Privacy Policy

We may collect the following categories of personal data from you:

2.1 Information You Provide Directly

We collect personal data when you:

1. Register or create an account on the Platform
2. Subscribe to our services or purchase products
3. Complete forms, surveys, or questionnaires
4. Contact our support team or customer service
5. Submit User Content (projects, assignments, feedback)
6. Participate in webinars, events, or community forums
7. Communicate with us via email, phone, or chat

2.2 Information Collected Automatically

Certain technical and usage data is collected automatically through:

• Cookies, web beacons, and similar tracking technologies
• Analytics tools (e.g., Google Analytics, Mixpanel)
• Server logs and access logs
• AI interaction monitoring and learning analytics

2.3 Information from Third Parties

We may receive personal data from:

• Third-party service providers (payment processors, cloud hosting partners, analytics providers)
• Educational institutions or employers partnered with us
• Social media platforms (if you link your account or use social login)
• Publicly available sources (with your consent or as permitted by law)

We process personal data for the following purposes:

3.1 Service Delivery and Platform Operations

1. To provide, operate, maintain, and improve our AI-driven products and services
2. To create and manage user accounts
3. To personalize your experience and deliver customized content, recommendations, and skill paths
4. To process transactions, manage subscriptions, and issue invoices
5. To send transactional communications (order confirmations, account notifications, service updates)

3.2 AI and Machine Learning

1. To train, test, and improve AI models and algorithms
2. To generate personalized skill development paths and career recommendations
3. To analyze learning patterns and optimize educational content
4. To provide adaptive learning experiences based on user performance

3.3 Communication and Marketing

1. To communicate service updates, new features, and product announcements
2. To send promotional offers, newsletters, and marketing communications (with your consent)
3. To conduct surveys and request feedback
4. To respond to inquiries and provide customer support

3.4 Security, Fraud Prevention, and Compliance

1. To ensure the security, integrity, and safety of the Platform
2. To detect, prevent, and investigate fraudulent, abusive, or illegal activity
3. To enforce our Terms of Use and other policies
4. To comply with legal obligations, court orders, or regulatory requirements

3.5 Analytics and Research

1. To analyze usage trends, user behavior, and Platform performance
2. To conduct research and development for product improvement
3. To generate aggregated, anonymized data for business intelligence and reporting

We process personal data based on the following legal grounds under the PDPP Act and applicable laws:

We may share personal data with the following categories of recipients:

5.1 Service Providers and Processors

We engage trusted third-party service providers to perform functions on our behalf, including:

• Cloud hosting and infrastructure providers (e.g., Amazon Web Services, Microsoft Azure, Google Cloud)
• Payment processors and gateways (e.g., Razorpay, Stripe, PayPal, Paytm)
• Analytics and monitoring tools (e.g., Google Analytics, Mixpanel, Hotjar)
• Customer support platforms (e.g., Zendesk, Freshdesk, Intercom)
• Email and communication services (e.g., SendGrid, Mailchimp, Twilio)
• AI and machine learning infrastructure providers

All service providers are contractually bound by Data Processing Agreements (DPAs) to protect your personal data and process it only in accordance with our instructions and applicable data protection laws.

5.2 Educational Institutions and Employers

If you use the Platform in connection with an educational institution, corporate training program, or employer partnership, we may share your personal data (including learning progress, assessment results, and certifications) with such organizations as necessary to provide the services.

5.3 Business Partners and Affiliates

We may share aggregated, anonymized, or de-identified data with business partners, affiliates, or advertisers for marketing, analytics, or research purposes. Such data does not identify you personally.

5.4 Legal and Regulatory Authorities

We may disclose personal data when required by law or in response to:

• Valid legal process (subpoena, court order, search warrant)
• Government or regulatory authority requests
• Law enforcement investigations
• Protection of our legal rights, property, or safety, or that of others

5.5 Business Transfers

In the event of a merger, acquisition, reorganization, sale of assets, or bankruptcy, your personal data may be transferred to the successor entity, subject to equivalent data protection obligations.

5.6 No Sale of Personal Data

We do not sell, rent, or trade your personal data to third parties for their marketing purposes.

6.1 Data Storage and Processing Locations

Your personal data may be transferred to, stored, and processed in locations outside India, including countries where our service providers, cloud infrastructure, or business partners operate (e.g., the United States, European Union, Singapore).

6.2 Safeguards for International Transfers

We ensure that all cross-border transfers of personal data are subject to appropriate safeguards as required under the PDPP Act and applicable laws, including:

• Transfers to countries notified as having adequate data protection standards by the Indian Government
• Standard Contractual Clauses (SCCs) approved by relevant authorities
• Data Processing Agreements with service providers ensuring equivalent protection
• Compliance with EU General Data Protection Regulation (GDPR) standards where applicable

6.3 Your Rights

If you are located in the European Economic Area (EEA), United Kingdom, or other jurisdictions with specific data protection laws, you may have additional rights regarding international data transfers. Please contact us for more information.

7.1 Retention Period

We retain personal data only for as long as necessary to fulfill the purposes described in this Privacy Policy, comply with legal obligations, resolve disputes, enforce agreements, or as otherwise required or permitted by law.

7.2 Retention Criteria

The retention period for personal data depends on:

• The nature and sensitivity of the data
• The purposes for which it was collected and processed
• Legal, regulatory, tax, or accounting requirements
• Whether you have requested deletion or withdrawal of consent

7.3 Deletion and Anonymization

Upon expiry of the retention period or upon your request (where applicable), we will securely delete or anonymize your personal data in accordance with our data retention and deletion policies and applicable legal requirements.

7.4 Backup and Archival Data

Personal data may remain in backup systems or archives for a limited period for disaster recovery, security, and legal compliance purposes. Such data will be deleted in accordance with our backup retention schedules.

8.1 Security Measures

We implement reasonable and appropriate administrative, technical, and physical safeguards to protect personal data from unauthorized access, use, disclosure, alteration, loss, misuse, or destruction, including:

• Encryption of data in transit (using SSL/TLS protocols) and at rest (using industry-standard encryption algorithms)
• Access controls, authentication mechanisms, and multi-factor authentication (MFA)
• Regular security audits, vulnerability assessments, and penetration testing
• Secure data centers with physical access controls
• Employee training and confidentiality obligations
• Incident response and breach notification procedures

8.2 Limitations

While we strive to protect your personal data, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security of your personal data. You acknowledge and accept the inherent risks of online data transmission and storage.

8.3 User Responsibility

You are responsible for maintaining the confidentiality of your account credentials and for all activities under your account. You must immediately notify us of any unauthorized access or security breach.

As a Data Principal under the DPDP Act, 2023, you have the following rights:

9.7 How to Exercise Your Rights

To exercise any of the above rights, please contact us at:

We will respond to your request within the timelines specified under the PDPP Act (typically within 30 days).

If you are located in the European Economic Area (EEA), United Kingdom, California (USA), or other jurisdictions with specific data protection laws, you may have additional rights, including:

10.1 GDPR Rights (EEA and UK Users)

• Right to lodge a complaint with a supervisory authority
• Right to object to processing based on legitimate interests
• Right to restrict processing in certain circumstances
• Right to object to automated decision-making and profiling

10.2 CCPA Rights (California, USA Users)

• Right to know what personal information is collected, used, shared, or sold
• Right to request deletion of personal information
• Right to opt-out of the sale of personal information (we do not sell personal data)
• Right to non-discrimination for exercising privacy rights

To exercise these rights, please contact us at info@stridenex.ai.

11.1 Age Restrictions

Our Platform is not intended for children under the age of 13 years. We do not knowingly collect, use, or disclose personal data from children under 13 without verifiable parental consent as required under applicable laws.

11.2 Parental Consent for Minors (13-18 Years)

If you are between 13 and 18 years of age, you may use the Platform only with the consent and supervision of your parent or legal guardian. We may request verification of parental consent.

11.3 Parental Rights

Parents or legal guardians have the right to access, review, correct, or request deletion of their child's personal data. Please contact us at info@stridenex.ai for assistance.

11.4 Discovery of Underage Data

If we discover that we have inadvertently collected personal data from a child under 13 without verifiable parental consent, we will take immediate steps to delete such data from our systems.

12.1 What Are Cookies?

Cookies are small text files stored on your device by your web browser when you visit a website. We use cookies and similar tracking technologies (web beacons, pixels, local storage) to enhance user experience, analyze usage, and maintain session security.

12.2 Types of Cookies We Use

• <strong>Essential Cookies:</strong> Necessary for the Platform to function properly (e.g., session management, authentication)
• <strong>Performance Cookies:</strong> Collect information about how you use the Platform (e.g., page visits, load times) to improve performance
• <strong>Functional Cookies:</strong> Remember your preferences and settings (e.g., language, region)
• <strong>Analytics Cookies:</strong> Help us understand user behavior and traffic patterns (e.g., Google Analytics)
• <strong>Marketing Cookies:</strong> Used to deliver relevant advertisements and track campaign effectiveness (with your consent)

12.3 Third-Party Cookies

We may allow third-party service providers (e.g., Google Analytics, Facebook Pixel) to place cookies on your device for analytics, advertising, and remarketing purposes. These third parties have their own privacy policies and data practices.

12.4 Cookie Consent and Management

By using the Platform, you consent to the use of cookies as described in this Policy. You may manage, disable, or delete cookies through your browser settings. However, disabling certain cookies may affect the functionality and performance of the Platform.

12.5 Do Not Track (DNT)

Our Platform does not currently respond to "Do Not Track" (DNT) signals sent by web browsers.

14.1 Breach Response Procedures

In the event of a data breach that is likely to cause harm to your rights and freedoms, we will:

1. Investigate and assess the nature, scope, and impact of the breach
2. Take immediate steps to contain and mitigate the breach
3. Notify affected Data Principals and the Data Protection Board of India within 72 hours of becoming aware of the breach, as required under the PDPP Act

14.2 Notification Contents

Breach notifications will include:

• Description of the nature and extent of the breach
• Categories and approximate number of affected individuals and data records
• Likely consequences and potential risks
• Measures taken or proposed to address the breach and mitigate harm

15.1 AI-Driven Recommendations

Our Platform uses AI and machine learning algorithms to analyze your learning patterns, assess your skills, and provide personalized recommendations for skill development, career paths, courses, and projects.

15.2 How AI Decisions Are Made

AI-driven recommendations are generated based on:

• Your educational and professional background
• Learning progress, assessment results, and performance data
• Interaction patterns and usage behavior
• Industry trends, job market data, and employer demand signals
• Comparative analytics with similar user profiles

15.3 Human Oversight

While AI systems assist in generating recommendations, significant decisions (e.g., certification awards, employment referrals) may involve human review and oversight.

15.4 Right to Explanation and Objection

You have the right to:

• Request an explanation of how AI-driven recommendations are generated
• Object to automated decision-making that produces legal or similarly significant effects
• Request human review of AI-generated decisions

To exercise these rights, contact us at info@stridenex.ai.

16.1 Marketing Consent

With your consent, we may send you promotional emails, SMS, push notifications, or other marketing communications about our products, services, offers, events, or updates.

16.2 Opt-Out Rights

You have the right to opt out of receiving marketing communications at any time by:

• Clicking the 'Unsubscribe' link in any marketing email
• Adjusting your notification preferences in your account settings
• Contacting us at info@stridenex.ai with your opt-out request

16.3 Transactional Communications

Please note that even if you opt out of marketing communications, you will continue to receive transactional or service-related communications (e.g., account notifications, payment confirmations, security alerts) as necessary to provide our services.

17.1 Links to External Sites

The Platform may contain links to third-party websites, services, or resources not owned or controlled by StrideNex (e.g., educational institutions, partner organizations, social media platforms).

17.2 No Responsibility

We are not responsible for and do not endorse the privacy practices, content, or data collection practices of any third-party websites or services. Your access to and use of third-party sites is governed by their respective privacy policies and terms of use.

17.3 User Responsibility

We encourage you to review the privacy policies of any third-party websites or services you visit. You access such sites at your own risk.

18.1 Right to Modify

We reserve the right to update, amend, or modify this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or business operations.

18.2 Notification of Changes

When we make material changes to this Privacy Policy, we will:

• Update the 'Last Updated' date at the top of this Policy
• Post a notice on the Platform
• Notify you via email or in-app notification (where applicable)
• Request your renewed consent where required by law

18.3 Acceptance of Changes

Your continued use of the Platform after any changes to this Privacy Policy constitutes your acceptance of the revised Policy. If you do not agree to the changes, you must discontinue use of the Platform.

18.4 Version History

Previous versions of this Privacy Policy are available upon request by contacting info@stridenex.ai.

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Data Protection Board of India established under the Digital Personal Data Protection Act, 2023.