Privacy Policy

This Privacy Policy describes how MahaTreks ("we," "our," or "us") collects, uses, stores, shares, and protects your personal information when you use our web application, MahaTreks (the "Service"). By accessing or using MahaTreks, you agree to the terms of this Privacy Policy.

1. Information We Collect

Like most online platforms, we collect various types of information to provide and improve our Service:

Information You Provide Directly:

  • Account Information: When you create an account, we collect your name, email address, password, and optionally a profile picture.
  • Profile Information: You may choose to provide additional information for your profile, such as your trekking experience, fitness level, and emergency contact details.
  • Trek Organization/Joining Information: If you host a trek, we collect details about the trek (e.g., destination, date, time, description, itinerary, difficulty level, estimated cost). If you join a trek, we collect your confirmation of participation.
  • Communications: When you communicate with us (e.g., customer support, feedback) or with other users through the platform's messaging features, we collect the content of those communications.
  • Payment Information: If we integrate payment processing for trek fees (currently or in the future), we will collect necessary payment details (e.g., credit card information). This is typically processed by a third-party payment processor, and we do not directly store sensitive payment card details on our servers.

Information Collected Automatically:

  • Usage Data: We collect non-personally identifying information about how you interact with our Service, such as pages visited, features used, time spent on the app, and referring URLs.
  • Device Information: We may collect information about the device you use to access MahaTreks, including your Internet Protocol (IP) address, device type, operating system, browser type, and unique device identifiers.
  • Cookies and Tracking Technologies: We use cookies, web beacons, and similar technologies to help us identify and track visitors, their usage of MahaTreks, and their website access preferences. Cookies also help us enhance your experience and for authentication. You can manage your cookie preferences through your browser settings, though certain features of MahaTreks may not function properly without the aid of cookies.

Google OAuth Section:

  • Current Scopes: When you sign in via Google OAuth, we collect only your name, email address, and profile picture (if available) for authentication and account personalization. We do not access or store your Google password.
  • Potential Future Scopes: In the future, we may request additional Google OAuth scopes (such as gender or date of birth) only if explicitly required for specific features (e.g., age verification for treks with restricted participation or personalized fitness recommendations). Any such changes will:
    • Be clearly disclosed during the OAuth consent screen.
    • Be explained in an updated version of this Privacy Policy.
    • Never be used for advertising or sold to third parties.

2. How We Use Your Information

We use the collected information to:

  • Provide and Maintain the Service: To create and manage your account, facilitate the posting and joining of treks, and enable communication between users.
  • Improve and Personalize the Service: To understand user preferences, troubleshoot technical issues, and enhance the functionality and user experience of MahaTreks.
  • For Communication: To send you service-related notifications, updates, security alerts, and support messages. We may also occasionally send you emails to tell you about new features or solicit your feedback.
  • For Safety and Security: To detect and prevent fraudulent activities, abuse, and to ensure the security of our platform and users.
  • For Analytics and Research: To analyze usage trends, measure the effectiveness of our features, and conduct research to improve our offerings. We may release non-personally-identifying information in the aggregate, e.g., by publishing a report on trends in the usage of our Service.
  • To Enforce Our Terms: To enforce our Terms of Service and other policies, and to comply with legal obligations.

How We Use Google OAuth Data (Updated):

  • Current Use:
    • Authentication and account creation.
    • Personalizing your profile (name, email, profile picture).
  • Potential Future Use of Additional Data:
    • Date of birth: Only to verify age eligibility for certain treks or comply with legal requirements.
    • Gender: Only if you choose to share it for personalized trek recommendations (e.g., women-only treks).
  • Explicit Consent: Any additional data will only be collected after your explicit approval during the OAuth process.

3. How We Share Your Information

We do not rent or sell your potentially personally-identifying and personally-identifying information to anyone. We may share your information in the following circumstances:

  • With Other Users:
    • For Hosts: If you are a trek host, your trek details (destination, date, description, itinerary, difficulty, cost) and your public profile information (name, profile picture) will be visible to other users.
    • For Attendees: If you join a trek, your name and profile picture may be visible to the trek host and other attendees of that specific trek to facilitate communication and organization.
    • Communications: Messages exchanged through the platform's messaging features will be visible to the intended recipients.
  • With Third-Party Service Providers: We may disclose potentially personally-identifying and personally-identifying information to those of our employees, contractors, and affiliated organizations that (i) need to know that information to process it on our behalf or to provide services available at MahaTreks, and (ii) that have agreed not to disclose it to others. These include vendors who perform services such as hosting, data analytics, payment processing, customer support, and marketing. Some of these service providers may be located outside of your home country; by using MahaTreks, you consent to the transfer of such information to them.
  • For Legal Reasons: We may disclose your information if required to do so by law, in response to a court order, subpoena, or other governmental request, or when we believe in good faith that disclosure is reasonably necessary to protect the property or rights of MahaTreks, third parties, or the public at large.
  • Business Transfers: If MahaTreks, or substantially all of its assets, were acquired, or in the unlikely event that MahaTreks goes out of business or enters bankruptcy, user information would be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer of MahaTreks may continue to use your personal information as set forth in this policy.
  • With Your Consent: We may share your information with your explicit consent.

4. Google API Compliance

We adhere to Google's API Services User Data Policy:

  • Limited Use: Google data is used only for:
    • Account authentication.
    • Features directly requested by you (e.g., age verification).
  • No Surprise Scopes: We will never silently add new scopes. All changes will be communicated via:
    • Updated OAuth consent screens.
    • Revisions to this Privacy Policy (with prominent notifications).

5. Data Security

We implement reasonable technical and organizational measures to protect your personal information from unauthorized access, use, disclosure, alteration, or destruction. However, no method of transmission over the Internet or electronic storage is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

6. Your Choices and Rights

  • Account Information: You can access, update, or delete certain personal information through your account settings.
  • Communications: You may opt-out of receiving non-essential promotional communications from us by following the unsubscribe instructions in those emails or through your account settings.
  • Cookies: You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of the Service may become inaccessible or not function properly.

User Control (Enhanced Section):

  • Revoke Access: You can manage MahaTreks' access to your Google data anytime via Google Account Permissions.
  • Delete Data: Deleting your MahaTreks account erases all Google-derived data from our systems.
  • Opt-Out of Future Scopes: If we introduce optional scopes (e.g., gender), you may decline them without losing access to core features.

7. Children's Privacy

MahaTreks is not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18 without parental consent, we will take steps to delete that information.

8. Privacy Policy Changes

Although most changes are likely to be minor, we may update this Privacy Policy from time to time at our sole discretion. We will notify you of any significant changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. We encourage you to review this Privacy Policy periodically for any changes. Your continued use of this site after any change in this Privacy Policy will constitute your acceptance of such change.

Transparency Commitment:

  • We will notify users 30 days in advance via email or in-app alerts before implementing new Google OAuth scopes.
  • A summary of changes will be posted in our app's "Updates" section.

9. Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us at:

mahatreks@gmail.com

Privacy Policy

Terms of Service

All Rights Reserved. MAHATREKS © 2025