Privacy Policy
Last updated: June 2026. This policy describes how Sri Panchami Spiritual collects, uses, stores, and protects your personal information when you use our website, products, and services.
1. Information We Collect
Information you provide directly:
• Account registration: name, email address, phone number, and shipping address.
• Order processing: billing address, payment information (processed by third-party gateways — we do not store full card details).
• Consultation services: messages exchanged with astrologers, call metadata, and session preferences.
• Contact forms: name, email, phone, and message content when you reach out via our contact page or support widget.
• Reviews and ratings: content you voluntarily submit about products or astrologers.
Information provided via Google OAuth: When you sign in with Google, we receive your name, email address, and profile picture (avatar) from your Google account, subject to your consent on Google's consent screen. We do not access your Google Drive, Calendar, Contacts, or any other Google services.
Information collected automatically via Google Analytics: We use Google Analytics 4 (GA4) and may use Google Ads conversion tracking to understand how visitors use our website. These services collect anonymised data including pages visited, time on site, referral source, device type, and general geographic location (city-level). IP addresses are anonymised before storage. No personally identifiable information is transmitted to Google Analytics.
• Device information: browser type, operating system, IP address, and device identifiers.
• Usage data: pages visited, time spent, referral source, and navigation patterns.
• Cookies and similar tracking technologies as described in Section 5.
2. How We Use Your Information
We use the collected information for the following purposes:
• To process and fulfil your orders, including payment verification, shipping, and delivery updates.
• To provide, maintain, and improve our astrology consultation services.
• To communicate with you about your account, orders, bookings, and customer support inquiries.
• To send promotional offers, new product announcements, and spiritual content — only with your explicit consent. You may opt out at any time.
• To detect, prevent, and address fraud, security incidents, and abuse of our platform.
• To comply with legal obligations, including tax reporting and record-keeping under Indian law.
• To analyse usage patterns and improve website performance, user experience, and product offerings.
3. Legal Basis for Processing (GDPR Compliance)
While we primarily serve customers in India, we respect the privacy rights of users from the European Economic Area (EEA). If you are an EEA resident, we process your personal data based on the following lawful grounds:
• Contractual necessity: To fulfil orders, bookings, and provide consultation services.
• Legitimate interests: To improve our services, prevent fraud, and ensure platform security.
• Consent: For marketing communications and non-essential cookies.
• Legal obligation: To comply with applicable laws and regulatory requirements.
4. Payment Security
All payment transactions are processed through PCI-DSS compliant third-party gateways, including Razorpay. We implement the following security measures:
• SSL/TLS encryption (256-bit) for all data transmitted between your browser and our servers.
• Tokenisation of payment data — your full card details are never stored on our servers.
• Order creation via Razorpay's REST API — only the order amount (in paise), currency (INR), and a unique receipt identifier are sent to Razorpay for order creation. Customer details such as name, email, and phone are collected by Razorpay's client-side checkout popup at the time of payment, directly on their PCI-DSS compliant page.
• Regular security audits and vulnerability assessments.
• Restricted employee access to personal data on a need-to-know basis.
• Razorpay's payment pages are fully PCI-DSS Level 1 compliant, the highest security standard in the payments industry.
5. Cookies & Tracking
We use cookies and similar technologies to enhance your browsing experience:
Essential cookies: Required for session management, cart functionality, and user authentication. These cannot be disabled.
Google Analytics cookies (_ga, _gid, _gat): Set by Google Analytics 4 to distinguish users, throttle request rate, and generate anonymised usage statistics. These are first-party cookies and do not contain personally identifiable information.
Google Ads cookies: Used for conversion tracking when you arrive via a Google Ads campaign. These cookies enable us to measure the effectiveness of advertising campaigns.
Functional cookies: Remember your preferences, language, and region for a personalised experience.
Marketing cookies: Used only with your explicit consent to deliver relevant promotional content.
You can manage cookie preferences through your browser settings. Disabling essential cookies may prevent certain features from functioning correctly. We do not use cookies for cross-site behavioural tracking.
6. Data Sharing & Disclosure
We do not sell, rent, or trade your personal information to third parties. We may share your data with trusted service providers who assist in operating our business, under strict confidentiality agreements:
• Payment processors: Razorpay for secure payment handling. When you pay via Razorpay, your name, email, phone number, and order amount are shared with Razorpay's PCI-DSS Level 1 compliant platform to process the transaction. Your full card details are entered directly on Razorpay's secure page — we never see or store them.
• Google Analytics & Google Ads: Anonymised usage data (pages visited, browser type, device category, referral source) is shared with Google LLC for analytics and advertising performance measurement. IP addresses are anonymised before transmission. This data cannot be used to identify you personally.
• Google OAuth: When you sign in with Google, your name, email address, and profile picture are shared with us through Google's secure OAuth 2.0 protocol. Google shares only the data you explicitly authorise on the consent screen.
• Shipping partners: Courier companies for order delivery, limited to your name, phone number, and shipping address.
• Cloud infrastructure: Hosting providers for website and data storage.
• Legal compliance: Government authorities when required by law or to protect our legal rights.
All third-party providers are contractually bound to use your data only for the specified purposes and to maintain adequate security measures.
7. Data Retention
We retain your personal information for as long as your account is active or as needed to provide you with services. Specifically:
• Account data: retained until account deletion plus 90 days for backup purposes.
• Order records: retained for 7 years as required by Indian tax and accounting laws.
• Consultation messages: retained for 3 years after the session for quality and dispute resolution.
• Marketing preferences: retained until you opt out or delete your account.
• Analytics data: retained in anonymised form indefinitely for trend analysis.
After the retention period, data is securely deleted or anonymised.
8. Your Rights
Depending on your jurisdiction, you have the following rights regarding your personal data:
• Right to access: Request a copy of the personal data we hold about you.
• Right to rectification: Correct inaccurate or incomplete data.
• Right to erasure ("Right to be forgotten"): Request deletion of your data, subject to legal retention requirements.
• Right to restrict processing: Limit how we use your data in certain circumstances.
• Right to data portability: Receive your data in a structured, machine-readable format.
• Right to object: Opt out of marketing communications and certain data processing activities.
• Right to withdraw consent: Withdraw previously given consent at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, contact us at sripanchamispiritual@gmail.com. We will respond within 30 days as required by applicable law.
9. Data Security
We implement industry-standard technical and organisational measures to protect your personal information:
• SSL/TLS encryption for all data in transit.
• Encrypted storage for sensitive data at rest.
• Regular security patches and updates to our systems.
• Employee training on data protection and privacy best practices.
• Access controls restricting data access to authorised personnel only.
• Incident response procedures for timely handling of any security breaches.
While we strive to protect your data, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security but will notify you promptly if a breach affects your personal data.
10. Third-Party Links & Services
Our website may contain links to third-party websites, including social media platforms, payment gateways, and informational resources. We are not responsible for the privacy practices or content of these external sites. We encourage you to review their privacy policies before providing any personal information. This Privacy Policy applies solely to data collected by Sri Panchami Spiritual through our Website.
Third-party services we use:
• Google LLC (Google Analytics, Google Ads, Google OAuth): Google's use of information collected through our website is governed by Google's Privacy Policy (policies.google.com/privacy). You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.
• Razorpay: Payment processing is governed by Razorpay's Privacy Policy (razorpay.com/privacy) and Terms of Service (razorpay.com/terms).
11. Children's Privacy
Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately. We will take steps to delete such information promptly. If we become aware that a child under 18 has provided us with personal data without parental consent, we will delete it from our records.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. Updates will be posted on this page with an updated "Last updated" date. Material changes will be communicated via email to registered users or through a prominent notice on our website. We encourage you to review this policy periodically to stay informed about how we protect your information.
13. Grievance Officer
In compliance with the Information Technology Act, 2000 and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, the contact details of our Grievance Officer are:
Name: Sri Panchami Spiritual Grievance Officer
Email: sripanchamispiritual@gmail.com
Response Time: Within 48 hours of receipt of grievance (excluding public holidays)
14. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Email: sripanchamispiritual@gmail.com
Phone: +91 97894 44037 | +91 97894 44038
Business Hours: Monday–Saturday, 9:00 AM – 8:00 PM IST