Privacy Policy
Effective Date: 26/03/2026
This policy explains how BraineetyLM collects, uses, and protects your personal data when you use our AI-powered learning platform.
BraineetyLM ("we", "our", "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our AI-powered learning platform, including assessments, quizzes, homework assistance, adaptive classroom, and related services (collectively, the "Service").
Please read this Privacy Policy carefully. By accessing or using the Service, you acknowledge that you have read, understood, and agree to be bound by all the terms outlined herein. If you do not agree with our policies and practices, please do not use the Service.
1. Information We Collect
We collect the following categories of personal information:
- Account Information: Name, email address, phone number, grade level, and board preference (CBSE, ICSE, State) provided during signup.
- Learning Data: Chat history, submitted answers, quiz responses, homework submissions, comprehension scores, topic mastery levels, and session recordings (where voice features are enabled).
- Device & Usage Information: IP address, browser type, device model, operating system, app version, pages visited, time spent per session, and interaction patterns.
- Institutional Data (Enterprise users only): Institute name, teacher roster, student enrollment codes, batch assignments, and institute-wide analytics aggregates.
- Voice Data (optional): Audio recordings of student speech when voice features are enabled, processed for transcription and teaching purposes and not retained beyond session context.
2. How We Use Your Information
We process your personal data for the following purposes:
- To provide and optimize AI-powered personalized learning experiences tailored to your curriculum, grade, and learning pace.
- To generate adaptive explanations, quizzes, flashcards, and study materials aligned with your board (CBSE, ICSE, or state boards) and grade level.
- To track knowledge state, comprehension scores, and topic mastery — enabling the engine to adapt future teaching (Teach → Assess → Adapt).
- To communicate important account notifications, product updates, and security alerts.
- To generate performance analytics and insights for students, teachers, and institute administrators (Enterprise tier).
- To improve our AI models, scoring accuracy, recommendation quality, and platform reliability through aggregated, anonymized usage data.
- To detect, prevent, and address technical issues, fraud, or abuse of the platform.
3. Legal Basis for Processing (GDPR / DPDP Compliance)
For users in the European Economic Area (EEA) and other jurisdictions with applicable data protection laws, our legal bases for processing are:
- Performance of a Contract: Processing necessary to provide the Service you have signed up for.
- Legitimate Interests: Improving platform quality, preventing fraud, and ensuring security — provided your interests and fundamental rights do not override these interests.
- Consent: Where required, we obtain explicit consent for optional features like voice recording, marketing communications, and analytics cookies.
4. Data Sharing & Disclosure
We do not sell, rent, or trade your personal information to third parties. We may share data only in the following circumstances:
- Service Providers: Trusted third-party vendors (e.g., Supabase for authentication, hosting providers, AI model providers) who process data on our behalf under strict data processing agreements.
- Institute Administrators (Enterprise only): Aggregated class performance data, comprehension reports, and at-risk student alerts are shared with authorized institute staff. Individual student chat content is never shared across users.
- Legal Requirements: When required by law, court order, or government regulation, or to protect the rights, property, or safety of BraineetyLM, our users, or the public.
- Business Transfers: In the event of a merger, acquisition, or asset sale, user data may be transferred as part of the business assets, with prior notice to affected users.
5. Data Security
We implement industry-standard security measures to protect your personal data, including encryption at rest (AES-256) and in transit (TLS 1.3), access controls, regular security audits, and centralized secret management via Supabase Vault.
No digital platform can guarantee absolute security. While we continuously work to protect your data, we cannot guarantee that unauthorized access, hacking, or data loss will never occur. We encourage you to use strong passwords and keep your login credentials secure.
6. Cookies & Tracking Technologies
We use essential cookies and local storage to maintain session state, authenticate users, and remember your preferences. Analytics cookies (via Vercel and built-in platform analytics) help us understand usage patterns to improve the Service. You may disable cookies through your browser settings, but certain features may not function correctly without them.
7. Third-Party Services
Our Platform integrates with trusted third-party services that have their own privacy policies. We encourage you to review their policies:
- Supabase — authentication, database, and storage (privacy: supabase.com/privacy)
- Google OAuth — social sign-in (privacy: google.com/policies/privacy)
- Vercel — hosting and analytics (privacy: vercel.com/legal/privacy-policy)
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements. When you delete your account, we will purge your personal data within 30 days, except where retention is required by law (e.g., tax, audit records).
Enterprise institute accounts may retain aggregated performance data for the duration of the subscription plus 12 months for analytical continuity.
9. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access, review, and export your personal data.
- Request correction of inaccurate or incomplete data.
- Request deletion of your personal data (right to erasure).
- Object to or restrict certain processing activities.
- Withdraw consent where processing is based on consent.
- File a complaint with your local data protection authority.
To exercise any of these rights, please contact us at fitlaksh93@gmail.com. We will respond within 30 days.
10. Children's Privacy
BraineetyLM is designed for students in Classes 7–12 (approximately ages 12–18). We do not knowingly collect personal data from children under 13 without verifiable parental consent. If you are a parent or guardian and believe your child under 13 has provided us with personal information without your consent, please contact us immediately so we can take appropriate action.
11. International Data Transfers
Our servers and infrastructure are primarily based in India. If you are accessing the Service from outside India, your data will be transferred to, stored, and processed in India, which may have different data protection standards than your jurisdiction. By using the Service, you consent to such cross-border transfers.
12. Changes to This Policy
We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal obligations. We will notify users via email or in-platform notification at least 14 days before material changes take effect. The "Effective Date" at the top of this page indicates the most recent revision.
Your continued use of the Service after changes become effective constitutes acceptance of the updated policy. We encourage you to review this Privacy Policy periodically.
13. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy, please reach out:
- Email: fitlaksh93@gmail.com
- Company: BraineetyLM
- Website: https://braineetylm.tech