What we keep, and what we don't.

About Divya Vani

Divya Vaniis an AI service that roleplays the character of Krishna from the Bhagavad Gita, Mahabharata, and Bhagavata Purana. Krishna's voice in this app is generated by an AI language model (Anthropic's Claude). Divya Vani is not divine guidance, not a substitute for licensed therapy, medical care, or professional legal or financial advice. A disclaimer to this effect is permanently visible on the chat interface.

Data We Collect

• Anonymous browser identifier. An HttpOnly cookie named god_messenger_uid containing a randomly generated UUID. One-year expiry, per-browser, not accessible to client-side JavaScript. This is how we recognize you across visits without an account.
• Account name. When you choose to share your name during a conversation, it is stored so Krishna can address you in future replies. This is voluntary; the conversation works without it.
• Conversation summary. A brief AI-generated summary of your emotional thread across turns — the current concern, the current emotion, and a running narrative — stored so Krishna can continue the conversation across sessions instead of starting fresh each time. Field name: users_memory.context_summary.
• Long-term theme of your conversations. A short phrase capturing the slow-moving theme across many turns — used silently to shape the tone and the verse selection Krishna reaches for. Never narrated back to you. Field name: users_memory.growing_edge.
• Message count. A simple integer used to track how many messages you have sent toward the free tier (10 messages) before a seva contribution is asked.
• Seva purchase records. When you make a seva contribution, we store the Razorpay order ID, payment ID, amount in paise, tier (Pratham / Anjali / Bhakti / Param), status, and timestamps — used for refund handling and financial-compliance audit. We do not store bank details, card numbers, or UPI IDs — Razorpay handles those directly between your device and their servers.
• Full conversation logs.Verbatim user messages and Krishna's replies are stored in the table chat_logs so we can review them for product improvement (see Human review of conversations below). These logs are automatically deleted after 180 days. You can opt out of this logging at any time via /settings; when you opt out, future conversations are not logged in this table at all.
• Voice audio. When you use the microphone on the chat input, short utterance chunks of the recorded audio are sent to Sarvam AI (Saaras V3 — an Indian speech-to-text service based in Bengaluru; data does not leave India) for transcription. Each audio chunk is immediately discarded server-side after its transcription text is produced — only the resulting text becomes part of your conversation. We do not retain audio files.
• Krishna's voice (text-to-speech). To play Krishna's voice, the reply text is sent to ElevenLabs (a US-based company) so the audio can be generated. This data may be stored in the United States. We use this service only to generate audio; the text sent is not used by ElevenLabs to train their models.कृष्ण की आवाज़ सुनने के लिए, उनका जवाब-पाठ ElevenLabs (एक अमेरिकी कंपनी) के सर्वरों पर भेजा जाता है ताकि वहाँ ध्वनि बनाई जा सके। यह डेटा अमेरिका में संग्रहीत हो सकता है। हम इस सेवा का उपयोग केवल आवाज़ बनाने के लिए करते हैं, और भेजा गया पाठ ElevenLabs द्वारा अपने मॉडल को प्रशिक्षित करने के लिए उपयोग नहीं किया जाता।
• Local chat history.To keep your conversation visible if you refresh the page or return later, the messages shown in your chat are stored in your browser's localStorage. This data stays on your device only — it is not sent to our servers, not synced across devices, and is automatically removed when you clear your browser data.
• Webhook event metadata. Razorpay payment webhooks (event ID, event type, full event payload from Razorpay) are stored for audit and idempotency. The payload contains payment status and method (e.g., netbanking) but never card or bank-account numbers.
• Anonymous analytics. Aggregate page-view counts via Vercel Web Analytics. No individual IPs are stored or linked to identifiers.
• Error reports. If a server-side error occurs, the stack trace and error context are sent to Sentry for debugging. Personal information (IPs, request headers, cookies) is explicitly suppressed (sendDefaultPii: false).

Human Review of Conversations

Divya Vaniis built by a solo founder. To improve Krishna's voice — to catch when a reply lands wrong, to learn where the persona drifts, to make the next user's experience better — the founder occasionally reviews conversation logs. This is human review for product improvement, not automated training of an AI model. The same approach is used by Google Gemini, OpenAI ChatGPT, and Pi by Inflection, who also disclose human review in their privacy policies.

You can disable this review for your future conversations at any time via /settings. When disabled, your future conversations are not logged in our chat_logs table at all. The conversation summary (context_summary) is still saved because Krishna needs it to remember the thread across sessions — this is product function, not review material.

Existing conversations logged before you opted out remain until they are auto-purged at 180 days, or until you delete your data via /settings.

Data We Do Not Collect

• We do not see or store your bank details, card numbers, or UPI IDs. These flow directly between your device and Razorpay.
• We do not track you across other websites.
• We do not sell or rent data to advertisers, data brokers, or any third party.
• We do not run advertising networks.
• Our error tracker (Sentry) is configured to not receive your IP address, request headers, or cookies.

Third-Party Services

We use the following processors to deliver Divya Vani. Each has its own privacy policy, linked below.

• Anthropic (USA)— generates Krishna's responses (Claude Sonnet 4.6, Claude Haiku 4.5). Receives your current message plus relevant scripture context. Per Anthropic's Commercial Terms, your data is not used to train Anthropic's models. Privacy: anthropic.com/legal/privacy.
• Google (USA) — generates text embeddings (Gemini) used to retrieve relevant scripture for each message. Receives the message text. Privacy: policies.google.com/privacy.
• ElevenLabs (USA)— generates Krishna's spoken voice (text-to-speech). Receives the reply text to be voiced. Per ElevenLabs' terms, text submitted via the API is not used to train their models. Privacy: elevenlabs.io/privacy.
• Supabase — stores the data described above in a managed Postgres database. Service-role access from our server only. Privacy: supabase.com/privacy.
• Razorpay (India) — processes payments. Receives your payment intent and bank, card, or UPI details directly from your device; we never see those details. Privacy: razorpay.com/privacy.
• Vercel (USA) — hosts the application; serves pages and runs serverless API functions. Privacy: vercel.com/legal/privacy-policy.
• Sentry (USA) — error tracking. Configured with sendDefaultPii: false so personal request data is not transmitted. Privacy: sentry.io/privacy.
• Plausible Analytics (EU) — privacy-friendly website analytics: no cookies, no cross-site tracking, no personal identifiers. Used to understand aggregate funnel and traffic patterns. GDPR / DPDP / CCPA compliant by default. Hosted by Plausible Insights OÜ (Estonia, EU). Privacy: plausible.io/privacy.

Cross-Border Data Transfer

Some of our processors (Anthropic, Google, ElevenLabs, Vercel, Sentry, Plausible) are based outside India. Under Section 16 of the Digital Personal Data Protection Act 2023, cross-border transfer is permitted subject to government-notified restrictions. As of the effective date of this notice, no such restrictions apply to these jurisdictions. We will update this notice if the regulations change.

Your Rights

Under India's Digital Personal Data Protection Act 2023, you have the following rights:

• Right to access: request a summary of the data we hold about you.
• Right to correction and erasure: request that we correct inaccurate data or delete your data.
• Right to grievance redressal: raise concerns about how your data is handled.
• Right to nominate: appoint someone to exercise these rights on your behalf in the event of incapacity or death.

To exercise any of these rights, email us at grievance.divyavani@gmail.com. We respond within 30 days as required by Section 13 of the DPDP Act.

• Opt out of conversation review — toggle in /settings. Takes effect immediately for future conversations.
• Delete all your data— “Delete everything” button in /settings. Removes conversation logs, safety events, summary, name, and memory. Payment records are retained per Indian financial law.
• View this policy— you're reading it now.

Children's Data

Divya Vani is not intended for users under 18 years of age. We do not knowingly collect data from minors. If we learn that data from a minor has been collected, we will delete it promptly. Parents or guardians who believe their child has used the service can contact us for deletion.

Data Retention

• Conversation logs (chat_logs): 180 days, then automatically deleted by a nightly purge. Skipped entirely for users who have opted out of conversation review via /settings.
• Conversation summary, name, and memory (users_memory): retained until you delete your data via /settings. If you continue using Divya Vani indefinitely, this data persists indefinitely so Krishna can continue to remember the thread of your conversations.
• Safety events (flagged turns only, stored in the safety_events table): retained for safety review and pattern detection, no fixed automatic-deletion window. These are reviewed under the duty-of-care described in our Terms.
• Payment records: retained per Indian financial law (typically 7+ years per the Income Tax Act and RBI reconciliation requirements). NOT deleted when you delete your data via /settings.
• Voice audio: never retained. Transcribed via Sarvam AI Saaras V3 (Bengaluru, India — data stays in India) and immediately discarded server-side after the transcription text is produced.
• Webhook event audit: retained for Razorpay reconciliation and idempotency. No user-facing impact; not deleted when you delete your data.
• Anonymous cookies:1-year expiry; can be cleared via your browser at any time. Cleared automatically when you use the “Delete all my data” button in /settings.
• Sentry error logs:30-day retention (Sentry's default). No personal information is sent to Sentry (see Data We Collect above).

Security

• All data in transit is encrypted via HTTPS (TLS).
• The identity cookie is HttpOnly — not accessible to client-side JavaScript, mitigating cross-site scripting risk.
• API keys for Anthropic, Google, Razorpay, and the Supabase service-role are server-only; they are never exposed to browsers.
• Razorpay webhook deliveries are validated using HMAC-SHA256 signatures before being processed.
• No security claim is absolute. No system can guarantee complete protection against determined adversaries.

Changes to This Policy

We may update this notice. Material changes will be reflected on this page with a revised “Last updated” date. Continued use of Divya Vani after such changes constitutes acceptance of the revised policy.

Contact and Grievance Officer

For privacy questions, deletion requests, or grievances under the DPDP Act:

Krishna Yadav
grievance.divyavani@gmail.com

Per Section 13 of the DPDP Act, we acknowledge grievances and respond within 30 days.