Privacy Policy

01.Scope of This Policy

This Privacy Policy applies to all individuals who visit destinygurukul.com, book our services, attend our consultations or sessions, enrol in our courses, or contact us through any channel — email, WhatsApp, or phone.

This Policy is framed in compliance with the Information Technology Act 2000, the IT (Amendment) Act 2008, the IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules 2011, and the Digital Personal Data Protection Act 2023.

02.Who We Are

Destiny Gurukul — by Jyotii Siingh is the Data Fiduciary responsible for the personal data described in this Policy. Our practice is based in Gurugram, Haryana, India, and is operated by Jyotii Siingh.

In simple terms: we decide what personal data is collected, why it is collected, and how it is used. This Policy explains those choices.

03.Information We Collect

A. Information you provide directly

• —Identity: Full name (including the exact legal spelling), email address, mobile/WhatsApp number.
• —For Numerology services: Date of birth, time of birth (where known), place of birth, and the precise legal spelling of your name as on official documents.
• —For Vastu services: Full property address, floor plans or photographs you share with us, and details about the inhabitants where relevant to the consultation.
• —For Healing services (Humkara with Haleem, Lama Fera, Shalvik Mantra Rehasya): Your name, date of birth, and a brief description of the concern you wish to address. Any health or life-circumstance information shared during the session is held in confidence by Jyotii.
• —For courses (Vastu, Lama Fera): Enrolment details, course-progress information, and any submissions you make as part of the course.
• —Payment: Either UPI transaction reference numbers (UTRs) that you submit through our portal, or payment instrument details collected directly by Razorpay. We do not see or store your card number, bank account, or CVV at any point.
• —Contact form submissions: Name, email, phone number, and the content of your message.

B. Information collected automatically

• —Log data: IP address, browser type, pages visited, time and date of access.
• —Cookies: Essential cookies only — required for login state and language preference. Cloudflare (our security and performance layer) also sets functional cookies such as cf_clearance to protect the site from abuse. We do not use advertising or behavioural tracking cookies.

04.How We Use Your Information

Your information is used only for the following purposes:

• —Confirming bookings, sending session reminders, and delivering session details.
• —Preparing your Vastu, Numerology, or Healing consultation and any associated reports or recommendations.
• —Verifying UPI payments submitted through our portal and reconciling them with your booking.
• —Issuing GST-compliant invoices.
• —Responding to your enquiries, requests, and complaints.
• —Maintaining the security, performance, and technical operation of the website.
• —With your explicit consent, sending information about new services, courses, or relevant announcements.
• —Complying with applicable legal obligations under Indian law.

We do not use your personal data for automated decision-making or profiling.

05.Consent

We collect your personal data on the basis of your consent, given freely and specifically at the point of booking or contact. Where you fill in a form on our website, your submission constitutes affirmative consent for the use of that information for the purpose stated on the form.

You may withdraw your consent at any time by writing to us at the address in Section 15. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal, and may prevent us from continuing to deliver certain services to you.

06.Third-Party Service Providers

We use the following trusted third-party providers, each operating under its own privacy policy:

For payments made via UPI Direct through our portal, your UPI ID is not collected by us; you scan our QR code from your own UPI app and submit only the UTR (transaction reference) after payment. The UTR is masked in our internal payments log and is accessible only to authorised personnel for the purpose of payment verification.

We do not sell your personal information to any third party. Outside of the providers listed here, your information is not shared with anyone except where required by a valid legal order.

07.Personal Information of a Sensitive Nature

Given the nature of Numerology and Healing services, the information you share with us — birth details, life circumstances, family situations, health concerns — is deeply personal. We treat this information with particular care:

• —It is used solely for preparing your consultation and for the duration of our work with you.
• —It is stored on encrypted servers with restricted access.
• —It is never shared with third parties without your explicit consent.
• —Session notes and reports are accessible only to Jyotii and to you as the client. Practitioners assisting with payment verification or scheduling do not have access to session content.

We do not record consultation sessions unless you explicitly request a recording for your own reference, in which case the recording is shared with you and not retained by us.

08.Data Storage, Security, Retention & Breach Notification

Storage and security

Your data is stored on DigitalOcean servers, with primary infrastructure in the Asia-Pacific region. We implement the following security measures:

• —SSL/TLS encryption (HTTPS) on all data transmissions, terminated at Cloudflare in Full (Strict) mode and re-encrypted to our origin server.
• —Database encryption at rest and regular automated backups.
• —Role-based access controls limiting data visibility to authorised personnel only.
• —PCI-DSS compliant payment handling through Razorpay; for UPI Direct, no card or bank credentials pass through our systems.

Retention

We retain your data for as long as necessary to provide services and to meet legal obligations:

• —Booking and consultation records: up to 3 years after your last interaction, or longer where requested by you for follow-up consultations.
• —GST and tax records: 7 years, as required by Indian tax law.
• —Account data following deletion request: removed within 90 days, unless a legal hold applies.
• —Marketing consent records: until you withdraw consent.

Breach notification

In the event of a personal data breach that is likely to affect you, we will notify you and the Data Protection Board of India in accordance with the timelines and procedures prescribed under the Digital Personal Data Protection Act 2023.

09.Cross-Border Data Transfer

Some of the service providers we rely on (such as Meta/WhatsApp and Cloudflare) operate global infrastructure that may process certain data outside India. We work only with providers that maintain adequate security standards, and we do not transfer personal data to any country that the Government of India has restricted for such transfers under the Digital Personal Data Protection Act 2023.

10.Cookies

Our website uses only essential and functional cookies:

• —Session cookies for maintaining your login state and language preference.
• —Security cookies set by Cloudflare to protect the site from abuse and bot traffic.

We do not use advertising, third-party tracking, or behavioural profiling cookies. You can manage cookies through your browser settings; note that disabling essential cookies may affect website functionality.

11.Your Rights as a Data Principal

Under Indian law, you have the following rights with respect to your personal data:

• —Right to access: Request a copy of the personal data we hold about you.
• —Right to correction: Request correction of inaccurate or incomplete data.
• —Right to erasure: Request deletion of your data, subject to legal retention obligations.
• —Right to withdraw consent: Withdraw consent for processing or marketing communications at any time.
• —Right to nominate: Nominate another individual to exercise your rights in the event of your death or incapacity.
• —Right to grievance redressal: Raise a grievance with our Grievance Officer (see Section 12) and, if unresolved, with the Data Protection Board of India.

To exercise any of these rights, write to privacy@destinygurukul.com. We will acknowledge your request within 48 hours and respond substantively within 30 days.

12.Grievance Officer

If you have any concerns about how your personal data is being handled, or wish to raise a complaint, please contact our Grievance Officer:

We will acknowledge your complaint within 48 hours and aim to resolve it within 15 days of receipt. If you are not satisfied with the resolution, you may escalate the matter to the Data Protection Board of India.

13.Children's Privacy

Our services are not directed at persons under the age of 18. We do not knowingly collect personal data from minors. If we become aware that we have inadvertently collected personal data from a minor without verifiable parental consent, we will delete it promptly. Please write to hello@destinygurukul.com if you have reason to believe this has occurred.

14.Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practice or in applicable law. Significant changes will be communicated by email to clients on our records. The "Last updated" date at the top of this page always reflects the most current version.

15.Contact

For privacy-related questions, requests, or to exercise any of your rights: