Privacy & consent

Privacy Policy and DPDP-ready Notice.

A cleaner view of how Zoechéa collects, uses, protects, and gives you control over account, community, learning, payment, and practice-tool data.

Read Terms Contact support For members, practitioners, and client/practice data stored inside paid tools.

Read by section

Privacy notice, organized for quick review.

Use the section reader for a focused view, or switch to the full policy view when you want to scan every clause in order.

01 / Plain summary

Plain-language summary

Zoechéa Academy collects only the data needed to create your free account, operate the community and learning areas, unlock Tier 1 tools when purchased, provide support, process payments, and keep the portal secure.

We do not sell personal data. We do not use private member content for advertising or marketing.

01No sale of data

Personal data is not sold to advertisers or third parties.

02Private records stay private

Billing records stay under the member account that created them.

03Marketing use restricted

Private member content is not used for marketing.

02 / Scope

Who this policy applies to

This policy applies to Zoechéa Academy website visitors, free members, Tier 1 members, and practitioners using the portal.

Data we collect and why

  • Account data: name, email, phone number, login/session information, and account settings so we can create and secure your free account.
  • Community and learning data: posts, replies, bookmarks, progress, attendance-related records, and starter Knowledge Hub activity that you choose to create.
  • Invoice data: practice profile, client billing details, invoice items, GST/TDS settings, payment status, and invoice records, if you use invoice tools.
  • Payment data: membership, checkout, renewal, and payment identifiers from payment processors such as Razorpay. We do not store full card details.
  • Usage and security data: IP/device/browser information, feature usage, error logs, and security events needed to run and protect the service.

Our purposes for processing data

  • To provide the portal, dashboard, community, learning areas, tools, reports, downloads, and account features you request.
  • To store and retrieve billing records under your account when you use invoice tools.
  • To process memberships, payments, renewal changes, refunds, and payment support.
  • To send service, security, support, and account-related communications.
  • To maintain security, prevent abuse, debug errors, and protect the platform.
  • To comply with applicable law, respond to valid legal requests, and protect legal rights.
03 / Consent notices

Consent and module-specific notices

Before you use sensitive or paid practice tools, the portal gives feature-level notice wherever practical. Consent records may include the notice version, timestamp, consent type, and limited device/security metadata so we can show what notice was given.

01 Account creation

Data used: Name, email address, phone number, password hash, login/session details, and basic account settings.

Purpose: To create your account, verify access, keep the portal secure, provide support, and communicate service updates.

Storage: Stored in your Zoechéa account until you delete the account or request deletion, except where records must be retained for legal, security, billing, or dispute purposes.

Your choice: Required to use the portal. You can request account deletion from Settings or Support.

02 Terms and privacy acceptance

Data used: Your acceptance status, notice version, timestamp, and limited device/security metadata.

Purpose: To record that you understood the platform terms and privacy notice at the time of signup.

Storage: Retained as an account and compliance record while your account exists and for a reasonable period after closure if needed for legal or dispute purposes.

Your choice: Required to create an account.

03 Invoice generator

Data used: Business profile, billing details, client/organisation billing details, invoice line items, payment status, tax settings, and invoice metadata.

Purpose: To create, save, duplicate, print, and track invoices, receipts, and payment records.

Storage: Stored under your account. Do not include clinical details, diagnosis, or therapy notes in invoices.

Your choice: Optional. You can delete/cancel invoices where the tool permits, subject to your legal/accounting record obligations.

04 Google Sign-In

Data used: Google account ID, name, email address, email verification status, and profile picture if provided by Google.

Purpose: To let you sign in securely with Google and maintain your Zoechéa account access.

Storage: Stored only as needed for account login and authentication. Google access can be revoked from your Google Account permissions.

Your choice: Optional. You can use email/password login instead if available.

05 Payments and memberships

Data used: Membership tier, checkout status, Razorpay payment/order identifiers, payment dates, renewal metadata, and limited support records.

Purpose: To process Tier 1 payments, renewals, scheduled membership changes, refunds, and payment support.

Storage: Payment card/UPI details are handled by Razorpay. Zoechéa stores only the records needed to manage your membership and comply with billing/legal obligations.

Your choice: Required only for paid memberships. Free users do not need to add payment details.

06 Service and support communication

Data used: Email address, support messages, ticket details, service alerts, and limited delivery logs.

Purpose: To respond to support requests, send security/account messages, and provide service-related updates.

Storage: Stored as part of support and account records.

Your choice: Service messages are required for account operation. Marketing messages should stay optional.

04 / Client data

Sensitive information

Do not enter more data than needed. Avoid putting diagnosis, case notes, therapy content, or sensitive mental health details into invoices, journals, community posts, or other tools that do not require them.

Zoechéa tools support community learning, billing, focus, and professional growth. They do not replace clinical judgment, supervision, diagnosis, emergency care, legal advice, or a qualified professional's responsibility.

05 / Sharing and security

Data sharing and protection

We do not sell personal data. We use limited trusted services to operate the portal, including hosting infrastructure, email delivery, payment processing, and Google Sign-In if you choose it. These services receive only the data needed to perform their function.

Security

  • We use HTTPS/TLS for data in transit.
  • Passwords are stored using secure password hashing.
  • Sensitive tools use access controls and, where implemented, server-side encryption at rest.
  • Admin impersonation is restricted from sensitive private areas.
  • We keep access limited to authorised service operations and support needs.
06 / Retention

Retention

  • Account data: kept while your account exists and for a reasonable period after closure if needed for legal, billing, security, or dispute purposes.
  • Client/practice data: kept under your account until you delete it or request deletion, unless legal/professional retention requirements apply.
  • Invoices and payments: retained as needed for accounting, tax, fraud prevention, and legal obligations.
  • Security logs: kept only as long as reasonably needed to protect the service and investigate abuse.
07 / Rights and choices

Your rights and choices

You may request access, correction, export, deletion, consent withdrawal where applicable, and grievance review. Some processing may continue if required for legal, billing, security, or completed service obligations.

Registered users can start privacy requests from Settings → Privacy. You can also contact us using the details below.

Breach and incident communication

If we become aware of a security incident affecting personal data, we will investigate, take reasonable containment steps, and notify affected users and/or authorities where required by applicable law.

08 / Contact and changes

Changes, grievance, and contact

We may update this policy and the module notices as the Free, Tier 1, and future Tier 2 feature set changes. For significant changes, we will show a notice in the platform or contact users through account email where appropriate.

For privacy questions or data requests.

Contact Zoechéa Academy for privacy questions, data requests, consent withdrawal, or grievance redressal. Please include your account email and the type of request so we can respond accurately.

Email privacy support Open contact page