GyandootAI
PricingTermsPrivacy
Legal

Privacy Policy

Last updated: May 2026 · Effective: May 2026

GyandootAI Private Limited (incorporation in progress) · India

1. Who We Are

GyandootAI is an AI-powered educational content platform built for Indian teachers, faculty, and educational institutions. We are committed to protecting your personal data in compliance with the Digital Personal Data Protection Act (DPDPA) 2023 and applicable Indian law.

2. What Data We Collect

When you submit a paper request: Name, email address, school or institution name, subject, class, board, topic, content preferences, and any special instructions you provide.

When you use the dashboard: Authentication credentials (email and hashed password), paper generation history, and usage data.

Automatically: We log the IP address of each paper generation request for security and abuse prevention purposes. We also collect anonymised usage data (pages visited, session duration) to improve the platform. IP addresses are not used for advertising, profiling, or location tracking beyond approximate city-level abuse detection.

We use browser localStorage — not tracking cookies — to remember your free usage count on your device.

We do not use advertising cookies, tracking pixels, behavioural profiling, or remarketing scripts of any kind.

3. How We Use Your Data

  • To generate the educational documents you requested
  • To deliver documents to your email address
  • To maintain your paper history in the teacher dashboard
  • To enforce free tier limits (3 papers per email address)
  • To prevent automated abuse and enforce network-level usage limits using IP address data (DPDPA 2023 Section 7 — legitimate security interest)
  • To improve the platform and the quality of generated content
  • To send transactional communications (document delivery, account updates)

4. Third-Party Service Providers

We engage a small number of trusted third-party service providers to deliver GyandootAI — including providers for AI content generation, secure cloud database infrastructure, workflow automation, transactional email delivery, and payment processing.

Key protections governing all service providers:

  • Each provider is engaged under a written data processing agreement
  • Providers are authorised to process your data only for the specific purpose we engage them for — nothing else
  • Providers are contractually prohibited from using your data for their own commercial purposes, marketing, or AI model training
  • All providers implement appropriate technical and organisational security measures
  • Providers are required to notify us of any data breach within 72 hours

We do not sell your personal data to any third party under any circumstances. We do not share your personal data with any provider for their own model training or commercial purposes.

5. Data Storage & Cross-Border Processing

Your personal account data and paper history are stored on secure infrastructure located within India, in compliance with DPDPA 2023.

Certain service functions — specifically AI content generation and transactional email delivery — require processing on infrastructure located outside India. These cross-border transfers are necessary to provide the service, are permitted under DPDPA 2023 Rule 15, and are governed by written contractual safeguards with each provider. Anonymised analytics data is also processed outside India.

No payment card data is processed or stored by GyandootAI. Payment processing is handled exclusively by an RBI-authorised payment gateway under PCI-DSS compliance standards.

6. Your Rights Under DPDPA 2023

As an Indian data principal, you have the right to:

  • Access — request a summary of personal data we hold about you
  • Correction — request correction of inaccurate or incomplete data
  • Erasure — request deletion of your personal data (we comply within 30 days)
  • Grievance redressal — raise a complaint with our Grievance Officer
  • Withdraw consent — withdraw consent for data processing at any time (this may affect your ability to use the platform)

To exercise any right, contact our Grievance Officer using the details in Section 9. We respond within 7 business days.

7. Data Retention

We retain your personal data for 24 months from your last interaction with our platform. Paper history is retained for the duration of your account and for 90 days following account closure, after which it is permanently deleted. You may request deletion at any time — we will comply within 30 days.

8. Children and Minors

GyandootAI is designed for teachers, faculty, and educational administrators only. We do not knowingly collect personal data from individuals under 18 years of age. If you believe a minor has submitted data through our platform, please contact us immediately and we will delete it promptly.

9. Grievance Officer

For privacy queries, data access requests, correction requests, erasure requests, or complaints, please contact us through the details provided in our Terms of Service. We will acknowledge your request within 48 hours and resolve it within 7 business days as required by DPDPA 2023.

10. Changes to This Policy

We will notify registered users of material changes to this policy by email and by updating the date at the top of this page. The updated policy takes effect from the date of notification. Continued use of the platform after that date constitutes acceptance of the updated policy.

© 2026 GyandootAI
HomeTermsPrivacy