Privacy Policy

MYRA ("MYRA", "we", "us", or "our") is a non-clinical wellness marketplace operated by Revaquo Ventures Pvt. Ltd. We connect people seeking support with independent Guides for one-to-one voice sessions. This policy explains how we handle your personal data when you use the platform at myrawellness.in.

By using MYRA you consent to the practices described here. If you don't agree with this policy, please don't use the platform.

Information you give us

• Account details: your name, email, profile photo, and whether you join as a seeker or a Guide.
• Profile data: phone number, location, a short bio, date of birth, and emergency contact details.
• Onboarding questionnaire (optional): up to three answers about what brought you to MYRA, how you usually work through things, and what would feel useful. Collected only if you choose to answer.
• Payment information, processed through Razorpay. We never store your card details; Razorpay handles payment data to PCI-DSS standards.
• Guide applications: qualifications, certifications, experience, scenario responses, social links, and government-issued identification for verification.
• Session content: the notes a Guide saves and the feeling-based feedback you leave after a session.
• Booking information: your scheduled sessions, including the Guide, date, time, duration, and booking history.

Information we collect automatically

• Usage data: pages visited, features used, session duration, and timestamps.
• Device information: browser type, operating system, and IP address.
• Authentication data: your login method (Google or email) and session tokens.
• Analytics data: aggregated, pseudonymised usage signals from limited first-party analytics. These never serve third-party ads or build cross-site profiles of you.

Your sessions are confidential. MYRA may record and transcribe voice sessions for safety auditing, quality, and platform improvement; when recording is active you will be notified within the call room before it begins. Each session is tied to a unique account identifier and a server-side timestamp. Where recordings are made, we use them to:

• Quality and safety auditing: verifying Guide conduct, investigating complaints, and enforcing our Code of Ethics and Escalation Protocol.
• Personalising your experience: drawing insights that help match you with Guides, suggest relevant topics, and improve the platform for you.
• Platform and AI improvement, including training and operating MYRA's internal AI layer where used.

Recordings and transcripts are stored encrypted against your account identifier. Audio recordings are kept for 7 days for safety and quality auditing, then automatically deleted; the text transcript is retained for the lifetime of your account. Both are deleted within 30 days of account closure or a verified erasure request. We never sell, rent, or license them to any third party. Access is limited to authorised MYRA personnel and vetted infrastructure providers bound by written data-processing terms. You may withdraw consent to recording at any time via your account settings; after that, recording-dependent features will not be available to you.

• To create and manage your account.
• To connect seekers with suitable Guides based on preference and availability.
• To process wallet top-ups, session payments, scheduled bookings, and Guide payouts.
• To verify a Guide's identity and stated experience during the application process.
• To run real-time voice sessions through Agora.
• To detect and prevent fraud, abuse, and safety concerns.
• To send you transactional messages: payment, session, and booking confirmations and reminders.
• To improve the platform through analytics, session-derived insights, and personalisation.
• To meet our legal obligations and respond to lawful requests.

We do not sell, rent, or license your personal data to advertisers, data brokers, or anyone else for their own commercial use. We share it only in these limited situations:

• With Guides and seekers: limited profile information (such as your chosen name or alias and photo) to make a session possible.
• With service providers: secure cloud infrastructure operated by MYRA and its contracted providers (databases hosted in India and, where described here, other jurisdictions), Agora for voice, and Razorpay for payments. Where an AI layer processes insights or transcripts, it works under terms that prohibit any independent use of MYRA customer data.
• For safety and compliance: when required by law, to protect someone's safety, or to enforce our Terms.
• With your consent: whenever you explicitly authorise sharing for a specific purpose.

Stored credentials and behavioural signals (such as login patterns and session preferences) are used only to operate, secure, and improve the platform. They are never commercially exploited or shared with third parties.

We apply industry-standard safeguards to protect your data:

• All data is transmitted over HTTPS with TLS 1.3 encryption.
• Server-side authentication with secure session-token management.
• Personal data and session content stored on secure cloud infrastructure with role-based access control and at-rest encryption. Primary storage is in India; redundant or processing copies may sit in other jurisdictions under equivalent safeguards.
• Payment signature verification (HMAC-SHA256) on every transaction.
• Rate limiting on our API endpoints to prevent abuse.
• Where session recording is active, recordings and transcripts are stored encrypted at rest, accessible only to authorised MYRA personnel for the purposes above.

We retain your personal data for as long as your account is active or as needed to provide the service. Transaction records are kept for at least five years to meet legal and accounting requirements. Audio session recordings are kept for 7 days for safety and quality auditing, then automatically deleted. Session transcripts and personalisation data are retained for the lifetime of your account and deleted within 30 days of account closure or a verified erasure request. You can ask us to delete your account and the data tied to it at any time.

Under the Digital Personal Data Protection Act, 2023 and other applicable laws, you have the right to:

• Access: ask for a copy of the personal data we hold about you, including any session transcripts tied to your account.
• Correction: update or fix inaccurate personal data.
• Erasure: ask us to delete your personal data and the session content tied to it.
• Withdraw consent: withdraw consent to session recording and personalisation at any time; you'll then no longer be able to use those parts of the service.
• Nomination: name someone to exercise your rights if you die or become incapacitated.

To exercise any of these, contact our Grievance Officer, Neha Bass (Director), at support@myrawellness.in. We respond within 30 days, as required under the DPDPA, 2023.

MYRA is an 18+ platform. Only people who are 18 or over may register and hold an account; a minor may not register or hold an account of their own.

A parent or legal guardian who wants a minor in their care to take part in a wellness conversation must do so from their own account, stay the sole account holder, be present and actively supervising the session, and take full responsibility for everything done from the account, including all data processed. The adult's consent under the DPDPA, 2023 covers the minor's personal data in this context. If we reasonably suspect an unsupervised minor is on the platform, we may pause the session, ask for verification, or restrict or close the account.

We use cookies, local storage, and limited first-party analytics (including Firebase Analytics) to keep you logged in, remember your preferences, and understand aggregate usage. We don't use third-party advertising cookies and we don't sell tracking data. Our Cookie Notice covers this in full.

We may update this policy from time to time. We'll post the new version on this page and refresh the "Last updated" date; material changes are highlighted in-app. Continuing to use MYRA after a change means you accept the updated policy.

MYRA is a non-clinical wellness service. It is not therapy, diagnosis, treatment, or emergency care, and Guides are independent contractors, not licensed clinicians. If you are in crisis, contact your local emergency services or a helpline right away.