Effective Date: September 03, 2025

Last Updated: January 03, 2026

Introduction

Welcome to Suryakantham.io ("we," "us," or "our"). This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you visit our website at suryakantham.io (the "Website"). As an author website based in India, we are committed to protecting your privacy and complying with applicable data protection laws, including the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the Digital Personal Data Protection Act, 2023 and its Rules.

By using our Website, you expressly consent to the practices described in this Privacy Policy.

What Information We Collect

Personal Information

We may collect the following types of personal information when you interact with our Website:

  • Contact Information: Name, email address, phone number
  • Communication Data: Messages sent through contact forms, comments on blog posts, newsletter subscriptions, poll/survey responses, contest entries
  • Technical Information: IP address, browser type, device information, pages visited, time spent on pages
  • Cookies and Tracking Data: Information collected through cookies, web beacons, and similar technologies

Sensitive Personal Information

We may collect the following sensitive personal data (as defined under Indian IT Rules) only with your express written consent:

  • Financial Information: Payment information including billing address, credit card numbers (when purchasing books or services)
  • Passwords: Username and password combinations for account access
  • Personal Details: Date of birth (day, month, year) when required for age verification or personalized services
  • Security Information: Responses to security questions including places of significance, pet names, family member names

Important: We obtain your express written or electronic consent before collecting any sensitive personal data. This consent is recorded through secure electronic mechanisms including checkbox confirmations and email verification processes.

How We Collect Information

We collect information through:

  • Direct Submission: Contact forms, newsletter signups, comment sections, account registration
  • Automatic Collection: Cookies, analytics tools, server logs
  • Third-Party Services: Google Analytics, social media plugins, email service providers
  • Express Consent Mechanisms: Electronic consent forms, checkbox confirmations, email verification

Lawful Basis and Purpose for Data Processing

We process your personal information for the following lawful purposes under the Digital Personal Data Protection Act, 2023:

  • Website Operation: To provide and maintain our website services
  • Communication: To respond to your inquiries, comments, and feedback
  • Content Delivery: To share blog posts, book updates, and literary content
  • Newsletter Services: To send periodic updates about new publications and events (with your consent)
  • Analytics: To understand website usage and improve user experience
  • Legal Compliance: To comply with applicable laws and regulations
  • Contract Performance: To fulfill purchases and service agreements

Data Sharing and Disclosure

We may share your information with:

  • Service Providers: Third-party services like email platforms, payment processors, analytics providers, and hosting services (under data processing agreements)
  • Legal Requirements: When required by law, court orders, or government authorities
  • Business Transfers: In connection with mergers, acquisitions, or asset sales (with prior notification)

We do not sell, rent, or lease your personal information to third parties.

Your Rights Under Indian Law

Under the Digital Personal Data Protection Act, 2023 and IT Rules, you have the following rights:

  • Right to Access: Request information about the personal data we hold about you
  • Right to Correction: Request correction of inaccurate or incomplete information
  • Right to Erasure: Request deletion of your personal information (subject to legal requirements)
  • Right to Data Portability: Receive your data in a structured, machinereadable format
  • Right to Consent Withdrawal: Withdraw consent for data processing at any time
  • Right to Grievance Redressal: Lodge complaints with our Grievance Officer or the Data Protection Board of India
  • Right to Nominate: Nominate another person to exercise your rights in case of death or incapacity

To exercise these rights, use the contact form on our website.

Consent Management

How We Obtain Consent

  • Express Consent for Sensitive Data: We obtain your written/electronic consent through secure checkbox mechanisms, email confirmations, and electronic consent forms before collecting sensitive personal data
  • Consent Recording: All consent is recorded with timestamps and maintained for audit purposes
  • Consent Withdrawal: You can withdraw consent at any time through your account settings, email links, or by contacting our Grievance Officer

Verifiable Parental Consent

For users under 18 years of age, we obtain verifiable parental consent through secure verification processes including parent email confirmation and identity verification.

Data Security Measures

We implement comprehensive security safeguards as required under Indian law:

  • Encryption: Personal data is encrypted during transmission and storage
  • Access Controls: Strict authentication and authorization mechanisms
  • Monitoring: Continuous monitoring with access logs retained for one year
  • Data Backup: Secure backup systems for business continuity
  • Security Audits: Regular security assessments and vulnerability testing
  • Incident Response: Documented procedures for breach detection and response

    • However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

Data Breach Notification

In the event of a personal data breach, we will:

  • Notify the Data Protection Board of India within 72 hours of becoming aware of the breach
  • Notify affected users within 72 hours where the breach is likely to result in harm
  • Provide details of the breach, its likely consequences, and measures taken to address it
  • Provide details of the breach, its likely consequences, and measures taken to address it

Data Retention and Deletion

  • We retain personal data only as long as necessary for the purposes outlined in this policy or as required by law
  • Inactive accounts: Personal data of users who have not interacted with our website for three years will be permanently deleted
  • Deletion Notice: We will notify you at least 48 hours before permanent deletion of your data
  • Retention Logs: Security logs and access records are retained for one year as required by law

Cookies and Tracking Technologies

Our Website uses cookies to enhance your browsing experience. We use cookies for:

  • Website functionality and performance
  • Analytics and usage tracking
  • Social media integration
  • Personalized content delivery

You can control cookie preferences through your browser settings or our cookie consent banner.

Children's Privacy

  • Our Website is not intended for children under 18 years of age
  • We obtain verifiable parental consent before collecting data from minors
  • Parents can review, modify, or delete their child's information by contacting our Grievance Officer
  • Special protections apply to children's data as per Indian law

Cross-Border Data Transfers

  • Your data is primarily processed within India
  • Any international transfers will be conducted only to countries approved by the Government of India for data transfers
  • We ensure adequate safeguards for international transfers as required by Indian law

Updates to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will notify you of significant changes by:

  • Posting the updated policy on our Website with a prominent notice
  • Sending email notifications to newsletter subscribers
  • Updating the "Last Modified" date at the top of this policy
  • Obtaining fresh consent where required by law for material changes

Governing Law and Jurisdiction

The laws of India govern this Privacy Policy. Any disputes will be subject to the exclusive jurisdiction of courts in Hyderabad, India.

Data Protection Compliance Statement

This privacy policy complies with:

  • Information Technology Act, 2000
  • Information Technology (Reasonable Security Practices) Rules, 2011
  • Digital Personal Data Protection Act, 2023
  • Digital Personal Data Protection Rules, 2025

Contact Us and Grievance Redressal

For general privacy inquiries:

  • Contact form: Available in the Contact section of our website