Privacy Policy

1. Who We Are

GitaLok is a daily verse and reflection product built around the Bhagavad Gita. We are operated as an independent product ("we", "us", "our"). For questions or concerns about this policy, contact us at amitpk.kumar@gmail.com.

Grievance Officer (India): Amit Kumar. For concerns under India's IT Rules 2021 and the Digital Personal Data Protection Act 2023, write to amitpk.kumar@gmail.com. We will respond within 30 days.

2. What We Collect

We collect only what is necessary to provide the product:

• Account information — your email address, display name (optional), and the time you joined.
• Preferences — your language preference, notification time, and display name.
• Reading progress — which verse you are on, your streak, and last read date.
• Reflections (notes) — text you write in the note editor. These are private to you.
• Krishna conversations — the entries you write and Krishna's responses. These are private to you and are used only to generate your weekly memory summary and improve response quality within your own conversation history. They are never used to train AI models.
• Payment information — if you upgrade, payment is processed by Razorpay. We do not store card details. We receive your plan type and payment status only.
• Push notification token — if you enable notifications, a device token is stored to deliver your daily verse.
• Usage data — basic events (verse viewed, note written, conversation started) used to understand product health. No advertising or third-party tracking.

3. How We Use Your Data

• To deliver your daily verse and track your journey through the 700 verses.
• To save and retrieve your reflections and conversations.
• To generate Krishna's responses using your conversation history as context.
• To send your daily verse notification at your chosen time.
• To manage your subscription and payment status.
• To identify and respond to crisis signals in your conversations (see Section 6).

We do not use your data for advertising. We do not sell your data to any third party.

4. Third-Party Services

We use the following services to operate GitaLok:

• Supabase — database and authentication (servers in AWS ap-south-1, Mumbai).
• Anthropic (Claude API) — powers Krishna's responses. Your conversation entries are sent to Anthropic's API for processing. Anthropic's privacy policy applies. Conversations are not used for model training under Anthropic's standard API terms.
• Razorpay — payment processing. Governed by Razorpay's privacy policy.
• Cloudflare R2 — audio file storage (when audio is added).
• Vercel — hosting, infrastructure, and privacy-friendly analytics (page views and basic usage events — no advertising identifiers, no cross-site tracking).

5. Data Retention

We retain your data for as long as your account exists. If you delete your account:

• Your profile, notes, and conversation history are permanently deleted within 30 days.
• Payment records are retained for 7 years as required by Indian tax law.
• Anonymised, aggregated usage statistics may be retained indefinitely.

6. Crisis Detection

GitaLok runs an automated classifier on every conversation entry to detect signals of suicidal ideation, self-harm, or immediate danger. If detected, Krishna responds with presence and provides mental health helpline numbers. This classifier runs within our own infrastructure and its output is not stored or shared.

If you are in immediate danger, please call 112 (India emergency services).

7. Your Rights

Under India's DPDP Act 2023 and applicable law, you have the right to:

• Access — request a copy of the personal data we hold about you.
• Correct — update inaccurate information via your Account page or by writing to us.
• Delete — request deletion of your account and associated data.
• Withdraw consent — disable push notifications at any time from your device settings.

To exercise these rights, email amitpk.kumar@gmail.com.

8. Children

GitaLok is not intended for users under 13 years of age. We do not knowingly collect data from children. If you believe a child has created an account, contact us and we will delete it promptly.

9. Changes to This Policy

We may update this policy as the product evolves. Material changes will be notified via email or an in-app notice. The date at the top of this page reflects the most recent update.