Sign in
Home · Privacy Policy

Privacy Policy.

How we collect, use and protect your data.

Privacy Policy

Last updated: 12 May 2026

This Privacy Policy explains how Healthy Life Foundation (the "Foundation", "we", "us") collects, uses, shares and protects personal information when you visit courses.bheemsain.com (and, in due course, healthylifefoundation.com), create an account, enrol in a course, request a distance-healing session, or otherwise interact with us. We aim to handle your information honestly, sparingly and in accordance with applicable Indian law, including the Digital Personal Data Protection Act, 2023 (the "DPDP Act").

1. Who is responsible

Healthy Life Foundation, based in Patiala, Punjab, India, is the data fiduciary (controller) for the personal data described below. For any privacy question, write to info@healthylifefoundation.com.

2. What we collect

  1. Account information: your first and last name, email address, mobile / WhatsApp number, and the password you choose (stored in hashed form — never in plain text).
  2. Enrolment records: which courses you have enrolled in, when you enrolled, who enrolled you (yourself, an admin or an appointed Manager), and the amount paid (including cash collected by a Manager). For Manager-driven enrolments, we also record an internal note describing the circumstances of payment.
  3. Course-progress data: which lessons you have opened, watch progress (so you can resume where you left off), quiz responses (where applicable), and certificates issued.
  4. Communications: messages you send through the contact form, support tickets, replies you send to our emails, and questions submitted within a lesson.
  5. Payment data: when a paid transaction is processed online, our payment partner (such as Razorpay, Stripe or PayU) handles your card or bank details on its own systems. We receive a transaction reference, the amount, the currency and the success/failure status — we do not see or store your full card number or CVV.
  6. Technical information: your IP address, browser type, device type, operating system, the page you came from, the pages you visited, time spent and any errors encountered. This is collected through standard server logs and through cookies.
  7. Cookies: small text files that keep you logged in, remember your preferences and help us measure how the Site is used. You can disable cookies in your browser, although some features (notably login) will then not work.

3. Why we use it (purposes and lawful basis)

  1. To create and maintain your account and to give you access to the courses you enrol in (performance of our contract with you).
  2. To process payments — both online and Manager-collected cash — and to keep an audit trail of who enrolled you and on what date (legitimate interest in honest record-keeping; legal obligation for tax and accounting).
  3. To save your watching progress so you can resume a lesson, and to issue certificates of completion (performance of our contract).
  4. To send transactional emails — enrolment confirmations, password resets, course updates and similar service messages.
  5. To send occasional updates about new courses, satsangs and journal entries — only where you have given consent. You can withdraw consent at any time by clicking "unsubscribe" or writing to us.
  6. To protect the Site against abuse, credential sharing and unauthorised copying of lesson videos (legitimate interest in safeguarding our work and the integrity of the teaching).
  7. To comply with applicable law, respond to lawful requests from authorities, and defend legal claims.

4. With whom we share information

We do not sell your personal data. We share it only with the following categories of recipient, and only to the extent reasonably needed:

  • Hosting and infrastructure providers who run our servers, databases and email systems on our behalf, under contractual confidentiality obligations.
  • Payment processors that handle online transactions (such as Razorpay, Stripe, PayU). These partners are independent controllers for the payment data they collect from you; their own privacy notices apply to that processing.
  • Managers appointed by the Foundation, who can see only the students they themselves have enrolled and the courses, dates and amounts associated with those enrolments. They cannot see your password, your watch progress or any other student's data.
  • Professional advisers such as accountants and lawyers, where strictly necessary.
  • Authorities, where we are required by law or a binding order to disclose information.

5. How long we keep it

  1. Account and enrolment records are kept for as long as your account is active, and for a period afterwards consistent with applicable tax and accounting requirements (typically up to eight years).
  2. Server and access logs are retained for a short rolling period for security and abuse-prevention purposes, typically not more than ninety days.
  3. Backups are retained on a rolling cycle and are securely overwritten when no longer needed.

6. Your rights

Subject to the DPDP Act and other applicable law, you have the right to:

  • access the personal data we hold about you, and obtain a copy in a portable form;
  • correct any data that is inaccurate or out of date;
  • request that we erase your account and the personal data associated with it, subject to records we are required to retain by law;
  • withdraw consent at any time for any processing that was based on consent (such as marketing email);
  • nominate, in accordance with the DPDP Act, another individual to exercise these rights on your behalf in the event of your death or incapacity;
  • complain to the relevant data-protection authority if you believe your rights have been infringed.

To exercise any of these rights, write to info@healthylifefoundation.com from the email address registered on your account. We will respond within a reasonable period (and in any event within the time required by law).

7. Security

We take reasonable technical and organisational measures to protect your information, including encryption of data in transit (HTTPS), hashed password storage, role-based access for staff and Managers, audit logging of administrative actions, and protection of lesson videos against unauthorised download. No internet system is perfectly secure; if a personal-data breach occurs that is likely to result in significant harm, we will notify affected users and the relevant authority in accordance with the DPDP Act.

8. Children

The Site is intended for adults. We do not knowingly collect personal data from a person below the age of 18 without the verifiable consent of a parent or guardian, as required by the DPDP Act. If you believe a minor has registered without such consent, write to us and we will close the account and delete the data.

9. International transfers

Our servers are hosted with reputable providers, some of whose data-centres may sit outside India. Where personal data is transferred outside India, we ensure equivalent protection through contractual safeguards in accordance with applicable law.

10. Cookies — short summary

We use only the cookies needed to operate the Site (keeping you logged in, remembering your preferences) and to understand basic usage. We do not use advertising or tracking cookies served by third-party ad networks. You can control or disable cookies in your browser at any time.

11. Changes to this Policy

We may update this Policy occasionally — for example, when we add a new service, change a vendor or respond to a change in the law. The "Last updated" date at the top will change accordingly. For material changes that affect how your data is used, we will provide an additional notice through the Site or by email.

12. Contact

Healthy Life Foundation
Patiala, Punjab, India
Email: info@healthylifefoundation.com