Sharda Quiz Privacy Policy

 Privacy Policy for Sharda Quiz

Last Updated: [10-May-2025]


1. Introduction and Scope
Sharda Quiz ("we," "our," or "us") is committed to protecting the privacy and security of your personal information. This comprehensive Privacy Policy ("Policy") outlines our practices regarding the collection, use, disclosure, and protection of information that we collect through our mobile application ("App") and related services (collectively, the "Services").
This Policy is designed to comply with applicable data protection laws, including but not limited to the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and the Information Technology Act, 2000 of India. By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by this Policy.

2. Information Collection and Processing
2.1 Personal Information
We collect and process various categories of personal information to provide and improve our Services. The categories and specific types of information we collect depend on how you interact with our App and which features you use.

2.1.1 Identity Information
When you create an account or use our authentication services, we collect information that helps identify you as a user. This includes your full name, a unique user identifier generated for your account, and profile information that you choose to provide. If you choose to use third-party authentication services such as Google Sign-In, we may receive your profile picture and other profile data from those services. We use this information to create and maintain your account, personalize your experience, and facilitate your interaction with our Services.

2.1.2 Contact Information
To enable communication and provide essential service updates, we collect your email address during registration. Phone numbers are collected on an optional basis for additional account security and verification purposes. We also maintain records of your communication preferences to ensure we respect your choices regarding how we contact you. If you grant explicit permission through your device settings, we may access your device contact information to enable social features like inviting friends to join quiz battles.

2.1.3 Technical Information
To ensure optimal performance and troubleshoot issues, we automatically collect technical data when you use our App. This includes device identifiers that uniquely identify your mobile device, IP addresses that indicate your general location, browser type and version for web interactions, operating system details, mobile network information for connectivity optimization, App version and installation data to ensure compatibility, and crash reports and performance data to identify and resolve technical issues.

2.2 Educational and Usage Data
2.2.1 Learning Analytics
Our AI-powered educational platform requires certain data to provide personalized learning experiences. We analyze your study patterns and preferences through interaction with our content, track quiz performance metrics to identify strengths and areas for improvement, monitor learning progress indicators to adapt content difficulty, measure topic mastery levels through assessment outcomes, record time spent on different sections to optimize study recommendations, and examine interaction patterns with AI features to improve their effectiveness.

2.2.2 Content Generation Data
When you use our content generation features, we process data necessary for these functionalities. This includes materials you upload for quiz generation (text, photos, PDFs), the quiz content generated based on your inputs, custom study plans created for your learning goals, detailed performance analytics from your quiz attempts, and learning path data that tracks your educational journey through our platform.

2.2.3 Social Interaction Data
For users who participate in our social and competitive features, we collect information about battle participation records, leaderboard rankings and performance history, community interactions such as comments and responses, peer comparison metrics for educational benchmarking, and social feature usage statistics to improve these aspects of our service.

3. Data Processing and Legal Basis
3.1 Processing Purposes
The information we collect is processed for specific, legitimate purposes related to providing and improving our Services. Each processing activity is carefully assessed for necessity and proportionality.

3.1.1 Service Provision
Your personal information is primarily processed to deliver the core functionality of our App. This includes account creation and management to establish your identity within our system, authentication and security to protect your account from unauthorized access, feature delivery and optimization to ensure you receive the services you expect, content personalization to tailor educational materials to your needs, and performance monitoring to maintain service quality and reliability.

3.1.2 AI-Powered Features
As an AI-driven educational platform, we process data to power our intelligent features. This includes study plan generation based on your learning patterns and goals, quiz creation and customization using your uploaded materials and preferences, performance analysis to identify areas for improvement, learning path optimization to suggest the most effective educational routes, and content recommendations personalized to your educational needs and interests.

3.1.3 Analytics and Improvement
We continuously strive to enhance our Services by analyzing usage patterns to understand how users interact with our App, measuring feature effectiveness to identify what works best for learners, optimizing user experience through interface and interaction improvements, enhancing service quality through systematic evaluation of performance data, and monitoring technical performance to ensure stability and reliability across different devices and conditions.

3.2 Legal Basis
Our processing of your personal information is conducted under one or more of the following legal grounds:
Contractual Necessity: Much of our data processing is necessary to fulfill our contractual obligations to you as outlined in our Terms of Service. This includes providing access to the App's features and functionality that you have signed up for.
Legitimate Business Interests: We process certain data based on our legitimate interests in operating, improving, and promoting our educational platform. This includes enhancing user experience, developing new features, ensuring security, and conducting business analytics. We carefully balance these interests against your privacy rights.
Legal Compliance: Some processing activities are necessary to comply with applicable laws and regulations, such as maintaining certain records for tax purposes, responding to valid legal requests from law enforcement, or fulfilling obligations under data protection laws.
User Consent: For certain types of processing, particularly those involving sensitive data or optional features, we rely on your explicit consent. You have the right to withdraw this consent at any time through your account settings or by contacting us directly.
Public Interest: In limited circumstances, we may process data to perform a task carried out in the public interest, such as educational research or statistical analysis that benefits the broader educational community.
Vital Interests: In rare cases, we may process data to protect the vital interests of users or others, such as in emergency situations or where there are serious security threats.

4. Data Security and Protection
4.1 Security Measures
Protecting your information is a priority for us. We implement comprehensive security measures using industry-standard technologies and practices.

4.1.1 Technical Safeguard
We employ sophisticated technical security measures throughout our systems. This includes end-to-end encryption of sensitive data both at rest and in transit, using Secure Socket Layer (SSL) technology for all data transmissions to prevent interception, multi-factor authentication options to provide additional account security, regular security audits conducted by internal teams and external security experts, intrusion detection systems that monitor for unauthorized access attempts, firewall protection to control network traffic based on security rules, and redundant data backup systems maintained in secure locations.
Our encryption protocols use advanced algorithms and key management practices that meet or exceed industry standards. System architecture is designed with security as a foundational principle, incorporating principles of least privilege access and defense in depth.

4.1.2 Organizational Measures
Beyond technical controls, we implement organizational security measures. This includes strict access control policies that limit data access to authorized personnel on a need-to-know basis, comprehensive employee training programs covering data protection and security best practices, documented incident response procedures to quickly address security events, regular security assessments of our systems and processes, rigorous vendor security requirements for third-party service providers, and data protection impact assessments for new features or processing activities.
Our security team continuously monitors for emerging threats and vulnerabilities, applying security patches and updates promptly. We maintain detailed security logs and conduct regular reviews to identify potential improvements to our security posture.

4.2 Data Retention
|We retain your personal information for as long as necessary to fulfill the purposes outlined in this Policy, unless a longer retention period is required or permitted by law. Our retention decisions are based on several factors:
Legal Requirements: Certain records must be kept for specific periods to comply with applicable laws and regulations, including tax laws, educational regulations, and consumer protection statutes.
Business Needs: We retain data necessary for ongoing business operations, such as account information needed to provide continuous service and maintain accurate records of user transactions and interactions.
User Preferences: Where possible, we respect user-specified retention preferences, particularly for optional features or content that you have created or uploaded.
Data Sensitivity: More sensitive categories of data may be subject to shorter retention periods than general account information, reflecting the increased privacy interests in such data.
Technical Limitations: Certain technical data may be retained in system logs, backups, and cache systems for reasonable periods based on system design and operational requirements.

We have established data retention schedules that specify appropriate retention periods for different data categories. Once information is no longer needed, we employ secure deletion methods, including data anonymization, encryption key destruction, or secure overwriting of data, depending on the data type and storage medium.

5. Third-Party Services and Data Sharing
5.1 Service Providers
To deliver our Services effectively, we engage with various third-party service providers who perform functions on our behalf. These providers are carefully selected and contractually bound to maintain appropriate security and confidentiality measures.

5.1.1 Cloud Services
Our infrastructure relies on trusted cloud service providers. Firebase Authentication manages secure user authentication processes, Cloud Firestore provides database services for storing and retrieving user data, Firebase Storage handles file storage for user-uploaded content and generated materials, Google Cloud Platform supplies infrastructure services for application hosting and processing, and Amazon Web Services provides additional computing resources and content delivery capabilities.
These cloud services are subject to rigorous security requirements and comply with industry certifications such as ISO 27001, SOC 2, and PCI DSS. Data stored with these providers is encrypted and subject to strict access controls.

5.1.2 Analytics and Monitoring
To improve our Services and ensure technical reliability, we use analytics and monitoring tools. Google Analytics helps us understand user behavior and app performance, Firebase Analytics provides mobile-specific usage insights, Crashlytics captures and analyzes app crash data to improve stability, performance monitoring tools track response times and system efficiency, and error tracking systems identify and resolve software issues.
These analytics services receive limited data sets necessary for their specific functions and are configured to respect user privacy preferences where applicable. Data is typically aggregated and used primarily for statistical analysis rather than individual user profiling.

5.2 Data Sharing Practices
We are committed to protecting your information and share it with third parties only under specific circumstances:
Required by Law: We may disclose information in response to valid legal processes such as court orders, subpoenas, or to comply with other legal obligations. When legally permitted, we will notify you of such disclosures.
Necessary for Service Provision: We share data with service providers and partners who help us deliver and improve our Services. These parties are bound by confidentiality obligations and restricted from using the data for other purposes.
With Your Explicit Consent: We will request and obtain your consent before sharing your information with third parties for purposes not covered by this Policy. You can withdraw this consent at any time.
For Business Operations: In connection with a business transaction such as a merger, acquisition, or asset sale, user information may be transferred as part of the transaction. We will notify users if such a transfer results in a material change in the handling of their information.
For Security Purposes: We may share information to protect the security of our Services, investigate violations of our Terms of Service, prevent fraud or abuse, or protect the rights and safety of our users and the public.
When we share data with third parties, we implement safeguards such as data processing agreements, confidentiality clauses, security assessments, and regular compliance reviews to ensure your information continues to be protected.

6. User Rights and Control
6.1 Data Subject Rights
Under applicable data protection laws, you have specific rights regarding your personal information. We provide mechanisms to exercise these rights and respond to valid requests within the timeframes established by law.

6.1.1 Access and Control
You have the right to access your personal information that we process and request details about how we use it. To exercise this right, you can use the privacy settings in our App or contact us directly.
The right to rectification allows you to correct inaccurate information or complete incomplete information in our records. Most profile information can be updated directly through the App interface.
Under the right to erasure (or "right to be forgotten"), you can request deletion of your personal information in certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected.
The right to restriction enables you to ask us to temporarily limit the processing of your data while we verify its accuracy or our legitimate grounds for processing it.
Data portability rights allow you to receive your personal information in a structured, commonly used, machine-readable format and to transfer that data to another service provider where technically feasible.
You have the right to object to processing based on our legitimate interests, including profiling. When you object, we will stop processing the data unless we have compelling legitimate grounds to continue or the processing is necessary for legal claims.
If you have provided consent for specific processing activities, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing based on your consent before its withdrawal.

6.1.2 Automated Decision Making
Our AI-powered features may involve automated decision-making processes that affect your learning experience. Regarding these processes:
You have the right to human intervention in any automated decision-making process that significantly affects you. In practice, this means you can request that a human review and assess any automated recommendations or decisions made by our systems.
We provide mechanisms for you to express your views about automated decisions and have these views considered in the decision-making process.
You can contest automated decisions if you believe they do not accurately reflect your circumstances or preferences. Our support team is available to review such cases and make appropriate adjustments.
We strive to provide clear explanations of the logic involved in significant automated decisions, including how AI algorithms determine study recommendations, quiz difficulty, and learning paths.

6.2 Privacy Settings
Our App includes various privacy controls designed to give you greater control over your data:

Data Sharing Preferences: You can configure what information is shared with other users and third-party services through granular permission settings.
Communication Settings: Manage your preferences for notifications, emails, and other communications from us, including frequency and content type.
Visibility Controls: Determine which aspects of your profile and activity are visible to other users, particularly in social and competitive features.
Activity Tracking Options: Control what usage data we collect about your interactions with the App, with options to limit certain types of tracking.
Analytics Preferences: Choose whether to participate in analytics programs that help us improve our Services but are not essential for basic functionality.
These settings are accessible through the App's privacy or account settings sections and can be modified at any time. Changes to these settings take effect immediately but may not affect data that has already been collected or shared.

7. International Data Transfers
7.1 Transfer Mechanisms
As a global service, we may transfer personal information to countries other than the one in which you initially provided it. When we transfer your personal information internationally, we implement appropriate safeguards to ensure it remains protected:
Standard Contractual Clauses: For transfers to service providers outside your region, we implement standard contractual clauses approved by relevant data protection authorities. These contractual provisions require the recipient to protect your personal information in accordance with standards equivalent to those in your jurisdiction.
Binding Corporate Rules: Within our corporate group, transfers may be governed by binding corporate rules that establish a consistent level of data protection throughout our organization, regardless of location.
Adequacy Decisions: Where applicable, we rely on adequacy decisions made by competent authorities (such as the European Commission) that recognize certain countries as providing adequate protection for personal data.
Explicit Consent: In specific situations, we may request your explicit consent for international transfers after informing you of the potential risks associated with such transfers due to the absence of an adequacy decision or appropriate safeguards.
Legal Requirements: In limited circumstances, we may transfer data internationally when necessary for the performance of a contract, for important public interest reasons, or to establish, exercise, or defend legal claims.

7.2 Compliance Framework
Our approach to international data transfers is designed to comply with various regulatory frameworks:
GDPR Requirements: For transfers involving European data subjects, we adhere to the strict requirements of the GDPR, including implementing appropriate safeguards and enabling enforceable data subject rights.
Local Data Protection Laws: We respect and comply with local data protection laws in each jurisdiction where we operate, adapting our practices as necessary to meet specific regional requirements.
Industry Standards: We follow recognized industry standards and best practices for cross-border data flows, including frameworks developed by international organizations and industry associations.
Security Requirements: All international transfers are subject to robust security measures, including encryption, access controls, and secure transmission protocols.
Privacy Regulations: We monitor evolving privacy regulations worldwide and update our transfer mechanisms accordingly to maintain compliance with emerging requirements.
We regularly assess the privacy and security practices of recipients of international transfers and update our safeguards in response to changes in regulatory requirements or risk assessments.

8. Children's Privacy
8.1 Age Restrictions
Our Services are not intended for children under 6 years of age (or higher in certain jurisdictions where the minimum age is higher). We take children's privacy seriously and implement the following measures:
We do not knowingly collect or solicit data from children under the applicable minimum age. If we become aware that we have collected personal information from a child under the applicable minimum age without parental consent, we take steps to delete that information promptly. Parents are advised to use their own data if they want their children to use our app.
Our App implements age verification measures during the registration process to prevent underage users from creating accounts. These measures include birthdate verification and, in some cases, additional verification steps.
For users who identify as minors above the minimum age but below 18, we require parental consent before collecting certain types of personal information or enabling specific features, such as social interactions or location services.
We provide parental controls that allow parents or guardians to monitor and manage their child's account activity, including privacy settings, social interactions, and content access.
Our systems actively monitor for indicators of underage usage, including language patterns, usage behavior, and account information. When potential underage usage is detected, we conduct appropriate reviews and take necessary actions.
8.2 Parental Rights
Parents and guardians have specific rights regarding their children's data:
Review Collected Data: Parents can review any personal information we may have collected from their child by submitting a request to our privacy team. We will provide a comprehensive report of all data associated with the child's account.
Request Data Deletion: Parents can request the deletion of any personal information collected from their child. Upon receiving such a request, we will delete the information and notify the parent when the deletion is complete.
Modify Consent: Parents who have previously provided consent for the collection of their child's information can modify or revoke that consent at any time. We will promptly update our records to reflect the changed consent status.
Control Access: Parents can request that we disable their child's account or restrict access to certain features. We provide tools and support to help parents implement appropriate restrictions based on their preferences.
Monitor Usage: We offer features that allow parents to monitor their child's activity within the App, including study progress, quiz participation, and social interactions, while respecting the child's privacy and dignity.
Parents who wish to exercise these rights or have questions about our children's privacy practices can contact our dedicated privacy team using the contact information provided in Section 10.

9. Updates and Changes
9.1 Policy Updates
We may update this Policy periodically to reflect changes in our practices, the Services we offer, or applicable laws and regulations. Factors that might prompt an update include:
Changes in our practices: As we evolve our Services and introduce new features, we may need to describe new data processing activities or modify existing practices.
Legal requirements: Changes in data protection laws, regulations, or industry standards may necessitate updates to ensure ongoing compliance.
Service modifications: Significant changes to our App or related services may require corresponding updates to accurately reflect our data practices.
User feedback: We value your input and may update our Policy in response to questions, concerns, or suggestions from our user community.
Industry standards: Developments in privacy best practices or industry standards may prompt us to enhance our policy to maintain alignment with emerging norms.
When we make updates, we will revise the "Last Updated" date at the top of this Policy and maintain an archive of previous versions for reference.
9.2 Notification Process
For significant changes that materially affect your rights or how we use your personal information, we will provide advance notice before the changes take effect:
App notifications: We'll send in-app alerts to inform you about important policy changes and direct you to review the updated Policy.
Email communications: For registered users, we may send emails detailing the changes and their potential impact on your privacy rights.
Website announcements: Updates will be prominently announced on our website, with easy access to both the new Policy and a summary of key changes.
In-app messages: When you use the App after a policy update, we may display messages highlighting the changes and requesting acknowledgment.
Social media updates: For broader awareness, we may also announce significant policy changes through our official social media channels.
We encourage you to review the Policy periodically to stay informed about how we are protecting your information. Your continued use of our Services after policy changes indicates your acceptance of the updated terms.

10. Contact Information
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our Data Protection Officer:


```

Developer Contact Information

Developer: Rank Guard EdTech

Email: rankguard@gmail.com

Website: https://rankguard.blogspot.com/

```

For specific privacy rights requests, such as data access or deletion, please use the dedicated form available in the App's Privacy Settings section or on our website.
We are committed to addressing your concerns and will respond to legitimate requests in a timely manner, typically within 30 days unless a shorter timeframe is required by applicable law.

11. Compliance and Certifications
We maintain compliance with various privacy and security frameworks to ensure the protection of your personal information:
GDPR: We adhere to the principles and requirements of the General Data Protection Regulation, including lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, and confidentiality.
CCPA: Our practices align with the California Consumer Privacy Act requirements regarding personal information disclosure, sale restrictions, non-discrimination, and consumer rights.
Indian Data Protection Laws: We comply with relevant provisions of the Information Technology Act, 2000 and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011.
Industry Standards: We follow industry-standard frameworks and guidelines for privacy and security, including NIST guidelines, ISO 27001 principles, and OWASP security recommendations for mobile applications.
Security Certifications: Our infrastructure providers maintain various security certifications and compliance attestations, including SOC 2, ISO 27001, and PCI DSS, which extend certain protections to your data stored on these platforms.
We regularly review our compliance status against these frameworks and adjust our practices as necessary to maintain alignment with evolving requirements and best practices.

12. Dispute Resolution
12.1 Resolution Process
In the event of a privacy-related dispute, we provide a structured process to address your concerns:
Internal Review: Initially, we will conduct an internal review of your concern, investigating the relevant facts and circumstances. This review is typically completed within 30 days, with complex issues potentially requiring additional time.
Mediation: If the internal review does not resolve your concern satisfactorily, you may request mediation through a neutral third party. We will cooperate with recognized mediation services to find a mutually acceptable resolution.
Arbitration: For unresolved disputes, we offer binding arbitration as an alternative to litigation, using neutral arbitrators familiar with privacy and data protection matters.
Legal Proceedings: You retain the right to pursue legal remedies through appropriate courts or regulatory bodies if other resolution methods are unsatisfactory.
Regulatory Complaints: You have the right to lodge a complaint with a supervisory authority, particularly in the country of your residence, place of work, or where an alleged infringement occurred.
Throughout this process, we commit to addressing your concerns in good faith, providing relevant information, and working toward a fair resolution while respecting your privacy rights.

12.2 Jurisdiction
This Policy is governed by the laws of India, with specific attention to:
Data Protection Regulations: Applicable provisions of Indian data protection laws, including the Information Technology Act, 2000 and associated rules.
Consumer Protection Laws: Relevant consumer protection statutes that govern business-consumer relationships and transactions.
Technology Regulations: Laws and regulations specific to technology services, online platforms, and mobile applications.
Privacy Statutes: Specific privacy laws that address data protection, communication privacy, and electronic records.
International Standards: Where applicable and not in conflict with Indian law, internationally recognized standards and principles for data protection.
While this Policy is governed by Indian law, we respect the data protection laws of the jurisdictions where our users reside and strive to provide consistent privacy protections to all users regardless of location.

This Privacy Policy represents our commitment to transparency and responsible data practices. We view the protection of your personal information as an ongoing responsibility and continuously seek to enhance our privacy measures in response to evolving technologies, business practices, and regulatory requirements.

This comprehensive privacy policy provides detailed explanations of our data practices, avoids bullet points in favor of substantive paragraphs, and uses professional, technical language throughout. The HTML formatting would follow the same professional layout as before, but with fully detailed content replacing the previous outline structure.

Developer Contact Information

Developer: Rank Guard EdTech

Email: rankguard@gmail.com

Website: https://rankguard.blogspot.com/


Popular posts from this blog

Introducing MCQ Marker

Image
Introducing MCQ Marker: Your Ultimate MCQ Practice Companion Are you preparing for competitive exams? Looking for a smart way to practice MCQs? Meet MCQ Marker - your comprehensive MCQ practice solution designed to enhance your exam preparation experience. 🎯 Why MCQ Marker? In today's competitive world, effective practice is the key to success. MCQ Marker brings you a feature-rich platform that adapts to your learning style: Dual View Modes List View: Perfect for quick revision and overview of multiple questions Sliding View: Ideal for focused practice, one question at a time 🚀 Key Features Smart Practice Customizable exam settings Real-time scoring and analysis Progress tracking Detailed performance insights User Experience Clean, int...
Read more