PeriodSakhi

Privacy Policy for PeriodSakhi.com

Effective Date: September 1, 2025 Last Updated: September 1, 2025

Welcome to PeriodSakhi! We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, share, and protect your personal information when you visit or use PeriodSakhi.com (the “Website”), our services, or interact with us in any way.

1. Who We Are

  • Name: PeriodSakhi (operating as “we,” “us,” or “our”)
  • Contact: [Insert Support Email] | [Optional: Data Protection Officer contact]
  • Jurisdiction: India (with users potentially worldwide)

2. Scope

This Policy applies to all personal information we collect when you:

  • Visit or browse PeriodSakhi.com
  • Register for an account, newsletter, features, or content
  • Use our health‑tracking tools, calculators, or community forums
  • Communicate with us (e.g., support, feedback)
  • Engage with our marketing or surveys

3. Types of Information Collected

3.1. Information You Provide

  • Account/Registration Data: Name, email, password, date of birth (optional), gender, language preference
  • Health Data (sensitive personal data): Menstrual cycle dates, symptoms, mood, health goals
  • Support/Communication: Messages, inquiries, feedback, survey responses
  • Payment Info: (if applicable) – billing address, payment method (processed via payment processors, not stored by us)

3.2. Information Collected Automatically

  • Device & Usage Data: IP address, browser type, operating system, device IDs, pages visited, time stamps, clickstream data
  • Website Analytics: Performance metrics, errors, load times (via tools like Google Analytics or similar)
  • Cookies & Similar Technologies: Session cookies, persistent cookies, local storage, web beacons. Used for authentication, preferences, analytics, and marketing.

3.3. Third‑Party Sources

  • Social Platforms (if applicable): e.g., sign‑in via Google or Facebook-profile name, email, profile picture
  • Payment Processors or Ad Platforms: Via APIs or SDKs, for security, analytics, or marketing.

4. How & Why We Use Your Data

4.1. Core Purposes

We process your data to:

  • Provide, maintain, and improve our services and features
  • Personalize your experience (cycle insights, content, tips)
  • Respond to your requests, support inquiries, and manage your account
  • Send service‑related and administrative messages
  • Conduct analytics to enhance website performance and user experience
  • Ensure security (fraud detection, abuse prevention)

4.2. Marketing & Communications

We may contact you (e.g., via email, notifications) about:

  • Newsletters, promotions, new features{" "} only if you’ve opted in
  • Occasional surveys-for product improvement or user feedback

You may opt out anytime by clicking “unsubscribe” or contacting us directly.

4.3. Legal and Compliance

We may process personal data:

  • To comply with legal obligations (e.g., law enforcement requests, court orders)
  • Under “legitimate interests” (e.g., improving site security, analyzing anonymized trends)-unless overridden by your rights
  • Based on your consent (e.g., for sensitive health‑related data or marketing)

5. Legal Bases & Sensitive Data

  • Consent: Explicit and freely given, especially for sensitive health data, marketing, or features beyond essential functionality
  • Contractual Necessity: Data required to provide requested services (e.g., registration, cycle tracking)
  • Legal Obligation: Compliance with laws (e.g., for accounting, lawful requests)
  • Legitimate Interests: For operational improvements, fraud prevention, analytics-always balanced with your rights

6. Sharing Your Information

We may share your data with:

  • Service Providers / Processors: Hosting providers, email systems, analytics, marketing platforms, security tools
  • Professional Advisors: Legal counsel, auditors-under confidentiality
  • Affiliates or Business Transfers: If we merge or sell assets, user data may be transferred (with notice and rights to object)
  • Legal Authorities: If required by law, court order, or legitimate law enforcement request-only the minimal necessary data

We require all third parties to uphold privacy and security standards.

7. Cross‑Border Data Transfers

Your data may be accessed or stored in India or in other countries (e.g., where our cloud or service partners operate). When transferring personal data internationally, we ensure:

  • Adequate safeguards (e.g., Standard Contractual Clauses) {" "} for transfers outside adequate‑jurisdiction regions (e.g., EU)
  • Compliance with DPDP Act (India), GDPR (EU), or other relevant laws

8. Your Rights & Controls

Depending on your jurisdiction, you may have the right to:

  • Access a copy of your personal data
  • Correct or update your data
  • Delete your account or request erasure
  • Restrict or object to processing
  • Withdraw consent (especially for marketing or sensitive data)
  • Receive your data in a portable format (e.g., JSON or CSV)
  • Lodge a complaint with your local Data Protection Authority

How to exercise your rights: Contact us via email [Insert Contact Email] with “Privacy Request” in the subject. We'll verify your identity and respond within 30 days (or earlier if law requires).

9. Data Retention Policy

We retain personal data only as long as necessary:

  • Account/Usage Data: While your account is active and for [X months/years] after inactivity
  • Support Data / Communications: Until resolved + [X months]
  • Marketing Preferences: Until opt‑out
  • Legal Retention (e.g., financial or audit‑relevant) : as required by laws (e.g., up to 7 years, depending on jurisdiction)

After deletion requests, we’ll delete your data “irreversibly” within [e.g., 90 days], except for anonymized or aggregated info, or where legal retention obligations apply.

10. Cookies & Tracking Technologies

  • Essential Cookies: Required to operate core functionality (e.g., login, preferences)
  • Performance/Analytics Cookies: To understand and improve site performance (e.g., page load, errors)
  • Marketing Cookies: To deliver relevant ads or track campaigns (used only with consent)

You can manage cookies via our banner or your browser settings. Note: disabling certain cookies may affect site functionality.

11. Children’s Privacy

We do not knowingly collect data from children under 16 (or 13 where applicable). If you believe your child has provided us personal data, please contact us immediately to have it removed.

12. Security Measures

We take data protection seriously by implementing:

  • Encryption (e.g., TLS/SSL in transit; encryption at rest where appropriate)
  • Access controls and least‑privilege internal policies
  • Regular security audits and vulnerability testing
  • Staff training on data privacy

Despite these measures, no system is 100% secure. Please protect your login credentials and report any suspected breaches to us immediately.

13. Third‑Party Links & Embedded Content

Our site may link to or embed content from third parties (e.g., social media, plugins, payment services). These external platforms may collect data independently. We’re not responsible for their privacy policies-please review those separately.

14. Changes to This Privacy Policy

We may update this policy occasionally. Key changes will be flagged on the site or emailed to you if significant. Continuing to use PeriodSakhi after updates means you accept the new terms. We'll note the “Last Updated” date at the top every time.

15. International or Region‑Specific Disclosures

GDPR (for EU Users):

  • Data Protection Officer (if applicable): [Insert Contact]
  • Lawful Bases: Consent (Art. 6(1)(a)), Contract (6(1)(b)), Legal Obligation (6(1)(c)), Legitimate Interests (6(1)(f))
  • Your rights: Access, Rectification, Erasure, Restriction, Fallback to Manual Processing, Data Portability, Right to Object, Right to Withdraw Consent, Right to Lodge Complaint

CCPA / CPRA (for California Users):

  • Categories Collected: (e.g., Identifiers, Sensitive Health Data, Usage Data)
  • “Sale” or “Share”: We do not sell your data. We may share with service providers-thus not considered a “sale.”
  • Your Rights: Know what we collect; request deletion; opt‑out of sharing; non‑discrimination for exercising rights

India (DPDP Act 2023):

  • Data Fiduciary: PeriodSakhi is the data fiduciary
  • Purpose Limitation & Data Minimization: Only collect what’s necessary
  • Consent Requirements: Explicit and informed for sensitive data (e.g., health)
  • Grievance Officer: [Insert Name & Contact]

16. Contact Us

If you have questions, complaints, or wish to exercise your data rights, reach out:

PeriodSakhi Email: [Insert Support or DPO Email] (Address or other contact info, if required by applicable law)

Final Thoughts & Next Steps

  • Replace [placeholders] with actual data (email, retention periods, DPO fees)
  • Ensure your Cookie Banner and{" "} Consent Mechanism are implemented in line with this policy
  • For legal compliance, consider having this policy reviewed by a privacy or legal expert-especially under GDPR, CCPA, or DPDP Act.
  • Offer your users a clear “Request My Data” or{" "} “Delete My Data” workflow via your site or support channel.

This expanded version should cover the full range of best practices-from transparency and user rights to security, international compliance, and data lifecycle management. Let me know if you’d like this converted into HTML, a downloadable PDF template, or tailored specifically for GDPR or India’s DPDP Act.

;