Privacy Policy
Last updated: May 26, 2026
In plain language
- We collect your email and the data you choose to share.
- We use Anthropic's AI to generate commentaries and translate content into your language.
- We never sell your data. No ads. No data monetization.
- You can export or delete all your data at any time from Settings.
- The shloka explorer and courses work without sharing any personal data with AI providers.
1. Data Controller
Daily Gita Meditation (“we,” “us,” “our”) is the data controller responsible for your personal data. Daily Gita Meditation is an open-source project licensed under AGPLv3.
2. What We Collect
Account Data
When you create an account: email address, display name, date of birth (for age verification), and password hash (we never store your plaintext password).
Course Progress & Bookmarks
Course enrollment, lesson completion, quiz scores, and bookmarked verses are stored in your account.
Reflections
If you write reflections on daily wisdom, these are stored in your account (or locally on your device if you choose local-only mode). Reflections may record your philosophical and spiritual thoughts. Under GDPR Article 9, this constitutes special-category personal data (religious/philosophical beliefs), which we process only with your explicit consent.
Community Posts
Discussions and replies you post are public. To display them in other users' languages, their text may be sent to Anthropic for on-demand translation.
Technical Data
IP address (for rate limiting and security), browser user agent (for consent records). We do not use analytics cookies unless you opt in.
3. How We Use Your Data
| Purpose | Legal Basis (GDPR) |
|---|---|
| Account management, courses, bookmarks | Contract (Article 6(1)(b)) |
| Reflection journal (cloud sync) | Explicit consent (Article 9(2)(a)) |
| Content translation & generation | Legitimate interest (Article 6(1)(f)) |
| Rate limiting, security | Legitimate interest (Article 6(1)(f)) |
4. Third-Party Processors
We share data with the following processors only as necessary:
| Processor | Purpose | Data Shared |
|---|---|---|
| Anthropic (US) | Commentary generation & content translation | Verse, commentary, and public community post text |
| Hosting provider | Infrastructure | All data (encrypted at rest) |
Anthropic processes data in the United States. For EU users, transfers are covered by EU-US Data Privacy Framework certification and/or Standard Contractual Clauses.
5. Data Retention
- Reflections & community posts: Retained for the lifetime of your account unless you delete them.
- Account data: Retained until you delete your account.
- Rate limiting data: Redis keys expire automatically (24 hours).
- Backups: Retained for 30 days, then permanently deleted.
6. Your Rights
GDPR (EU/EEA)
- Access: Request a copy of all your data (Settings → Export Data).
- Erasure: Delete your account and all data (Settings → Delete Account).
- Portability: Export your data as JSON.
- Withdraw consent: Disable reflection cloud sync at any time in Settings.
- Object: Contact us to object to any processing based on legitimate interest.
CCPA/CPRA (California)
- We do not sell or share your personal information for cross-context behavioral advertising.
- You may request deletion of your data at any time.
- Religious beliefs and health data are sensitive personal information under CPRA.
DPDP Act (India)
- You may withdraw consent and request erasure at any time.
- Grievance officer contact: see Section 9 below.
7. Children
Daily Gita Meditation requires users to be at least 16 years old (18 in India). We do not knowingly collect data from children below these age thresholds. If you believe a child has created an account, please contact us.
8. Security
We use encryption in transit (TLS), encrypted passwords (bcrypt), row-level authorization on all user data, and rate limiting to protect against abuse. The application runs in Docker containers with non-root processes and internal-only database networks.
9. Contact
For privacy inquiries, data access requests, or to exercise any of your rights:
- Email: privacy@livegita.org
- Grievance Officer (India): privacy@livegita.org
We respond to all requests within 30 days.
10. Changes
We may update this policy. Significant changes will be communicated via the app. Continued use after changes constitutes acceptance.