HomeServicesPricingAbout UsContact usBlogs
Free Tools
Floor Plan MakerChaldean NumerologyTrigun QuizTatav (Element) QuizGreh (Planet) QuizLogin

Data Handling Policy

Last Updated: [August 01, 2025] At Mahaan Vastu, we take our responsibility as a data processor and data controller seriously. This Data Handling Policy ("Policy") explains how we collect, process, store, protect, and delete data entrusted to us by our users—primarily Vastu consultants—including the personal data of their clients inputted into the platform. This Policy forms part of our Terms & Conditions and Privacy Statement. By using our Service, you agree to this Policy and our practices outlined herein.

1. Definitions

a. User Data

Data provided by consultants for their own registration and usage (e.g., email, name, payment info).

b. Client Data

Personal and non-personal data about the consultant’s end-customers inputted into the Service for horoscope or Vastu analysis.

c. Personal Data

Any information relating to an identified or identifiable individual.

d. Processing

Any operation performed on personal data including storage, access, transmission, analysis, or deletion.

e. Data Controller

The consultant or business entity that decides the purposes and means of processing Client Data.

f. Data Processor

Mahaan Vastu, which processes data on behalf of the controller (consultant).

2. Roles and Responsibilities

• Mahaan Vastu acts as a data controller for User Data and as a data processor for Client Data (as uploaded by consultants). • Consultants are responsible for ensuring lawful collection and upload of their clients’ personal data and for compliance with applicable privacy laws in their jurisdictions.

3. Data Collection Practices

A. User Data

Collected during account creation, payment processing, and platform activity.

B. Client Data

Includes birth information, names, property plans, and zone-related annotations used for generating horoscopes and Vastu recommendations.

4. Data Processing Purposes

• Provide platform functionality such as horoscope generation, zone mapping, and customer records. • Analyse and generate automated interpretations based on Vedic astrology and Vastu principles. • Enable consultants to export, review, and manage client records and reports. • Comply with applicable legal and tax obligations.

5. Data Storage & Access

a. Storage Location

All data is securely stored on AWS servers located in US availability zones.

b. Encryption

Data is encrypted at rest and in transit using AES-256 and TLS 1.3 respectively.

c. Access Controls

• Internal access to user or client data is strictly role-based. • Only authorized technical or support staff can access data, and only when required for support or security. • Multi-factor authentication is enforced for internal admin access.

d. Backups

Daily encrypted backups are maintained for disaster recovery purposes, retained for up to 30 days.

6. Data Retention

Data TypeRetention Duration
User DataUntil account deletion + 12 months (for tax/legal)
Client DataRetained until manually deleted by User OR 12 months post subscription cancellation
Support Logs90 days from creation
Audit Logs12 months
Anonymized Usage DataIndefinitely for analytics and product improvement

7. Data Deletion & Export

a. User-Initiated Deletion

Consultants can delete client profiles or data directly through the dashboard.

b. Account Deletion

Users may request deletion of their account and associated data by emailing support@mahaanvastu.com.

c. Data Export

Users may export client data and reports in PDF or CSV format at any time before account cancellation.

d. Automated Purge

After 12 months of inactivity or termination, data is securely purged from all systems unless required for legal compliance.

8. Third-Party Processing

ProcessorPurposeLocationSafeguards
AWSCloud hostingUSAData encrypted, AWS DPA signed
StripePayment processingGlobalPCI-DSS compliant
Razorpay/CashfreePayment in IndiaIndiaRBI & PCI-DSS compliant
Helpdesk (e.g., Intercom/Zendesk)Customer supportUSA/IndiaAccess restricted, audit logged

All vendors are bound by Data Processing Agreements (DPAs) and confidentiality clauses.

9. Security Incident Response

We will investigate and contain the breach immediately.

Affected users will be notified within 72 hours after concluding our investigation, in compliance with GDPR and Indian IT security guidelines.

Logs and audit trails will be reviewed to assess the cause.

Preventive measures will be strengthened to avoid recurrence.

All incidents are documented and reviewed by our internal security response team.

10. Compliance Frameworks

We comply with: • Indian IT Act, 2000 & DPDP Act, 2023. • GDPR (as a data processor for EU/EEA clients). • California Consumer Privacy Act (CCPA) for applicable users. • AWS SOC 2 compliance indirectly via hosting architecture.

11. User Obligations

As a consultant using our platform: • You must obtain client consent before uploading their personal data. • You must not upload sensitive personal data (e.g., health records, financial data) unless directly required for Vastu consultation and permitted under law. • You agree not to misuse our platform to harvest, resell, or aggregate personal data without consent.

12. Policy Updates

We reserve the right to update this Policy as laws or practices evolve. Users will be notified of material changes via email or in-app notices. Continued use of the Service after updates constitutes agreement to the updated Policy.

13. Contact

If you have questions about this Policy or wish to exercise your rights, contact: Data Protection Officer – Mahaan Vastu Email: support@mahaanvastu.com Address: Vrindavan Orchards, Loharka Road, Amritsar 143001