Privacy Policy

We collect only the information necessary to provide and improve our exam preparation platform. This includes: • Account Information — Phone number (primary identifier via OTP authentication), full name, email address (optional), state, and target exam year. • Lead Information — If you join our waitlist, we collect your name, phone number, college, BAMS year, and course interest. • Device Information — We collect device model, OS version, and a hashed device fingerprint for single-device binding and security. • Usage Data — Video progress, test answers and scores, doubt questions, bookmarks, and gamification stats (XP, streaks, achievements) to personalise your learning. • Payment Information — When you purchase a course, Razorpay processes your payment; we store only the payment ID, order ID, amount, and status — never your card or bank details. • Communication Data — If you contact us via the callback form, we collect your name, phone number, and query details.

We use your data solely to deliver and improve the Vedas for Vaidyas learning ecosystem: • Authentication & Security — Verify your identity via phone OTP, enforce single-device binding, and detect fraudulent activity. • Personalised Learning — Track video progress, test performance, and gamification to tailor your learning experience. • Video Watermarking — Your registered phone number is displayed as a dynamic watermark on video content for piracy protection. • AI Doubt Resolution — Your doubt questions are processed by AI (Google Gemini) along with relevant video transcript context to generate answers. • Communications — Send course updates, enrolment confirmations, and support responses. We do not send marketing SMS without consent. • Platform Improvement — Aggregate usage analytics (first-party only) to improve course content and platform features. We never sell your personal information to third parties.

We use trusted third-party services to operate our platform. Each service processes only the data required for its function: • Supabase (PostgreSQL + Auth) — Primary database and authentication infrastructure. All user data is stored in Supabase on Google Cloud infrastructure. • Firebase Authentication (Google) — Phone OTP verification. Your phone number is shared with Firebase to send SMS verification codes. • Fast2SMS — Alternative SMS delivery for OTP codes. • VdoCipher — DRM-protected video hosting and playback. Your registered phone number is embedded as a video watermark. • Google Gemini AI (Vertex AI) — AI-powered doubt resolution. Your question text and video transcript context are sent to Gemini for processing. • OpenAI — Optional fallback for text embeddings used in search functionality. Each third party operates under their own privacy terms and data processing agreements.

We retain your data for as long as your account is active or as needed to provide services: • Account Data — Retained until account deletion or deactivation. • Test Records & Video Progress — Retained as part of your learning history while your account exists. • Payment Records — Retained for financial and tax compliance as required by law. • Security Logs — Retained indefinitely for audit and abuse detection. • Lead/Waitlist Data — Retained until you opt out or request deletion. • OTP Codes — Retained only in memory for a few minutes during verification. You may request deletion of your data at any time by contacting us.

You have the following rights regarding your personal data: • Access — Request a copy of the personal data we hold about you. • Correction — Update your name, email, and profile information at any time through the app. • Deletion — Request deletion of your account and associated data. • Withdraw Consent — Opt out of communications or revoke data processing consent. • Data Portability — Request your data in a structured, machine-readable format. To exercise any of these rights, email us at support@vedastudydesk.com. We will respond within 30 days.

We implement industry-standard security measures to protect your data: • Encryption in Transit — All API communication uses TLS 1.2+ (HTTPS). • Encryption at Rest — Database is encrypted at rest on Google Cloud infrastructure. • Secure Storage — Authentication tokens and device fingerprints are stored in platform-native secure storage (iOS Keychain / Android EncryptedSharedPreferences). • Access Controls — Row-Level Security (RLS) policies in PostgreSQL ensure users can only access their own data. • Device Binding — SHA-256 hashed device fingerprints prevent unauthorised account access from unknown devices. • Audit Logging — Security events (screenshot attempts, admin actions) are logged for abuse detection. No security system is impenetrable, but we follow industry best practices to safeguard your information.

Our platform is intended for students preparing for AIAPGET and other pharmacy entrance exams. We do not knowingly collect data from children under 13. If you believe a child has provided us with personal data, please contact us immediately and we will delete it.

The landing website uses essential cookies required for website functionality. We do not use third-party analytics cookies, tracking pixels, or advertising cookies. Our mobile application does not use cookies.

We may update this Privacy Policy from time to time. Material changes will be communicated via email or in-app notification. Continued use of the platform after updates constitutes acceptance of the revised policy.

For privacy-related inquiries, data requests, or concerns: Email: support@vedastudydesk.com Platform: Vedas for Vaidyas (Vedas For Vaidyas Edtech Pvt. Ltd.) We aim to respond to all privacy inquiries within 7 business days.