logo
optima learn

Current as of 03 August 2025

Privacy Policy

Optima Learn ("Company," "we," "us," or "our") respects the privacy of every individual who interacts with our learning platform. This Privacy Policy outlines how we collect, use, store, disclose, and safeguard your personal data when you visit or use our website www.optimalearn.com, mobile applications, tools, and services (collectively, the "Platform").
By accessing or using our Services, you agree to the terms of this Privacy Policy.

Scope and Applicability

This Privacy Policy applies to all users of the Platform, including:
  • Free users accessing basic content.
  • Paid subscribers accessing premium features.
  • Visitors browsing public areas of the website.
  • Individuals contacting us through support channels or newsletters.

This Policy complies with applicable Indian laws including the Information Technology Act, 2000 and the Sensitive Personal Data Rules, 2011, and is aligned with global data protection standards where possible

Categories of Personal Data We Collect

Identity and Contact Information:
  • Full name.
  • Email address.
  • Phone number.
  • Profile picture (if uploaded).
Educational and Academic Information:
  • College Name, Degree Program, graduated in Graduation Year; 10th –Board/Marks; 12thBoard/Marks; Graduation Marks; currently working at Company Name, Designation, with Work Experience months of experience.
  • Exam goals.
  • Mock test scores and learning analytics.
  • Study plan progress and performance indicators.
  • Previous exam scorecards (e.g., CAT percentiles).
Transaction and Billing Information:
  • Payment transaction ID, plan purchased, and duration.
  • Billing contact details (if applicable).
  • We do not store debit/credit card numbers or banking details. These are handled securely by third-party payment gateways (e.g., Paytm, Razorpay).
Technical and Usage Information:
  • IP address, device type, browser version.
  • Login timestamps and session duration.
  • Features used, buttons clicked, pages viewed.
  • Error logs and support requests.
Communications and Interactions:
  • Emails, support messages, feedback forms.
  • In-app communications (e.g., chatbot, mentor chats).
  • Participation in WhatsApp or other community forums.[add phone call].
Third-Party Account Data (Mentor Calendar Integration):
  • When a mentor voluntarily connects their Google Calendar to the Platform, we obtain a Google OAuth refresh token, the Google account email used for the connection, and the OAuth scopes granted.
  • The refresh token is stored encrypted at rest and is used solely to create, modify, or delete calendar events that the Platform itself schedules for mentor sessions. We do not read, retain, or analyse any other events on the mentor's calendar.
  • Mentors can revoke this access at any time from the mentor home page on Optima Learn or from https://myaccount.google.com/permissions.

How We Collect Personal Data

  • Direct input through registration forms, payment pages, or profile updates.
  • Activity monitoring from mock test attempts, planner usage, or question engagement.
  • Automated tracking through cookies, analytics scripts, or session recording tools.
  • Third-party integrations such as YouTube embeds or WhatsApp community interactions.
  • You may choose not to provide certain personal information, but this may limit your access to certain services or features.

Purposes of Data Processing

  • To create, manage, and secure user accounts.
  • To deliver educational services and personalized dashboards.
  • To analyze academic progress and provide strategy recommendations.
  • To verify eligibility for refunds or performance-based guarantees.
  • To manage payments, billing, and subscriptions.
  • To provide customer support and resolve user queries.
  • To comply with legal obligations or respond to lawful requests.
  • To send necessary communications such as password resets, billing alerts, and system updates.
  • To send optional marketing content or surveys (only with prior consent).

Legal Grounds for Processing

  • Consent, for marketing communications and non-essential features.
  • Contractual necessity, to fulfill the services under your selected plan.
  • Legitimate interest, for improving user experience and preventing misuse.
  • Legal obligation, where required by financial or data protection regulations.

Data Sharing and Third Parties

We do not sell personal data to any third party.
Limited information may be shared with service providers, including:
  • Payment processors for secure transactions.
  • Hosting and cloud vendors such as AWS or Google Cloud.
  • Analytics and debugging tools including Google Analytics and Sentry.
  • Mentors or internal academic support staff for personalized guidance.
  • Government or regulatory bodies where mandated by law.
All third-party providers are bound by confidentiality and data protection agreements.

Google API Services User Data Policy

Optima Learn's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

When a mentor connects their Google Calendar, we request the following OAuth scopes:
  • openid and email — to associate the connection with the mentor's Google account identifier and primary email address.
  • https://www.googleapis.com/auth/calendar.events — to create, modify, and delete calendar events that the Platform itself schedules for mentor sessions on the mentor's primary calendar.
We use Google user data exclusively for the user-facing feature of scheduling and managing mentor sessions (including the associated Google Meet conference links that allow our transcription integration to attend on the mentor's behalf). We do not:
  • Read, store, or analyse calendar events that the Platform did not itself create.
  • Use Google user data for serving advertisements.
  • Sell or transfer Google user data to third parties except as necessary to provide or improve user-facing features, comply with applicable law, or as part of a merger, acquisition, or sale of assets with the user's explicit consent.
  • Allow humans to read Google user data, except where (a) the user has given affirmative consent, (b) it is necessary for security purposes (e.g., investigating abuse), (c) to comply with applicable law, or (d) the data has been aggregated and is used for internal operations in accordance with applicable privacy and other jurisdictional legal requirements.
Refresh tokens received from Google are encrypted at rest using AES-256-GCM with keys stored separately in a managed secret vault. A mentor may revoke our access at any time from the mentor home page on Optima Learn or from https://myaccount.google.com/permissions; revocation causes the encrypted token to be marked invalid and removed from active use.

Use of Cookies and Tracking Tools

We use cookies and local storage to support user experience and service reliability.
Cookies are used to:
  • Authenticate user sessions.
  • Store user preferences.
  • Track behavior for analytics and performance.
  • Detect abuse or suspicious activity.
Users may adjust cookie preferences via their browser settings.
Disabling cookies may impact certain features or platform functionality.

Data Retention

Personal data is retained only as long as needed to:
  • Support your access to the Platform and progress history.
  • Fulfill legal, financial, or contractual obligations.
  • Maintain audit logs and security backups.
Inactive user data may be anonymized or deleted based on internal retention policy unless extended by regulatory or legal requirements.

Data Security Measures

We implement administrative, technical, and organizational safeguards to secure data, including:
  • End-to-end SSL encryption for data transmission.
  • Role-based access control for team members.
  • Secure, firewall-protected servers and cloud environments.
  • Strong password hashing and user authentication.
  • Regular code reviews and vulnerability scans.
You are responsible for maintaining the confidentiality of your account credentials.

Your Data Rights and Choices

You have the right to:
  • Request access to the data we hold about you.
  • Request corrections or updates to inaccurate data.
  • Withdraw previously given consent for optional processing.
  • Request deletion of your account and associated data.
  • Object to or restrict certain forms of processing.
To exercise your rights, contact contact@optimalearn.inIdentity verification may be required. Please allow up to 14 business days for resolution.

Children's Privacy

  • Our services are not directed to users under the age of 18.
  • Users under 18 may only access the Platform under verified parental or guardian supervision.
  • If you believe a child has submitted personal data without consent, please contact us immediately.

International Transfers

  • Optima Learn is based in India. Data may be stored or processed in India or other jurisdictions where our service providers operate.
  • All cross-border transfers are conducted with appropriate safeguards in accordance with applicable data protection laws.

Changes to This Privacy Policy

  • We may update this Privacy Policy at our discretion.
  • Any material changes will be notified via our website and/or email where appropriate.
  • Continued use of the Platform after such changes constitutes your acceptance of the updated terms.

Contact Us

For all privacy-related queries or concerns, please contact:

Optima Learn Privacy Officer

contact@optimalearn.in
www.optimalearn.com