Privacy Policy

Drishyaalok ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and services.

1. INFORMATION WE COLLECT

1.1 Information You Provide

• Account Information: Email address, username, password (encrypted), profile picture
• Google Sign-In Data: Email, name, profile photo (if you choose Google authentication)
• Content Uploads: Videos, thumbnails, metadata, descriptions
• Payment Information: Transaction data processed through Google Play Billing (we do NOT store credit card details)
• Communications: Messages you send through support channels

1.2 Information Collected Automatically

• Device Information: Device model, operating system, unique device identifiers
• Usage Data: Watch history, search queries, engagement metrics (likes, shares)
• Log Data: IP address, app crashes, performance data
• Cookies and Similar Technologies: Session tokens, authentication cookies

1.3 Information from Third Parties

• Google Sign-In: Profile information from Google OAuth
• Payment Processors: Transaction confirmations from Google Play

2. HOW WE USE YOUR INFORMATION

We use collected information for:

• Service Provision: Creating and managing your account, providing access to content
• Content Delivery: Streaming videos, managing watchlists, content recommendations
• Payment Processing: Processing ticket purchases, managing transactions
• Google Play Compliance: Supporting Play Billing purchase validation and fraud checks
• Personalization: Customizing content recommendations based on watch history
• Security: Detecting fraud, preventing abuse, enforcing Terms of Service
• Communication: Sending notifications, updates, support responses
• Analytics: Understanding app usage, improving performance
• Legal Compliance: Complying with legal obligations, responding to legal requests

3. LEGAL BASIS FOR PROCESSING (GDPR)

For users in the European Economic Area (EEA), we process personal data based on:

• Consent: You have given clear consent for specific processing activities
• Contract: Processing is necessary to fulfill our Terms of Service
• Legal Obligation: We must comply with legal requirements
• Legitimate Interest: Processing is in our legitimate business interests (fraud prevention, service improvement)

4. DATA SHARING AND DISCLOSURE

4.1 Third-Party Service Providers

We share limited data with trusted processors only for service delivery and security:

• Supabase: Database and authentication services (data stored securely)
• Cloudflare R2: Cloud storage for video content
• Google Play Services: Authentication and payment processing
• Firebase Cloud Messaging: Push notifications

We do not sell personal data to advertisers or data brokers.

4.2 Legal Requirements

We may disclose information:

• To comply with legal obligations (court orders, subpoenas)
• To enforce our Terms of Service
• To protect rights, property, or safety of Drishyaalok, users, or public
• In connection with copyright infringement claims (DMCA notices)

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, user information may be transferred to the acquiring entity.

4.4 Public Information

• Content you upload is publicly visible on the platform
• Your username and profile picture are visible to other users
• Watch history and engagement metrics may be visible to content uploaders (anonymized)

5. DATA SECURITY

We implement security measures including:

• Encryption: TLS/SSL encryption for data in transit, encryption at rest for sensitive data
• Password Security: Passwords are hashed and never stored in plain text
• Access Controls: Row-level security policies on database
• Authentication: JWT tokens with expiration, secure session management
• Anti-Piracy: Screen recording and screenshot protections

Note: No method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

6. DATA RETENTION

• Account Data: Retained while your account is active
• Watch History: Retained for 2 years or until deletion requested
• Payment Records: Retained for 7 years (legal requirement)
• Uploaded Content: Retained until you delete it
• Backup Data: May persist in backups for up to 90 days after deletion

7. YOUR PRIVACY RIGHTS

7.1 Rights for All Users

• Access: Request a copy of your personal data
• Correction: Update inaccurate or incomplete information
• Deletion: Request deletion of your account and data
• Opt-Out: Disable push notifications

7.2 Additional GDPR Rights (EEA Users)

• Data Portability: Receive your data in a machine-readable format
• Restrict Processing: Limit how we use your data
• Object to Processing: Object to data processing based on legitimate interest
• Withdraw Consent: Withdraw consent at any time
• Lodge Complaint: File a complaint with your local data protection authority

7.3 CCPA Rights (California Users)

• Know: Request details about personal information we collect
• Delete: Request deletion of personal information
• Opt-Out of Sale: We do NOT sell personal information
• Non-Discrimination: We will not discriminate against you for exercising your rights

To exercise your rights, contact us at: privacy@drishyalok.com

8. CHILDREN'S PRIVACY

• Our app is intended for users aged 13 and above
• We do not knowingly collect data from children under 13
• Users aged 13-17 must have parental consent
• If we discover we have collected data from a child under 13, we will delete it immediately
• Parents can contact us to request deletion of their child's data

9. COOKIES AND TRACKING TECHNOLOGIES

9.1 Types of Cookies

• Essential Cookies: Required for authentication and security (cannot be disabled)
• Functional Cookies: Remember your preferences and settings
• Analytics Cookies: Help us understand how users interact with the app

9.2 Managing Cookies

You can clear app data through your device settings, but this will log you out and reset preferences.

10. PUSH NOTIFICATIONS

• We send push notifications for new content, updates, and promotional offers
• You can disable push notifications in your device settings
• We use Firebase Cloud Messaging for notification delivery
• Notification data includes device tokens (anonymized)

11. INTERNATIONAL DATA TRANSFERS

• Your data may be transferred to and processed in countries outside your own
• We ensure appropriate safeguards are in place (Standard Contractual Clauses, adequacy decisions)
• Data hosting: Supabase (US/EU regions), Cloudflare R2 (global CDN)

12. AUTOMATED DECISION-MAKING

• Recommendation Algorithm: We use algorithms to suggest content based on watch history
• Content Moderation: Automated systems flag potentially violating content
• No Profiling: We do NOT use automated decision-making for decisions that significantly affect you

13. THIRD-PARTY LINKS

Our app may contain links to third-party websites or services. We are not responsible for the privacy practices of these external sites. Please review their privacy policies separately.

14. CHANGES TO THIS PRIVACY POLICY

• We may update this Privacy Policy from time to time
• Material changes will be communicated via app notifications or email
• Continued use after changes constitutes acceptance
• Last updated date is shown at the top of this policy

15. CONTACT US

For privacy-related questions or requests:

• Privacy Email: privacy@drishyalok.com
• Data Protection Officer: dpo@drishyalok.com
• General Support: support@drishyalok.com