Privacy Policy

Effective Date / Last Updated: [Insert Date, e.g., March 17, 2026]

Shreehari ("we", "us", "our") owns and operates the mobile application Shreehari Appointment (the "App"). We are committed to protecting your privacy and handling your personal data responsibly in compliance with applicable laws, including the Digital Personal Data Protection Act, 2023 (DPDPA) of India (when fully enforced), the Information Technology Act, 2000, and other relevant regulations.

This Privacy Policy explains what information we collect, how we use, share, store, and protect it when you use our App, which enables users to view available time slots and book appointments with service providers. By using the App, you consent to the practices described herein. If you do not agree, please do not use the App.

1. Information We Collect

1.1 Information You Provide Voluntarily

• Account creation / registration: Full name, email address, mobile phone number, password (stored securely hashed), profile photo (optional), date of birth / age (if required for service eligibility).
• Google Sign-In (OAuth): If you choose to sign in with Google, we receive your basic profile information (name, email address, profile picture) as authorized by the scopes you approve.
• Booking-related data: Selected appointment slots, date & time, service type/category, any additional notes/comments you enter, preferred provider (if applicable).
• Communication: Messages, support tickets, feedback, or any information you submit through in-app forms or chat.
• Future payments (if monetized): Billing address, transaction metadata (we use secure third-party payment gateways and do not store full card details).

1.2 Information Collected Automatically

• Device & technical data: Device ID/IMEI (masked where possible), device model, OS version, IP address, mobile network, app version, unique advertising ID.
• Usage & analytics: Pages viewed, time spent, booking flow interactions, search terms, crash reports, performance metrics (via tools like Firebase Analytics/Crashlytics).
• Location data: Approximate location (city-level via IP) or precise location (if you enable it for nearby slot/provider discovery) — only collected with explicit consent.
• Cookies & similar tech: For session management, analytics, and personalized experience (you can manage via device settings).

2. How We Use Your Information

• To create, authenticate, and maintain your user account.
• To display available slots, process and confirm bookings, send booking confirmations, reminders, rescheduling/cancellation notifications (via push, email, SMS).
• To facilitate communication between you and service providers (sharing only necessary booking details with the provider).
• To personalize your experience, improve the App, conduct analytics, debug issues, and enhance features.
• To send important service announcements, security alerts, and (with consent) promotional offers or newsletters.
• To detect, prevent fraud, abuse, or unauthorized access.
• To comply with legal obligations, respond to court orders, or protect rights/safety.
• If we introduce fees/subscriptions: to process payments and manage billing.

3. Legal Basis for Processing

We process your data based on:

• Your consent (e.g., location, marketing communications).
• Performance of contract (account creation, booking fulfillment).
• Legitimate interests (analytics, security, service improvement — balanced against your rights).
• Legal compliance.

4. Sharing & Disclosure of Information

We do **not** sell your personal data. We may share it with:

• Service providers / processors: Cloud hosting (e.g., AWS/GCP), analytics (Firebase/Google Analytics), email/SMS gateways, push notification services — under strict data processing agreements.
• Appointment providers/partners: Only the minimum data needed to fulfill your booking (name, phone/email, appointment details, notes).
• Payment processors (future): For transactions — they handle sensitive payment data independently.
• Legal authorities: If required by law, court order, government request, or to protect our rights/users.
• Business transfers: In case of merger, acquisition, or sale of assets.

5. Data Retention

We keep your data only as long as necessary:

• Active accounts & recent bookings: indefinitely while account is active + 1 year after last activity.
• Legal/tax requirements: up to 7 years for financial/transaction records (if monetized).
• Analytics data: aggregated/anonymized form retained longer for trend analysis.

You can request deletion (see Rights section).

6. Your Rights as Data Principal / User

Subject to applicable law (including DPDPA when enforced), you may:

• Access, correct, update, or delete your personal data.
• Withdraw consent (where processing is consent-based) — note this may limit App functionality (e.g., no reminders without contact info).
• Opt out of marketing communications.
• Request data portability (in structured format).
• Grievance redressal: Contact our Grievance Officer (details below).

Submit requests to [privacy@yourdomain.com]. We will respond within timelines prescribed by law (usually 30 days).

7. Security of Your Data

We implement reasonable technical, organizational, and physical safeguards (encryption in transit/rest, access controls, regular audits). However, no system is completely secure — please protect your login credentials and device.

8. Children's Privacy

The App is not directed at children under 18 (or the age of digital consent in your jurisdiction). We do not knowingly collect data from minors. If discovered, such data will be deleted immediately.

9. International Data Transfers

Your data may be processed outside India (e.g., on global cloud servers). We ensure adequate safeguards (contracts, adequacy decisions) as required by law.

10. Changes to This Policy

We may update this policy. Significant changes will be notified in-app or via email. Continued use constitutes acceptance.

11. Contact & Grievance Officer

Thank you for trusting us with your information.