Privacy Policy

📝 Information We Collect

We collect various types of information to provide and improve our services, personalize your experience, and ensure the security of our platform.

1. Personal Information You Provide

When you create an account or use our services, you may provide us with the following information:

• Account Details: Name, email address, phone number, password (encrypted)
• Profile Information: Profile photo, date of birth, gender
• Academic Background: Educational qualifications, current status (student/working professional)
• Exam Preferences: Target exams (SSC, Banking, Railways, UPSC, etc.), preparation level
• Payment Information: For premium services (processed securely through third-party payment gateways)

2. Information Collected Automatically

When you access our platform, we automatically collect certain information through cookies, log files, and other tracking technologies:

• Device Information: IP address, device type, operating system, browser type
• Usage Data: Pages visited, features used, time spent on platform, click patterns
• Connection Information: Internet service provider, connection speed, location (approximate)
• Performance Data: Test attempts, scores, time management, topic-wise performance
• Cookies and Tracking: Information collected through cookies and similar technologies

3. Information from Third Parties

We may receive information about you from third-party sources to enhance our services:

• Social Media: If you connect your social media accounts (Google,Facebook, WhatsApp etc) to our platform
• Payment Processors: Transaction details from payment gateways (Razorpay, Paytm, etc.)
• Analytics Providers: Aggregated usage data for service improvement
• Referral Sources: Information about how you discovered our platform

🎯 How We Use Your Information

We use the information we collect for specific, legitimate purposes related to providing and improving our services.

Primary Purposes of Data Usage

1. 1 Account Management: To create, maintain, and secure your user account and profile
2. 2 Service Delivery: To provide access to mock tests, study materials, and platform features
3. 3 Personalization: To customize your learning experience, recommend relevant tests, and provide targeted study suggestions
4. 4 Performance Analysis: To generate detailed performance reports, track progress, and identify areas for improvement
5. 5 Communication: To send important service updates, security alerts, and respond to your inquiries
6. 6 Platform Improvement: To analyze usage patterns, fix bugs, and enhance platform functionality
7. 7 Security: To detect and prevent fraud, unauthorized access, and other security risks
8. 8 Legal Compliance: To comply with applicable laws, regulations, and legal processes

🔐 Data Security Practices

We implement robust technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction.

Technical Security Measures

• Encryption: All data transmitted using TLS 1.3 encryption (HTTPS) with 256-bit SSL certificates
• Password Protection: Passwords stored using bcrypt hashing with unique salt values
• Secure Infrastructure: Data hosted on ISO 27001 certified servers with enterprise-grade firewalls
• Regular Security Audits: Quarterly vulnerability assessments and penetration testing
• Web Application Firewall: Advanced WAF to prevent SQL injection, XSS, and other cyber threats
• DDoS Protection: Multi-layered defense against distributed denial-of-service attacks
• Secure Development: Regular code reviews and security testing during development

Organizational Security Measures

• Access Controls: Role-based access with the principle of least privilege
• Employee Training: Mandatory privacy and security training for all team members
• Incident Response: Comprehensive incident response plan for data breaches
• Physical Security: Restricted access to data centers and server rooms
• Vendor Management: Strict security requirements for third-party service providers
• Activity Monitoring: 24/7 monitoring of system access and activities

🚫 Data Sharing & Disclosure

We are committed to protecting your privacy and limiting data sharing to what is absolutely necessary.

Our Strict No-Sale Policy

When We May Share Information

We may share your information only in the following limited circumstances:

1. With Service Providers

We engage trusted third-party service providers to help us operate our business and the platform. These providers have access to your information only to perform specific tasks on our behalf and are obligated not to disclose or use it for any other purpose.

• Payment Processors: Razorpay, Paytm, Stripe (for transaction processing)
• Cloud Hosting: AWS, Google Cloud (for reliable service delivery)
• Email Services: SendGrid, Mailgun (for communication delivery)
• Analytics Tools: Google Analytics, Mixpanel (data anonymized)

2. For Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., court orders, government agencies).

3. Business Transfers

If we are involved in a merger, acquisition, or sale of all or a portion of our assets, your personal information may be transferred as part of that transaction, subject to appropriate privacy protections.

4. With Your Consent

We may share your information with third parties when we have your explicit consent to do so.

📅 Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected and to comply with legal obligations.

Retention Periods

• Active Accounts: Personal information is retained as long as your account remains active
• Inactive Accounts: Data retained for 5 years after last login before secure deletion
• Performance Data: Test results and analytics retained for 3 years to enable progress tracking
• Support Records: Customer service communications retained for 2 years
• Payment Records: Transaction data retained for 7 years as required by financial regulations
• Anonymous Data: Aggregated, anonymized data may be retained indefinitely for research and analytics

👁️ Your Privacy Rights

We believe you should have control over your personal information. Depending on your location and applicable laws, you may have the following rights:

1. 1 Right to Access: Request confirmation of whether we process your personal data and obtain a copy of such data
2. 2 Right to Rectification: Request correction of inaccurate or incomplete personal information
3. 3 Right to Erasure: Request deletion of your personal data (subject to legal exceptions)
4. 4 Right to Restriction: Request limitation of how we process your data in certain circumstances
5. 5 Right to Data Portability: Receive your personal data in a structured, commonly used format
6. 6 Right to Object: Object to certain types of processing, including automated decision-making
7. 7 Right to Withdraw Consent: Withdraw your consent for data processing at any time
8. 8 Right to Lodge a Complaint: Contact your local data protection authority

How to Exercise Your Rights

To exercise any of these rights, please contact our Data Protection Officer at contact@statisticsmock.in. We will respond to your request within 15 business days.

🍪 Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience and improve our services.

Types of Cookies We Use

• Essential Cookies: Necessary for the platform to function properly (e.g., session management)
• Performance Cookies: Help us understand how visitors interact with our platform
• Functionality Cookies: Enable enhanced functionality and personalization
• Targeting Cookies: Used to deliver relevant content and advertisements (opt-in)

Your Cookie Choices

You can control cookie preferences through your browser settings:

• Adjust your browser to block or alert you about cookies
• Delete existing cookies from your browser
• Use private/incognito browsing mode

Please note that disabling essential cookies may affect the functionality of our platform.

🌍 International Data Transfers

As our services are available globally, your information may be transferred to and processed in countries other than your own.

Currently, our data is primarily hosted in India, but we may use service providers with infrastructure in other countries. When we transfer personal data internationally, we ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses approved by data protection authorities
• Binding Corporate Rules where applicable
• Other mechanisms recognized under applicable data protection laws

We ensure that any international data transfer complies with applicable legal requirements and provides adequate protection for your personal information.

🔄 Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements.

Notification of Changes

• We will post the updated Privacy Policy on this page with a new "Effective Date"
• Material changes will be communicated through email notification (if you have provided an email address)
• Continued use of our services after changes constitute acceptance of the updated policy

📞 Contact Us