Privacy Policy

Effective Date: 01 Jul 2025

Last Updated: 01 Jul 2025

Company: Ahhaa World Online Services Pvt Ltd (“Ahhaa,” “we,” “our,” or “us”)

Business Address: A-8/5 Kumar Padmalaya, Aundh, Pune - 411007, Maharashtra, India

Website: www.ahhaa.com

Contact: privacy@ahhaa.com

1. Introduction

At Ahhaa, your privacy is sacred. We are fully committed to protecting your emotional, personal, and behavioral data through transparent, ethical, and lawful practices. This Privacy Policy details how we collect, process, store, protect, and use your personal and sensitive information, including emotion check-ins and journal reflections.

By accessing the Ahhaa app or services, you consent to the collection and use of your data in accordance with this Policy.

 

 

2. Compliance with Indian Laws

Ahhaa is a company registered and headquartered in India, and our data protection practices are governed primarily by Indian law. Specifically, we comply with the following:

 

✅ Information Technology Act, 2000

India’s foundational law governing cybersecurity, data breaches, and electronic commerce.

 

✅ Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011

 

Under these rules, Ahhaa recognizes:

  • Your emotional data as Sensitive Personal Data or Information (SPDI)
  • Your right to consent, access, correction, and withdrawal
  • Our obligation to protect your SPDI through reasonable security practices

✅ Digital Personal Data Protection Act, 2023 (DPDP Act)

 

Though not fully enforced at the time of writing, Ahhaa voluntarily aligns with the core principles of the DPDP Act:

  • Purpose limitation: We only collect what’s needed
  • Data minimization: We avoid collecting excessive or irrelevant data
  • Storage limitation: Data is stored only for the necessary duration
  • User consent: Clear, affirmative consent for sensitive features like journaling
  • User rights: You can access, correct, or delete your data anytime
  • No harm: We take care to ensure no psychological or reputational harm comes to you

We will update our compliance obligations and enforcement language as DPDP is formally enacted with rules and enforcement bodies.

 

 

4. International Legal Alignment (Best Practices)

Though we operate from India, our practices are also inspired by:

 

  • General Data Protection Regulation (EU GDPR) for lawful bases and user rights
  • California Consumer Privacy Act (CCPA) for transparency
  • OECD Privacy Principles for fairness, security, and accountability

 

We do not transfer data across borders, but if you’re accessing from outside India, your data will be processed in accordance with Indian law.

 

 

5. Information We Collect

We collect different types of information based on your interaction with the app.

 

a. Information You Provide Voluntarily

This includes:

  • Personal Identification: Name, email address, mobile number, age range, school or organization name (if applicable)
  • Account Credentials: Password or sign-in authentication
  • Subscription Data: Billing name, payment method (processed via third-party providers), and preferences
  • Surveys and Feedback: Responses to check-ins, surveys, app feedback
  • User Support: Queries and messages sent via our support systems

b. Information We Automatically Collect

  • Device Information: Device ID, OS type/version, app version
  • Usage Patterns: Session logs, features accessed, timestamps, frequency
  • App Diagnostics: Crash logs and performance data

c. Emotion Data & Journal Entries (Emotion Intelligence Layer)

When you use the emotional check-in, mood tracking, or journaling tools, you may input sensitive emotional data.

 

This includes:

  • Selected emoji/emotions
  • “How do you want to feel?” responses
  • Daily reflections, intentions, or habits
  • Optional journaling notes

IMPORTANT: This data stays entirely on your device unless you explicitly choose to back it up or share it (e.g., via exporting your journal). It is not transmitted to our servers, not accessed by Ahhaa, and not shared with any third-party, including your affiliated school, institution, or organization.

 

 

6. Emotion Data Architecture and Handling

a. On-Device Only Design

  • Emotion check-ins, reflections, and journaling reside exclusively on your device
  • No part of your emotional or journaling history is uploaded to our servers
  • Data is sandboxed using OS-level security (iOS Secure Enclave / Android Keystore)

b. Institutional Accounts

If your Ahhaa account is linked to a school or organization:

  • No teacher, administrator, or institution ever has access to your emotional entries, journal logs, or check-ins
  • Only aggregate anonymized statistics (e.g., “60% of students used the app 3+ times this week”) may be shared with the institution, never individual logs

c. Optional Export

Users may choose to export or back up emotion logs manually. Exported data is readable only by you and saved in plain text or PDF format.

 

 

7. How We Use Your Data

We only use your information in a lawful and transparent manner, including:

  • To create and manage your account
  • To personalize your app experience (suggest practices, reminders)
  • To process subscriptions and payments (Ahhaa Plus)
  • To recommend practices based on your selected mood (on-device)
  • To improve app functionality and relevance (aggregated usage patterns)
  • To send important notifications and updates
  • For research and insights in anonymized formats

We never use your data for profiling, advertising, or selling to third parties.

 

8. Who We Share Your Data With

We do not rent, sell, or license your personal data. We share only in the following controlled scenarios:

  • Authorized Processors: Cloud infrastructure, analytics providers, and payment gateways — all contractually bound to confidentiality
  • Legal Requirements: Law enforcement, regulators, or government authorities if required under applicable law
  • Corporate Events: In merger/acquisition scenarios, user data may be part of transferred assets (you’ll be notified)
  • Emergency Circumstances: If necessary to protect the rights or safety of you or others

Emotion check-ins and journaling inputs are never included in shared or transferred data.

 

 

9. Retention of Data

10. Your Rights and Controls

Depending on your jurisdiction, you may have the following rights:

 

  • Access: Request a copy of the data we hold about you
  • Correction: Request changes to inaccurate or outdated data
  • Deletion: Request account and all associated data be deleted
  • Restriction: Limit processing of specific data types
  • Objection: Opt-out of data use for specific purposes
  • Portability: Download your data in machine-readable format
  • Withdraw Consent: Revoke previously given consent at any time

 

You may exercise these rights by emailing privacy@ahhaa.com or using in-app options (Settings > Privacy & Data).

 

 

11. Data Security Measures

We follow the ISO 27001 and ISO/IEC 27701 standards for security and privacy, including:

 

  • AES-256 encryption for secure communication
  • Secure server environments with role-based access
  • Multi-factor authentication for internal systems
  • Regular penetration testing and code audits
  • 24/7 security monitoring with automated alerting
  • App data isolation per user

12. Cookies & Tracking (Web only)

The Ahhaa website uses first- and third-party cookies for:

 

  • Session management
  • Traffic analysis
  • Marketing campaign performance

 

You can control or delete cookies through your browser settings. No cookies or trackers are embedded in the mobile app.

 

 

13. Children’s Privacy

The Ahhaa app is suitable for users aged 13 and above. For users under 18, parental or school supervision is advised.

 

We do not knowingly collect data from users under 13 without verified parental consent. If we become aware, we will delete such data promptly.

 

 

14. Grievance Redressal Mechanism

In compliance with India’s IT Act and SPDI Rules, Ahhaa has appointed a Grievance Officer to handle all data-related complaints:

 

Grievance Officer: Privacy Compliance Officer Ahhaa World Online Services Pvt Ltd A-8/5 Kumar Padmalaya, Aundh, Pune - 411007, India 📧 Email: privacy@ahhaa.com

 

We aim to respond within 48 hours and resolve complaints within 30 working days.

 

 

15. Summary of Our Commitment

 

✅ We do not sell your data

✅ We do not store or analyze your emotion history

✅ Your emotional journey is yours alone — secure and confidential

✅ We design for privacy, dignity, and user empowerment

✅ You are always in control

Privacy Policy

Effective Date: 01 Jul 2025

Last Updated: 01 Jul 2025

Company: Ahhaa World Online Services Pvt Ltd (“Ahhaa,” “we,” “our,” or “us”)

Business Address: A-8/5 Kumar Padmalaya, Aundh, Pune - 411007, Maharashtra, India

Website: www.ahhaa.com

Contact: privacy@ahhaa.com

1. Introduction

At Ahhaa, your privacy is sacred. We are fully committed to protecting your emotional, personal, and behavioral data through transparent, ethical, and lawful practices. This Privacy Policy details how we collect, process, store, protect, and use your personal and sensitive information, including emotion check-ins and journal reflections.

By accessing the Ahhaa app or services, you consent to the collection and use of your data in accordance with this Policy.

 

 

2. Compliance with Indian Laws

Ahhaa is a company registered and headquartered in India, and our data protection practices are governed primarily by Indian law. Specifically, we comply with the following:

 

✅ Information Technology Act, 2000

India’s foundational law governing cybersecurity, data breaches, and electronic commerce.

 

✅ Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011

 

Under these rules, Ahhaa recognizes:

  • Your emotional data as Sensitive Personal Data or Information (SPDI)
  • Your right to consent, access, correction, and withdrawal
  • Our obligation to protect your SPDI through reasonable security practices

✅ Digital Personal Data Protection Act, 2023 (DPDP Act)

 

Though not fully enforced at the time of writing, Ahhaa voluntarily aligns with the core principles of the DPDP Act:

  • Purpose limitation: We only collect what’s needed
  • Data minimization: We avoid collecting excessive or irrelevant data
  • Storage limitation: Data is stored only for the necessary duration
  • User consent: Clear, affirmative consent for sensitive features like journaling
  • User rights: You can access, correct, or delete your data anytime
  • No harm: We take care to ensure no psychological or reputational harm comes to you

We will update our compliance obligations and enforcement language as DPDP is formally enacted with rules and enforcement bodies.

 

 

4. International Legal Alignment (Best Practices)

Though we operate from India, our practices are also inspired by:

 

  • General Data Protection Regulation (EU GDPR) for lawful bases and user rights
  • California Consumer Privacy Act (CCPA) for transparency
  • OECD Privacy Principles for fairness, security, and accountability

 

We do not transfer data across borders, but if you’re accessing from outside India, your data will be processed in accordance with Indian law.

 

 

5. Information We Collect

We collect different types of information based on your interaction with the app.

 

a. Information You Provide Voluntarily

This includes:

  • Personal Identification: Name, email address, mobile number, age range, school or organization name (if applicable)
  • Account Credentials: Password or sign-in authentication
  • Subscription Data: Billing name, payment method (processed via third-party providers), and preferences
  • Surveys and Feedback: Responses to check-ins, surveys, app feedback
  • User Support: Queries and messages sent via our support systems

b. Information We Automatically Collect

  • Device Information: Device ID, OS type/version, app version
  • Usage Patterns: Session logs, features accessed, timestamps, frequency
  • App Diagnostics: Crash logs and performance data

c. Emotion Data & Journal Entries (Emotion Intelligence Layer)

When you use the emotional check-in, mood tracking, or journaling tools, you may input sensitive emotional data.

 

This includes:

  • Selected emoji/emotions
  • “How do you want to feel?” responses
  • Daily reflections, intentions, or habits
  • Optional journaling notes

IMPORTANT: This data stays entirely on your device unless you explicitly choose to back it up or share it (e.g., via exporting your journal). It is not transmitted to our servers, not accessed by Ahhaa, and not shared with any third-party, including your affiliated school, institution, or organization.

 

 

6. Emotion Data Architecture and Handling

a. On-Device Only Design

  • Emotion check-ins, reflections, and journaling reside exclusively on your device
  • No part of your emotional or journaling history is uploaded to our servers
  • Data is sandboxed using OS-level security (iOS Secure Enclave / Android Keystore)

b. Institutional Accounts

If your Ahhaa account is linked to a school or organization:

  • No teacher, administrator, or institution ever has access to your emotional entries, journal logs, or check-ins
  • Only aggregate anonymized statistics (e.g., “60% of students used the app 3+ times this week”) may be shared with the institution, never individual logs

c. Optional Export

Users may choose to export or back up emotion logs manually. Exported data is readable only by you and saved in plain text or PDF format.

 

 

7. How We Use Your Data

We only use your information in a lawful and transparent manner, including:

  • To create and manage your account
  • To personalize your app experience (suggest practices, reminders)
  • To process subscriptions and payments (Ahhaa Plus)
  • To recommend practices based on your selected mood (on-device)
  • To improve app functionality and relevance (aggregated usage patterns)
  • To send important notifications and updates
  • For research and insights in anonymized formats

We never use your data for profiling, advertising, or selling to third parties.

 

8. Who We Share Your Data With

We do not rent, sell, or license your personal data. We share only in the following controlled scenarios:

  • Authorized Processors: Cloud infrastructure, analytics providers, and payment gateways — all contractually bound to confidentiality
  • Legal Requirements: Law enforcement, regulators, or government authorities if required under applicable law
  • Corporate Events: In merger/acquisition scenarios, user data may be part of transferred assets (you’ll be notified)
  • Emergency Circumstances: If necessary to protect the rights or safety of you or others

Emotion check-ins and journaling inputs are never included in shared or transferred data.

 

 

9. Retention of Data

10. Your Rights and Controls

Depending on your jurisdiction, you may have the following rights:

 

  • Access: Request a copy of the data we hold about you
  • Correction: Request changes to inaccurate or outdated data
  • Deletion: Request account and all associated data be deleted
  • Restriction: Limit processing of specific data types
  • Objection: Opt-out of data use for specific purposes
  • Portability: Download your data in machine-readable format
  • Withdraw Consent: Revoke previously given consent at any time

 

You may exercise these rights by emailing privacy@ahhaa.com or using in-app options (Settings > Privacy & Data).

 

 

11. Data Security Measures

We follow the ISO 27001 and ISO/IEC 27701 standards for security and privacy, including:

 

  • AES-256 encryption for secure communication
  • Secure server environments with role-based access
  • Multi-factor authentication for internal systems
  • Regular penetration testing and code audits
  • 24/7 security monitoring with automated alerting
  • App data isolation per user

12. Cookies & Tracking (Web only)

The Ahhaa website uses first- and third-party cookies for:

 

  • Session management
  • Traffic analysis
  • Marketing campaign performance

 

You can control or delete cookies through your browser settings. No cookies or trackers are embedded in the mobile app.

 

 

13. Children’s Privacy

The Ahhaa app is suitable for users aged 13 and above. For users under 18, parental or school supervision is advised.

 

We do not knowingly collect data from users under 13 without verified parental consent. If we become aware, we will delete such data promptly.

 

 

14. Grievance Redressal Mechanism

In compliance with India’s IT Act and SPDI Rules, Ahhaa has appointed a Grievance Officer to handle all data-related complaints:

 

Grievance Officer: Privacy Compliance Officer Ahhaa World Online Services Pvt Ltd A-8/5 Kumar Padmalaya, Aundh, Pune - 411007, India 📧 Email: privacy@ahhaa.com

 

We aim to respond within 48 hours and resolve complaints within 30 working days.

 

 

15. Summary of Our Commitment

 

✅ We do not sell your data

✅ We do not store or analyze your emotion history

✅ Your emotional journey is yours alone — secure and confidential

✅ We design for privacy, dignity, and user empowerment

✅ You are always in control

Privacy Policy

Effective Date: 01 Jul 2025

Last Updated: 01 Jul 2025

Company: Ahhaa World Online Services Pvt Ltd (“Ahhaa,” “we,” “our,” or “us”)

Business Address: A-8/5 Kumar Padmalaya, Aundh, Pune - 411007, Maharashtra, India

Website: www.ahhaa.com

Contact: privacy@ahhaa.com

1. Introduction

At Ahhaa, your privacy is sacred. We are fully committed to protecting your emotional, personal, and behavioral data through transparent, ethical, and lawful practices. This Privacy Policy details how we collect, process, store, protect, and use your personal and sensitive information, including emotion check-ins and journal reflections.

By accessing the Ahhaa app or services, you consent to the collection and use of your data in accordance with this Policy.

 

 

2. Compliance with Indian Laws

Ahhaa is a company registered and headquartered in India, and our data protection practices are governed primarily by Indian law. Specifically, we comply with the following:

 

✅ Information Technology Act, 2000

India’s foundational law governing cybersecurity, data breaches, and electronic commerce.

 

✅ Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011

 

Under these rules, Ahhaa recognizes:

  • Your emotional data as Sensitive Personal Data or Information (SPDI)
  • Your right to consent, access, correction, and withdrawal
  • Our obligation to protect your SPDI through reasonable security practices

✅ Digital Personal Data Protection Act, 2023 (DPDP Act)

 

Though not fully enforced at the time of writing, Ahhaa voluntarily aligns with the core principles of the DPDP Act:

  • Purpose limitation: We only collect what’s needed
  • Data minimization: We avoid collecting excessive or irrelevant data
  • Storage limitation: Data is stored only for the necessary duration
  • User consent: Clear, affirmative consent for sensitive features like journaling
  • User rights: You can access, correct, or delete your data anytime
  • No harm: We take care to ensure no psychological or reputational harm comes to you

We will update our compliance obligations and enforcement language as DPDP is formally enacted with rules and enforcement bodies.

 

 

4. International Legal Alignment (Best Practices)

Though we operate from India, our practices are also inspired by:

 

  • General Data Protection Regulation (EU GDPR) for lawful bases and user rights
  • California Consumer Privacy Act (CCPA) for transparency
  • OECD Privacy Principles for fairness, security, and accountability

 

We do not transfer data across borders, but if you’re accessing from outside India, your data will be processed in accordance with Indian law.

 

 

5. Information We Collect

We collect different types of information based on your interaction with the app.

 

a. Information You Provide Voluntarily

This includes:

  • Personal Identification: Name, email address, mobile number, age range, school or organization name (if applicable)
  • Account Credentials: Password or sign-in authentication
  • Subscription Data: Billing name, payment method (processed via third-party providers), and preferences
  • Surveys and Feedback: Responses to check-ins, surveys, app feedback
  • User Support: Queries and messages sent via our support systems

b. Information We Automatically Collect

  • Device Information: Device ID, OS type/version, app version
  • Usage Patterns: Session logs, features accessed, timestamps, frequency
  • App Diagnostics: Crash logs and performance data

c. Emotion Data & Journal Entries (Emotion Intelligence Layer)

When you use the emotional check-in, mood tracking, or journaling tools, you may input sensitive emotional data.

 

This includes:

  • Selected emoji/emotions
  • “How do you want to feel?” responses
  • Daily reflections, intentions, or habits
  • Optional journaling notes

IMPORTANT: This data stays entirely on your device unless you explicitly choose to back it up or share it (e.g., via exporting your journal). It is not transmitted to our servers, not accessed by Ahhaa, and not shared with any third-party, including your affiliated school, institution, or organization.

 

 

6. Emotion Data Architecture and Handling

a. On-Device Only Design

  • Emotion check-ins, reflections, and journaling reside exclusively on your device
  • No part of your emotional or journaling history is uploaded to our servers
  • Data is sandboxed using OS-level security (iOS Secure Enclave / Android Keystore)

b. Institutional Accounts

If your Ahhaa account is linked to a school or organization:

  • No teacher, administrator, or institution ever has access to your emotional entries, journal logs, or check-ins
  • Only aggregate anonymized statistics (e.g., “60% of students used the app 3+ times this week”) may be shared with the institution, never individual logs

c. Optional Export

Users may choose to export or back up emotion logs manually. Exported data is readable only by you and saved in plain text or PDF format.

 

 

7. How We Use Your Data

We only use your information in a lawful and transparent manner, including:

  • To create and manage your account
  • To personalize your app experience (suggest practices, reminders)
  • To process subscriptions and payments (Ahhaa Plus)
  • To recommend practices based on your selected mood (on-device)
  • To improve app functionality and relevance (aggregated usage patterns)
  • To send important notifications and updates
  • For research and insights in anonymized formats

We never use your data for profiling, advertising, or selling to third parties.

 

8. Who We Share Your Data With

We do not rent, sell, or license your personal data. We share only in the following controlled scenarios:

  • Authorized Processors: Cloud infrastructure, analytics providers, and payment gateways — all contractually bound to confidentiality
  • Legal Requirements: Law enforcement, regulators, or government authorities if required under applicable law
  • Corporate Events: In merger/acquisition scenarios, user data may be part of transferred assets (you’ll be notified)
  • Emergency Circumstances: If necessary to protect the rights or safety of you or others

Emotion check-ins and journaling inputs are never included in shared or transferred data.

 

 

9. Retention of Data

10. Your Rights and Controls

Depending on your jurisdiction, you may have the following rights:

 

  • Access: Request a copy of the data we hold about you
  • Correction: Request changes to inaccurate or outdated data
  • Deletion: Request account and all associated data be deleted
  • Restriction: Limit processing of specific data types
  • Objection: Opt-out of data use for specific purposes
  • Portability: Download your data in machine-readable format
  • Withdraw Consent: Revoke previously given consent at any time

 

You may exercise these rights by emailing privacy@ahhaa.com or using in-app options (Settings > Privacy & Data).

 

 

11. Data Security Measures

We follow the ISO 27001 and ISO/IEC 27701 standards for security and privacy, including:

 

  • AES-256 encryption for secure communication
  • Secure server environments with role-based access
  • Multi-factor authentication for internal systems
  • Regular penetration testing and code audits
  • 24/7 security monitoring with automated alerting
  • App data isolation per user

12. Cookies & Tracking (Web only)

The Ahhaa website uses first- and third-party cookies for:

 

  • Session management
  • Traffic analysis
  • Marketing campaign performance

 

You can control or delete cookies through your browser settings. No cookies or trackers are embedded in the mobile app.

 

 

13. Children’s Privacy

The Ahhaa app is suitable for users aged 13 and above. For users under 18, parental or school supervision is advised.

 

We do not knowingly collect data from users under 13 without verified parental consent. If we become aware, we will delete such data promptly.

 

 

14. Grievance Redressal Mechanism

In compliance with India’s IT Act and SPDI Rules, Ahhaa has appointed a Grievance Officer to handle all data-related complaints:

 

Grievance Officer: Privacy Compliance Officer Ahhaa World Online Services Pvt Ltd A-8/5 Kumar Padmalaya, Aundh, Pune - 411007, India 📧 Email: privacy@ahhaa.com

 

We aim to respond within 48 hours and resolve complaints within 30 working days.

 

 

15. Summary of Our Commitment

 

✅ We do not sell your data

✅ We do not store or analyze your emotion history

✅ Your emotional journey is yours alone — secure and confidential

✅ We design for privacy, dignity, and user empowerment

✅ You are always in control