Privacy Policy
About this policy
This Privacy Policy explains how LEVSA Private Limited collects, uses, shares, secures, and retains personal data in connection with its website and consultation services in Vastu, Astrology, and Land Energy Corrections for modern living.
It reflects obligations and rights under the Digital Personal Data Protection Act, 2023, related information technology rules, and consumer protection norms for online services in India.
Who we are
LEVSA Private Limited operates with the tag line “Balance Space, Invite Grace” and provides advisory services focused on non-demolition energy corrections informed by contemporary Vastu, Astrology, and land-energy principles.
Registered correspondence and grievance contacts are based in Lucknow, Uttar Pradesh, India, with final details published on the website’s contact and legal pages.
Scope
This Policy applies to personal data collected online through the website and related digital channels, and to personal data digitised from offline sources in the course of providing consultations and deliverables.
It also applies to processing outside India if connected to offering services to individuals in India consistent with the DPDP Act’s territorial scope.
What data we collect
LEVSA may collect identifiers and contact data such as name, email, phone, address, and organization details to schedule consultations and deliver services.
Engagement data may include property location, premises information, site access instructions, and contextual details relevant to environmental and energy assessments as voluntarily provided.
Technical data such as device identifiers, IP address, log files, and cookie information may be collected to operate the website, enhance security, and measure usage, subject to applicable consent.
How we collect data
Data is collected directly when inquiries are submitted, consultations are booked, or documents are shared for assessment and reporting.
Data is also collected automatically through cookies and similar technologies for functionality, analytics, and security, consistent with user consent and browser settings.
Lawful bases for processing
Processing is based on consent or other lawful grounds recognized under the DPDP Act, including performance of requested services, compliance with legal obligations, and other legitimate uses permitted by law.
Consent may be withdrawn at any time, and processing for the original purpose may cease where no other lawful ground applies, subject to statutory requirements.
How we use personal data
Data is used to provide consultations, assessments, reports, remedy recommendations, and post-remedy follow-ups aligned to LEVSA’s non-demolition, energy-first methodology.
Operational uses include account and booking management, customer support, service communications, analytics, security monitoring, and compliance with legal obligations.
Cookies and similar technologies
Functional and analytical cookies may be used to operate features, understand usage, and improve content and performance, with choices available through consent prompts and browser settings.
Where required, non-essential cookies will only be deployed after obtaining consent, and preferences can be adjusted or withdrawn subsequently.
Payments and card data
LEVSA relies on compliant payment service providers and does not store full card details on its systems in line with RBI directions on card-on-file tokenization.
Except card issuers and card networks, entities in payment chains may not store actual card data from January 1, 2022, and only limited data such as last four digits and issuer name may be retained for reconciliation.
Children’s data
LEVSA’s services are intended for adults, and processing children’s data requires verifiable parental or guardian consent under the DPDP Act.
Tracking, targeted advertising, or processing that could cause harm to children is restricted under the Act, and additional safeguards may apply to significant data fiduciaries if designated.
Data sharing and disclosures
Personal data may be shared with service providers under confidentiality and data protection commitments for hosting, communications, payment processing, security, analytics, and professional support.
Disclosures may be made to legal authorities where required by law, court order, or governmental directions, including technology rules and CERT-In directions.
International data transfers
Personal data may be processed outside India where necessary to deliver services or use service providers, subject to the DPDP Act and any government notifications restricting specific territories.
LEVSA ensures that cross-border processing is consistent with applicable Indian law and contractual safeguards with processors.
Data retention
Data is retained only as long as necessary for the purposes for which it was collected, including service delivery, legal, accounting, and reporting requirements.
LEVSA deletes or de-identifies personal data when the purpose is met and retention is no longer required by law or legitimate interests.
Security
LEVSA implements technical and organizational measures to protect personal data, including access controls, encryption in transit where applicable, and secure configurations.
ICT system logs are maintained securely for a rolling period of 180 days within India consistent with CERT-In directions, and supplied to CERT-In when reporting incidents or upon direction.
Marketing and preferences
Where permitted by law, LEVSA may send service updates or informational content and honors consent withdrawals and opt-outs for non-essential communications.
Individuals can adjust communication preferences or withdraw consent, after which processing for those purposes will cease unless another lawful ground applies.
Your privacy rights
Subject to applicable law, individuals may request access to information about processing, seek correction or erasure, and raise grievances regarding their personal data.
The DPDP Act provides rights to obtain information, seek correction and erasure, and pursue grievance redressal in accordance with prescribed timelines and procedures.
Grievance redressal
LEVSA will publish a grievance point of contact and follow a structured mechanism for complaints, acknowledgments, and resolution as applicable under consumer e-commerce rules.
Consumer complaints will be acknowledged within 48 hours and resolved within one month wherever those rules apply to the services and platform.
Data breach and incident response
LEVSA follows legally required incident reporting, including reporting to CERT-In within six hours where applicable and issuing notices as required by data protection law.
Appropriate mitigation, containment, and cooperation with authorities and affected individuals will be undertaken consistent with applicable obligations.
Third-party links and services
The website may reference third-party sites or tools that operate under their own privacy practices, and engagement with such third parties is governed by their policies.
LEVSA is not responsible for third-party content or practices, and encourages review of the applicable third-party privacy and security terms.
Changes to this policy
LEVSA may update this Policy to reflect legal or operational changes and will indicate the effective date on the website.
Continued use of the website or services after updates indicates acceptance of the revised Policy to the extent permitted by law.
Contact and controller details
LEVSA Private Limited acts as the data fiduciary for personal data processed through its website and services.
Grievance and contact details, including name, designation, and email of the grievance officer, will be published on the website’s legal pages for notices and support.
Service context and minimality
Given the advisory and non-demolition approach, LEVSA seeks only the personal and premises information necessary to provide assessments and remedies consistent with its methodology.
LEVSA encourages clients to share accurate premises and environmental details required to enable effective and safe assessments, while avoiding unnecessary data collection.