Back to Home

Privacy Policy

Your privacy is important to us. This policy explains how we collect, use, and protect your data when you use Atithi Cloud.

Issued By

Sudha Software Solutions Private Limited

CIN: U62099JH2025PTC023777

Effective Date

16 January 2026

Last Updated

16 January 2026

1

INTRODUCTION

This Privacy Policy (“Policy”) governs the collection, processing, storage, usage, protection, and disclosure of information when you access or use Atithi Cloud, an AI-powered hotel management Software-as-a-Service platform (“Platform”, “Service”).

Atithi Cloud is owned, developed, operated, and controlled by Sudha Software Solutions Private Limited, a company incorporated under the Companies Act, 2013, having its registered office at:

01, Ground Floor, BOI Zonal Audit Office Building, Pragati Path Chutia, Ranchi, Jharkhand – 834001, India

By accessing or using Atithi Cloud, you expressly consent to the practices described in this Policy. If you do not agree, you must immediately discontinue use of the Platform.

2

LEGAL COMPLIANCE FRAMEWORK

This Policy is drafted in compliance with:

Information Technology Act, 2000
IT (Reasonable Security Practices and SPDI) Rules, 2011
Digital Personal Data Protection Act, 2023 (India)
Bharatiya Nyaya Sanhita (BNS), where applicable
Indian Contract Act, 1872
General Data Protection Regulation (GDPR)
CERT-In Directions
Industry best practices (ISO 27001, OWASP)
3

DEFINITIONS

3.1 Personal Data

Any information that identifies or relates to an identifiable individual (name, phone, email, IP address, etc.).

3.2 Sensitive Personal Data

Includes passwords, financial data, biometric data, health data, government IDs, or similar sensitive information.

Important: Atithi Cloud does not store raw card or banking information. Payments are processed exclusively via secure third-party gateways.

3.3 Hotel Data

Data uploaded by hotels, including guest records, bookings, invoices, preferences, documents, and operational data.

3.4 Processing

Includes collection, storage, transmission, analysis, modification, deletion, or anonymisation.

4

INFORMATION WE COLLECT

4.1 Provided Directly

  • • Hotel owner/admin name
  • • Business details (GST, address)
  • • Email, phone number
  • • Staff accounts & roles
  • • Uploaded documents
  • • Guest booking data
  • • Billing metadata

4.2 Automated Data

  • • IP address
  • • Browser & device details
  • • Login timestamps
  • • API logs
  • • Usage analytics
  • • Error reports
  • • Security logs

4.3 Cookies

  • • Essential cookies
  • • Security cookies
  • • Performance cookies
  • • Third-party analytics
  • Disabling cookies may affect functionality.
5

PURPOSE OF DATA PROCESSING

We process data strictly for lawful purposes, including:

  • Account creation and authentication
  • Hotel and guest management operations
  • AI-based analytics and automation features
  • Subscription management and invoicing
  • Fraud prevention and abuse detection
  • Platform security and monitoring
  • Legal compliance and regulatory reporting
  • Customer support and service communication
  • Product improvement and optimisation

    • We do not sell personal data.

    6

    HOTEL’S RESPONSIBILITY FOR GUEST DATA

    Hotels using Atithi Cloud act as Data Fiduciaries / Data Controllers for guest data entered into the Platform.

    The Company:

    • Acts only as a technology service provider
    • Does not independently verify guest data accuracy
    • Is not responsible for consent obtained by hotels from guests

    Hotels must ensure:

    • Lawful collection of guest data
    • Proper notices to guests
    • Compliance with applicable hospitality and privacy laws
    7

    AI FEATURES DISCLAIMER

    Atithi Cloud uses AI and automation for insights, predictions, and optimisations.

    • AI outputs are advisory only
    • We do not guarantee accuracy or outcomes
    • Decisions taken based on AI outputs are solely the user’s responsibility
    8

    DATA SHARING & DISCLOSURE

    8.1 Service Providers

    We share data with trusted vendors (Cloud hosting, Payment gateways, Email/SMS providers, Analytics, Security tools) who are bound by confidentiality.

    8.2 Legal & Regulatory

    Data may be disclosed to Courts, Law enforcement, CERT-In, DPDP Board, Tax authorities.

    8.3 Business Transfers

    In case of merger or acquisition, data transfer is subject to safeguards.

    9

    DATA RETENTION

    • Account dataUntil deletion
    • Transaction dataMin. 8 years
    • Logs & backups90–365 days
    • AI training dataAnonymised only
    10

    USER RIGHTS

    Depending on jurisdiction, you may request:

    AccessCorrectionDeletionWithdraw ConsentData PortabilityObjection
    contact@sudhasoftwaresolutions.com

    11. SECURITY MEASURES

    We use AES-256, TLS 1.3, RBAC, MFA, and regular audits. We are not liable for user negligence or zero-day exploits.

    12. CHILDREN’S DATA

    Platform not for under-18s. We do not knowingly collect minor's data.

    13. CROSS-BORDER TRANSFERS

    Data may be processed in India, USA, Europe, Singapore with appropriate safeguards.

    14. DATA BREACH RESPONSE

    Immediate containment, notification to users/authorities where mandated.

    15. LIMITATION OF LIABILITY

    No liability for indirect damages. Capped at last 3 months fees or ₹5,000.

    16. INDEMNIFICATION

    You agree to indemnify us for claims arising from your policy violation or misuse.

    18. GRIEVANCE OFFICER

    Bipin Kumar

    Grievance Officer

    19. CONTACT DETAILS

    Sudha Software Solutions Private Limited
    01, Ground Floor, BOI Zonal Audit Office Building,
    Pragati Path, New Makchund Toli, Babu Bazar,
    Ranchi, Jharkhand – 834001

    contact@sudhasoftwaresolutions.com
    +91 6204351245

    20. GOVERNING LAW & JURISDICTION

    This Policy is governed by the laws of India. All disputes are subject to exclusive jurisdiction of courts in Ranchi, Jharkhand.