Privacy Policy

This Privacy Policy applies to all users of the AstroMaitri platform, accessible at astromaitri.com and through our mobile applications. It explains what data we collect, why we collect it, how we use it, who we share it with, and your rights regarding your personal data.

By registering on or using the Platform, you consent to the collection and processing of your personal data as described in this Privacy Policy. You may withdraw consent at any time by contacting us at privacy@astromaitri.com.

A. Personal Information

• Name, age, gender, and date of birth
• Mobile number and email address
• Photographs and profile images
• Birth time and place of birth (for kundli and astrological analysis)
• Religion, caste, sub-caste, mother tongue, and gotra
• Educational qualifications and professional details
• Family background and marital history
• Location — city and state of residence

B. Sensitive Personal Data (as per SPDI Rules, 2011)

• Financial information: Payment details processed via Razorpay (we do not store card numbers or full banking credentials)
• Biometric data: If face verification is enabled for identity confirmation
• Health information: Only if voluntarily disclosed by the user in their profile

C. Technical Information

• IP address, device type, operating system, and browser
• App usage data — pages visited, features used, session duration
• Crash reports and diagnostics (via Sentry)
• Push notification tokens (for horoscope and match alerts via Firebase)
• Cookies and local storage identifiers

We process your personal data for the following purposes:

• To provide matrimony matchmaking services and show relevant profile recommendations
• To generate kundli, birth charts, and astrological analysis based on your birth details
• To power our AI-based compatibility matching algorithm
• To send OTP for authentication and verification via SMS through Twilio
• To deliver horoscope notifications and match alerts via Firebase
• To process subscription payments securely via Razorpay
• To improve our AI matching model using anonymised, aggregated data
• To monitor platform performance and errors via Sentry
• To conduct usage analytics to improve user experience via PostHog
• To comply with legal obligations under applicable Indian law

We do not sell, rent, or trade your personal data to third parties. We share your information only in the following limited circumstances:

• Razorpay — For payment processing. PCI DSS compliant. Only transaction metadata is shared; full card data is handled exclusively by Razorpay.
• Twilio — For SMS-based OTP authentication and verification.
• Supabase — For database hosting and authentication infrastructure. SOC 2 Type II compliant, hosted on AWS.
• Firebase (Google Cloud) — For push notifications (horoscope alerts, match notifications).
• Sentry — For error monitoring and crash diagnostics. No personally identifiable data is intentionally sent to Sentry.
• PostHog — For product analytics. Data is anonymised and aggregated where possible.
• Law Enforcement: Where required by applicable Indian law, court order, or to protect the rights, safety, or property of AstroMaitri and its users.

All third-party processors are bound by Data Processing Agreements and are contractually required to protect your data.

We implement reasonable security practices and procedures as required under the SPDI Rules, 2011, including:

• SSL/TLS encryption for all data in transit
• Encrypted storage for sensitive data at rest
• Role-based access controls — only authorized personnel can access personal data
• Regular security audits and vulnerability assessments
• Secure authentication via Supabase (including multi-factor support)

Data is stored on Supabase servers hosted on AWS infrastructure with enterprise-grade security, redundancy, and backup systems.

While we employ industry-standard safeguards, no system is completely immune to security risks. We encourage you to use a strong, unique password and report any suspected unauthorized access immediately to grievance@astromaitri.com.

Under Indian law (SPDI Rules, 2011; DPDP Act, 2023) and GDPR, you have the following rights:

• Right to Access: Request a copy of the personal data we hold about you.
• Right to Correction: Request correction of inaccurate or incomplete personal data.
• Right to Deletion: Request deletion of your account and associated personal data.
• Right to Withdraw Consent: Withdraw your consent for non-essential data processing at any time.
• Right to Data Portability: Receive your personal data in a commonly used, machine-readable format.
• Right to Object: Object to processing of your data for direct marketing or profiling purposes.

To exercise any of these rights, contact us at privacy@astromaitri.com or visit our /delete-account page for immediate account and data deletion.

• Active account data: Retained for as long as your account remains active.
• Deleted account data: Personal data is purged within 30 days of account deletion request.
• Payment records: Retained for 7 years as required under the Income Tax Act, 1961 and GST laws.
• Analytics data: Anonymised and aggregated analytics data retained for up to 12 months.
• Legal hold: Where required by law or pending legal proceedings, data may be retained beyond the above periods.

AstroMaitri uses the following types of cookies and tracking technologies:

• Essential Cookies: Required for login sessions, security tokens, and core platform functionality. Cannot be disabled without affecting platform access.
• Analytics Cookies: Used by PostHog and Google Analytics to understand platform usage patterns in anonymised form.
• Notification Tokens: Firebase Cloud Messaging tokens stored locally for push notification delivery.

You can disable non-essential cookies through your browser settings. Note that disabling essential cookies may prevent you from accessing certain features. For mobile apps, you may manage notification permissions through your device settings.

AstroMaitri is strictly not intended for users under 18 years of age. We do not knowingly collect, process, or store personal data from minors. If we become aware that a user under 18 has registered on the Platform, we will immediately suspend the account and delete all associated data.

If you believe a minor has registered on our Platform, please notify us at grievance@astromaitri.com immediately.

Our Platform may contain links to third-party websites, services, or applications. AstroMaitri is not responsible for the privacy practices of these external sites. We encourage you to review the privacy policies of any third-party sites you visit through links on our Platform.

Your personal data may be processed and stored outside of India, on servers operated by our service providers (including AWS and Google Cloud infrastructure). We ensure that such transfers are protected through:

• Contractual safeguards — Data Processing Agreements with all international processors
• Adequacy standards consistent with the SPDI Rules, 2011 and applicable international frameworks
• Encryption of data during transfer and at rest

As required under Rule 5(9) of the SPDI Rules, 2011 and the IT (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, the details of our Grievance Officer are:

We reserve the right to update this Privacy Policy at any time. We will notify you of significant changes via email or a prominent in-app notification with at least 30 days' advance notice before the changes take effect.

The “Last Updated” date at the top of this page indicates when the Privacy Policy was most recently revised. Continued use of the Platform after the effective date constitutes acceptance of the revised policy.

For any privacy-related queries, data access requests, or concerns, please reach out: