Privacy Policy

It is important to note that this privacy notice covers the processing of Personal Information only, and not business data. You can visit most pages on our Platforms without giving us any information about yourself. However, our Platforms may require you to give us your Personal Information when you make a booking or pay for our services on our Platforms or in-flight, or for any ancillary services offered through third parties on our Platforms

As mentioned in “Introduction” Section, the Personal Information collected by IndiGo will differ according to the purposes for which processing is carried out. Types of data we collect, is collectively referred to as “Personal Information”, as defined here under.

2.1  Personal Data

• This includes details about customer personal data, including but not limited to:
  • name 
  • physical address 
  • date of birth 
  • telephone or mobile number
  • e-mail address 
  • valid travel documents (such as passport and visa)
  • the company you work for (relevant to corporate bookings) 
  • booking information
  • your flight itinerary (including PNR number)
  • Gender
  • BluChip number
  • Government ID card detail ( as applicable)
  • Disability Details ( as applicable)
  • Minor (Guardian Details )( as applicable)
• This includes details about Partner’s personal data, including but not limited to:
  • Name
  • Phone Number
  • Email Address
• It also includes information that you voluntarily disclose to us when you contact us through our Platforms, whether to give us feedback on our products and services or for customer care.

2.2 Sensitive Personal Data

• Under Indian law: We may collect information such as your financial information like, credit or debit card or other payment instrument details, and your health data in case you require medical assistance.
  
• Under EU GDPR and other privacy laws: Advanced Passenger Information (API) including your passport, visa and travel information, your gender, nationality, and your health data to meet your requirements in flight (for e.g., to respond to health risks), and to provide special services such as wheelchair/Stretcher access assistance
  

2.3  Technical Data

This includes device and technical information you give us when using our Platforms such as IP addresses or other unique identifiers associated to mobile carrier, operating system, device model, Geo Location, browser type and cookie data and similar technologies.

You directly provide IndiGo with most of the Personal Information we collect. We collect Personal Information and process Personal Information when:

3.1 You provide us with your Personal Information

When you create an online account, book a flight or any other service with us either online or in person, contact us via our Platforms or through social media, contact our customer care, chat using chatbot, subscribe to receive our e-mails or mobile notifications through our apps or social media platform.

3.2 You provide your Personal Information to your travel agency, General Sales Agent, our airline codeshare partners, other companies involved in your travel plans, our flight offer partners and program partners (collectively, “Partners”)

We receive Personal Information from these Partners to handle your bookings, reservations, and other travel arrangements. For example,

• When you make a booking through a Partners , they share your Personal Information and flight itinerary with us so that we can confirm your reservation.
• We receive Personal Information through Partners to offer benefits, facilities or arrangements to members of our 6E Rewards Program. 
• We receive Personal Information through Partners to facilitate flight offers for pre-booking, cashback, promo codes, etc.

3.3 Personal Information is received from public authorities or government agencies for matters of public safety

IndiGo receives Personal Information from public authorities or government agencies related to aviation to maintain security and safety on the ground and on board. For example, we receive Personal Information of persons who have been put on a ‘No Fly List’ from the Directorate General of Civil Aviation (the “DGCA”) where disruptive passengers are banned from taking flights within, into or out of India for a specific period.

3.4 We receive Personal Information from cookies and similar technologies when you use our Platforms

IndiGo uses its own cookies as well as third-party cookies. For EU, we use only essential cookies required for the website functionality and for providing any services requested.

4.1  Providing our Services

• To handle bookings, reservations, purchases, and trips, we use your Personal Information, which includes your name, contact information, travel itinerary, and payment details.
• Use Personal Information like name, government identifier, and contact details to ensure that we can identify you as a passenger, comply with government regulations, and contact you regarding your flight, such as sending booking confirmations and updates.
• If you have specific medical needs, such as requiring wheelchair assistance, we may collect Personal Information to ensure we can provide the necessary services and accommodations to meet your requirements during your journey.
• To allow users to unsubscribe or change communication preferences.

4.2 Providing you with benefits from our loyalty program

• When you participate in our loyalty program, you may have to provide certain Personal Information as part of the enrolment process. We may share some of this Personal Information with our Partners to facilitate the loyalty program's benefits and rewards.
• We use automated tools and algorithms to manage and administer our loyalty programs effectively.

4.3 Conducting our business operations

• Fulfil obligations from the terms and conditions for the services being provided to you.
• We utilise the Personal Information you provide to communicate with you and address your inquiries. To communicate the details regarding transaction, bookings, services requested, we will use various channels such as email, WhatsApp, Short Message Service (SMS), Rich Communication Service (RCS), push notifications or any other communication channel. 
• We use Personal Information for record-keeping, fraud prevention, and dispute resolution.

4.4 Marketing purposes

• We collect your Personal Information on the basis of consent to deliver updates, special offers, promotions, and marketing communications.
• We employ various communication channels, including email, social media, and online advertising, to effectively promote our offerings.
• In case you want to opt-out of the marketing communications please use the Unsubscribe option in the marketing communication.

4.5 Statistical research

• We utilize Personal Information about individual preferences, travel history, and interactions with us to create more personalised and relevant experiences for you.
• Research trends in service use, rewards programs, and user behaviour to develop better services, design, and content of our Platforms.

4.6 For complying with statutory obligations and safety

• We share Personal Information with aviation regulatory agencies in compliance with legal requirements. This sharing is essential for ensuring aviation safety and security.
• We use Personal Information to uphold safety and security measures during flights. The collected Personal Information is instrumental in security screenings, watchlist checks, and addressing any potential security concerns.

We collect and process Personal Information to fulfil various legal and statutory obligations, like compliance with aviation laws, tax regulations, and customs requirements.

We will process and store your Personal Information, within India, for as long as it is necessary to fulfil the purpose for which it was collected, and to meet any legal, business, accounting or reporting requirements or subject to the requirements of applicable laws. When deleting your Personal Information, we will use reasonable and technically feasible methods, as mandated by relevant laws, to render the Personal Information impossible to recover or replicate, as stipulated by the applicable legal requirements.

All Personal Information you provide to us will be secured using strict procedures and security features to prevent accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access to, Personal Information transmitted, stored, or otherwise processed by us. We have implemented appropriate organizational and technical measures to ensure the protection of your Personal Information processed by us, the security practices and procedures are aligned to the ISO 27001 standard requirements. Despite these appropriate efforts to protect the Personal Information, no method of transmission over the internet is guaranteed to be secure. While we strive to protect your Personal Information at all times, we cannot guarantee its absolute security and shall not be liable for any breach of security by any party out of the control of IndiGo, including unauthorized access, modification, destruction, or disclosure of your Personal Information or any breach of security, and data protection protocols at your end or on the computer/mobile system that you use to access our Platforms or during transmission of data.

Your Personal Information is shared in the following ways in order to use your Personal Information for the specific purposes set out in Section 5 above:

7.1 Lawful and Necessary Disclosure

We only disclose your Personal Information when it is essential to fulfil the purposes for which we collect your Personal Information. Your Personal Information may be shared with authorised personnel, officers, insurers, professional advisers when reasonably required.

7.2 Engagement of Third-Parties

We engage third-party data processors to provide specific services on our behalf. We may share your Personal Information with, Partners, suppliers or sub-contractors when and to the extent reasonably required. These third-parties are provided only with the necessary Personal Information required to deliver the designated service.

7.3 Sharing with Partner Banks (With Your Consent)

With your informed consent, we may share Personal Information related to your bookings and expenditures on our Platforms with partner banks. Partner banks use this Personal Information to identify passengers who may qualify for credit cards or accounts based on their average spending on our Platforms.

7.4 Legal and Governmental Disclosures

We may disclose your Personal Information when required by law or government agencies. Such disclosures may be necessary for identity verification, prevention, detection, investigation, prosecution, or the protection of rights and personal safety.

7.5 Information Transfer as Part of Business Transactions

Information collected, including Personal Information, is considered a valuable business asset. In the event of a merger, acquisition, or other change in control of our organisation, your Personal Information may be transferred to the acquiring entity as part of the transaction. We will ensure that the acquiring entity complies with data protection laws and provides an adequate level of data security.

7.6 Sharing under Codeshare Agreements

Personal Information regarding flight bookings and trips may be shared when flights are operated under Codeshare Agreements with Partner airlines, in compliance with relevant data protection principles and requirements

IndiGo would like to make sure you are fully aware of all your data subject rights. Every user of our Platforms is entitled to the following:

8.1 Rights of the Data Subjects

8.1.1 The right to be informed

The right to know the details related to the processing of your Personal Information. In case of booking via Travel Agent, we share a copy of the itinerary to keep you informed.

8.1.2 The right to access

The right to obtain confirmation on whether Personal Information concerning you is being processed. If personal information concerning you is being processed, you have the right to request IndiGo for a copy of your Personal Information. For any further copies requested by you, we may charge you a reasonable fee based on administrative costs.

8.1.3 The right to rectification
 
The right to request that IndiGo correct any Personal Information that you believe is inaccurate. You also have the right to request IndiGo to complete the Personal Information you believe is incomplete.

8.1.4 The right to object to processing

The right to object to the processing of your Personal Information in the following cases: 

• where IndiGo is relying on the lawful ground of processing for the performance of a task carried out in the public interest or the exercise of official authority vested in IndiGo as the controller;
• processing for the purposes of the legitimate interests pursued by IndiGo as the controller; or
• by a third party

8.1.5 The right to erasure

The right to request IndiGo to erase your Personal Information in cases where your Personal Information is no longer necessary for the purpose it was collected or processed, or if it was unlawfully processed. You may also exercise this right if you have withdrawn your consent to the processing of your Personal Information where consent was the legal basis for such processing, or where you object to the processing of your Personal Information.

8.1.6 The right to restrict processing

The right to ask IndiGo to restrict the processing of your Personal Information where one of the following applies:

• You contest the accuracy of the Personal Information (IndiGo will verify the accuracy of the Personal Information being contested);
• You believe the processing is unlawful, but you do not intend to have IndiGo erase the Personal Information;
• IndiGo no longer needs Personal Information for the processing, but you require such Personal Information for the establishment, exercise, or defence of legal proceedings; and
• You have objected to the processing on the lack of legitimate grounds for the processing of Personal Information.

8.1.7 The right to data portability

The right to receive the Personal Information concerning yourself in a structured, commonly used and machine-readable format in cases where IndiGo processes your Personal Information on the legal basis of consent or the performance of a contract, and the processing is carried out by automated means. Your request can extend to requiring IndiGo to transmit your Personal Information to another controller.

8.1.8 The right to object to automated decision making

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces a legal effect concerning you or similarly significantly affects you.

8.1.9 The right to lodge complaints with appropriate Authority

The right to lodge a complaint with the appropriate Authority, which is the designated data protection authority responsible for overseeing compliance with data privacy regulations in your jurisdiction.

8.2 Additional Information 

IndiGo aims to respond promptly to your requests, typically within thirty (30) days of receiving them. This applies to requests from customers. We have mechanisms in place to facilitate and address requests, following applicable regulations. We will verify your identity before processing your request. If a request is denied, we will provide reasons for the denial, and you can use dispute resolution processes as per regulations.

We will acknowledge receipt of your requests in writing within regulatory timelines. If more data is needed, we will inform you and may take an additional two (2) months to fulfil your request. Complex requests may require additional information, and in some cases, charges may apply.

Our Platforms are not intended for minors. Moreover, our Platforms cannot distinguish the age of persons who access and use our Platforms. We strive to collect and process Personal Information of minors in the European Union (under the age of 16) and in India (under the age of 18), only where specific consent has been obtained from a parent or legal guardian. If a minor has provided Personal Information without parental or guardian consent, please contact us (see Section 12) to remove the Personal Information and unsubscribe the minor. Alternatively, if we become aware of, that Personal Information has been collected from a minor without parental or guardian consent, we will delete the Personal Information and terminate the minor’s account.

In the case of children travelling alone, we will record not only the contact details of their parent(s) or legal representative(s) but also the contact details of the people who will drop them off or pick them up at the airport to ensure safe custody.

We may need to transfer your Personal Information to countries other than your own, such as where some of our service providers are based for the fulfilment of the service which has been requested or availed. We take reasonable measures to ensure that any such transfer takes place only if the same level of protection is adhered to by the service providers as that of IndiGo, or if the country of our service providers is subject to Adequacy Decision by the European Commission

• If you reside in the EU, our transfers of Personal Information outside the European Economic Area are supported by appropriate cross-border transfer mechanisms as provided under GDPR.
• If you reside in India, our transfer of Personal Information outside India will be allowed only if it is necessary for the performance of a lawful contract.

When you visit our Platforms and follow links to third-party websites, these websites have their own privacy policies, and we do not assume responsibility for their policies or data processing practices. Before sharing Personal Information with third-party websites, we recommend reviewing their privacy policies.

If you have any questions about IndiGo’s privacy notice or your Personal Information, we hold, or you would like to exercise one of your data subject rights, please do not hesitate to contact us.

Email us at:

In accordance with the requirements of the IT Act, you may reach out to the

Grievance Officer: AppellateAuthority@goindigo.in

Data Protection Officer: 6E-DPO@goindigo.in

Call us: India: 0124-6173838, 0124-4973838

Or write to us: InterGlobe Aviation Limited, Third floor, Emaar Capital Tower 2, Mehrauli-Gurgaon Road, Gurgaon – 122 002, Haryana, India.

IndiGo keeps its privacy notice under regular review and places updates on IndiGo’s Website. Please check our website frequently to see any updates or changes to this Privacy Notice. 

This privacy notice was last updated on 10 Sep 25.