Cookie Policy
WHAT IS THIS POLICY?
This Cookie Policy explains how Stackd Private Limited ("we", "our", "us"), operating the Tithi matrimonial platform, uses cookies and similar tracking technologies on our website (www.gettithi.com) and within the Tithi mobile application.
This Policy describes: what cookies and tracking technologies are; the categories of cookies we use and why; which third parties place cookies or similar technologies on our Platform; how you can manage your preferences and withdraw consent; and your rights under applicable law.
This Policy should be read together with our Privacy Policy and Terms and Conditions of Use. By using our Platform, you acknowledge that we may use cookies and tracking technologies as described in this Policy.
WHAT ARE COOKIES AND TRACKING TECHNOLOGIES?
1.1 Cookies are small text files that are placed on your device (computer, smartphone, or tablet) by a website or application when you visit or use it. They are widely used to make websites and apps function more efficiently and to provide information to the operators of those sites and apps.
1.2 The term "tracking technologies" in this Policy covers a broader range of technologies that operate in a similar way to cookies on web and mobile environments, including:
Cookies: Small text files stored in your browser by websites you visit.
Mobile Identifiers: Unique identifiers associated with your mobile device, such as Apple's Identifier for Advertisers (IDFA) on iOS and Google's Android Advertising ID (AAID) on Android. These function as the mobile equivalent of cookies and are used for analytics and, where applicable, advertising purposes.
Software Development Kits (SDKs): Packages of code integrated into the Tithi application that allow third-party service providers (such as analytics or notification services) to collect data about how you use the App. When you use the Tithi App, any third-party SDKs present in the App may collect and process data about your device and usage in accordance with their own terms and this Policy.
Pixel Tags / Web Beacons: Small transparent images embedded in pages or emails that allow us to track whether a page was opened or an email was read, and to record usage.
Local Storage: A browser-based technology that stores data on your device in a similar fashion to cookies but with greater storage capacity.
Session Storage: Stores data temporarily for the duration of a browser session, deleted when you close the browser tab.
Log Data: Data automatically collected when you access our services, including IP address, browser type, pages visited, time spent, and referring URLs.
1.3 This Policy is technology-neutral. It applies to all of the above technologies, not only traditional browser cookies. References to "cookies" throughout this Policy include all of the above tracking technologies unless the context requires otherwise.
1.4 Legal Framework. This Policy is informed by the requirements of:
The Digital Personal Data Protection Act, 2023 (DPDP Act) and DPDP Rules, 2025 (India);
The Information Technology Act, 2000 and IT Rules, 2011 (India);
The General Data Protection Regulation (EU) 2016/679 (GDPR) and the EU ePrivacy Directive (2002/58/EC, as amended), applicable to users in the European Union and EEA;
The UK General Data Protection Regulation and the UK Privacy and Electronic Communications Regulations (PECR), applicable to users in the United Kingdom;
The California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA), applicable to California residents; and
Apple App Store and Google Play Store privacy and data safety requirements.
WHY WE USE COOKIES
We use cookies and tracking technologies for the following broad purposes:
To ensure the Platform functions correctly and provides you with core services;
To remember your login session and preferences so you do not need to re-enter them each visit;
To understand how Users interact with the Platform, which features are used most, and where improvements are needed;
To detect and prevent fraud, abuse, unauthorised access, and security threats;
To comply with applicable legal obligations; and
To deliver relevant communications and, where you have consented, promotional content.
2.2 We do not use cookies or tracking technologies to build advertising profiles for sale to third-party advertisers. We do not sell data derived from cookies to third parties.
CATEGORIES OF COOKIES WE USE
We categorise our cookies as follows:
3.1 Strictly Necessary Cookies
Legal Basis: No consent required — essential to the functioning of the Platform
Can these be disabled? No — disabling them will prevent core Platform features from working
These cookies are essential to enable you to use the Platform and its core features. Without them, services such as logging in, maintaining your session, and navigating between screens cannot function. These cookies do not track your browsing activity for any commercial purpose.
Cookie / Identifier | Provider | Purpose | Duration | Type |
|---|---|---|---|---|
session_id | Tithi (First-party) | Maintains your logged-in session | Session | Session Cookie |
auth_token | Tithi (First-party) | Authenticates your account access securely | 14 days | Persistent Cookie |
csrf_token | Tithi (First-party) | Prevents cross-site request forgery attacks | Session | Session Cookie |
device_id | Tithi (First-party) | Identifies your device for security and session continuity | 12 months | Local Storage |
ios_idfa / aaid | Device OS | Device identifier used for session management on mobile | 12 months | Mobile Identifier |
3.2 Performance and Analytics Cookies
Legal Basis: Consent (DPDP Act / GDPR) — opt-in required
Can these be disabled? Yes — you may decline these without affecting core Platform functionality
These cookies collect information about how you use the Platform — for example, which screens you visit, how long you spend on them, errors you encounter, and how you navigate through the App. This data is used in aggregated and anonymised or pseudonymised form to help us understand Platform performance and improve the user experience. We do not use this data to build individual user profiles for advertising purposes.
Cookie / Identifier | Provider | Purpose | Duration | Type |
|---|---|---|---|---|
Analytics SDK | Third-party analytics provider | App usage analytics, session duration, feature interaction tracking | Up to 24 months | SDK |
_ga / _gid | Google Analytics | Page views, session data, traffic source on www.gettithi.com | 2 years / 24 hrs | Persistent Cookie |
crash_reporting | AWS | Captures app crash data and error logs to improve stability | 90 days | SDK Log |
perf_metrics | Tithi (First-party) | Records page load times and technical performance indicators | 30 days | Persistent Cookie |
3.3 Functional Cookies
Legal Basis: Consent (DPDP Act / GDPR) — opt-in preferred; may be required for enhanced features
Can these be disabled? Yes — disabling may limit certain personalisation features
These cookies allow the Platform to remember choices you have made and to provide enhanced, personalised features. For example, they may remember your language preference, recently viewed profiles, or notification preferences. The information these cookies collect does not identify you to third parties.
Cookie / Identifier | Provider | Purpose | Duration | Type |
|---|---|---|---|---|
user_prefs | Tithi (First-party) | Stores your display, language, and notification preferences | 12 months | Persistent Cookie |
recent_views | Tithi (First-party) | Remembers recently viewed profiles for easier navigation | 7 days | Local Storage |
consent_record | Tithi (First-party) | Records your cookie consent choices and the date of consent | 7 days | Persistent Cookie |
push_token | Push notification provider | Stores your device push notification token to deliver alerts | Until reset | SDK |
3.4 Communications and Notification Cookies
Legal Basis: Consent (DPDP Act / GDPR) — opt-in required
Can these be disabled? Yes — disabling may prevent delivery of push notifications and in-app alerts
These technologies are used to deliver push notifications, in-app messages, and transactional communications (such as new match alerts and message notifications) to your device. They enable the functionality of our communications infrastructure and third-party notification services.
Cookie / Identifier | Provider | Purpose | Duration | Type |
|---|---|---|---|---|
FCM / APNs token | Google Firebase / Apple | Enables push notification delivery to your device | Until reset or uninstall | Mobile SDK |
in_app_msg_sdk | In-app messaging provider | Enables in-app messages and platform announcements | Session / persistent | SDK |
email_pixel | Email service provider | Tracks email open and click rates (transactional emails only) | Session | Pixel Tag |
3.5 Payment Processing Technologies
Legal Basis: Contract — necessary for processing your payment transactions
Can these be disabled? No — these are required to complete paid transactions
When you make a payment for subscription services, our third-party payment gateway may set cookies or use related technologies on the payment page to ensure secure transaction processing, fraud prevention, and compliance with payment industry standards (PCI-DSS). The Company does not store full payment card details.
3.6 Security and Fraud Prevention Technologies
Legal Basis: Legitimate interests / Legal obligation — no consent required
Can these be disabled? No — these protect the Platform and all Users from fraud and abuse
These technologies help us detect and prevent malicious activity, fraud, fake account creation, automated scraping, and security threats. They are necessary for the safety and integrity of the Platform.
Cookie / Identifier | Provider | Purpose | Duration | Type |
|---|---|---|---|---|
device_fingerprint | Tithi / Security provider | Detects suspicious login patterns and prevents account takeover | Session | First-party |
bot_detection | Security provider | Prevents automated bot registrations and fake profile creation | Session | SDK / Cookie |
rate_limit_token | Tithi (First-party) | Prevents brute-force attacks on login and API endpoints | Session | Session Cookie |
THIRD-PARTY COOKIES AND SDKS
4.1 As described in Section 3, certain cookies and tracking technologies are placed or operated by third-party service providers. These providers include analytics companies, notification services, payment processors, and crash reporting tools. A summary of the categories of third-party providers is set out below.
Category | What They Do / Data Collected |
|---|---|
Analytics Provider | Collects anonymised/pseudonymised data about app usage, feature engagement, session length, and errors |
Push Notification Service | Receives and stores your device push token to deliver notifications on our behalf |
Payment Gateway | Processes subscription payments; may set cookies during checkout for fraud prevention |
Crash Reporting | Receives crash logs and stack traces from the App to enable bug fixing |
DivineAPI (Astrological) | Receives Birth Details (with your consent) for computation; not a cookie-based service |
Cloud Infrastructure | Hosts the Platform; server-side log data retained for security and compliance |
4.2 Third-party providers operate under their own privacy and cookie policies. We recommend reviewing those policies for full detail on how they collect and process data. We enter into data processing agreements with these providers requiring them to process your data only on our instructions and in compliance with applicable law.
4.3 We periodically audit our third-party integrations to ensure they remain necessary, proportionate, and compliant with applicable data protection law.
COOKIES ON OUR WEBSITE VS. IN THE MOBILE APP
5.1 Website (www.gettithi.com). Our website uses traditional browser cookies, pixel tags, and web storage. A consent management banner is displayed on your first visit, allowing you to accept, reject, or configure non-essential cookies before they are set. You may update your preferences at any time via the "Cookie Settings" link in the website footer.
5.2 Mobile Application. The Tithi mobile App does not use browser cookies in the traditional sense. Instead, it uses mobile identifiers (IDFA/AAID), in-app SDKs, local storage, and push notification tokens as described in Section 3. When you first open the App and at the time of registration, you will be presented with an in-app consent flow allowing you to choose which non-essential tracking technologies you consent to.
5.3 Apple iOS — App Tracking Transparency (ATT). On Apple iOS devices (iOS 14.5 and above), when the App wishes to access your device's IDFA for tracking purposes, Apple requires us to present you with an App Tracking Transparency prompt. You will be asked whether to "Allow Tracking" or "Ask App Not to Track". If you select "Ask App Not to Track", your IDFA will not be accessed for cross-app tracking purposes. This is separate from our in-app consent mechanism, and both sets of choices are honoured.
5.4 Google Android — Data Safety. On Android devices, our App complies with Google Play Store Data Safety requirements, including accurate disclosure in the Play Store Data Safety section of the types of data collected, how they are used, and whether data is shared with third parties.
5.5 GDPR / ePrivacy — Prior Consent Requirement. For Users located in the European Union, EEA, or UK, we will not initialise any non-essential tracking SDKs or set non-essential cookies before obtaining your valid, affirmative, and specific consent. Essential / strictly necessary technologies operate without prior consent as they are required for the Platform to function. Upon receipt of consent, the relevant SDKs are initialised. Your consent choice is logged with a timestamp.
LEGAL BASIS FOR COOKIE USE
6.1 India — DPDP Act. Under the Digital Personal Data Protection Act, 2023, the processing of personal data through cookies requires consent, which must be free, specific, informed, unconditional, and given through a clear affirmative act. We obtain this consent through our cookie consent banner (website) and in-app consent mechanism (App) before deploying any non-essential tracking technologies.
6.2 EU/EEA — GDPR and ePrivacy Directive. Under the combined requirements of GDPR (Regulation (EU) 2016/679) and the ePrivacy Directive (2002/58/EC):
Strictly necessary cookies: No consent required — deployed on the basis that they are essential to the service you requested.
All other cookies: Require prior, freely given, specific, informed, and unambiguous consent. Consent is obtained before the relevant cookies are set. Consent may be withdrawn at any time. We do not rely on "legitimate interests" as a legal basis for non-essential cookies.
6.3 UK — UK GDPR and PECR. The UK Privacy and Electronic Communications Regulations (PECR) impose similar requirements to the EU ePrivacy Directive. Consent is required before setting non-essential cookies on UK Users' devices. The same consent mechanism described above applies.
6.4 California — CCPA/CPRA. We do not sell or share personal information derived from cookies to or with third parties for targeted advertising purposes. California residents may exercise opt-out and access rights under the CCPA by contacting privacy@gettithi.com.
6.5 Consent Standards — All Jurisdictions. Across all jurisdictions, our consent mechanism is designed to meet the following standards:
Granular: Users can consent to individual categories of cookies rather than accepting all at once.
Freely given: Refusing non-essential cookies does not prevent access to the core Platform (no "cookie walls").
Informed: Clear descriptions of each cookie category and the purposes for which data is used are provided before consent.
Easy withdrawal: Consent can be withdrawn as easily as it is given, at any time, through the cookie settings panel.
Documented: Records of consent are stored with timestamps for auditing purposes.
No dark patterns: Accept and reject buttons are equally prominent; pre-ticked boxes are not used.
MANAGING YOUR COOKIE PREFERENCES
You have several ways to control and manage cookie and tracking technology preferences:
7.1 In-App Consent and Preference Centre (Mobile App)
Upon first opening the Tithi App and at registration, you will be presented with an in-app privacy consent flow. You can review and update your choices at any time by navigating to: Settings → Privacy → Tracking Preferences within the App.
7.2 Cookie Consent Banner and Settings (Website)
When you first visit gettithi.com, a cookie consent banner will be displayed. You may accept, reject, or customise your choices at a category level. You can update your preferences at any time via the "Cookie Settings" link in the website footer.
7.3 Browser Settings
Most browsers allow you to control cookies through their settings. Common options include blocking all third-party cookies, deleting existing cookies, and being notified when cookies are set. Please note that if you block all cookies (including strictly necessary ones), portions of the website or App may not function properly. For guidance on cookie management in specific browsers:
Google Chrome: chrome://settings/cookies
Mozilla Firefox: about:preferences#privacy
Apple Safari: Preferences → Privacy
Microsoft Edge: edge://settings/privacy
7.4 Mobile Device Settings
On iOS devices, you may limit ad tracking and reset your IDFA by navigating to: Settings → Privacy & Security → Tracking. On Android devices, you may opt out of ads personalisation and reset your advertising ID by navigating to: Settings → Google → Ads.
7.5 Industry Opt-Out Tools
For third-party analytics and advertising opt-outs, you may also use industry-level tools, including:
Your Online Choices (EU/UK): www.youronlinechoices.com
Network Advertising Initiative (US): www.networkadvertising.org/managing/opt_out.asp
Digital Advertising Alliance: www.aboutads.info/choices
Note that opting out through these tools may not remove all cookies but will opt you out of interest-based advertising from participating networks.
COOKIE RETENTION AND AUTO-EXPIRY
8.1 Different cookies have different lifespans, as described in Section 3. Session cookies expire when you close the App or browser. Persistent cookies remain on your device until their set expiry date or until you delete them.
8.2 In accordance with the principles of data minimisation under the DPDP Act, GDPR, and the NeGD Business Requirements Document for Consent Management Systems (April 2025), we implement automatic expiry for cookie consent records. Your cookie consent preferences will automatically expire after 12 months, at which point you will be asked to re-confirm your choices. This ensures your consent remains current and reflects your ongoing preferences.
8.3 Where a cookie's purpose has been fulfilled or is no longer required, we delete or anonymise the associated data in accordance with our Data Retention schedule (as set out in our Privacy Policy).
INTERNATIONAL TRANSFERS VIA COOKIE DATA
9.1 Some third-party analytics, notification, and infrastructure providers used by the Platform are based outside India. Where cookie-related data is transferred outside India — for example, to analytics providers in the United States or European Union — we ensure such transfers are subject to appropriate safeguards, including:
Data processing agreements incorporating standard contractual clauses (SCCs) approved by the European Commission;
Transfers to countries with an adequacy decision by the Indian or EU data protection authorities, where applicable; and
Compliance with the cross-border transfer requirements of the DPDP Act and DPDP Rules, 2025.
9.2 For EU/EEA Users, any transfer of personal data outside the EEA via cookies will be disclosed to you at the time of consent and will be covered by one of the recognised transfer mechanisms under GDPR.
. UPDATES TO THIS COOKIE POLICY
10.1 We review and update this Cookie Policy periodically to reflect changes in the cookies we use, the introduction of new third-party services, changes in applicable law, or changes in guidance from data protection authorities.
10.2 We will notify you of material updates by: (a) posting the revised Policy on the Platform with an updated Effective Date; and (b) for material changes that affect your rights, sending a notification via email or in-app alert prior to the change taking effect.
10.3 The most current version of this Cookie Policy is always available at www.gettithi.com/cookie-policy and within the App's Privacy Settings.
10.4 Your continued use of the Platform following any update constitutes your acknowledgement of the revised Cookie Policy. Where applicable law requires re-consent following a material change, we will obtain fresh consent before the change takes effect.
