Privacy Policy

1. Introduction

This Privacy Policy explains how ePundith collects, uses, shares, protects, and retains information when users access our mobile application, website, and related services.

ePundith provides Panchang, festival, chanting, puja, sankalpa, devotional, and related religious services. We are committed to handling user information responsibly, securely, and transparently.

2. Information We Collect

Depending on how you use ePundith, we may collect:

• Account information: name, email address, phone number, login method, and user profile details.
• Authentication information: OTP verification status, social login identifiers, and session tokens.
• Profile and preference data: language, calendar type, manually saved cities, location preferences, and notification preferences. This is separate from real-time GPS used for Panchang (see below).
• Panchang and personalization data: selected location, tithi, nakshatra, rāsi, maasa, samvatsara, festival preferences, puja preferences, chanting schedules, and reminders.
• Birth-related information: limited information needed to derive Panchang-related values. Where stated in the app, your full Gregorian birth date may not be stored after the required calculation is completed.
• Usage and device information: app activity, feature usage, device type, operating system, and limited diagnostic information needed to operate and improve the app.
• Precise device location: real-time latitude and longitude from device GPS (including fine or coarse location permissions) when you use features such as guest Panchang, to compute Panchang for your current position. We do not use GPS for this purpose unless you grant location permission in the app.
• Push notification device tokens: Firebase Cloud Messaging (FCM) device tokens generated on your device. We store token state locally and send tokens to ePundith servers so we can deliver push notifications through FCM.
• One-time password (OTP) assistance: With your consent, the app may use operating-system-supported features to help detect or autofill verification codes sent to your device solely for authentication and account verification purposes.
• Data stored locally on the device: using on-device storage (such as Drift/SQLite), we may keep session and authentication tokens, user profile details, preferences, and push notification token state on your device until you sign out, delete app data, or uninstall the app.
• Payment and service information: order details, service bookings, and transaction references. Payment card details are handled by payment processors and are not intended to be stored by ePundith.

Analytics: We do not currently use Firebase Analytics, Google Analytics, Crashlytics, or similar product-analytics SDKs in the ePundith mobile app. We may introduce analytics tools in the future; if we do, we will update this Privacy Policy before they are enabled.

3. How We Use Information

We use information to:

• Create and manage user accounts.
• Provide Panchang, festivals, chanting, puja, sankalpa, and devotional services, including computing Panchang from real-time GPS when you choose to use location-based features.
• Personalize content based on language, location, preferences, and selected traditions.
• Register and use push notification device tokens to send reminders, service updates, and important account notifications through Firebase Cloud Messaging.
• Facilitate sign-in using OTP assistance features, only for verification and account security, where you have given consent.
• Send OTPs and other account-related messages as part of authentication flows.
• Improve app quality, security, reliability, and performance.
• Detect fraud, abuse, unauthorized access, and security incidents.
• Comply with legal, tax, accounting, and regulatory obligations.

4. Sensitive and Religious Information

ePundith may process information related to religious or devotional preferences, such as puja interests, chanting schedules, sankalpa details, festival preferences, or deity-related service choices.

5. How We Share Information

We may share information with the following categories of third parties. Where a provider publishes its own privacy notice, you can review how that provider handles data:

• Google Firebase (Authentication, Cloud Messaging): Firebase Privacy and Security · Google Privacy Policy
• Google Sign-In (account sign-in): Google Privacy Policy
• Google Cloud Platform (GCP): hosts and operates ePundith backend application services and related infrastructure. Google Cloud Privacy Notice
• Other service providers: OTP delivery, payment processing, customer support, and security vendors as needed.
• Analytics providers: We do not currently share personal information with third-party product-analytics providers (such as Firebase Analytics or Crashlytics). If we add analytics services in the future, we will name them here and update this policy before they are used.
• Pundiths or service partners: only when needed to fulfill a requested puja, sankalpa, consultation, or religious service.
• Legal and compliance parties: when required by law, legal process, or to protect rights and safety.
• Business transfers: in connection with a merger, acquisition, financing, or sale of assets, subject to appropriate protections.

We do not sell personal information.

6. Data Retention

We retain personal information only as long as reasonably necessary to provide services, maintain account functionality, comply with legal obligations, resolve disputes, enforce agreements, and protect security.

Users may request account and data deletion using our Data Deletion Request form. These Data Deletion requests are emailed to the Privacy team, and the team will remove the customer’s data from our systems as requested. Some information may be retained for limited legal, tax, accounting, fraud-prevention, or security purposes.

Deleting data on our servers does not automatically erase information stored locally on your device (for example, in app databases or secure storage). You may need to sign out, clear app data, or uninstall the app to remove local copies.

7. Your Privacy Rights

Depending on your location, including regions covered by GDPR, UK GDPR, CCPA/CPRA, and similar laws, you may have rights to access, correct, delete, restrict, or object to certain processing of your personal information.

You may also have the right to opt out of certain data uses where applicable. To exercise these rights, contact us using the details below.

8. Security

We use reasonable technical, administrative, and organizational safeguards designed to protect user information, including:

• Data transmitted over HTTPS/TLS.
• Access controls and encryption at rest where applicable.

However, no system is completely secure, and users should protect access to their email, phone, and login methods.

9. Children’s Privacy

ePundith is not intended for children under the age required by applicable law to consent to digital services. If we learn that we collected personal information from a child without appropriate consent, we will take steps to delete it.

10. International Users

ePundith may process information in the United States, India, or other locations where our service providers operate. We will use appropriate safeguards where required for cross-border data transfers.

11. Changes to This Policy

We may update this Privacy Policy from time to time. If changes are material, we will provide notice through the app, website, or other appropriate channels.

12. Contact Us