Website Policy

Effective Date: 01 May 2026

Welcome to Therayog Private Limited. This page contains the updated Privacy Policy, Cancellation, Refund, Rescheduling, and Subscription Policy, Cookie Policy, and DPDP Notice.

2. Privacy Policy

2.1 Introduction and policy objective Therayog Private Limited is committed to handling user information in a responsible and lawful manner and to maintaining reasonable safeguards for data collected through the Platform and Services. We strictly observe the regulations under Digital Personal Data Protection Act (DPDP Act), 2023. Thus, the consent may be separate obtained through the specific Notice under the applicable law as updated from time to time.

This Privacy Policy describes the categories of information that may be collected, how that information may be used, stored, processed, disclosed, retained, and protected, and the choices that may be available to users in relation to their data.

By using the Platform or Services, you acknowledge that the Company may process information in accordance with this Privacy Policy.

2.2 Categories of information collected The Company may collect and process the following categories of information subject to the applicable laws, depending on the nature of the user’s interaction with the Platform:

address, phone number, postal address, city, and profile identifiers;

plan details, account preferences, class history, and customer support history;

billing details, invoices, payment confirmations, and refund history, though sensitive payment processing may be handled by third-party processors;

version, operating system, device type, referral source, session duration, website navigation paths, cookies, and related usage analytics;

messages, chat interactions, reviews, forms, feedback, profile information, and posted material;

shared by a user for customization of a wellness plan or experience, to the extent applicable to the Services actually offered.

• personal identification and contact information, including name, email
• account information, including username, login credentials, subscription
• transaction and payment-related information, including purchase history,
• technical and device information, including IP address, browser type and
• communications and content submissions, including emails, support
• optional wellness, habit, or health-preference information voluntarily

Where you provide information relating to another individual, you are responsible for ensuring that you are lawfully entitled to share that information and the company

legally deems that any required permission has been obtained and in case of children, you specifically indemnify the company that the necessary verifiable parental consent has been obtained and duly provided. We do not knowingly process children's data without verified parental consent.

2.3 Sources of information Information may be collected directly from you when you register, purchase, participate, communicate, fill out forms, attend sessions, use support channels, or interact with the Platform.

Your Consent is obtained through; Checkbox, click wrap, digital signature or any physical mode as applicable.

Information may also be generated automatically through your use of the Platform, such as session logs, usage analytics, technical logs, cookies, and interaction data.

Certain information may be received from various other service providers or transaction partners, such as payment processors, communication providers, hosting providers, or analytics partners, to the extent necessary for service administration.

2.4 Purposes for which information may be used The Company may use information under the applicable laws, for the following purposes:

digital resources, or other Services;

chargebacks, and payment confirmations;

support responses;

content relevance;

operational effectiveness;

investigate incidents, and protect legal rights;

has requested, accepted, or not opted out of such communications in the manner provided by the Company.

• to create and manage user accounts;
• to provide classes, memberships, programs, workshops, consultations,
• to process orders, subscriptions, payments, invoices, refunds,
• to communicate transactional messages, reminders, updates, notices, and
• to personalize or improve the user experience, website usability, and
• to analyze service performance, traffic patterns, engagement, and
• to maintain records, detect misuse, prevent fraud, secure the Platform,
• to send newsletters, offers, or marketing communications where the user

2.5 Disclosure and sharing of information

The Company may share user information with employees, trainers, administrators, contractors, technology providers, hosting providers, payment processors, customer support service providers, analytics partners, insurers, advisers, and other vendors to the extent reasonably necessary for platform operations and service delivery.

The Company may also share information with group entities or affiliates where reasonably necessary for administration, legal compliance, customer support, operational support, or internal management. Data may be transferred outside India only to jurisdictions not restricted by the Government of India and subject to reasonable safeguards.

Information may be disclosed to legal authorities, courts, law-enforcement bodies, regulators, government agencies, or counterparties where required by law, legal process, dispute resolution, fraud prevention, rights protection, debt recovery, or business transfer arrangements.

The Company’s current materials do not describe sale of user personal data as part of ordinary business activity, and this consolidated policy does not describe such sale as a standard practice.

2.6 Public and community-facing information If the Platform allows posting of content, profile elements, comments, testimonials, or community interactions, information voluntarily made public by a user may become visible to others and may be copied, shared, or misused by third parties beyond the Company’s control.

Users should therefore exercise caution before posting personal or sensitive information in publicly visible areas.

2.7 Cookies and similar technologies The Platform may use cookies, session identifiers, local storage, analytics tags, security tools, and related technologies to authenticate users, maintain sessions, remember preferences, process checkouts, understand usage, improve performance, and support security.

Further details are set out in the Cookie Policy in Section 4.

2.8 Data retention The Company may retain personal information for as long as reasonably necessary for service provision, account management, record-keeping, customer support, legal compliance, dispute resolution, fraud prevention, internal management and enforcement of rights.

Where deletion is requested, the Company may nevertheless retain some information where retention is reasonably necessary for audit, accounting, tax, legal, evidentiary, security, fraud prevention, or platform integrity purposes.

2.9 Security practices The Company states that it uses measures such as protected servers, restricted access, encryption for financial transaction flows, password protections, technical controls, and reasonable organizational safeguards to help reduce unauthorized access, misuse, loss, or alteration of information.

No online platform can guarantee complete security, and users are responsible for maintaining strong passwords, secure devices, and appropriate caution in their own digital environment.

2.10 User rights and choices Users may seek access to their information, request corrections, update account information, unsubscribe from promotional communications, request closure of their account, or seek deletion or restriction of data, subject to applicable law, verification, and legitimate retention requirements.

Users may under the DPDP Act, by formally informing the company and getting the acknowledgement thereof; withdraw consent at any time, Request correction or erasure and nominate another person.

Users may submit such requests to support@therayog.com and grievance matters may be escalated to admin@therayog.com.

2.11 Third-party websites and services The Platform may contain products, links to or embedded tools from third-party websites or services. The Company is not responsible for the privacy, content, practices, availability, or terms of such third parties.

Users should review the privacy policies and terms of any third-party service they choose to use.

2.12 International processing Because certain vendors, communication providers, infrastructure systems, analytics tools, or digital operations may involve more than one jurisdiction, user information may be processed, stored, backed up, or accessed across different locations in connection with the operation of the Platform.

Where users publish information publicly or interact on internet-facing areas, the Company cannot prevent global access to such information by others.

2.13 Changes to the Privacy Policy The Company may amend or update this Privacy Policy from time to time by posting the revised version on the Platform or communicating updates through reasonable channels.

Continued use of the Platform following the effective date of a revised Privacy Policy constitutes acknowledgment of the updated policy.

2.14 Contact details For privacy-related requests or questions, users may contact:

Therayog Private Limited

Email/Support: support@therayog.com

Grievance: admin@therayog.com

Phone: +91-9958648333(Only grievances related under DPDP act)

Corporate Office: A-73, Sector 65, Noida, Uttar Pradesh, India

3. Cancellation, Refund, Rescheduling, and

Subscription Policy

3.1 Applicability This policy applies to all paid classes, subscriptions, memberships, consultations, workshops, events, digital programs, resource bundles, course-based products, and any other paid Services offered by the Company, unless a specific product page or written communication expressly states different rules for a particular offering.

3.2 Digital-service nature Many Services offered by the Company are digital, instantly accessible, time-sensitive, trainer-capacity based, or dependent on class scheduling and content access, and therefore access may be treated as consumption once content is

unlocked, a slot is reserved, or a live session is attended and the company strictly observes the policy of no refund.

Users are expected to review product descriptions, inclusions, exclusions, plan terms, and timing conditions before purchase.

3.3 Company-side cancellation and service failure If the Company cancels a class, session, event, appointment, or paid Service due to trainer unavailability, internal scheduling reasons, low enrollment, verified technical fault, or platform outage, the Company may provide a full refund, replacement access, alternate scheduling, or equivalent credit at its discretion.

Where a user’s access is materially prevented by a verified Company-side technical issue, the Company may investigate the issue and may offer support, replacement access, credit, rescheduling, or refund depending on the circumstances.

3.4 Non-refundable situations Unless required by law or expressly approved by the Company, refunds are generally not available for:

information before checkout;

content;

settings, low digital literacy, or inability to use ordinary platform controls;

non-usage or user-side inability to navigate the content;

to applicable law and any specific written commitment.

• change of mind after purchase;
• accidental or mistaken purchase where the user had sufficient product
• no-shows, missed sessions, or failure to use a subscription or purchased
• user-side technical or internet issues, unsupported devices, incorrect
• requests for extension of subscriptions or access validity based solely on
• charges already incurred for a billing cycle that has already begun, subject

3.5 Exceptional circumstances The Company may, on a case-by-case basis, consider refund, credit, extension, or rescheduling in exceptional circumstances such as documented hospitalization, medical emergency, bereavement, or serious and unresolved platform inaccessibility that is not attributable to the user.

The Company may request documents, screenshots, technical logs, payment references, or other evidence before deciding such requests.

Approval of an exception in one case does not create an obligation to approve future requests on the same basis.

3.6 Charges that may remain non-refundable To the extent permitted by law and disclosed in the applicable offering structure, the Company may treat payment gateway charges, taxes, booking charges, platform handling charges, convenience charges, promotional benefits already consumed, or third-party fees as non-refundable.

3.7 Refund method and processing time Approved refunds are generally processed back to the original payment source unless a different method is required by law or specifically agreed by the Company.

Refund timelines may vary depending on banks, issuers, payment gateways, EMI partners, and financial intermediaries, and may typically take 7 to 14 business days after approval.

3.8 Rescheduling Rescheduling remains subject to trainer availability, batch capacity, scheduling limitations, and anti-abuse controls, and repeated or bad-faith rescheduling requests may be denied.

3.9 Chargebacks and payment disputes If a user initiates a chargeback, reversal, or payment dispute after valid access to the Service has been provided, the Company may contest the dispute using access logs, transaction records, attendance records, or other relevant evidence and may suspend the user’s access pending resolution.

3.10 How to request cancellation or refund To request cancellation, refund, or rescheduling, users should provide their full name, registered email or phone number, order or booking reference, date of purchase or booking, reason for request, and any supporting evidence where relevant.

Requests may be sent to support@therayog.com.

4. Cookie Policy

4.1 Purpose of this Policy This Cookie Policy explains how the Company may use cookies and similar technologies in connection with the Platform.

4.2 Meaning of cookies Cookies are small files or identifiers stored on a browser, device, or application environment that help websites and digital systems recognize sessions, remember preferences, improve usability, and support core functionality.

Cookies may be session cookies, which expire when the browsing session ends, or persistent cookies, which remain on the device until expiry or deletion.

4.3 Types of cookies and related technologies The Platform may use one or more of the following categories of tools:

security, and core operation;

interface settings;

website flow, and service performance;

and integrity issues;

and relevant to the Company’s communication or campaign systems.

• essential cookies for sign-in, authentication, checkout, session continuity,
• functional cookies for remembering language, user preferences, and
• analytics or performance cookies for measuring traffic, usage behavior,
• fraud-prevention and security tools for detecting suspicious traffic, misuse,
• marketing, attribution, or communications tools where lawfully deployed

4.4 Why cookies may be used Cookies and similar technologies may be used to:

• recognize a returning device or browser;
• maintain active login sessions;
• remember user preferences and settings;
• facilitate purchases, bookings, and checkout journeys;
• understand user interaction with pages, content, and features;
• improve site speed, performance, and user experience;
• support security and fraud prevention measures.

4.5 Third-party cookies and embedded technologies Some cookies or tracking technologies may be set or facilitated through third-party providers used by the Company, including video providers, payment gateways, analytics tools, communication platforms, or embedded integrations.

The Company does not control every third-party technology behavior and users should review relevant third-party policies where applicable.

4.6 Browser controls and user choices

Most browsers provide options to block, limit, or delete cookies through their settings.

Disabling certain cookies may affect login functions, session continuity, checkout features, video delivery, saved preferences, or other important Platform functionality.

4.7 Policy changes The Company may revise this Cookie Policy by posting an updated version on the Platform.

Continued use of the Platform after the revised policy becomes effective constitutes acknowledgment of the updated Cookie Policy.

4.8 Contact details For privacy-related or cookie-related questions, users may contact support@therayog.com.

NOTICE

UNDER DIGITAL PERSONAL DATA PROTECTION (DPDP ACT, 2023)

1. Identity of Data Fiduciary

Therayog Private Limited is the Data Fiduciary responsible for processing your personal data under the Digital Personal Data Protection Act, 2023.

Contact:

Email: support@therayog.com

Grievance: admin@therayog.com

2. Personal Data We Collect

We may collect the following categories of personal data:

• Identity Data (name, profile details)
• Contact Data (email, phone number, address)
• Account Data (login credentials, subscriptions)
• Transaction Data (payments, invoices, purchase history)
• Technical Data (IP address, device, browser, usage logs)
• Communication Data (emails, chats, feedback)
• Wellness / Health Preference Data (only if voluntarily provided)

3. Purpose of Processing

Your personal data is processed for:

• Account creation and management
• Delivery of services and sessions
• Payment processing and billing
• Customer support and communication
• Platform security and fraud prevention
• Personalization of user experience
• Compliance with legal obligations

4. Consent

By proceeding, you provide free, specific, informed, and unambiguous consent for processing your personal data for the purposes stated above. You may withdraw consent at any time.

5. Withdrawal of Consent

You may withdraw your consent by:

Emailing: support@therayog.com

Requesting via your registered account (where available)

Withdrawal will be processed within a reasonable time, subject to legal and operational requirements.

6. Your Rights (Data Principal Rights)

You have the right to:

• Access your personal data
• Request correction or updating
• Request erasure of your data
• Withdraw consent
• Nominate another person to exercise rights in case of incapacity or death
• Grievance redressal

7. Grievance Redressal

You may raise grievances at: admin@therayog.com

Timeline:

Acknowledgement: within 48 working hours

Resolution: within 30 days

If unsatisfied, you may approach the Data Protection Board of India.

8. Data Sharing

Your data may be shared with:

• Service providers and vendors
• Payment processors
• Technology partners
• Legal or regulatory authorities

Only to the extent necessary for stated purposes.

9. Cross-Border Transfer

Your data may be transferred outside India to jurisdictions not restricted by the Government of India, subject to reasonable safeguards.

10. Data Retention

Your data will be retained:

• As long as required for service delivery
• For legal, tax, and compliance purposes
• Until withdrawal of consent (where applicable)

11. Data Security

We implement reasonable technical and organizational measures to protect your data.

However, no system is completely secure.

12. Data Breach Notification

In the event of a personal data breach:

• We will take immediate remedial measures
• Notify affected users where required
• Notify the Data Protection Board of India as per law

13. Children’s Data

We do not process personal data of children without verifiable parental consent.

14. Updates to this Notice

This Notice may be updated from time to time.

15. Acknowledgment

By proceeding, you confirm that:

You have read and understood this Notice

You consent to processing of your personal data