Privacy Policy

1. Introduction

Welcome to Rishipath. We respect your privacy and are committed to protecting your personal data. This Privacy Policy will inform you about how we collect, use, store, and protect your personal information when you visit our website, purchase products, enroll in courses, book consultations, or use any of our services.

This Privacy Policy applies to all information collected through our Platform (website, mobile applications, and any other digital services we offer) and any related services, sales, marketing, or events.

Please read this Privacy Policy carefully. If you do not agree with the terms of this Privacy Policy, please do not access or use our Platform.

2. Information We Collect

2.1 Personal Information You Provide to Us

We collect information that you voluntarily provide to us when you:

• Register for an account
• Make a purchase
• Enroll in a course or event
• Book a consultation
• Subscribe to our newsletter
• Contact customer support
• Participate in surveys or promotions
• Post reviews or comments

The personal information we collect may include:

• Identity Data: First name, last name, username, date of birth, gender
• Contact Data: Email address, telephone number, billing address, shipping address
• Account Data: Username, password, and other security information
• Transaction Data: Details about purchases, payments, order history, and payment card information (processed securely through payment gateways)
• Health Information: Information provided during consultation bookings or health assessments (with your explicit consent)
• Profile Data: Your interests, preferences, feedback, and survey responses
• Marketing Data: Your preferences in receiving marketing communications and your communication preferences

2.2 Information Collected Automatically

When you access our Platform, we automatically collect certain information about your device and usage:

• Technical Data: IP address, browser type and version, operating system, device type, time zone setting
• Usage Data: Information about how you use our website, products, and services (pages visited, time spent, links clicked)
• Location Data: We may collect information about your location (with your permission)
• Cookies and Similar Technologies: We use cookies, web beacons, and similar tracking technologies to collect information (see Section 7 for details)

2.3 Information from Third Parties

We may receive information about you from third parties, including:

• Payment processors (Razorpay and other payment gateways)
• Social media platforms (if you choose to connect your account)
• Analytics providers
• Advertising networks

3. How We Use Your Information

We use your personal information for the following purposes:

3.1 To Provide and Manage Our Services

• Process and fulfill your orders
• Manage your account and registration
• Facilitate consultations with practitioners
• Provide access to courses and events
• Process payments and prevent fraud
• Communicate with you about your orders, account, or services

3.2 To Improve Our Services

• Understand how customers use our Platform
• Develop new products, services, and features
• Conduct research and analysis
• Monitor and analyze usage trends

3.3 For Marketing and Communication

• Send you promotional communications about new products, special offers, and events (with your consent)
• Conduct surveys and gather feedback
• Send you newsletters and educational content about Ayurveda
• Display personalized advertisements

3.4 For Legal and Security Purposes

• Comply with legal obligations and regulations
• Protect against fraud, abuse, and security threats
• Enforce our Terms and Conditions
• Resolve disputes and troubleshoot problems
• Respond to legal requests from authorities

4. Legal Basis for Processing (GDPR Compliance)

If you are from the European Economic Area (EEA), our legal basis for collecting and using your personal information depends on the data and context:

• Contract Performance: Processing is necessary to fulfill our contract with you (e.g., processing orders)
• Consent: You have given us explicit consent for specific purposes (e.g., marketing communications)
• Legitimate Interests: Processing is necessary for our legitimate business interests (e.g., improving services, fraud prevention)
• Legal Obligation: Processing is necessary to comply with legal requirements

5. How We Share Your Information

We do not sell your personal information. We may share your information with:

5.1 Service Providers

We share information with third-party service providers who perform services on our behalf:

• Payment processors (Razorpay, etc.)
• Shipping and logistics companies
• Cloud hosting providers
• Email service providers
• Analytics providers
• Marketing and advertising partners

5.2 Healthcare Practitioners

If you book a consultation, we share relevant information with the assigned practitioner to provide you with appropriate care and advice.

5.3 Legal Requirements

We may disclose your information if required by law or if we believe such action is necessary to:

• Comply with legal obligations or court orders
• Protect our rights, property, or safety
• Investigate fraud or security issues
• Respond to government requests

5.4 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

6. Data Security

We implement appropriate technical and organizational security measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of sensitive data (SSL/TLS encryption)
• Secure payment processing through PCI-DSS compliant gateways
• Regular security assessments and updates
• Access controls and authentication mechanisms
• Employee training on data protection
• Regular backups and disaster recovery procedures

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

You are responsible for maintaining the confidentiality of your account credentials. If you suspect unauthorized access to your account, please contact us immediately.

7. Cookies and Tracking Technologies

We use cookies, web beacons, and similar tracking technologies to enhance your experience on our Platform.

7.1 What Are Cookies?

Cookies are small text files stored on your device that help us recognize you, remember your preferences, and improve our services.

7.2 Types of Cookies We Use

• Essential Cookies: Necessary for the Platform to function (e.g., shopping cart, authentication)
• Performance Cookies: Help us understand how visitors use our site (e.g., Google Analytics)
• Functional Cookies: Remember your preferences and settings
• Marketing Cookies: Used to deliver relevant advertisements

7.3 Managing Cookies

You can control and manage cookies through your browser settings. However, disabling cookies may affect the functionality of our Platform. Most browsers allow you to:

• View and delete cookies
• Block third-party cookies
• Block cookies from specific sites
• Block all cookies

8. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

• Account Information: Retained until you request deletion or close your account
• Transaction Data: Retained for 7 years for tax and accounting purposes
• Marketing Data: Retained until you unsubscribe or withdraw consent
• Technical Data: Typically retained for 12-24 months

After the retention period expires, we will securely delete or anonymize your personal information.

9. Your Rights and Choices

You have the following rights regarding your personal information:

9.1 Right to Access

You can request a copy of the personal information we hold about you.

9.2 Right to Rectification

You can request that we correct any inaccurate or incomplete information.

9.3 Right to Erasure (Right to be Forgotten)

You can request that we delete your personal information, subject to certain legal exceptions.

9.4 Right to Restrict Processing

You can request that we limit how we use your information.

9.5 Right to Data Portability

You can request a copy of your data in a structured, machine-readable format.

9.6 Right to Object

You can object to certain types of processing, including direct marketing.

9.7 Right to Withdraw Consent

If we rely on your consent to process your information, you can withdraw consent at any time.

9.8 How to Exercise Your Rights

To exercise any of these rights, please:

• Log in to your account and update your settings
• Contact us at contact@rishipath.org
• Use the unsubscribe link in marketing emails

We will respond to your request within 30 days.

10. Marketing Communications

With your consent, we may send you promotional emails, newsletters, and updates about our products, services, and events.

You can opt-out at any time by:

• Clicking the "unsubscribe" link in any marketing email
• Updating your email preferences in your account settings
• Contacting us at contact@rishipath.org

Note: Even if you opt-out of marketing communications, we will still send you transactional emails related to your account and orders (e.g., order confirmations, shipping notifications).

11. Third-Party Links and Services

Our Platform may contain links to third-party websites, applications, or services (e.g., social media, payment gateways). We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any information.

12. Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately, and we will delete such information.

13. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. We ensure that appropriate safeguards are in place to protect your information in accordance with this Privacy Policy.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

• Posting the updated policy on our Platform
• Updating the "Last Updated" date at the top of this policy
• Sending you an email notification (for significant changes)

Your continued use of our Platform after the changes become effective constitutes your acceptance of the revised Privacy Policy.

15. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information we collect, use, and disclose
• Right to request deletion of your personal information
• Right to opt-out of the sale of personal information (we do not sell personal information)
• Right to non-discrimination for exercising your rights

To exercise these rights, contact us at contact@rishipath.org.

16. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Rishipath
Email: contact@rishipath.org
Website: www.rishipath.com

We are committed to resolving any privacy concerns you may have and will respond to your inquiry within 30 days.

17. Consent

By using our Platform, you consent to the collection, use, and sharing of your personal information as described in this Privacy Policy. If you do not agree with this Privacy Policy, please do not use our services.