Privacy Policy

1. Scope & Applicability

This Privacy Policy ("Policy") applies to Daily Astro ("we", "our", or "us"), operated by Daily Astro (India). It governs all personal data collected through:

• Our website at dailyastro.co.in and any subdomains
• Our mobile applications for Android (Google Play Store) and iOS / iPadOS (Apple App Store)
• Any related services, APIs, push notifications, or customer support channels

By using our services, you agree to the terms of this Policy. If you do not agree, please discontinue use and uninstall the application.

2. Data We Collect

2.1 Information You Provide

2.2 Data Collected Automatically

2.3 Data We Do NOT Collect

• Precise GPS location (unless you explicitly grant permission for local Panchangam or event timing features)
• Contacts, photos, or files from your device (unless you voluntarily upload a profile photo)
• Sensitive financial credentials (full card numbers, CVV, bank passwords)

3. How We Use Your Data

We process your personal data for the following purposes:

• Service Delivery: Generate Kundali charts, daily/weekly horoscopes, Kundali matching reports, tarot readings, numerology analysis, and Vastu consultations.
• Account Management: Create and maintain your user account, authenticate logins, and restore purchase history.
• Payments: Process consultation fees, issue invoices, and handle refunds via our payment processors.
• Personalisation: Customise content, notifications, and recommendations based on your astrological profile.
• Customer Support: Respond to queries, resolve disputes, and improve support quality.
• App Improvement: Analyse crash reports, performance metrics, and usage patterns to fix bugs and improve features.
• Safety & Fraud Prevention: Detect, investigate, and prevent fraudulent transactions and abuse of our platform.
• Legal Compliance: Comply with applicable Indian and international laws, court orders, and regulatory requirements.
• Marketing (with consent): Send promotional emails, push notifications, and SMS about new features, festivals, or offers — only if you have opted in. You can opt out at any time.

4. Legal Basis for Processing

Depending on your location, we rely on one or more of the following lawful bases:

• Contractual necessity — processing required to provide services you requested (Kundali generation, consultations).
• Consent — marketing communications, push notifications, use of IDFA (iOS), precise location. You may withdraw consent at any time.
• Legitimate interests — fraud prevention, security, analytics, product improvement.
• Legal obligation — compliance with the IT Act 2000, DPDP Act 2023, tax laws, and other applicable regulations.

5. Data Sharing & Disclosure

We do not sell your personal data. We share data only in the following limited circumstances:

5.1 Service Providers (Data Processors)

All service providers are bound by data processing agreements and are contractually required to protect your information.

5.2 Legal Requirements

We may disclose your data if required by law, regulation, legal process, or governmental authority, or to protect the rights, property, or safety of Daily Astro, our users, or others.

5.3 Business Transfers

If Daily Astro undergoes a merger, acquisition, or asset sale, your personal data may be transferred. We will notify you via email and/or a prominent notice in the app before your data is transferred and becomes subject to a different privacy policy.

6. Data Retention

When data is no longer needed, we securely delete or anonymise it.

7. Security Measures

We implement industry-standard technical and organisational safeguards, including:

• Encryption in transit: All communications are encrypted using TLS 1.2 or higher.
• Encryption at rest: Databases and file storage use AES-256 encryption.
• Access controls: Role-based access; employee access to personal data is limited to a need-to-know basis.
• Authentication: Passwords are hashed with bcrypt; we support OTP-based login and two-factor authentication.
• Regular audits: Periodic security reviews and vulnerability assessments.
• Incident response: Procedures to detect, report, and investigate data breaches.

8. Children's Privacy

Our services are not directed to children under the age of 13 (or under 16 in some jurisdictions including the EU). We do not knowingly collect personal data from children under these ages.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at privacy@dailyastro.co.in. We will promptly delete such information.

Users aged 13–18 should use the app only with parental/guardian consent. Birth chart features for children may be used by a parent or guardian on behalf of the child.

9. Your Rights & Choices

You have the following rights regarding your personal data, regardless of your location:

• Access: Request a copy of the personal data we hold about you.
• Correction: Update or correct inaccurate information via your account settings or by contacting us.
• Deletion ("Right to be Forgotten"): Request deletion of your account and associated personal data.
• Data Portability: Request your data in a structured, machine-readable format (JSON or CSV).
• Opt-out of Marketing: Unsubscribe from emails via the "Unsubscribe" link, or manage push notifications in your device settings or app preferences.
• Withdraw Consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
• Restrict Processing: Request that we limit how we use your data in certain circumstances.
• Object: Object to processing based on legitimate interests, including profiling for direct marketing.

How to Exercise Your Rights

Submit requests through any of the following channels:

• In-app: Settings → Privacy → Manage My Data
• Email: privacy@dailyastro.co.in
• Delete Account: Settings → Account → Delete Account (processes within 30 days)

We will respond to verified requests within 30 days. Identity verification may be required before processing sensitive requests.

10. Indian Data Protection (DPDP Act 2023)

Daily Astro complies with the Digital Personal Data Protection Act, 2023 (DPDP Act) of India and the IT (Amendment) Act, 2008. Under this framework:

• We collect and process your data only with your free, specific, informed, and unambiguous consent.
• You have the right to access information about your personal data, correct it, erase it, and nominate a person to exercise rights on your behalf.
• We have appointed a Data Protection Officer (DPO) reachable at dpo@dailyastro.co.in.
• We will not transfer your personal data outside India except as permitted by the DPDP Act and applicable government notifications.
• In the event of a personal data breach, we will notify the Data Protection Board of India and affected Data Principals as required by law.

Sensitive Personal Data (such as date/time/place of birth, which may be used to infer health, religious, or other sensitive information) is processed only for the purpose of providing astrology services with your explicit consent.

11. EU / UK GDPR Rights

If you are located in the European Economic Area (EEA) or United Kingdom, you have additional rights under the General Data Protection Regulation (GDPR) / UK GDPR:

• All rights listed in Section 9 above.
• The right to lodge a complaint with your local supervisory authority (e.g., ICO in the UK, your national DPA in the EU).
• Where we transfer data outside the EEA, we ensure adequate safeguards are in place (e.g., Standard Contractual Clauses).

Our legal bases for processing under Article 6 GDPR are: consent (Art. 6(1)(a)), performance of a contract (Art. 6(1)(b)), compliance with a legal obligation (Art. 6(1)(c)), and legitimate interests (Art. 6(1)(f)).

Processing of special category data (birth details that may reveal beliefs) is conducted solely under explicit consent (Art. 9(2)(a)).

For GDPR-related enquiries, contact our DPO at dpo@dailyastro.co.in.

12. California Privacy Rights (CCPA / CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), grants you the following rights:

• Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected about you in the past 12 months.
• Right to Delete: Request deletion of your personal information, subject to certain exceptions.
• Right to Correct: Request correction of inaccurate personal information.
• Right to Opt-Out of Sale / Sharing: We do not sell or share personal information for cross-context behavioural advertising. No opt-out is required, but you may contact us to confirm.
• Right to Limit Use of Sensitive Personal Information: You may limit our use of sensitive personal information to what is necessary to perform the services requested.
• Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.

To exercise your California rights, submit a verifiable consumer request to privacy@dailyastro.co.in or use the in-app Data Request feature. We will respond within 45 days (extendable by 45 additional days with notice).

Categories of personal information collected in the last 12 months: Identifiers, commercial information, internet or other electronic network activity, geolocation data (approximate), professional data (astrological profile), and inferences drawn from the above.

13. Third-Party Links & SDKs

Our app and website may contain links to third-party websites (e.g., blog articles, payment gateways, social media). Clicking these links will take you to sites not controlled by Daily Astro. We are not responsible for the privacy practices of those sites and encourage you to review their privacy policies.

Third-Party SDKs in Our App

Our application integrates the following SDKs that may independently collect data:

• Google Firebase (Analytics, Crashlytics, Cloud Messaging) — Firebase Privacy
• Razorpay / PayU — Payment processing — governed by their respective privacy policies
• Google Sign-In / Apple Sign-In — Authentication only; we receive a unique identifier and email

We periodically review third-party SDKs to ensure they meet our data minimisation requirements.

14. Cookies & Tracking Technologies

Our website uses cookies and similar technologies:

• Strictly Necessary Cookies: Required for authentication, security, and core website functionality. Cannot be disabled.
• Analytics Cookies: Used to understand how visitors use the website (e.g., Google Analytics). You may opt out via our cookie banner or browser settings.
• Preference Cookies: Remember your language, timezone, and display settings.
• Marketing Cookies: Used only with your explicit consent to show relevant advertisements.

Our mobile app does not use browser cookies. It uses device identifiers (IDFA on iOS, GAID on Android) for analytics, subject to your device-level permissions and, on iOS, ATT consent.

You can manage cookie preferences via your browser settings, our cookie consent banner, or device privacy settings. Disabling analytics cookies does not affect core app/website functionality.

15. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

• Update the "Effective Date" at the top of this page.
• Send a push notification and / or email to registered users at least 15 days before the change takes effect.
• Display a prominent in-app banner for significant changes.

Continued use of the app or website after the effective date of any update constitutes your acceptance of the revised Policy. If you do not agree to the updated Policy, please delete your account and stop using our services.

Previous versions of this Policy are available upon request at privacy@dailyastro.co.in.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: