Last updated: May 30, 2026
Eksath ("we", "us", "our") provides a relationship-wellness mobile application available worldwide. This Privacy Policy explains what personal data we collect, how we use and share it, and the rights you have. It is published in line with India's Digital Personal Data Protection Act, 2023 (the "DPDP Act") and the Information Technology Act, 2000, and — for users in the European Economic Area (EEA) and the United Kingdom — the EU and UK General Data Protection Regulation ("GDPR"). Eksath is intended only for users aged 18 and above.
The data controller / Data Fiduciary is the operator of Eksath, contactable at support@eksath.app.
Account data: your name, email address, and — for email sign-ups — a securely hashed password. If you sign in with Google or Apple, we receive your name and email from that provider.
Relationship content: your check-in answers, the mood/emotion you select, the "Whispers" generated for you, and gratitude notes you send or receive. This content can be personal and sensitive.
Device & technical data: a push-notification token, your platform (iOS/Android/web), and limited technical information such as the IP address recorded with login sessions for security.
We use your information to operate your account, deliver check-ins and reminders, generate personalized "Whispers", process subscriptions, send transactional emails, and keep the service secure. We do not sell your personal data.
Where the GDPR applies, our legal bases are your consent (which you may withdraw at any time) and the performance of our contract with you for core account and security functions. Because relationship and emotional content can be sensitive ("special category") data, we rely on your explicit consent to process it.
To generate "Whispers", your check-in answers and selected emotions are sent to AI providers — Google (Gemini) and, as a fallback, OpenAI — which process them to return suggestions. We also rely on: Google Firebase (authentication and push notifications), RevenueCat together with the Apple App Store / Google Play (subscription management and payments — we never see or store your card details), and Brevo (sending transactional emails). Each provider receives only the data needed for its function.
Our application servers and several of the providers above are located outside India and outside the EEA/UK (including in the United States). For transfers of EEA/UK personal data we rely on appropriate GDPR safeguards — providers self-certified under the EU-US Data Privacy Framework where available, and Standard Contractual Clauses (SCCs) otherwise. Under the DPDP Act, we transfer data only to countries not restricted by the Government of India. By using Eksath you are informed of these transfers.
We keep your personal data for as long as your account is active. When you delete your account, your identifying information is removed or anonymized; content shared within a relationship may be retained in anonymized form for the other member's history. Verification and security tokens expire automatically.
You can request a copy of your data, and delete your account in-app or here. Depending on where you live, you also have the rights to rectification, erasure, restriction of or objection to processing, data portability, and to withdraw consent at any time (withdrawal does not affect processing already carried out). To exercise any right, email support@eksath.app. You may also nominate another person to exercise these rights on your behalf.
If you are in the EEA or UK and believe we have mishandled your data, you have the right to lodge a complaint with your local data protection supervisory authority.
Eksath is not directed to, and may not be used by, anyone under the age of 18. We do not knowingly collect personal data from children. If you believe a minor has provided us data, contact us and we will delete it.
We protect your data with encryption in transit (TLS), strong password hashing, rate limiting, and access controls. No method of transmission or storage is completely secure, but we work to protect your information and will notify you and the Data Protection Board of a personal-data breach as required by law.
In accordance with the DPDP Act and the Information Technology Rules, you may address any grievance about the processing of your personal data to our Grievance Officer:
Aakash Uniyal
Grievance Officer, Eksath
Email: support@eksath.app
We will acknowledge your complaint within 24 hours and resolve it within the timelines prescribed by law.
EEA / UK users: for any data-protection matter you can contact us directly at support@eksath.app, and you may lodge a complaint with your local supervisory authority.
We may update this policy from time to time. Material changes will be reflected by the "Last updated" date above, and where required we will ask for your consent again.
Questions about this Privacy Policy? Email support@eksath.app.