Privacy Policy

1. Introduction

Welcome to ExamDedo ('we,' 'our,' or 'us'). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered assessment platform, including our website, mobile applications, and related services (collectively, the 'Service').

By accessing or using ExamDedo, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Service.

This Privacy Policy is designed to comply with applicable data protection laws, including the Information Technology Act, 2000, and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 of India.

2. Information We Collect

We collect information that you provide directly to us, information automatically collected when you use our Service, and information from third-party sources.

• Personal Information: Name, email address, phone number, date of birth, educational background, institution affiliation, and profile picture.
• Account Information: Username, password (hashed), account preferences, subscription details, and payment information.
• Academic Information: Exam categories, test scores, performance analytics, study history, and learning preferences.
• Usage Data: IP address, browser type, device information, operating system, pages visited, time spent on pages, clickstream data, and access times.
• AI Interaction Data: Questions generated, responses provided, AI feedback received, and learning patterns analyzed.
• Communication Data: Messages sent through our platform, support tickets, feedback, and survey responses.
• Location Data: General location information based on IP address (with your consent).
• Data from Google Sign-In: If you register or log in with Google ('Sign in with Google'), we receive your name, email address, and profile picture from Google. Use of Google Sign-In is also subject to Google's Privacy Policy (https://policies.google.com/privacy).
• Payment Information: Payments are processed by our payment gateway provider (Razorpay). We do not store your full card number or CVV. We may store billing contact details and transaction references for receipts and support. Card data is handled directly by the payment provider in accordance with their privacy policy (https://razorpay.com/privacy/).

3. How We Use Your Information

We use the collected information for various purposes:

• Service Delivery: To provide, maintain, and improve our assessment services, AI question generation, and performance analytics.
• Personalization: To customize your learning experience, recommend relevant content, and adapt AI-generated questions to your skill level.
• Account Management: To create and manage your account, process transactions, send invoices, and handle subscription renewals.
• Communication: To send you service-related notifications, updates, security alerts, and respond to your inquiries.
• Analytics & Improvement: To analyze usage patterns, identify trends, improve our AI algorithms, and enhance user experience.
• Security: To detect, prevent, and address technical issues, fraud, security threats, and unauthorized access.
• Legal Compliance: To comply with legal obligations, enforce our terms of service, and protect our rights and the rights of our users.
• Marketing: To send promotional communications (with your consent) about new features, special offers, and educational content.

4. Information Sharing and Disclosure

We do not sell your personal information. We may share your information only in the following circumstances:

• Service Providers: With trusted third-party service providers who assist us in operating our platform, processing payments, hosting data, providing analytics, and delivering customer support.
• Educational Institutions: With your institution or teacher (if you're part of a batch or class) to share your progress and performance data.
• Legal Requirements: When required by law, court order, or government regulation, or to protect our rights, property, or safety.
• Business Transfers: In connection with any merger, acquisition, or sale of assets, where your information may be transferred as part of the transaction.
• With Your Consent: When you explicitly authorize us to share your information with third parties.
• Aggregated Data: We may share anonymized, aggregated data that cannot identify you individually for research, analytics, or marketing purposes.

5. Payment Processing and Third-Party Sign-In

To support payment gateway verification and Google OAuth verification requirements:

• Payment Gateway (Razorpay): We use Razorpay to process subscription payments. Your payment details are entered on Razorpay's secure pages and are not stored by ExamDedo. Razorpay may collect and process data as described in their Privacy Policy (https://razorpay.com/privacy/). We receive only transaction status, order IDs, and billing information necessary for receipts and support.
• Google Sign-In: If you use 'Sign in with Google,' we receive only the profile data you authorize (name, email, profile picture) to create or link your account. We do not receive or store your Google password. Your use of Google Sign-In is subject to Google's Terms of Service (https://policies.google.com/terms) and Privacy Policy (https://policies.google.com/privacy).

7. Data Security

We implement industry-standard security measures to protect your personal information:

• Encryption: All data is encrypted in transit using SSL/TLS protocols and encrypted at rest using AES-256 encryption.
• Access Controls: Strict access controls and authentication mechanisms to ensure only authorized personnel can access your data.
• Regular Audits: We conduct regular security audits and vulnerability assessments to identify and address potential security risks.
• Secure Infrastructure: Our servers are hosted on secure cloud infrastructure with multiple layers of security.
• Data Minimization: We collect only the minimum amount of data necessary to provide our services.
• Incident Response: We have procedures in place to detect, respond to, and notify you of any data breaches in accordance with applicable laws.

8. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Account Data: Retained while your account is active and for a reasonable period thereafter to comply with legal obligations.

Performance Data: Retained to provide historical analytics and improve our AI models (anonymized after account deletion).

Transaction Records: Retained for accounting and tax purposes as required by law.

You may request deletion of your account and associated data at any time through your account settings or by contacting us.

9. Your Rights and Choices

You have the following rights regarding your personal information:

• Access: Request access to your personal data and receive a copy of the information we hold about you.
• Correction: Update or correct inaccurate or incomplete information through your account settings.
• Deletion: Request deletion of your account and personal data, subject to legal retention requirements.
• Data Portability: Request a copy of your data in a structured, machine-readable format.
• Opt-Out: Unsubscribe from marketing communications by clicking the unsubscribe link in our emails or adjusting your preferences.
• Cookie Preferences: Manage cookie settings through your browser or our cookie preference center.
• Withdraw Consent: Withdraw your consent for data processing where consent is the legal basis.

10. Children's Privacy

ExamDedo is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

For users between 13 and 18 years of age, we recommend parental supervision and consent before using our platform.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country.

We ensure that appropriate safeguards are in place to protect your data during international transfers, including standard contractual clauses and adequacy decisions.

12. Third-Party Links and Services

Our Service may contain links to third-party websites or integrate with third-party services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any information.

13. AI and Machine Learning

We use artificial intelligence and machine learning to improve our services. Your data may be used to train and improve our AI models, but we ensure that:

• Personal identifiers are removed or anonymized before use in AI training.
• You can opt-out of AI model training through your account settings.
• AI-generated insights are provided for your benefit and do not replace professional educational guidance.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. We will notify you of any material changes by:

Posting the updated policy on our website with a new 'Last Updated' date.

Sending an email notification to your registered email address.

Displaying a prominent notice on our platform.

Your continued use of our Service after such changes constitutes acceptance of the updated Privacy Policy.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• General & privacy: info@examdedo.in
• Support & data requests: help@examdedo.in
• Address: ExamDedo, India