policyPrivacy Policy

Your privacy, our responsibility.

We believe privacy is a fundamental right, not an afterthought. This policy explains plainly what data we collect, why we collect it, and how we protect it.

calendar_todayLast updated: April 15, 2026

summarizeTL;DR — The Plain English Summary

  • check_circleWe collect only what's needed to run the booking service.
  • check_circleWe never sell your personal data to anyone.
  • check_circleYour password is hashed — we can't read it.
  • check_circleYou can delete your account and all data at any time.
  • check_circleWe use no advertising or tracking cookies.

database
01Information We Collect

Account Information

When you create an account, we collect your name, email address, and a hashed password. We never store your password in plain text.

Booking Data

We store records of your bookings — including movie, show time, seat selection, and payment confirmation — to provide your booking history and generate tickets.

Usage Data

We collect anonymised usage data (pages visited, clicks, session duration) to improve our product. This data is not linked to your identity.

visibility
02How We Use Your Information

Service Delivery

Your account and booking data is used solely to provide the booking service — confirming reservations, generating QR tickets, and sending booking confirmations.

Communication

We may send transactional emails (booking confirmations, receipts). We do not send marketing emails without your explicit opt-in consent.

Product Improvement

Anonymised analytics help us understand which features work well and which ones need polish. No personally identifiable data is used for this purpose.

share
03Data Sharing

We Never Sell Your Data

Your personal information is never sold to, rented to, or shared with third-party advertisers or data brokers. Period.

Service Providers

We may share data with trusted infrastructure providers (hosting, email delivery) who process data strictly on our behalf and are bound by confidentiality agreements.

Legal Requirements

We may disclose information if required by law, court order, or government authority, and only to the minimum extent necessary.

lock
04Data Security

Encryption

All data is transmitted over HTTPS (TLS 1.2+). Passwords are hashed using industry-standard bcrypt before storage.

Access Controls

Access to production data is restricted to authorised personnel only and is protected by multi-factor authentication.

Incident Response

In the unlikely event of a breach, we will notify affected users within 72 hours and take immediate remediation steps.

manage_accounts
05Your Rights

Access & Portability

You can request a copy of all personal data we hold about you at any time by contacting us at privacy@suprabhat.site.

Deletion

You may request deletion of your account and associated data. We will process requests within 30 days, except where retention is required by law.

Correction

If any information we hold about you is inaccurate, you may update it through your account settings or by contacting us directly.

cookie
06Cookies

Essential Cookies Only

We use only essential session cookies required for authentication and booking flow. We do not use tracking or advertising cookies.

Local Storage

We use browser local storage to persist your authentication token client-side. This data never leaves your device except as part of authorised API calls.

Questions about your privacy?

Reach out to us directly. We aim to respond to all privacy-related requests within 48 hours.

mailContact Us