Privacy Policy

Effective date: 28 April 2026  ·  Last updated: 28 April 2026

1. Who We Are

VedicMatching operates the website at vedicmatching.com. We are the data controller for the personal information you provide to us. For privacy enquiries, contact us at privacy@vedicmatching.com.

2. What Data We Collect

We collect the following categories of personal data:

Category	Data collected	Purpose
Account data	Name, email address, password (hashed), gender, current city	Account creation, authentication, profile display
Birth data	Date of birth, time of birth, birth city, latitude, longitude, UTC offset	Guna Milan calculations. Stored separately from profile data.
Profile data	Bio, profile photo (if provided)	Displayed on your profile to other members (if in pool)
Compatibility data	Guna Milan scores between user pairs	Cached to avoid recalculation. Never shared individually.
Usage data	Login timestamps, last active date, profile views	Service operation, security, abuse prevention
Messages	Messages sent between members	In-app messaging. Stored encrypted at rest.

We do not collect: payment information, government ID, social media data, device fingerprints, advertising identifiers, or location beyond what you explicitly provide.

We do not use tracking cookies or third-party analytics. No advertising networks have access to your data.

3. Birth Data — Special Handling

Birth data (date, time, and place of birth) is treated as sensitive personal information. We apply the following protections specifically to birth data:

• Stored in a separate database table from your public profile
• Never displayed to other members in any form
• Used only for astrological calculations on our server — never sent to third parties in identifiable form
• Calculations are performed server-side — your birth data does not leave our server
• Deleted permanently when you delete your account

4. How We Use Your Data

We use your personal data only for the following purposes:

• Providing the service — calculating Guna Milan compatibility, displaying your profile, enabling messaging
• Authentication — verifying your identity when you sign in
• Communications — sending account verification, password reset, and daily match emails (where you have opted in)
• Security — detecting and preventing fraudulent or abusive use
• Legal compliance — retaining records as required by applicable law

We do not use your data for advertising, profiling, automated decision-making with legal effect, or any purpose not listed above.

5. Who We Share Data With

We do not sell your personal data. We share data only in the following limited circumstances:

• Other members (limited) — if you enable the Community Pool, your public profile (name, age, city, bio) is visible to other registered members. Your birth data is never shared.
• Service providers — our email provider (Namecheap Private Email) receives your email address and email content to deliver messages. They are contractually prohibited from using this data for any other purpose.
• Legal requirements — we may disclose data if required by law, court order, or to protect the safety of our users or the public.

All data is stored on servers within our on-premises infrastructure. We do not use cloud data processors for personal data storage.

6. Data Retention

• Active accounts — data retained for as long as your account is active
• Deleted accounts — all personal data deleted within 30 days of account deletion request
• Compatibility scores — deleted within 30 days of either user's account deletion
• Email logs — retained for 90 days for debugging, then deleted
• Security logs — retained for 12 months, then deleted

7. Security

We protect your data with the following measures:

• Passwords hashed using bcrypt with cost factor 12 — never stored in plain text
• All connections encrypted using TLS (HTTPS)
• Birth data stored in a separate database table with restricted access
• JWT authentication tokens with 7-day expiry
• Rate limiting on all authentication endpoints to prevent brute force attacks
• Server access restricted and monitored

No security system is perfect. In the event of a data breach that affects your rights, we will notify you within 72 hours of becoming aware.

8. Your Rights

You have the following rights regarding your personal data:

To exercise any of these rights, email us at privacy@vedicmatching.com. We will respond within 30 days.

9. Cookies

VedicMatching uses only a single functional item stored in your browser: a JWT authentication token stored in localStorage. This is necessary to keep you signed in between sessions.

We do not use advertising cookies, analytics cookies, or any third-party tracking technology. No cookie consent banner is required as we use no non-essential cookies.

10. Children's Privacy

VedicMatching is not directed at persons under 18. We do not knowingly collect personal data from anyone under 18. If you believe a minor has created an account, please contact us at privacy@vedicmatching.com and we will delete the account promptly.

11. International Users

VedicMatching is operated from servers located in our on-premises infrastructure. If you access the service from outside the jurisdiction where our servers are located, your data may be transferred internationally. By using the service, you consent to this transfer.

For users in the European Economic Area: we process your data on the legal basis of contract performance (to provide the service you have requested) and legitimate interests (security and fraud prevention).

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users by email of any material changes at least 14 days before they take effect. The current version is always available at vedicmatching.com/privacy.html.

13. Contact

For any privacy-related questions or to exercise your rights, contact us at:
privacy@vedicmatching.com

We aim to respond to all privacy enquiries within 30 days.