Privacy Policy
Effective Date: 27 April 2026 | Last Updated:
This Privacy Policy explains how AstroCalc ("we", "us", "our"), accessible at https://astrocalc.in and via our mobile applications on Apple App Store and Google Play Store, collects, uses, stores, shares, and protects your personal data.
AstroCalc is operated by Divyanshu Verma (sole proprietor), based in India. By using our Service, you consent to the data practices described in this policy. This policy is compliant with India's Digital Personal Data Protection Act, 2023 (DPDPA), Apple App Store Guidelines, and Google Play Developer Policies.
Contents
- Data We Collect
- Purpose of Collection
- Legal Basis for Processing
- Third-Party Services & Data Sharing
- Data Storage & Security
- Data Retention
- Your Rights
- Data Deletion
- Cookies & Local Storage
- Push Notifications
- Payments & Subscriptions
- Children's Privacy
- International Data Transfers
- Changes to This Policy
- Grievance Redressal
- Contact Us
1. Data We Collect
We collect the following categories of personal data:
| Category | Data Points | How Collected |
|---|---|---|
| Account Information | Email address, name, profile picture | Via Google OAuth sign-in |
| Birth Data | Name, date of birth, time of birth, place of birth | Entered by you when creating astrology profiles |
| Payment Information | Razorpay order IDs, payment IDs, subscription plan, amount, payment status | Generated during subscription purchase via Razorpay |
| Device & Push Tokens | Firebase Cloud Messaging (FCM) tokens for Android, Apple Push Notification service (APNs) tokens for iOS | Generated when you enable push notifications |
| Usage & Analytics | Page views, feature usage, session duration, user-agent string, IP address | Automatically collected via Google Analytics and server-side analytics |
| Technical Data | Browser type, device type, operating system, screen resolution | Automatically collected during app usage |
Data we do NOT collect: We do not collect or store your credit/debit card numbers, UPI PINs, bank account details, Aadhaar number, PAN, or any government-issued identity documents.
2. Purpose of Collection
We collect and process your data for the following specific purposes:
- Account & Authentication: To create and manage your account, authenticate your identity, and maintain session security.
- Astrological Services: To generate your Vedic birth chart (kundli), calculate planetary positions, yogas, dashas, and provide astrological insights based on your birth data.
- Push Notifications: To send you dasha transition alerts, daily insights, and service updates when you opt in to notifications.
- Payment Processing: To process subscription payments, verify payment status, and maintain billing records.
- Service Improvement: To understand how users interact with our app, identify bugs, improve features, and optimize performance.
- Customer Support: To respond to your queries, troubleshoot issues, and provide assistance.
We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects.
3. Legal Basis for Processing
Under India's Digital Personal Data Protection Act, 2023 (DPDPA), we process your data based on:
- Consent: You provide explicit consent when you sign up, create profiles, enable notifications, or initiate payments. You may withdraw consent at any time (see Section 7).
- Legitimate Use: Certain processing is necessary for the performance of the service you have requested (e.g., generating your birth chart requires your birth data).
- Legal Obligation: We may retain certain data to comply with applicable laws, such as tax/accounting requirements for payment records.
4. Third-Party Services & Data Sharing
We use the following third-party services to operate AstroCalc. Each has its own privacy policy governing how they handle data:
| Service | Purpose | Data Shared |
|---|---|---|
| Google OAuth | User authentication | Email, name, profile picture (received from Google) |
| Google Analytics | Usage analytics | Page views, session data, IP address (anonymized), device info |
| Razorpay | Payment processing | Payment amount, order details; card/UPI details are handled entirely by Razorpay |
| Firebase Cloud Messaging | Push notifications (Android) | FCM device tokens |
| Apple Push Notification service | Push notifications (iOS) | APNs device tokens |
| Amazon Web Services (AWS) | Cloud hosting & infrastructure | All application data (stored on AWS servers) |
We do NOT:
- Sell your personal data to any third party.
- Share your birth data or astrology profiles with advertisers or data brokers.
- Use your data for targeted advertising on other platforms.
- Share your data with other users unless you explicitly choose to share a profile.
5. Data Storage & Security
We implement industry-standard security measures to protect your data:
- Encryption in Transit: All data transmitted between your device and our servers is encrypted using TLS/HTTPS.
- Secure Infrastructure: Our servers are hosted on Amazon Web Services (AWS) in secure data centres with access controls, monitoring, and regular security updates.
- Authentication Security: Passwords are never stored; we use Google OAuth for authentication. Session tokens (JWT) are signed and have expiration times.
- Access Control: Your profiles are private by default and accessible only to your authenticated account.
- Secrets Management: Sensitive configuration (API keys, database credentials) is managed via AWS Secrets Manager, not stored in application code.
While we take reasonable precautions, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security but will notify affected users promptly in case of any data breach, as required under DPDPA.
6. Data Retention
We retain your data for the following periods:
| Data Type | Retention Period | Reason |
|---|---|---|
| Account & profile data | Until you delete your account | Required to provide the service |
| Birth chart profiles | Until you delete the profile or your account | Required to provide astrological calculations |
| Payment records | 7 years from transaction date | Indian tax/accounting compliance (Income Tax Act) |
| Push notification tokens | Until you disable notifications or delete your account | Required to deliver notifications |
| Analytics data (IP, page views) | 26 months (Google Analytics default) | Service improvement; auto-deleted after retention period |
| Server-side analytics | 12 months | Debugging and service optimization |
After the retention period expires, data is permanently deleted or anonymized so it can no longer be associated with you.
7. Your Rights
Under the Digital Personal Data Protection Act, 2023, you have the following rights as a Data Principal:
- Right to Access: You can request a summary of all personal data we hold about you.
- Right to Correction: You can update or correct your profile information at any time through the app settings. For other corrections, contact us.
- Right to Erasure: You can request complete deletion of your account and all associated data (see Section 8 below).
- Right to Withdraw Consent: You can withdraw consent for data processing at any time. Note that withdrawing consent for essential processing (e.g., birth data for chart generation) may limit your ability to use certain features.
- Right to Grievance Redressal: You have the right to lodge a complaint if you are dissatisfied with our data handling (see Section 15).
- Right to Nominate: Under DPDPA, you may nominate another person to exercise your rights in the event of your death or incapacity.
To exercise any of these rights, email us at dev.verma1010@gmail.com. We will respond within 30 days.
8. Data Deletion
You can request deletion of your data through the following methods:
- In-App: Go to Account Settings and use the "Delete Account" option to permanently delete your account and all associated profiles.
- Via Email: Send a deletion request to dev.verma1010@gmail.com from the email address associated with your account.
Upon receiving a valid deletion request:
- Your account, all birth chart profiles, push notification tokens, and analytics data linked to your account will be permanently deleted within 30 days.
- Payment transaction records may be retained for up to 7 years as required by Indian tax law, but will be disassociated from your personal identity where possible.
- Data already shared with third-party services (e.g., Google Analytics) will be subject to those services' own retention and deletion policies.
- Deletion is irreversible. Your birth chart data cannot be recovered after deletion.
9. Cookies & Local Storage
AstroCalc uses the following client-side storage mechanisms:
- JWT Authentication Token (localStorage): Keeps you signed in between sessions. Cleared on logout.
- Theme Preference (localStorage): Stores your light/dark mode preference.
- Language Preference (localStorage): Stores your preferred language (English or Hindi).
- Google Analytics Cookies (_ga, _gid): Used by Google Analytics to distinguish users and sessions. These are first-party cookies set by the Google Analytics script.
We do not use cookies for advertising or cross-site tracking. You can clear localStorage and cookies at any time through your browser settings, though this will sign you out.
10. Push Notifications
When you opt in to push notifications:
- On Android: We generate and store a Firebase Cloud Messaging (FCM) registration token specific to your device.
- On iOS: We generate and store an Apple Push Notification service (APNs) device token.
These tokens are stored in our database and used solely to deliver notifications to your device, such as:
- Dasha period transition alerts
- Daily astrological insights (if enabled)
- Important service announcements
Opting out: You can disable push notifications at any time through your device settings or within the app settings. When you disable notifications, we stop sending them. Tokens are deleted from our servers when you disable notifications or delete your account.
11. Payments & Subscriptions
AstroCalc offers tiered subscription plans (Free, Plus, and Pro). Payment processing is handled entirely by Razorpay, a PCI-DSS compliant payment gateway.
What we store: Razorpay order ID, payment ID, subscription plan name, amount, currency, and payment status (success/failed/pending).
What we do NOT store: Your credit/debit card number, CVV, UPI PIN, net banking credentials, or any sensitive payment instrument details. These are handled exclusively by Razorpay.
For refund requests, please contact us at dev.verma1010@gmail.com within 7 days of the transaction.
12. Children's Privacy
AstroCalc is not intended for use by children under the age of 18. We do not knowingly collect personal data from anyone under 18 years of age.
If you are a parent or guardian and believe your child has provided personal data to us, please contact us at dev.verma1010@gmail.com. We will promptly delete such data from our systems.
Note: While users may create birth chart profiles for family members (including minors) for astrological purposes, the account holder (who must be 18+) is responsible for any data entered and must have appropriate authority to provide that data.
13. International Data Transfers
Your data is primarily stored on AWS servers. While AWS provides infrastructure across regions, we ensure that data processing complies with Indian data protection laws.
Some third-party services (Google Analytics, Firebase) may process data outside India. These services are bound by their own privacy policies and comply with applicable data protection regulations. Under DPDPA, cross-border data transfers are permitted to jurisdictions not restricted by the Central Government of India.
14. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons.
When we make changes:
- The "Last Updated" date at the top of this page will be revised.
- For material changes (e.g., new data collection categories, new third-party sharing), we will notify you via email or an in-app notification at least 7 days before the changes take effect.
- Continued use of the Service after changes become effective constitutes acceptance of the updated policy.
We recommend reviewing this page periodically.
15. Grievance Redressal
In accordance with the Digital Personal Data Protection Act, 2023, if you have any grievance regarding the processing of your personal data, you may contact our Grievance Officer:
Grievance Officer: Divyanshu Verma
Email: dev.verma1010@gmail.com
Response Time: We will acknowledge your grievance within 48 hours and resolve it within 30 days.
If you are not satisfied with our resolution, you may file a complaint with the Data Protection Board of India as established under DPDPA 2023.
16. Contact Us
For any questions, concerns, or requests related to this Privacy Policy or your personal data, please reach out:
This Privacy Policy was last reviewed and updated to comply with India's Digital Personal Data Protection Act, 2023 (DPDPA), Apple App Store Review Guidelines (Section 5.1 - Privacy), and Google Play Developer Policy (User Data section).