Privacy Policy

1. Introduction

Welcome to AstroKamya™ (the "Platform"), operated from Kolkata, West Bengal, India. This Privacy Policy explains how we collect, use, store, disclose, and protect your personal data when you access or use our website (astrokamya.com), mobile application, and related services (collectively, the "Services").

By accessing or using our Services, you acknowledge that you have read, understood, and consent to the practices described in this Privacy Policy. This policy is compliant with the Information Technology Act, 2000 (including amendments), the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the Digital Personal Data Protection (DPDP) Act, 2023.

2. Information We Collect

2.1 Information You Provide Directly

• Account Information: Full name, email address, mobile phone number, and password when you register for an account.
• Birth Details: Date of birth, time of birth, and place of birth — collected to generate your Vedic birth chart (Kundali), compute your Karma Score™, SoulSync™ compatibility profile, and Destiny DNA™ analysis. This data is essential to our core astrological services.
• Shipping Address: Residential or delivery address, city, state, PIN code — required for delivering crystal bracelet orders.
• Payment Information: UPI ID, card details (card number, expiry, CVV), net banking credentials, and billing address. Note: Payment processing is handled entirely by Razorpay. AstroKamya does not store your complete card number or CVV on our servers.
• Communication Data: Any messages, feedback, reviews, or support requests you send to us via email, chat, or our contact form.

2.2 Information Collected Automatically

• Device Information: IP address, browser type and version, operating system, device type, screen resolution, and unique device identifiers.
• Usage Data: Pages viewed, time spent on each page, click patterns, scroll depth, products browsed, items added to cart, and purchase history.
• Location Data: Approximate geographic location derived from your IP address (not precise GPS location).
• Referral Data: The website or source that directed you to our Platform.

2.3 Information from Third Parties

• Social Login: If you sign in via Google or other social accounts, we receive your name, email, and profile picture as permitted by your social account settings.
• Payment Confirmation: Transaction status and order identifiers from Razorpay.
• Shipping Updates: Delivery status and tracking information from Shiprocket and its logistics partners.

3. How We Use Your Information

We use your personal data for the following purposes:

• Service Delivery: Generate your Vedic birth chart, Karma Score™, SoulSync™ compatibility, and Destiny DNA™ analysis using the birth details you provide.
• Order Fulfillment: Process crystal bracelet orders, manage payments, and arrange shipping and delivery.
• Personalisation: Recommend crystals, bracelets, and astrological insights tailored to your birth chart and browsing history.
• Communication: Send order confirmations, shipping updates, transit alerts, weekly horoscope insights, and promotional offers (with your consent).
• Customer Support: Respond to your queries, complaints, and return/refund requests.
• Analytics & Improvement: Analyse usage patterns to improve our website, app, products, and customer experience.
• Legal Compliance: Comply with applicable laws, regulations, and legal processes, including GST invoicing requirements.
• Security & Fraud Prevention: Detect, prevent, and address fraudulent transactions, security threats, and terms violations.

4. Cookies & Analytics

4.1 Cookies We Use

• Essential Cookies: Required for site functionality — authentication tokens, session management, cart persistence, and security cookies.
• Analytics Cookies: We use Google Analytics (Measurement ID: G-D89L4SBL5E) to understand how visitors interact with our Platform. Google Analytics uses cookies to collect anonymised usage data including pages visited, session duration, and traffic sources.
• Preference Cookies: Remember your language, region, and display preferences (e.g., dark mode, currency).

4.2 Managing Cookies

You can control or delete cookies through your browser settings. Disabling essential cookies may affect your ability to use certain features of our Platform, including account login and shopping cart functionality. For more information about managing cookies, visit allaboutcookies.org.

4.3 Google Analytics Opt-Out

You may opt out of Google Analytics tracking by installing the Google Analytics Opt-out Browser Add-on.

5. Third-Party Sharing

We do not sell your personal data. We share your information only with trusted third-party service providers who assist us in operating our business, and only to the extent necessary:

5.1 Payment Processing

Razorpay Software Private Ltd. — Processes all online payments (UPI, credit/debit cards, net banking, wallets). Razorpay is PCI-DSS Level 1 compliant and is regulated by the Reserve Bank of India (RBI). Your payment data is transmitted directly to Razorpay's secure servers. Razorpay's Privacy Policy →

5.2 Shipping & Logistics

Shiprocket (Bigfoot Retail Solutions Pvt. Ltd.) — Manages order shipping, tracking, and reverse pickups. We share your name, phone number, and delivery address with Shiprocket to fulfil your orders. Logistics partners include Delhivery, BlueDart, DTDC, and Ecom Express. Shiprocket's Privacy Policy →

5.3 E-Commerce Platform

Shopify Inc. — Powers portions of our e-commerce backend, including inventory management and order processing. Shopify's Privacy Policy →

5.4 Analytics

Google LLC (Google Analytics) — Collects anonymised website usage data for analytics purposes. Google's Privacy Policy →

5.5 Legal Disclosures

We may disclose your personal data if required by law, court order, or governmental regulation, or if we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.

6. Data Security

We implement industry-standard security measures to protect your personal data:

• Encryption: All data transmitted between your browser and our servers is encrypted using 256-bit SSL/TLS encryption.
• Access Control: Access to personal data is restricted to authorised personnel only, on a need-to-know basis, with role-based access controls.
• Payment Security: Payment data is processed by Razorpay (PCI-DSS Level 1 compliant) and is never stored on our servers in plain text.
• Infrastructure: Our servers and databases employ firewalls, intrusion detection systems, and regular security audits.
• Incident Response: We maintain a breach notification procedure in compliance with the DPDP Act, 2023, and will notify the Data Protection Board of India and affected users within the prescribed timelines.

7. Data Retention

We retain your personal data for as long as necessary to fulfil the purposes described in this Privacy Policy, unless a longer retention period is required by law:

• Account Data: Retained for the duration of your account's existence. Upon account deletion, your data will be erased within 90 days, subject to legal and regulatory retention requirements.
• Transaction Records: Retained for a minimum of 8 years as required under Indian tax and GST laws.
• Birth Chart Data: Retained for the duration of your account to provide ongoing astrological services. Deleted upon account deletion.
• Analytics Data: Anonymised analytics data may be retained indefinitely for business intelligence and product improvement purposes.
• Communication Records: Customer support communications are retained for 3 years for quality assurance and dispute resolution.

8. Your Rights

Under the DPDP Act, 2023, and applicable Indian laws, you have the following rights as a Data Principal:

• Right to Access: Request a summary of your personal data being processed and the processing activities performed.
• Right to Correction: Request correction of inaccurate or incomplete personal data.
• Right to Erasure: Request deletion of your personal data, subject to legal retention requirements (such as GST records).
• Right to Withdraw Consent: Withdraw your consent for data processing at any time. This will not affect the lawfulness of processing conducted prior to withdrawal.
• Right to Grievance Redressal: Lodge a complaint about data processing with our Grievance Officer or with the Data Protection Board of India.
• Right to Nominate: Nominate another individual to exercise your data rights in the event of your death or incapacity, as per the DPDP Act.

To exercise any of these rights, please contact us at care@astrokamya.com. We will respond to your request within 30 days.

9. Children's Privacy

Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If you are a parent or guardian and believe that your child has provided us with personal data, please contact us at care@astrokamya.com and we will promptly delete such information.

Where birth chart services are requested for a minor, we require verifiable parental consent in compliance with Section 9 of the DPDP Act, 2023.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

• Update the "Last Updated" date at the top of this page.
• Notify registered users via email if the changes materially affect how we process your data.
• Display a prominent notice on our Platform for at least 7 days following a material update.

We encourage you to review this Privacy Policy periodically. Your continued use of the Services after any changes constitutes acceptance of the revised policy.

11. Contact Us