Privacy Policy

Effective Date: November 1, 2025

Panpaliya Technologies Private Limited (Brand Name: Yog24x7)
Registered Address: 331, Gandhi Ward, Brahampuri Road, Desaiganj Wadsa, District Gadchiroli, Maharashtra, India
Contact Email: support@yog24x7.in

1. Introduction

This Privacy Policy ("Policy") explains how Panpaliya Technologies Private Limited ("Company", "we", "our", or "us"), operating under the brand name Yog24x7, collects, uses, stores, shares, and protects information obtained from users ("you", "your", or "User") who access or use our website, applications, WhatsApp channels, YouTube hosted content, or any related digital platform ("Services").

This Policy complies with the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the Digital Personal Data Protection Act, 2023 ("DPDP Act").

By accessing or using our Services, you consent to the terms set forth herein.

2. Definitions

Personal Data means any data about an individual who is identifiable by such data.

Processing means collection, recording, organization, storage, adaptation, use, disclosure, or deletion of Personal Data.

Data Fiduciary refers to Panpaliya Technologies Private Limited, which determines the purpose and means of processing Personal Data.

Data Principal means the individual to whom the Personal Data relates.

Third Party means any external entity other than the Data Principal and the Company.

3. Information Collected

The Company may collect and process the following categories of Personal Data:

  • Contact Information – such as name, phone number, email address, postal address.
  • Account Information – login credentials, password, and preferences, if applicable.
  • Transactional Information – details of payments, invoices, or purchases; all financial data is processed through secure third-party payment gateways and not retained by the Company.
  • Technical Information – IP address, browser type, device identifiers, usage statistics, cookies, and analytics data.
  • Communications Data – messages, inquiries, or feedback sent through our website, app, or WhatsApp Business account.
  • YouTube Interaction Data – when you access our classes hosted on YouTube, your viewing behavior (watch time, likes, comments) is subject to YouTube/Google's data collection practices, over which we have no control.

No health, biometric, or sensitive personal data is collected or processed as of the date of this Policy.

4. Purpose of Collection and Use

We process Personal Data for the following lawful purposes:

  • To provide, operate, and maintain Yog24x7's Services.
  • To deliver access links to YouTube-hosted yoga and wellness classes.
  • To communicate transactional or service-related information.
  • To improve user experience and functionality.
  • To comply with legal and regulatory obligations.
  • To prevent fraud, unauthorized access, or misuse of Services.
  • To perform marketing and promotional activities with your explicit consent.

Processing is based on one or more lawful grounds: consent, contractual necessity, or legitimate business interest under the DPDP Act.

5. YouTube-Hosted Content and Third-Party Platforms

We process Personal Data for the following lawful purposes:

  • Our yoga and Zumba classes are hosted on YouTube and accessed via links provided to paid and free trial users.
  • When you view our content on YouTube, YouTube's Privacy Policy and Terms of Service apply.
  • We do not control YouTube's data collection practices, including watch history, device information, and cookies.
  • Your interactions with YouTube videos (views, likes, comments, subscriptions) are governed by Google/YouTube and not by Yog24x7.
  • We may use YouTube Analytics to understand aggregate viewership trends, but we do not access your personal YouTube account information.

6. WhatsApp Business Communications

When you interact with Yog24x7 through WhatsApp or similar platforms:

  • Your phone number, chat content, and interaction data may be processed through WhatsApp Business API or Meta Platforms.
  • Such processing is subject to Meta's privacy terms, and the Company ensures compliance with applicable DPDP Act obligations as a Data Fiduciary.
  • We use WhatsApp Business API and do not have access to your WhatsApp contact list or personal messages outside our business conversations.
  • Messages are not shared beyond the intended operational use and are retained only as long as necessary for customer support or compliance.

7. Consent and Withdrawal

By submitting your data or communicating with us through any medium (including WhatsApp, email, or website forms), you provide free, specific, informed, and unambiguous consent for processing.

For marketing communications (email/WhatsApp):

  • We will obtain explicit opt-in consent.
  • You can opt-out at any time by clicking "unsubscribe" in emails or replying "STOP" to WhatsApp messages.

You may withdraw consent at any time by contacting us at support@yog24x7.in. Withdrawal will not affect processing lawfully undertaken before such withdrawal.

8. Data Storage and Security

All Personal Data is stored on secure servers employing industry-standard encryption and access controls.

We implement reasonable security practices as required under Rule 8 of the IT Rules 2011, including administrative, technical, and physical safeguards such as:

  • SSL/TLS encryption for data transmission
  • Restricted access controls
  • Secure password policies

LIMITATION OF LIABILITY FOR CYBER ATTACKS:

Despite our best efforts to secure your data, we cannot guarantee absolute security against sophisticated cyber attacks, hacking attempts, or unauthorized third-party breaches beyond our control.

In the unlikely event of a data breach caused by external malicious actors (hackers, cybercriminals, etc.), the Company shall not be held liable for any direct or indirect damages, provided that:

  • We have implemented reasonable security measures as per industry standards
  • We take immediate remedial action upon discovery
  • We comply with statutory notification requirements

However, we commit to:

  • Promptly investigating any suspected breach
  • Taking all reasonable steps to contain and mitigate the breach
  • Notifying affected users within the statutory timeframe as required by law
  • Cooperating with law enforcement authorities

Users acknowledge that no digital system is 100% secure and accept this inherent risk when using online services.

9. Data Sharing and Disclosure

Personal Data may be shared with:

  • Service Providers and Vendors engaged to assist in operations (e.g., cloud hosting, payment processing, analytics, WhatsApp Business API, CRM, email services). Such parties act under confidentiality and data-processing agreements.
  • YouTube/Google when you access our video content on their platform.
  • Government Authorities or law-enforcement agencies when disclosure is required under law or judicial order.
  • Successors or Assignees in the event of merger, acquisition, or reorganization, provided confidentiality is maintained.

No Personal Data is sold, rented, or leased to any third party.

10. Cross-Border Data Transfer

If data is transferred outside India (for example, to cloud servers, YouTube infrastructure, or WhatsApp servers located abroad), such transfer shall comply with the DPDP Act and shall ensure equivalent data-protection standards through:

  • Standard contractual clauses
  • Adequacy decisions
  • Appropriate safeguards as required by law

9. Retention and Deletion

Personal Data shall be retained only for as long as necessary to fulfill the purposes stated in this Policy or as required by applicable law (typically 3-7 years for financial records).

Upon request, or when no longer required, such data shall be securely deleted or anonymized.

10. User Rights

Under the DPDP Act, you have the following rights:

  • Right to Access – to obtain confirmation of processing and a copy of your data.
  • Right to Correction – to correct inaccurate or incomplete data.
  • Right to Deletion – to request deletion of your data where processing is no longer necessary.
  • Right to Grievance Redressal – to raise concerns regarding the processing of data.
  • Right to Withdraw Consent – for marketing communications and optional data processing.

All such requests shall be directed to support@yog24x7.in and will be addressed within a reasonable period not exceeding 30 days or the statutory time limit.

13. Cookies and Tracking Technologies

Our website and app may use cookies or similar technologies for analytics and personalization. You may disable cookies through your browser settings; however, certain features may be unavailable as a result.

We may use:

  • Session cookies (temporary)
  • Analytics cookies (Google Analytics, Facebook Pixel)
  • Preference cookies (to remember your settings)

14. Communications via WhatsApp and Other Platforms

When you interact with Yog24x7 through WhatsApp or similar platforms:

  • Your phone number, chat content, and interaction data may be processed through WhatsApp Business API or Meta Platforms.
  • Such processing is subject to Meta's privacy terms, and the Company ensures compliance with applicable DPDP Act obligations as a Data Fiduciary.
  • Messages are not shared beyond the intended operational use and are retained only as long as necessary for customer support or compliance.

15. Recording of Sessions

The Company may record live yoga, Zumba, or wellness sessions for the following purposes:

  • Internal quality control and instructor training
  • Technical troubleshooting
  • Providing recorded sessions to paid members who missed live classes

Important Clarifications:

  • Recordings are for internal and member use only and will NOT be publicly shared, sold, or distributed to third parties.
  • By participating in live sessions, you consent to being recorded.
  • If you do not wish to be recorded, please notify us at support@yog24x7.in before joining the session, and we will make reasonable accommodations.
  • Recordings may capture your name, voice, or image if you interact during live sessions.

16. Data Breach and Notification

In the event of a data breach resulting in unauthorized access or disclosure of Personal Data, the Company shall:

  • Take immediate steps to contain and mitigate the breach;
  • Maintain internal documentation;
  • Notify the concerned data principals and authorities, where legally required, within the statutory timeframe (typically within 72 hours of discovery).

As stated in Section 8, the Company shall not be liable for breaches caused by sophisticated external cyber attacks beyond reasonable security controls, but will fulfill all statutory obligations.

17. Children's Privacy

The Services are not intended for individuals under the age of 18. We do not knowingly collect data from minors without parental consent.

If we become aware of such collection without proper consent, we shall promptly delete such information.

For users under 18: Parental or guardian consent is mandatory, and we may request verification.

18. Geographic Scope

Our services are primarily intended for users within India. If you access our services from outside India, you acknowledge that your data may be transferred to and processed in India in accordance with Indian data protection laws.

19. Updates to this Policy

The Company reserves the right to amend this Policy at any time. Updates will be posted on our website (www.yog24x7.in) with the revised effective date.

Continued use of our Services following any update constitutes acceptance of the revised Policy.

We encourage users to review this Policy periodically.

20. Contact and Redressal

All communications, notices, or complaints regarding this Policy shall be sent to:

Panpaliya Technologies Private Limited (Yog24x7)
331, Gandhi Ward, Brahampuri Road, Desaiganj Wadsa, Dist. Gadchiroli, Maharashtra, India
📧 support@yog24x7.in

In the absence of a designated Grievance Officer, privacy-related concerns will be handled directly by the Company through the above contact details in accordance with the timelines prescribed by law.

21. Governing Law and Jurisdiction

This Policy shall be governed by and construed in accordance with the laws of India. Any disputes arising hereunder shall be subject to the exclusive jurisdiction of the competent courts at Wadsa, District Gadchiroli, Maharashtra, India.

22. Acceptance

By continuing to use Yog24x7's Services, you acknowledge that you have read, understood, and agreed to this Privacy Policy and that you consent to the collection and processing of your Personal Data in accordance with its terms.