or travellers;
• to protect the security and integrity of the Platform, Platform Services, and users;
• to inform You about online/offline offers, products, services, and updates;
• to customize Your experience on the Platform;
• to share marketing material with You;
• to detect, prevent, and protect against errors, fraud, and other prohibited activity;
• to enforce and inform You about Our Terms;
• to process and fulfil Your requests or respond to comments and queries;
• to communicate important notices or changes in services or Terms;
• to contact You;
• to manage and maintain Your Account;
• in cases where We have a legal duty to use Your Personal Information for a particular reason;
• for sharing and disclosure of data with partners and other third parties, including as may be required for providing the Platform Services, such as to Travel Service Providers, Travel Aggregators, payment partners, and e-commerce service providers;
• to alert You on new features or enhancements to Our Platform Services;
• to communicate with You on Our Platform Services about which You have inquired;
• to ensure that the Platform and Platform Services function in an effective manner for You;
• to investigate potential breaches, or to protect the rights, property or safety of the Platform and its users;
• to fulfil Our contractual obligations towards You;
• to allow Our business partners including Travel Service Providers, Travel Aggregators, payment partners, and e-commerce partners to present customised messages and/or promotional or marketing materials to You, subject to receipt of consent where required;
• to facilitate generation or pulling of Your credit information from credit bureaus;
• for fulfilling Our contractual obligations with Partner Bank(s) to enable provision of services
including the co-branded credit card to You;
• for any other purpose for which Your consent is obtained where required under applicable law; and
• for purposes permitted as a legitimate use or required to comply with legal obligations under applicable law, including fraud prevention, cybersecurity, regulatory reporting, and dispute handling.
If You avail the co-branded credit card that is facilitated by the Company in partnership with a Partner Bank, You consent to Scapia collecting, storing, or processing Your Personal Information in connection with the co-branded credit card facilitated in partnership with the Partner Bank specifically for facilitating credit card services or as required under applicable laws. This consent is in addition to the consent provided by You for allowing the Company to collect, store or process Your Personal Information, and other information for the purpose of providing Platform Services and for managing Your Account on the Platform.
You also consent to Us collecting, transferring, and sharing Your information (including Personal Information) with third parties such as entities registered under applicable laws, payment gateways, verification partners, and service providers, strictly for the purposes set out in this Privacy Policy and to the extent permitted under applicable law. We will obtain specific consent wherever required before sharing Your information with any additional third party.
We may automatically track certain information based on Your behaviour on the Platform. This information is internally analysed in aggregated and anonymised form to understand user demographics, interests, and behaviour, and to improve the Platform.
We may occasionally request You to complete optional online surveys. These surveys may ask for contact and demographic information (such as zip code, age, income range). This information helps Us tailor Your Platform experience.
If We send You promotional emails based on Your information, You will always have the right to opt out of such communications. Even if You opt out of promotional communications, We may still send non-promotional communications to You as required for the Platform Services or under applicable law.
Sharing of Information:
We may disclose Your Personal Information to travel service providers, third-party vendors, partnered institutions, consultants, and other entities that provide travel or related services through the Platform.
Such parties may use Your information solely for the purposes for which it is shared.
We may also disclose information (including Personal Information) to such third parties for:
• facilitating Platform Services;
• enabling Your access to services provided by such third parties, including Travel Services of Travel Service Providers and/or Travel Aggregators, and e-commerce services of e-commerce service providers;
• processing payments;
• validating bank accounts;
• processing Your application for the co-branded credit card facilitated by the Company in partnership with a Partner Bank;
• undertaking credit information checks;
• enabling redemption of Scapia coins;
• enabling marketing or advertising activities permitted under applicable laws and user preferences;
• enabling such third parties to undertake marketing campaigns targeted to You;
• conducting audits and data analysis;
• preventing or investigating fraud or other illegal activities.
We may disclose Your information to comply with applicable laws, respond to lawful requests, protect the rights and property of Scapia or users, enforce the Terms, or in emergencies to protect personal safety.
In the event of a merger, acquisition, restructuring, sale, joint venture, business transfer, or similar corporate transaction, We may share or transfer Your Personal Information to the relevant business entity(ies), in accordance with applicable law.
Where We propose to share Your Personal Information for any materially new purpose not compatible with the purposes described here, We will obtain Your specific consent separately.
Security Precautions and Measures:
Our Platform implements reasonable security measures and safeguards to protect Your privacy and Personal Information from loss, misuse, unauthorized access, disclosure, alteration, and destruction of the information, in line with industry standards and applicable laws.
We comply with ISO 27001, ISO 27701, and PCI DSS standards and maintain the relevant certifications. Whenever You access or modify Your Account information, We use secure server technology.
We or any of Our partners do not assume any liability or responsibility for disclosure of Your Personal Information due to errors in transmission, unauthorised third-party access, or other causes beyond Our reasonable control.
You are responsible for maintaining the confidentiality and security of Your device, login credentials, and any Personal Information under Your control, and for promptly notifying Us of any suspected unauthorized access or use.
This Privacy Policy and Our security controls constitute "reasonable security practices and procedures" under Section 43A of the Information Technology Act, 2000.
Links to Third–Party Sites:
The Platform may provide links to third-party platforms ("Third-Party Sites") which may collect Your Personal Information, such as Your IP address, browser type, or operating system. Scapia is not responsible for the security of such information or for the privacy practices or content of such Third-Party Sites.
You may also encounter cookies or similar tracking technologies on certain pages of Third-Party Sites and We do not control the use of such technologies. These Third-Party Sites may have their own privacy policies governing the storage and retention of Your Information that You may be subject to.
We are not liable for information published in search results or by any Third-Party Sites, and this Privacy Policy does not govern any information provided to, or handled by, third-party service providers or Third-Party Sites.
Your Consent and Changes to Privacy Policy:
7.1 Withdrawal of Consent
You may withdraw Your consent at any time for processing of Your Personal Information, Transactional Information, or Other Information by writing to privacy@scapia.cards.
If You withdraw consent for processing necessary to provide Platform Services, You may no longer access or use those services. We may delete or anonymise Your information (such that it is not attributable to You) following such withdrawal, subject to applicable legal and regulatory requirements.
Withdrawal of consent shall be facilitated through reasonable and accessible means, comparable to the manner in which consent was provided, subject to verification of identity and applicable legal and regulatory requirements.
7.2 Correcting Inaccuracies
You may correct or update any Personal Information by writing to care@scapia.cards. You may also request access to or correction of Your Personal Information by contacting Us at privacy@scapia.cards.
7.3 Changes to This Privacy Policy
We may modify, add, or remove portions of this Privacy Policy at any time. You should review this Privacy Policy regularly for changes. You may also determine if any such revision has occurred by checking the "Last Updated" legend above. Changes will be notified by way of an email or by way of a pop-up or notification on the Platform or any other means as may be permitted under applicable laws.
You will be required to provide Your consent and acceptance to the updated Privacy Policy before You can continue accessing the Platform and the Platform Services after such change. We encourage You to visit the Platform from time to time to ensure that You are well informed about Our latest policies concerning personal data protection. All communications, transactions, and dealings on the Platform shall be subject to the latest version of this Privacy Policy in force at the time.
Right to Erasure
You may request deletion or removal of Your Personal Information, Transactional Information, or Other Information that is collected, stored, or processed by Scapia, subject to verification of identity and applicable legal and regulatory requirements.
You may exercise this right by writing to privacy@scapia.cards. This is not a blanket or universal right to erasure; certain exceptions apply, such as when retention is legally required (for example, for regulatory compliance, fraud prevention, dispute resolution, or recordkeeping under applicable banking, payments, anti-money laundering, taxation, or other laws).
If You request erasure of information required for providing Platform Services, You understand that Scapia may no longer be able to provide such services. If You delete Your Account after exercising Your right to erasure, You will not be able to access the Platform or any Platform Services through that Account.
Where applicable under data protection laws, You may also exercise Your broader right to deny consent or to correction and erasure of Personal Information, subject to limitations and exceptions under law.
Data Retention and Deletion
We retain Your Personal Information, Non-Personal Information, Transactional Information, and Other Information for such duration as is necessary for the purposes specified in this Privacy Policy or as required under applicable laws and regulations.
If You request deletion beyond the lawful retention period, You may do so by contacting Us as described above.
When the data retention period expires, We will securely delete or destroy such information from Our systems. We may continue to retain anonymised information for research, analytics, and statistical purposes.
We retain logs relating to processing activities for at least such period as required for legal, regulatory, compliance, or security purposes.
Electronic records will be deleted or destroyed using secure methods in accordance with Scapia's data handling practices. Hardcopy records (if any) will be destroyed using authorised methods such as shredding.
No information currently involved in investigations, audits, or legal proceedings shall be deleted until such matters are formally closed.
Grievance Officer
If You have any grievance, concern, or complaint with respect to the Platform, the Platform Services, or the processing of Your Personal Information, You may write to the Grievance Officer. The details are as follows:
Name: Anirudh Agarwal
Email: grievance@scapia.cards
Address: 2nd Floor, Tower B, Mantri Commercio, Kariyammana Agrahara, Bellandur, Bengaluru, Karnataka 560103, India.
We will put Our best efforts to resolve Your grievance in a fair, equitable, and timely manner, in compliance with applicable laws.
For concerns related specifically to the collection, processing, retention, correction, or erasure of Your Personal Information, You may also write to privacy@scapia.cards.
Questions and Contact?
If You have any questions about this Privacy Policy or about Our privacy practices, or wish to exercise Your rights under applicable laws, please feel free to contact Us at privacy@scapia.cards.
You may also reach out to Us for assistance regarding withdrawal of consent, access to personal data, correction of inaccurate or incomplete personal data, erasure requests, concerns regarding Platform data handling, clarifications regarding the co-branded credit card, and security or data breach notifications (where applicable).
We are committed to providing transparent, lawful, and responsible handling of Your Personal Information and maintaining the trust You place in Us.
Closing Statement?
This Privacy Policy is intended to provide clear, transparent, and accessible information regarding how Scapia collects, uses, stores, processes, transfers, and protects Your Personal Information in accordance with applicable laws. It supersedes all prior versions of the Privacy Policy and continues to evolve in line with regulatory developments.
We encourage You to review this Privacy Policy periodically to stay informed about Our data protection practices.
Thank You for trusting Scapia with Your Personal Information.