Privacy Policy

1. Introduction

Naksh (“we”, “us”, or “our”) provides a personal rhythm and timing guidance application. This Privacy Policy explains how we collect, use, store, and protect your information when you use the Naksh mobile application (the “App”).

By using the App, you agree to the practices described in this policy. If you do not agree, please do not use the App.

2. Data We Collect

2.1 Data You Provide

• Birth date and time — Required for astronomical computation. Stored encrypted on your device.
• Birth location (city, latitude, longitude, timezone) — Required for chart calculation. Stored encrypted on your device.
• Display name — Optional, used only for personalization within the App.
• Email address — Collected only if you sign in via SSO (Google, Apple, or Facebook). Used for account identification and support.
• Privacy consent preferences — Your choices regarding cloud sync and analytics, stored encrypted on your device.

2.2 Data We Compute

• Chart data — Planetary positions, house placements, yoga patterns, Dasha timelines, and Panchanga elements are computed on your device using the Swiss Ephemeris library. These are derived from your birth data and current astronomical positions.
• Interpreted guidance — Daily textual guidance generated from your computed chart data.

2.3 Automatically Collected Data

• Analytics events — Screen views, feature usage patterns, and error reports. Collected only if you grant analytics consent during onboarding. No birth data or personal identifiers are included in analytics events.
• Crash reports — Technical diagnostic information to improve app stability.

3. How We Store Your Data

3.1 On-Device Storage (Default)

All personal data is stored encrypted on your device by default:

• iOS: Keychain Services (hardware-backed encryption)
• Android: EncryptedSharedPreferences (AES-256 encryption)

Birth data, consent preferences, and cached guidance are stored using platform-native encrypted storage. This data never leaves your device unless you explicitly enable cloud sync.

3.2 Cloud Storage (Optional)

If you sign in and grant cloud sync consent, the following data may be stored in Firebase Firestore:

• Birth data (encrypted at rest)
• Cached interpretation data (encrypted at field level using AES-256-GCM)
• User preferences

Cloud sync requires both: (a) signing in via SSO, and (b) explicitly granting cloud sync consent. Either can be revoked at any time.

4. Compatibility Matching & the EKM Protocol

4.1 Level 1 Sharing (Quick Match)

When you share a Quick Match code, only two integer values are transmitted: your Moon Nakshatra index and Moon Rashi index. No birth data, dates, times, or locations are shared.

4.2 Level 2 Sharing (Full Match)

Full Match sharing uses AES-256-GCM encryption. Birth data is encrypted on your device before transmission. Only the intended recipient with the correct share code can decrypt it.

4.3 Share Codes

Share codes are stored in Firebase Firestore with a 48-hour time-to-live (TTL) and are automatically deleted after expiration. Share codes contain only encrypted or encoded data as described above.

5. Third-Party Services

The App uses the following third-party services:

• Firebase Authentication — Processes SSO sign-in (Google, Apple, Facebook). Receives your name and email from the identity provider. Firebase Privacy.
• Firebase Firestore — Optional cloud storage for synced data. Data encrypted at rest.
• Firebase Analytics — Consent-gated usage analytics. No personal identifiers or birth data are included. Disabled unless you grant analytics consent.
• Google Places API — Used during onboarding for city search. Only the city name query is transmitted. No birth data or personal identifiers are sent.
• Google Gemini — Used to generate personalized guidance text. Receives aggregated computation data (planetary positions, dignity scores, yoga results) but does not receive raw birth data (date, time, or location). Limited to one request per user per day. Responses are cached.

6. Children's Privacy

Naksh requires age verification during onboarding. Users must confirm they are at least 18 years of age to use the App. We do not knowingly collect data from anyone under 18. If we learn that we have collected data from a minor, we will delete it promptly.

7. Your Rights

You have the following rights regarding your data:

• Export: Export all your data as a JSON file at any time from Profile > Privacy & Data > Export My Data.
• Delete: Permanently delete your account and all associated data from Profile > Privacy & Data > Delete Account. This removes data from your device, Firestore, and Firebase Authentication.
• Reset: Clear on-device data and restart onboarding at any time.
• Withdraw consent: Revoke cloud sync or analytics consent at any time. Withdrawal does not affect the lawfulness of prior processing.
• Access: View all stored data via the data export feature.
• Correction: Edit your birth data at any time from the Chart screen.

8. International Compliance

8.1 GDPR (European Union)

We process data under the lawful basis of consent. You may withdraw consent at any time. Data portability is provided via JSON export. You may request deletion of all data.

8.2 CCPA (California)

We do not sell personal information. You have the right to know what data we collect, request deletion, and opt out of analytics. We do not discriminate against users who exercise their privacy rights.

8.3 DPDPA (India)

We process data with your consent. You may access, correct, and erase your data. We provide a clear grievance mechanism via our support contact.

9. Data Security

• On-device encryption via platform Keychain / EncryptedSharedPreferences
• AES-256-GCM encryption for compatibility share codes and cloud-cached interpretations
• Field-level encryption for sensitive Firestore documents
• HTTPS/TLS for all network communication
• Code obfuscation for release builds
• Root/jailbreak and debugger detection

10. Data Retention

• On-device data: Retained until you delete the app or your account.
• Cloud data: Retained until you delete your account or withdraw cloud sync consent.
• Share codes: Auto-deleted after 48 hours.
• Analytics data: Retained per Firebase Analytics defaults (14 months), then automatically deleted.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes through the App or via the email associated with your account. Continued use after changes constitutes acceptance.

12. Contact

For questions, concerns, or data requests:

• Email: privacy@nakshapp.com
• Support: nakshapp.com/support