JooySutra

Privacy Policy

Last updated: 27 June 2026

1. Who we are

JooySutra Ltd (“JooySutra”, “we”, “us”, “our”) is a wellness booking platform registered in Singapore. Our platform connects wellness seekers with verified wellness providers worldwide. This Privacy Policy explains how we collect, use, disclose and safeguard your information when you use our website and services.

2. Information we collect

Account information: When you create an account, we collect your name, email address, password (hashed — never stored in plain text), nationality and profile preferences.

Booking information: When you book a program, we collect your first and last name, email, phone number, emergency contact and any special requirements you provide.

Wellness Passport data: We store your retreat history, wellness scores, achievements and countries visited as part of your Wellness Passport.

Usage data: We collect standard server logs including IP addresses, browser type, pages visited and session duration. We use this to improve the platform.

Payment information: We do not store card details. Payments are processed by our PCI-DSS compliant payment partners.

3. How we use your information

  • To process bookings and send booking confirmations
  • To operate and maintain your Wellness Passport
  • To communicate with you about your bookings and account
  • To send you program recommendations (you can opt out at any time)
  • To improve the platform and develop new features
  • To detect and prevent fraud and abuse
  • To comply with legal obligations

4. Information sharing

We share your booking details (name, email, special requirements) with the wellness provider you book with. This is necessary to fulfil the booking.

We do not sell your personal data to third parties. We do not share your data with advertisers.

We may share anonymised, aggregated data (e.g. “most popular retreat destinations”) that cannot identify you personally.

5. Data retention

We retain your account data for as long as your account is active. If you delete your account, we delete your personal data within 30 days, except where we are legally required to retain it (e.g. for tax or fraud prevention purposes).

6. Your rights

Under GDPR and applicable data protection laws, you have the right to:

  • Access a copy of your personal data
  • Correct inaccurate data
  • Request deletion of your data (“right to be forgotten”)
  • Withdraw consent for marketing communications
  • Lodge a complaint with your national data protection authority

To exercise these rights, email privacy@jooysutra.com.

7. Security

We use industry-standard security measures including TLS encryption in transit, bcrypt password hashing, httpOnly cookies for authentication tokens and regular security audits. No system is perfectly secure, but we take reasonable precautions to protect your data.

8. Cookies

We use essential cookies to maintain your login session (jooy_token, httpOnly, 7-day expiry). We do not use tracking or advertising cookies. We do not use third-party analytics that share your data with external companies.

9. Contact

Questions about this policy: privacy@jooysutra.com

Postal: JooySutra Ltd, 1 Marina Boulevard, Singapore 018989