Privacy Policy
Last updated: April 2026
1. Data Controller
Nalanda Archives ("we", "us", "our") is the data controller for personal data collected through this Platform, operated from Ahmedabad, Gujarat, India. We are an educational platform for children ages 3–14, operated by Karan Kothari.
We comply with the Digital Personal Data Protection Act 2023 (DPDPA, India), the Children's Online Privacy Protection Act (COPPA, United States), and the General Data Protection Regulation (GDPR, European Union) to the extent applicable.
2. Data We Collect
| Category | Data | Purpose |
|---|---|---|
| Account | Email, name (parent/guardian) | Authentication, communications |
| Child profile | First name/nickname, age group, tradition, interests | Story personalisation |
| Usage | Stories read, reading progress, features used | Product improvement, personalisation |
| Payment | Processed by Stripe — card data never stored on our servers | Billing |
| Shipping | Name and delivery address (physical book orders only) | Order fulfillment via Lulu Press |
| Technical | IP address, browser type, device info | Security, service operation |
| Consent | Parental consent timestamp | COPPA / DPDPA compliance record |
3. How We Use Data
- Personalise stories to the child's age group and interests
- Track and display reading progress
- Improve story quality and content safety
- Send transactional emails (welcome, receipts, subscription reminders)
- Process payments and fulfil book orders
- Ensure platform security and prevent abuse
- Maintain parental consent records as required by law
We do not use data for advertising, behavioural tracking, or profiling of children. We do not sell or share personal data with third parties for marketing purposes.
4. Children's Privacy (COPPA)
We do not collect personal information directly from children. All accounts are created by parents or legal guardians who are at least 18 years old. Child profiles contain only a first name (or nickname), age group, and content preferences — no email, phone number, location, photos, or other personal identifiers are collected from children.
By creating an account and adding a child profile, you provide verifiable parental consent for the collection and processing of your child's data as described in this policy. The timestamp of your consent is recorded in your account.
We do not serve advertising to children. We do not engage in behavioural tracking or targeted advertising directed at children. We do not process children's data in any manner likely to cause detrimental effect on a child's well-being.
Parents may review, correct, or delete their child's data at any time through account settings or by contacting privacy@nalandaarchives.com. If you believe we have collected information from a child without proper parental consent, contact us immediately and we will delete such information without delay.
5. GDPR — Lawful Bases & Your Rights
For users in the European Economic Area (EEA), we process personal data on the following lawful bases:
| Processing activity | Lawful basis |
|---|---|
| Account creation & authentication | Contract performance |
| Story personalisation | Contract performance |
| Child profile data | Parental consent (COPPA/GDPR Art. 8) |
| Payment processing | Contract performance |
| Transactional emails | Contract performance / legitimate interest |
| Security & fraud prevention | Legitimate interest |
| Legal obligations (tax records, consent logs) | Legal obligation |
EEA residents have the right to: access, rectify, erase, restrict processing of, and port their personal data; object to processing based on legitimate interest; and lodge a complaint with their national data protection authority. Contact privacy@nalandaarchives.com to exercise these rights. We respond within 30 days.
6. India DPDPA
For users in India, we operate under the Digital Personal Data Protection Act, 2023. We process personal data only for the purposes described in this policy, with your consent. You have the right to access, correct, port, and erase your personal data.
Data localisation. Personal data of users we identify as India-resident is primarily processed and stored in India — our backend runs on Fly.io Mumbai, and our Postgres user tables (Supabase) are provisioned in the nearest supported region. Transactional processing that MUST leave India (Anthropic / OpenAI in the United States, Stripe for card-network settlement, Clerk for authentication) is authorised under DPDPA §16 as necessary for the service, is bound by contractual data-protection obligations with each processor, and is described in Section 10 (Sub-Processors) below.
Data-principal rights. Under DPDPA §11-15 you may request access, correction, updating, erasure, and grievance redressal at any time by writing to our Grievance Officer or through your Account page. We will acknowledge within 7 days and resolve within 30 days.
Our Grievance Officer for DPDPA purposes is Karan Kothari (details in Section 18).
7. AI-Generated Content & Data
Stories and illustrations are generated by third-party AI services. We use Anthropic (Claude) for story text and OpenAI (gpt-image-2) for illustrations. To personalise a story, the following child inputs are sent to these services:
- First name — sent to Anthropic so the story addresses the child directly (participatory pipeline only; retelling pipeline uses neutral pronouns).
- Age group (e.g., 6-8) — sent to both providers to calibrate reading level and content depth.
- Chosen tradition, deity, and theme — sent to both providers to select scriptural source and visual style.
- Child's photograph — only if you have explicitly opted in to Priest Personalisation. When opted in, the photo is sent to OpenAI to render the child as a witness inside illustrations. Photos are not stored on our servers longer than the render lifetime, and are transmitted over TLS with signed URLs.
- Prior chat history (up to 20 turns) — sent to Anthropic so the character remembers the current conversation.
We do not send email addresses, payment details, or last names to AI services. All child inputs are sanitised for prompt-injection risk before transmission.
Both Anthropic and OpenAI's API usage policies prohibit using our API inputs to train their general models. We rely on these contractual protections and confirm the setting in each provider's enterprise dashboard. We do not use your child's data to train any AI model ourselves.
8. Security
Data is stored on encrypted databases hosted on Fly.io (Mumbai region for Indian users). Authentication is handled by Clerk with industry-standard encryption. Images are served via Cloudflare R2 CDN. We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, or destruction.
Despite our best efforts, no internet transmission or storage system is 100% secure. If you suspect any unauthorised access, please notify us immediately.
9. Cross-Border Data Transfers
Your personal data may be transferred to and processed in countries outside India, including the United States, where our service providers operate. We ensure appropriate safeguards are in place, including contractual data protection obligations (standard contractual clauses or equivalent) with all service providers.
10. Sub-Processors
We use the following sub-processors to run the service. Each has a Data Processing Agreement (DPA) with us that limits their use of your data to the purpose stated below.
- Clerk — Authentication, session management, and user profile storage (US-based).
- Stripe — Payment processing, subscription management, and billing (US-based).
- Anthropic — Claude LLM for story generation, chat characters, and safety review. Receives first name, age, tradition, theme, and up to 20 chat turns (US-based).
- OpenAI — gpt-image-2 for story illustrations and embeddings. Receives age, tradition, theme, and (opt-in only) the child's photograph (US-based).
- Cloudflare (R2 + CDN) — Object storage for generated images and CDN delivery (regional CDN, EU/APAC edge).
- Vercel — Frontend hosting and edge middleware (US-based).
- Fly.io (Mumbai) — Backend API and Celery worker hosting; primary data residency for Indian users (India-based).
- Supabase — Postgres database for user profiles, subscriptions, and consent audit trail (US/EU multi-region).
- Resend — Transactional email (sign-in, subscription receipts, child-safety alerts to parents) (US-based).
- Lulu Press — Book printing and shipping. Receives name and shipping address only, for physical orders you place.
- Law enforcement / courts — When required by applicable law or a valid legal process.
We do not sell personal data. We do not share personal data with advertisers, data brokers, or analytics companies. We do not use tracking pixels or cross-site cookies.
Our current sub-processor list is versioned at privacy_policy_version: 2026-07-11. We give at least 14 days' notice before adding a new sub-processor, via email to the account holder.
11. Cookies
We use strictly necessary cookies for authentication (Clerk session cookies) and security (Cloudflare challenge cookies). We do not use cookies for advertising, behavioural tracking, or analytics profiling of children. You can manage cookie preferences through your browser settings; disabling necessary cookies may affect your ability to log in.
12. Communications Consent
By creating an account, you consent to receive transactional emails (account confirmations, receipts, subscription renewal notices, shipping updates). You may not opt out of strictly transactional messages while your account is active.
We may also send optional product updates, new story announcements, and educational newsletters. You can opt out of these at any time via the unsubscribe link in each email or through account settings.
13. Your Rights
Under applicable data protection laws, you have the right to:
- Access the personal data we hold about you and your child
- Correct inaccurate or incomplete data
- Delete your account and all associated personal data
- Export your data in a portable format
- Withdraw consent for data processing at any time
- Object to processing of your personal data based on legitimate interest
- Lodge a complaint with a data protection authority
To exercise these rights, email privacy@nalandaarchives.com. We respond within 30 days (or 72 hours for urgent child-safety matters).
14. Data Retention Schedule
| Data type | Retention period |
|---|---|
| Account & child profile | Until account deletion; deleted within 30 days |
| Parental consent records | 7 years (legal compliance) |
| Payment records | 7 years (tax and accounting law) |
| Server logs (security) | 90 days |
| Anonymised usage statistics | Indefinite (no personal data) |
| Shipping address | 90 days after order delivery |
15. Data Breach Notification
In the event of a personal data breach that poses a risk to your rights, we will notify you via email and/or a prominent notice on the Platform without unreasonable delay and in any case within 72 hours of becoming aware. We will also notify the relevant data protection authority (including the Data Protection Board of India) as required by applicable law.
16. Cultural Content Disclaimer
Nalanda Archives retells stories drawn from Indian mythological traditions including Hindu, Jain, Buddhist, and Sikh texts. These stories are creative educational retellings and are not authoritative religious texts. We respect the sanctity of these traditions and do not intend to offend any religious community. If you believe any content is culturally inappropriate or disrespectful, please contact content@nalandaarchives.com.
17. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via email at least 30 days in advance. The "Last updated" date at the top indicates the most recent revision. Continued use of the Platform after changes take effect constitutes acceptance of the updated policy.
18. Grievance Officer
In accordance with the Information Technology Act, 2000 and the Digital Personal Data Protection Act, 2023 (India), we have appointed a Grievance Officer:
Name: Karan Kothari
Email: grievance@nalandaarchives.com
Platform: nalandaarchives.com
All complaints will be acknowledged within 48 hours and resolved within one month from the date of receipt.
19. Contact
For privacy questions or data requests: privacy@nalandaarchives.com
For general enquiries: hello@nalandaarchives.com