Legal
Privacy Policy
Last updated: May 2, 2026
Vedya ("we", "our", "us") is built to be a quiet, private companion for your spiritual practice. We collect as little as possible. We do not ask you to sign up. We do not have your name, your email, or your phone number. This document explains what we do collect, why, and the rights you have over it.
The short version
Vedya works without an account. You stay anonymous. We collect a randomly generated device ID, your chosen language, the verses you mark as liked, and a small amount of usage analytics. We use Apple or Google to handle payment for subscriptions. We never see your card details. We do not sell your data, ever. You can request deletion of your data at any time by emailing us.
Information you provide
Reading preferences (language, daily reminder time, font size, dark mode) are stored on your device only. Liked verses and any private reflections you write are also stored on your device only — we do not access them.
Information collected automatically
An anonymous device identifier (a randomly generated string) is created the first time you open the app and is used to recognize your device for analytics and to link your subscription to your device. This identifier cannot be used to personally identify you. We also collect device information (OS, app version, model, system language), usage events (which screens you open, when you save a verse, when you change language), and crash logs. We do not record the content of any reflection you write.
Subscriptions and in-app purchases
When you start a subscription, free trial, or one-time purchase, Apple or Google sends us — via our subscription provider RevenueCat — confirmation that the purchase succeeded, the product ID, the purchase date, the expiry date, and a transaction identifier. We do not receive your card details, your full name, your billing address, or your Apple ID / Google account email. The 3-day free trial on monthly and yearly plans is processed entirely by Apple or Google.
Why we collect what we do
Reading preferences and the anonymous device ID are used to deliver the daily verse and audio (performance of contract). Subscription confirmations from Apple and Google manage your Vedya Pro entitlement (performance of contract). Device info and crash logs help us diagnose bugs (legitimate interest). Usage events help us improve the app — which features get used, which languages are growing (legitimate interest). The push token, if you opt in to reminders, is used solely to deliver them (consent). We do not use your information for advertising. We do not run ads inside Vedya.
Service providers we share with
We share information only with the providers strictly required to operate Vedya, each under a data processing agreement. Supabase hosts the verse and translation content the app reads from. RevenueCat manages subscription state and receipts. PostHog processes anonymous product analytics on our behalf — see https://posthog.com/privacy. Apple and Google handle payment processing for in-app purchases. We do not sell, rent, or trade your information to anyone. We may disclose information when required by a valid legal order, but we will challenge requests we believe are unlawful or overbroad.
Where your data is stored
Most of your information stays on your device. Anonymous analytics events are stored by PostHog. Subscription state is stored by RevenueCat in the United States. Verse content is read from Supabase. If you are in the EU, UK, or India, your data may be processed in the United States by our subprocessors. We rely on Standard Contractual Clauses approved by the European Commission and equivalent safeguards under India's DPDP framework for these transfers.
How long we keep it
On-device data stays on your device until you uninstall the app or clear its storage. Analytics events are kept for 12 months and then deleted. Subscription records are kept for the lifetime of the subscription plus seven years, as required by tax and consumer protection laws in India and most other jurisdictions. Crash logs are kept for 90 days.
Your rights
Regardless of where you live, you can ask us to access the data we hold about you, delete it, object to our analytics processing, or port it to another service. To exercise any of these rights, email the address at the bottom of this page with your anonymous device ID (Settings → About → Device ID). We will respond within 30 days. If you are in the EU you also have the right to lodge a complaint with your local data protection authority. If you are in India you have the rights provided by the Digital Personal Data Protection Act, 2023.
Notifications
If you enable push notifications, your device token is used solely to deliver the daily reminder you opted in to. We do not share this token with third parties. You can disable notifications at any time from your device settings.
Children
Vedya is not directed at children under the age of 13 (or 16 in some EU member states). We do not knowingly collect data from children. If you believe a child has used Vedya without parental consent, contact us and we will delete any data associated with that device.
Security
We use industry-standard encryption in transit (HTTPS / TLS 1.2+) for all communication between your device and our servers. Subscription receipts are validated server-side via RevenueCat. We do not store payment information ourselves. No system is perfectly secure. If we ever discover a breach affecting your data, we will notify you and the relevant regulators within the timeframes required by law.
Changes to this policy
If we make a meaningful change to this policy, we will update the date below and, where the change is material, show a notice inside the app the next time you open it. Continued use of Vedya after such a change means you accept the updated policy.
Questions?
If you have any questions about this Privacy Policy, reach out to us.
Email Us