Privacy Policy — IAS Valley

Privacy Policy — IAS Valley

Last updated: 27 October 2025

IAS Valley (“Company”, “we”, “us”, “our”) operated by Nirmala Devi respects your privacy. This Policy is published in accordance with the Digital Personal Data Protection Act, 2023 (DPDPA), the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (as applicable until replaced/notified under DPDPA), the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (as amended), and other applicable Indian laws. It explains what we collect, how we use/share it, and the choices you have. By accessing/using/registering on www.iasvalley.com and related apps/services (collectively, the “Platform”), you agree to this Policy.

1) Scope & Definitions

  • Applies to: All users of our Platform, regardless of device or access method.
  • Personal Data: Any data about an individual who is identifiable by or in relation to such data (as per DPDPA) — e.g., name, contact details, identifiers, transaction data, learning activity.
  • Non-Personal Data: Aggregated/anonymous information that does not identify you.

2) Who Controls Your Data

  • Data Fiduciary (Controller): IAS Valley (operated by Nirmala Devi)
  • Contact: care@iasvalley.com

3) Personal Data We Collect

  • Identity & Contact: name, photograph (optional), email, mobile, address, state/city.
  • Account & Usage: login identifiers, role, course enrolments, progress, test attempts, watch time, device/app logs, crash logs.
  • Transactions: order history, payment method metadata (processed by payment gateways), invoices/GST details.
  • Communications: queries to support, feedback, survey responses, marketing preferences.
  • Technical: IP address, timestamp, user-agent, cookies/web storage, SDK signals, OS/browser, network, device model.
  • Children’s Data: for users aged 13–17, only with verifiable parental consent as per DPDPA; children under 13 should not use the Platform.

4) How We Collect

  • Directly from you: when you register, purchase, upload content, take tests, contact support, or opt into communications.
  • Automatically: via cookies, pixels, SDKs, and logs when you use the Platform (see Cookies below).
  • Third Parties: payment gateways, analytics, video-hosting, communication providers, identity verification (if used), subject to their terms.

5) Lawful Bases & Uses

  • Consent: account creation, marketing messages, cookies beyond strictly necessary, children’s processing.
  • Deemed Consent / Legitimate Uses (DPDPA): to provide/operate services you request, troubleshoot, secure the Platform, prevent fraud/piracy, comply with law, and for reasonable purposes notified/allowed by law.
  • We use your data to:
    • Provide courses, classes, tests, notes, and core functionality.
    • Personalize content, track progress, and improve learning outcomes.
    • Process payments, issue invoices, handle refunds/support.
    • Send service updates, security alerts, transactional emails/SMS/WhatsApp.
    • Conduct analytics, quality assurance, and product improvement.
    • Prevent cheating/piracy (e.g., watermarking/DRM/fingerprinting).
    • Comply with legal obligations and respond to lawful requests.

6) Sharing & Disclosures

  • Service Providers (Processors/Sub-processors): hosting/CDN, video/live class tools, analytics, communication, customer support, payment gateways (PCI-DSS compliant), anti-fraud tools — all bound by contracts and security obligations.
  • Legal/Compliance: courts, law enforcement, regulators when required by law or to protect rights, safety, and the Platform.
  • Business Events: reorganization/transfer subject to continuous protection of personal data.
  • No Sale of Personal Data: we do not sell your personal data.

7) International Transfers

  • Personal data may be processed outside India by our processors. Transfers will comply with DPDPA and any Government notifications permitting/restricting destinations, with appropriate contractual and technical safeguards.

8) Security

  • We implement reasonable security practices (technical and organizational measures) under the IT Act/Rules and evolving DPDPA standards: encryption in transit, access controls, logging, least-privilege, periodic reviews, and employee/vendor confidentiality.
  • No method is 100% secure; you acknowledge inherent risks of the Internet and will safeguard your credentials/devices.
  • In case of a qualifying personal data breach, we will act per applicable law, including notifications to the Data Protection Board of India and/or affected users when required.

9) Retention

  • We retain personal data for as long as necessary for the purposes stated, to meet legal/accounting/reporting requirements, to resolve disputes, and to enforce agreements; thereafter we delete or irreversibly anonymize it, subject to lawful retention duties.

10) Your Rights under DPDPA

  • Right to Access/Know how we process your data.
  • Right to Correction/Erasure of inaccurate or out-of-date personal data (subject to lawful exceptions).
  • Right to Grievance Redressal through our Grievance Officer (see below).
  • Right to Nominate another person to exercise rights in the event of death/incapacity (when enabled under the law/platform).
  • You may also withdraw consent for consent-based processing (where feasible). This does not affect prior lawful processing; certain services may cease if consent is withdrawn.

11) Children’s Privacy

  • Users aged 13–17 may use the Platform only with verifiable parental/guardian consent as per DPDPA. We do not knowingly allow children under 13 to use the Platform.
  • We do not knowingly undertake tracking/behavioral advertising directed at children’s accounts.

12) Cookies & Similar Technologies

  • We use cookies, local storage, and SDKs to operate the site/app, keep you signed in, remember preferences, measure performance, and improve services.
  • Non-essential cookies may require your consent. You can manage preferences in your browser/app; blocking cookies may limit functionality.
  • Third-party cookies (analytics, video, payments) are governed by those parties’ policies.

13) Marketing & Communications

  • With your consent (where required), we may send you emails/SMS/WhatsApp/in-app messages about courses and offers. You can unsubscribe via settings or by writing to care@iasvalley.com.

14) Social & Third-Party Links

  • Our Platform may link to third-party sites/apps (e.g., payments, social media). Their privacy practices are independent; review their policies before use. We are not responsible for their content or practices.

15) Grievance Redressal (DPDPA & IT Rules)

  • Grievance Officer: Pushkar Pritam
  • Email: care@iasvalley.com
  • Postal Address: Motihari, Bihar — 845303
  • Working Hours: Mon–Fri, 10:00–18:00 IST

How to submit a request/complaint: include your name, contact details, a clear description of your request or issue, relevant URLs/screenshots, and proof of identity/authorization (if required). We will acknowledge and respond within timelines prescribed by law.

16) Changes to this Policy

  • We may update this Policy to reflect legal/technical/business changes. Continued use after updates signifies acceptance. For material changes, we may provide prominent notice.

17) Consent

  • By using the Platform, registering, or submitting data, you consent to processing as described here, subject to your rights under DPDPA and other laws.

Quick Summary (non-legal)

  • We collect identity, contact, usage, and transaction data to run your learning services.
  • Your rights: access, correction/erasure, grievance, nomination, and consent withdrawal where applicable.
  • We secure data with reasonable safeguards; no method is perfect.
  • We share with service providers and when required by law — we don’t sell personal data.
  • Contact: care@iasvalley.com