Your privacy is critical to us. This Privacy Policy explains how Vidyari collects, uses, processes, stores, and protects your personal information when you use our website, mobile application, and services. By accessing Vidyari, you consent to the practices described in this policy.
IMPORTANT: Your privacy is critical to us. This Privacy Policy explains how Vidyari ("we," "us," "our") collects, uses, processes, stores, and protects your personal information when you use our website, mobile application, and services.
Please read this policy carefully. By accessing and using Vidyari, you consent to the practices described in this policy. If you do not agree with our practices, please do not use our services.
1. Information We Collect
1.1 Information Provided Directly by You
Account Registration Information:
- Full name and email address
- Phone number (optional but recommended)
- Date of birth / Age verification
- Profile picture or avatar
- Username and password (password hashed with bcrypt)
- Biographical information and professional credentials
- Verification documents (if applicable)
Payment & Transaction Information:
- Billing name and address
- Email address for billing
- Payment method information (processed securely through Cashfree - we do NOT store complete card numbers)
- Transaction history and purchase records
- Coupon/discount code usage
- Refund and dispute records
Content & Communication Information:
- Documents, files, and educational materials you upload
- Course content, descriptions, and pricing you create
- Messages sent through our chat and messaging system
- Comments, reviews, ratings, and feedback
- Customer support tickets and correspondence
- Notifications opt-in/opt-out preferences
1.2 Information Collected Automatically
Device & Usage Information:
- IP address and geolocation (country/state level)
- Browser type and version
- Operating system (Windows, iOS, Android, etc.)
- Device type (desktop, mobile, tablet)
- Device identifiers (Android ID, IDFA if applicable)
- Pages visited and time spent on each page
- Clicks, scroll behavior, and interaction patterns
- Download history and file access logs
- Search queries and filters used
- Referral sources and campaign tracking
Authentication Information:
- Google OAuth tokens and login timestamps
- JWT tokens and session IDs
- Login/logout timestamps and frequency
- Authentication method used (Google, email/password)
Technical Logs:
- Server logs containing request data
- Error logs and crash reports
- API call records and response times
- File upload/download activity logs
1.3 Information from Third Parties
- Google Authentication: Basic profile information when you login via Google
- Cashfree (Payment Gateway): Payment status, transaction ID, and order confirmation
- Email Services: Email delivery status and engagement metrics
- Firebase (Notifications): FCM tokens for push notifications
- Other Users: Information shared in messages, reviews, or reported complaints
2. How We Use Your Information
| Purpose |
Data Used |
Legal Basis |
Retention |
| Account creation & management |
Registration info, credentials |
Contract performance |
Duration of account + 30 days |
| Payment processing |
Billing info, transaction data |
Contract & legal obligation |
7 years (tax/legal requirement) |
| Content delivery |
Download history, preferences |
Contract performance |
Duration of account |
| Customer support |
Support tickets, communication |
Contract & legitimate interest |
3 years after resolution |
| Marketing & notifications |
Email, device ID, preferences |
Consent |
Duration of subscription/until unsubscribed |
| Service improvement |
Usage analytics, behavior |
Legitimate interest |
2 years (anonymized) |
| Fraud prevention |
Transaction data, IP, device |
Legal obligation & legitimate interest |
3 years |
| Legal compliance |
All relevant data |
Legal obligation |
As required by law |
2.1 Specific Uses
- Order Processing: To process payments, send order confirmations, and deliver digital content
- Account Management: To create accounts, reset passwords, and manage user profiles
- Communication: To respond to inquiries, provide customer support, and send transactional emails
- Platform Improvement: To analyze usage patterns, fix bugs, and develop new features
- Marketing: To send promotional emails, newsletters, and special offers (only if you opted in)
- Push Notifications: To send in-app and mobile notifications about orders, messages, and courses
- Fraud Detection: To prevent fraudulent transactions, abuse, and security threats
- Legal Obligations: To comply with government requests, court orders, and regulatory requirements
- Dispute Resolution: To investigate complaints and resolve disputes between users
3. How We Share Your Information
3.1 We DO Share Information With:
- Payment Processors (Cashfree): Limited payment and transaction information necessary to process your purchases. Cashfree maintains its own privacy policy and PCI-DSS compliance.
- Email Service Providers: We use email services to send transactional and marketing emails. Email addresses are shared for delivery purposes only.
- Firebase (Google): Device tokens for push notifications. Firebase has its own privacy policy.
- Supabase (File Storage): Your uploaded files and metadata for storage and delivery. Supabase is GDPR compliant.
- MongoDB (Database Provider): All account data is stored with MongoDB Atlas. MongoDB maintains industry-standard security.
- Content Creators: When you purchase content, the seller may receive your email and basic purchase information.
- Law Enforcement: When required by law, court order, or government request, we may disclose information to legal authorities.
- Service Providers: Vendors who assist us in operating the platform (analytics, hosting, customer service tools)
3.2 We DO NOT:
- Sell your personal information to third parties for profit
- Rent or lease your contact information to marketers
- Share payment card information beyond what's necessary for processing
- Share information without your consent (except as legally required)
- Use personal data for purposes other than stated in this policy without notification
3.3 Information You Share Publicly
Content you post publicly on the platform (profile, reviews, comments) may be visible to other users and search engines. Consider this when posting sensitive information.
4. Data Security & Protection
4.1 Security Measures We Implement
- Encryption in Transit: All connections use HTTPS/TLS 1.2+ encryption
- Encryption at Rest: Sensitive data is encrypted in our database
- Password Security: Passwords are hashed using bcrypt (salt rounds: 10+)
- JWT Authentication: Secure token-based authentication for API requests
- PCI-DSS Compliance: Payment processing complies with PCI Data Security Standards
- Access Controls: Role-based access limits who can view sensitive data
- Regular Audits: We conduct security audits and penetration testing
- Employee Training: Staff trained on data protection and security protocols
- Firewalls & Intrusion Detection: Network-level security protections
4.2 What We Cannot Guarantee
NO SECURITY IS PERFECT: While we implement industry-standard security measures, no system is completely secure. We cannot guarantee absolute protection against:
- Sophisticated cyberattacks or hacking attempts
- Zero-day vulnerabilities
- Insider threats or employee misconduct
- Physical security breaches
You are responsible for maintaining the confidentiality of your password and not sharing your login credentials.
5. Cookies & Tracking Technologies
Cookies are small text files stored on your device that help us remember your preferences and improve your experience.
5.1 Types of Cookies We Use
- Essential Cookies: Required for login, security, and site functionality
- Session Cookies: Remember you're logged in (automatically deleted when you close browser)
- Preference Cookies: Remember your language, theme, and settings
- Analytics Cookies: Help us understand how you use our site (may use Google Analytics)
- Marketing Cookies: Used for advertising and retargeting (only if you consented)
5.2 Controlling Cookies
You can control cookies through Browser Settings (block or delete), Opt-Out Links in marketing emails, or enabling Do Not Track (DNT). Disabling essential cookies may limit site functionality.
6. Your Privacy Rights & Choices
6.1 Access & Portability
You have the right to request a copy of all personal data we hold about you, receive your data in a portable, machine-readable format, and export your profile/purchase history.
6.2 Correction & Deletion
You can correct inaccurate information in your account or request deletion of your account and associated data. Note that some data may be retained for legal/tax purposes even after account deletion.
6.3 Opt-Out of Marketing
You can opt-out of email newsletters, push notifications, and analytics tracking. You cannot opt-out of transactional emails (order confirmations, password resets, etc.).
6.4 Data Withdrawal & Objection
You may withdraw consent for non-essential data processing at any time. Email privacy@vidyari.com to submit a request.
7. Third-Party Services & Data Transfers
Each third-party service provider has its own privacy policy. We recommend reviewing them to understand how they handle your data.
7.1 International Data Transfers
Your data may be processed and stored in multiple geographic locations including India (primary location), United States, and the European Union. All transfers comply with applicable data protection laws.
8. Data Breach Notification
In the event of a confirmed data breach, we will notify affected users within 72 hours of discovery. Notification will be via email and/or in-app notification. We will provide details of the breach, affected data, and protective measures taken.
9. Children's Privacy
Vidyari is not intended for users under 18 years old. We do not knowingly collect data from children under 13. If you are between 13-18, parental/guardian consent is required. If we discover we have collected data from a child without consent, we will delete it immediately.
10. Data Retention & Deletion
10.1 How Long We Keep Your Data
| Data Type |
Retention Period |
Reason |
| Account Information |
Duration of account + 30 days after deletion |
Account recovery & compliance |
| Transaction Records |
7 years |
Tax & legal requirements |
| Purchase History |
Duration of account |
Order fulfillment & disputes |
| Support Tickets |
3 years after resolution |
Dispute resolution & reference |
| Analytics Data |
2 years (anonymized) |
Service improvement |
| Server/Error Logs |
90 days |
Security & troubleshooting |
10.2 Account Deletion
When you delete your account, your profile becomes inactive immediately. Personal data is deleted within 30 days (except legally required records). To delete your account: Go to Settings → Account → Delete Account.
Privacy Contact & Data Protection Officer
For privacy inquiries, data access requests, or concerns, contact:
11. Updates to Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our data practices, legal changes, or new features. Major changes will be notified via email.