Privacy Policy

Amrit Vela with Sunanda ("Amrit Vela", "we", "us", or "our") operates the website amritvelawithsunanda.com and the related programs offered through it. We respect your privacy and have written this policy in plain language so you know exactly what we collect, why we collect it, and what choices you have.

This policy applies whenever you visit the site, create an account, register for a program, or otherwise interact with our services. By using the site you agree to the practices described below.

2.1 You give us directly

• Account profile — name and email address (received from Google when you choose to sign in with Google, or entered by you if you sign up with email and password).
• Registration details — first name, last name, phone number, and age, captured on the program registration form.
• Consent & intake responses — city, how you heard about us, your meditation background, what you hope to gain, any health concerns you choose to share, your acknowledgement of the early-morning-practice advisory, and your acceptance of the program guidelines.
• Payment confirmation — a UPI transaction reference and an optional screenshot you upload after paying. We do not see your card, UPI PIN, or bank credentials; the payment is completed inside your own UPI app.
• Communications — any message you send us by email or Instagram direct message.

2.2 Collected automatically

• Technical metadata — IP address, browser user-agent, device type, and the timestamps of your requests, captured in our hosting provider's standard access logs.
• Authentication tokens — short-lived session and refresh tokens stored in your browser so you stay signed in.
• Wizard progress — the state of the multi-step registration form, kept in your browser's sessionStorage so you can navigate between steps without losing what you typed.

We do not run third-party advertising trackers, analytics pixels, or behavioural-profiling cookies on this site.

When you choose Continue with Google, Google asks you to confirm that you want to share basic profile information with Amrit Vela. We receive only the data shown to you on that consent screen, which is limited to:

• Your name
• Your email address (used as your account identifier)
• Your Google account ID (a unique number Google assigns; never shown publicly)
• Your profile picture URL, if Google chooses to send it

You can revoke Amrit Vela's access at any time from your Google Account permissions page. Revoking access does not delete the Amrit Vela account itself — for that, see Section 8.

We use the data we collect to:

• Create and secure your account and let you sign back in.
• Register you for a program, hold your seat, and confirm your payment.
• Send you transactional emails — registration receipts, batch reminders, schedule updates, and payment approvals or rejections.
• Let Sunanda personalise the program based on what you shared in the consent form (e.g. health considerations, prior meditation experience).
• Operate, debug, and improve the website — for example, by reading server logs when something breaks.
• Meet our legal obligations (tax records, fraud prevention, responding to lawful requests).

We share information only with service providers who help us operate the platform, and only to the extent needed for that purpose:

• Amazon Web Services (AWS) — hosts our database, file storage, authentication, email delivery, and serverless application code. AWS acts as our data processor; data is kept in AWS data centres in the Asia-Pacific region.
• Google — when you sign in with Google, your authentication is handled by Google's identity system. Google's own privacy policy governs how Google processes your credentials.
• Your UPI bank / payment app — when you pay, the transaction happens inside your own banking or UPI app. We never see your card or banking credentials.
• Legal authorities — only when we are legally required to disclose information in response to a valid court order or government request.

We do not share your registration details with other participants. The program runs in batches, but your intake responses are visible only to Sunanda.

Personal data is stored in encrypted-at-rest AWS DynamoDB tables and S3 buckets, with transport secured by HTTPS. Access is restricted to Sunanda and the platform's maintainers, with all administrative actions logged.

We retain account and registration data for as long as your account is active and for a reasonable period afterwards so we can answer questions about past programs, issue receipts on request, and comply with applicable record-keeping laws. Payment screenshots are deleted automatically 30 days after upload by a storage lifecycle policy.

We use industry-standard safeguards, but no internet service can be guaranteed 100 % secure. If we ever become aware of a breach that affects your data, we will notify you and the relevant authorities as required by law.

We use only the cookies and storage entries that are strictly necessary for the site to work:

• Authentication tokens — issued by Amazon Cognito so you stay signed in across pages.
• Wizard state — kept in your browser's sessionStorage while you fill the registration form; cleared when you close the tab.

We do not use advertising cookies, cross-site trackers, fingerprinting, or third-party analytics.

Regardless of where you live, you can ask us to:

• Access the personal data we hold about you.
• Correct anything that is inaccurate.
• Delete your account and the personal data associated with it (we may retain limited records to satisfy legal obligations — e.g. tax receipts).
• Export your registration and consent responses as a JSON or PDF file.
• Withdraw consent at any time. Where processing was based on your consent, withdrawing it stops future processing but does not affect what we did beforehand.

To exercise any of these rights, email us at sunandakiran06@gmail.com. We aim to respond within 30 days.

Our programs are designed for adults. The site is not directed at children under 16, and we do not knowingly collect personal data from them. If you believe a child has provided us with their information, please contact us and we will delete it promptly.

We are based in India. The AWS region we use is located in Asia-Pacific. If you access the site from outside that region, your information will be transferred to and processed there. By using the site you consent to that transfer.

We may update this policy from time to time — for example, when we add a new feature or our data practices change. The "Effective" date at the top will reflect the latest revision. If the change is material, we will also notify registered users by email before the new version takes effect.

Questions, complaints, or requests under this policy go to: