Privacy Policy

1. Scope of Policy

This Privacy Policy governs the collection, processing, storage, transfer, and protection of personal data of users accessing or using FullyPass. By continuing to use the platform, you expressly consent to the practices described in this Policy.

This Policy is framed in line with:

• Information Technology Act, 2000
• Information Technology (Amendment) Act, 2023
• Applicable rules on reasonable security practices and sensitive personal data
• Digital personal data protection principles in India

2. Eligibility and Parental Consent

FullyPass may be used by students who are 13 years of age or older. By using the platform, you confirm that:

• You are at least 13 years old; and
• If you are under 18 years old, you have consent from a parent or legal guardian to use this platform.

FullyPass does not knowingly collect personal data from children below 13 years. If such data is identified, FullyPass will erase it without undue delay.

3. Personal Data Collected

FullyPass Learntech LLP may collect the following categories of information:

4. Purpose of Data Collection

FullyPass uses collected data solely for legitimate purposes, including:

• Account creation, secure authentication, and user identification
• Providing personalised learning content, mock tests, and recommendations
• Progress tracking and performance analytics for the user
• Improving questions, explanations, and app features
• Detecting fraudulent activity, piracy, or misuse of content
• Compliance with legal, regulatory, and taxation obligations

FullyPass does not sell, rent, or trade student data to third-party marketing companies.

5. Third-Party Services and Integrations

To ensure secure and efficient operation, FullyPass integrates and relies on certain third-party service providers:

• Google Analytics – to understand aggregate user behaviour and app usage patterns.
• Firebase – for authentication, crash reporting, notifications, and analytics.
• Razorpay – for processing payments in a secure and compliant manner.
• Cloudflare – for DNS management, security, and DDoS protection.
• AWS CloudFront and dedicated servers – for secure hosting, content delivery, and performance.

These providers are given access only to the minimum necessary information required to perform their functions and are contractually bound to protect such information.

6. Data Storage and Server Location (Indian Soil)

FullyPass Learntech LLP ensures that core application databases and primary production servers handling student data are hosted on dedicated infrastructure located within India.

Encrypted backups and content mirrors may be maintained for redundancy and disaster recovery. Where backups are stored outside India, they remain encrypted and are not made available to any foreign entity except as required by applicable law.

7. Data Security Measures

FullyPass implements reasonable security practices as required under the Information Technology Act and associated rules, which may include:

• Encryption of sensitive data at rest and in transit (HTTPS/TLS)
• Controlled access to servers with audit logs and monitoring
• Firewalls, DDoS mitigation, and intrusion detection mechanisms
• Regular security reviews and patching of systems

While these measures significantly reduce risk, no system can guarantee absolute security. By using FullyPass, you acknowledge that residual cyber risk cannot be fully eliminated.

8. Cookies and Tracking Technologies

FullyPass may use cookies, local storage, and similar technologies to:

• Maintain login sessions and remember your preferences
• Measure engagement, performance, and feature usage
• Prevent automated abuse or suspicious login attempts

You may disable cookies in your browser settings; however, certain features of the platform may not function correctly if cookies are disabled.

9. Advertising and Promotions

As on the Effective Date, FullyPass does not display third-party advertisements within the learning experience. Only internal promotions (such as plan upgrades or feature highlights) may be shown.

In the future, FullyPass may integrate third-party advertising networks (for example, educational or relevant ads). In such a case:

• This Policy will be updated to describe any additional data usage.
• Only contextual or permitted targeted ads will be shown in accordance with Indian data protection rules.

10. Data Sharing and Legal Disclosures

FullyPass may share data only under limited and lawful circumstances, such as:

• When required by a court order, government directive, or law enforcement request
• To investigate piracy, cybercrime, cheating, or fraudulent activities
• To comply with taxation and regulatory reporting obligations
• With payment gateways solely for processing and verifying transactions

FullyPass does not share user data with advertisers for independent marketing campaigns.

11. Data Retention

FullyPass retains personal data for as long as reasonably necessary for:

• Providing the subscribed service and maintaining your account
• Complying with legal and audit requirements
• Resolving disputes and enforcing agreements

Typically, user account data and performance analytics may be retained for the duration of the subscription and up to five (5) years thereafter, unless a longer retention period is required by law.

12. User Rights

Subject to applicable law, you may request:

• Access to the personal information maintained about you
• Correction of inaccurate or incomplete data
• Deletion or anonymisation of your account information (except where retention is legally required)
• Opt-out from non-essential promotional communications

Requests should be sent to support@fullypass.com. After verifying your identity, FullyPass will endeavour to respond within 15–30 business days.

13. Misuse, Piracy, and Legal Consequences

Use of FullyPass content for any purpose other than personal learning is strictly prohibited. The following actions may constitute offences under the IT Act and Copyright Act:

• Unauthorized copying, distribution, or sale of questions and explanations
• Uploading or forwarding FullyPass content to Telegram, WhatsApp, YouTube, or other platforms
• Sharing login credentials intentionally with multiple users

FullyPass Learntech LLP reserves the right to take legal action, including:

• Permanent account suspension without refund
• Filing FIR/cyber complaint with competent authorities
• Claiming damages and monetary penalties as permitted by law

14. Governing Law and Jurisdiction

This Privacy Policy is governed by and construed in accordance with the laws of India. Any disputes arising under or in connection with this Policy shall be subject to the exclusive jurisdiction of the courts located in Hyderabad, Telangana, India.

15. Changes to this Policy

FullyPass Learntech LLP reserves the right to update or modify this Privacy Policy at any time. Material changes will be notified through the website or app. Continued use of the platform after such changes shall constitute acceptance of the revised Policy.

16. Contact Information

For privacy, data protection, or IT Act-related concerns, you may contact: