Skip to content Skip to footer

Digi Yatra Foundation (DYF) Privacy Policy

DYF is a not-for-profit company incorporated under section 8 and registered under the Companies Act 2013, for the implementation of a digital ecosystem aimed at streamlining air travel pursuant to the Digi Yatra Policy issued by Ministry of Civil Aviation (“MOCA”).

Ensuring Your Data Security in Airports

DYF is developing the Digi Yatra Central Ecosystem (“DYCE”) that provides a unique and memorable digital travel experience for air travellers (passengers) using real time selfie-based facial biometric validation.

The DYCE enable creation of digital verifiable credentials and allows sharing of the digital verifiable credentials for identity, travel, health and any other credentials as needed in the future for the purpose of achieving a seamless, hassle-free travel at all airports in India using a single token face biometric, Decentralised Identifiers (DIDs), Verifiable Credentials (VCs) using the concept of Self-Sovereign Identity (SSI) on W3C standards.


Data privacy, sometimes also referred to as information privacy, is an area of data protection that concerns the proper handling of sensitive data including, notably, personal data and other confidential data, such as certain financial data and intellectual property data, to meet regulatory requirements as well as protecting the confidentiality and integrity of the data.

This policy deals with privacy and protection of personal and sensitive data or information collected from Individual/s, User/s who are either customers, employees, partners, passengers etc. of Digi Yatra Foundation (DYF), through platforms such as website, mobile app, email, self-service kiosks, or any form of digital application. Information from individuals using any of DYF published internet websites & applications, will only be used in the manner described in this policy (“DYF Services”).

By using DYF Services you agree to our use of your Personal Information (including Sensitive Personal Information) in accordance with this Privacy Policy, as may be amended from time to time by us at our discretion. You also agree and consent to us collecting, storing, processing, transferring, and sharing your personal information (including sensitive personal information) with third parties or service providers for the purposes set out in this Privacy Policy.

Personal Information subject to this Privacy Policy will be collected and retained by DYF having a registered office at I.A.A Niamar T/Center, IGI Airport, New Delhi – 110037, India.


This policy intends to maintain the privacy of DYF employees, contractors, vendors, partners, customers, users of DYF public facing platforms, by protecting their Personal Information and ensuring compliance with applicable laws and regulations of Govt. of India. It also clarifies how we collect, process, and store Personal Information.Some amount of Personal Information is collected to provide products and services; for identity verification and other compliance requirements of government bodies, regulatory, statutory judicial and quasi-judicial authorities, to improve customer experience; to improve DYF public facing web portal and applications.


In this privacy policy, the following definitions are used:

Data: means a representation of information, knowledge, facts, concepts or instructions which have been prepared in a formalised manner, and is intended to be processed, is being processed or has been processed in a computer system or computer network and may be in any form (including computer printouts magnetic or optical storage media, punched cards, punched tapes) or stored internally in the memory of the computer.

Cookies: A small file placed on user’s computer by DYF platforms when a user accesses these applications or websites. A cookie generally allows platforms to “remember” user actions or preference for a certain period

DYF: Digi Yatra Foundation is a not-for-profit company under section 8 of the Companies Act 2013, formed with a shareholding of Airport Authority of India (AAI) of 26% shares, and the rest 74% shares equally divided between the five PPP airports in India, Viz. Cochin International Airport (CIAL), Bangalore International Airport (DYF), Delhi International Airport Ltd. (DIAL) & Hyderabad International Airport Ltd (HIAL) and Mumbai International Airport Ltd. (MIAL). User, Individual or Provider of Information: The natural person who accesses DYF platforms and provide personal data or information to DYF or any of the partner service providers.

Website: Collection of web pages and related content that is identified by a common domain name and published on at least one web server.

Collection: The act of gathering, acquiring, or obtaining Personal Information for the purpose of delivering a service or complying with a regulatory requirement.

Consent: Voluntary agreement towards the collection, use and sharing of Personal Information for a stated purpose.

Contractors, vendors: Individuals or companies who provide services to or on-behalf of DYF and the DYCE partner airports, airlines and other concessionaires that conduct business for delivering services to passengers.

Partners, customers: Include airport operators, airlines, concessionaires including retail outlets that conduct business of delivering services to passengers.

Disclosure: Making Personal Information available to government bodies when required or to third parties for or in relation to delivery of services

Personal Information: means any information that relates to a natural person, which, either directly or indirectly, in combination with other information available or likely to be available with a body corporate, is capable of identifying such person.

Sensitive Personal Data or Information: Sensitive personal data or information of a person means such personal information which consists of information relating to:

  • Password
  • Financial information such as Bank account or credit card or debit card or other payment instrument details
  • Physical, physiological, and mental health condition
  • Sexual orientation
  • Medical records and history
  • Biometric information
  • Any detail relating to the above clauses as provided to body corporate for providing services.
  • Any of the information received under above clauses by body corporate for processing, or which is stored or processed under lawful contract or otherwise, Provided  that, any information that is freely available or accessible in public domain or furnished under the Right to Information Act, 2005 or any other law for the time being in force shall not be regarded as sensitive personal data or information for the purposes of this policy.


This policy applies to all Personal Information, of employees, contractors, vendors, partners, customers, and passengers collected and maintained by DYF, its employees, and outsourced entities responsible for processing Personal Information on behalf of the company.

This policy also applies to all Personal Information or Data processed online by DYF (regardless of how such personal data is collected).

DYF may collect such Personal Information or Data through its customer interface touchpoints (such as manned customer service counters and self-help automated kiosks), social media sites, websites, mobile applications and domains or other platforms (collectively, the “Platforms”), which include but are not limited to.

DYF website:

DYF mobile application (Android & iOS): Digi Yatra App

DYF is not responsible for verifying, certifying or establishing the authenticity of the Personal Information or Data, supplied by the user/provider.

Type of data collected

DYF will collect personal data from an individual when it considers the Personal Information reasonably required for the relevant purposes underlying such processing. Examples of personal data which may be collected by DYF include the following:

Identity and Contact Data, such as name, address, telephone number, date of birth, country of nationality or residence, national identification number, employment history, educational background, professional qualifications, job title and function, biometric data, and other personal data concerning provider of information relevant to DYF goods and services.

Business Information, such as information provided during contractual relationship with user or user’s organisation and DYF, or otherwise voluntarily provided by user or user’s organisation.

Profile, Usage and Technical Data, such as passwords to DYF platforms, user preference in receiving marketing information, communication preference, IP address, login data, browser type and version and device type

Video or Image data, images or video provided or captured with consent on Mobile Apps, kiosks systems or e-gates at airport checkpoints etc. when individuals visit the airport or DYF premises

Information shared with DYF

Individuals or DYF platform users provide Personal Information, or Data through various means:

  • Individuals who use DYF website, mobile or web applications.
  • Individuals who subscribe or register to memberships, competitions, promotions, surveys or receive information from DYF e.g., DYF newsletter.
  • Individuals who apply for products or services.
  • Individuals who create an account on DYF platforms.
  • Individuals who provide feedback to DYF via DYF websites.
  • Individuals who connect to Wi-Fi at airports across India and DYF premises.
  • Job applicants.
  • Images or video captured by DYCE Apps, Kiosks or e-gates at the airport checkpoints.

Data collected automatically

Data may be collected automatically from user of DYF platforms. DYF web servers or affiliates who provide analytics and performance enhancement services collect IP address, operating system details, browsing details, device details and language settings. This information is aggregated to measure the number of visits, average time spent on the site, pages viewed and similar information. DYF uses this information to measure the site usage, improve content and to ensure safety and security, as well enhance performance of DYF Platforms.

Purpose and Use of data

Your personal data is processed to establish your identity, validate your travel document and any other requirements for your travel as needed from time to time subject to the protection of High Level Data Privacy Guidelines as per the Digi Yatra Policy issued by the MoCA. Personal Information shared while registering or subscribing to a service or product on the DYCE platforms, will be used solely for the service or its closely related purposes. Specifically, data may be used for the following reasons:

  • Improvement of products or services
  • Contact for survey or feedback which may be done using email or mail
  • To process user/customer requests (such as replying to queries)
  • To communicate activities such as marketing campaign, events, programs, promotions for which   consent is taken appropriately.
  • To comply with Laws and regulations of Govt. of India.
  • For security purposes including to protect DYF customers, employees and websites and apps

Data Sharing

DYF may share individual’s/users’ personal data with:

  • DYF employees, advisers, agents and third parties who provide services on DYF’s behalf insofar as reasonably necessary for the purpose the information is sought for.
  • DYF controlled affiliates and subsidiaries and other entities within the DYF, to assist them to reach out to user in relation to their programs or campaigns (including marketing and sales) and to process individual’s query / requests
  • Service-providers who assist in protecting and securing DYF systems and provide services to DYF.
  • Successors or assigns to whom DYF may assign or transfer the functions in whole or part.
  • In most cases, DYF will not disclose Personal Information to others unless there is a consent to the same. However, there will be circumstances where DYF may disclose Personal Information without user’s consent as required by law to disclose information or where the information is required to prevent or detect a crime. In the case of all disclosures, DYF will always ensure that the disclosure is legitimate and appropriate for the purpose for which the information is sought to be disclosed.

Unsolicited Information

Unsolicited Personal Information, e.g., information in emails or public posts on message boards, will be regarded as having been given DYF consent to use the data for a related purpose, on a non-confidential basis, and DYF shall be free to use, disclose, and distribute such unsolicited personal data without limitation or attribution. DYF will strive to take reasonable steps to destroy or obscure unsolicited personal data that DYF has no purpose for, but it cannot guarantee that all unsolicited personal data will be disposed of from the given system and operational limitations. User bears responsibility for oversharing personal data beyond what has been requested.

Data protection

DYF ensures security of Personal Information by adopting reasonable data protection practices such as internal policies, periodic security audits, adherence to code of conduct, data security techniques privacy principles,

data privacy by design techniques, personal data guidelines and certification mechanism. Employees of DYF responsible for handling Personal Information on behalf of company or regulatory body are mandated to follow ethical code of conduct when processing Personal Information which is considered sensitive and hence classified as confidential.

To prevent unauthorized disclosure or access to Personal Information, which are compliant with prevailing IT laws and for all the Aadhaar related transactions, compliant with Aadhaar (Targeted Delivery Of Financial and other Subsidies, Benefits And Services) Act, 2016. DYF has implemented physical and cyber security safeguards. Transmission channels are encrypted, and access to information is restricted to authorized individuals on need-to-know basis.

Retention of Personal Data

DYF will retain any Personal Information only for a minimum duration of time as prescribed in the Digi Yatra Policy issued by the Govt. of India. As long as it is necessary for the stated purpose, and / or for compliance with legal requirements under applicable laws, Information will be retained in a secure environment and access to it will be restricted according to a ‘need to know’ basis.

When the Personal Information collected is no longer required, DYF and its’ partners will destroy or delete it in a secure manner.

Data Storage & processing

In general, Personal Information collected and processed under this policy is hosted within India. DYF takes steps to ensure that the data collected under this privacy policy is processed according to the provisions of this policy and the requirements of applicable laws of India.

Links to other websites

DYF public website and applications may contain links to other third-party sites. DYF is not responsible for the content and privacy practices of those third-party websites. DYF is not responsible for protection & privacy of information shared by users in those third-party sites, while accessing through links from DYF website.


DYF uses Cookies to improve user experience of using DYF platforms. For example, cookies for marketing & analytics purpose which is necessary to display content in expand / collapse format on pages.

Before DYF websites and applications place cookies on user’s systems, user may be presented with a message bar requesting his/her consent to set those Cookies. User may wish to turn down the consent; however certain features of DYF platforms may not function fully or as-intended.

User can choose to enable or disable cookies in internet browser. By default, most internet browsers accept cookies, but this can be changed. User can choose to delete cookies at any time. However, user may lose any information that enables quick access to the website and personalisation settings.

Changes to privacy policy

DYF reserves the right to change, alter, modify, or add terms in this privacy policy when it may deem necessary. Material Changes to privacy policy will be updated on the DYF platform and communicated as required by law Please check our site periodically for updates.


The Information Provider(s) of public facing websites or applications may approach DYF if he/ she or they have any grievance(s), question(s) or concern(s) with respect to the processing and use of their Personal Information. If you have any questions about this Policy or other privacy concerns, you can also email us at


If you choose to use the DYF Platform, your visit and any dispute over privacy is subject to this Policy. In addition to the foregoing, any disputes arising under this Policy shall be governed by the laws of India.

Download The App

Scan the relevant QR code with your
phone to download the digi yatra app.

Download The App

Scan the relevant QR code with your
phone to download the digi yatra app.