We, Bay Education Partners Private Limited manage the website www.theredpen.in (Website).

In this Policy (as defined hereinafter), we, us, our and Red Pen refer to us, Bay Education Partners Private Limited and you and your(s) refer to the users/ visitors of the Website whose Information (as defined hereinafter) is collected in terms of this Policy. For more information about us and how to contact us, please refer to Section 15 of this Policy. This privacy policy (Policy) seeks to explain: (i) what Information we collect, use, disclose, process, store, transfer, safeguard; (ii) the manner in which and the purpose for which (including our policies and procedures for which) we collect, use, disclose, process, store, safeguard and share Information of the users accessing and using our Website and services offered to the users by us, our partners and other third parties (Services); (iii) the rights of the users in relation to the Information and the manner in which the users may exercise them; and (iv) the manner in which the users may raise any complaints/ grievances.

We respect the privacy of our users and are committed to protecting it in all respects through our compliance with this Policy. We involve experts from various fields, including legal, security, engineering, product design, and others, to ensure that our decisions are taken with the utmost respect for your privacy. The information including any personal information about the user as collected by us is: (a) information supplied by users voluntarily; (b) information automatically tracked while using our Services and Website; and (c) information collected by us from third parties (Information). We have implemented necessary technical and organizational safeguards and measures in this regard, to ensure our compliance with applicable data protection laws. By using our Website and our Services, you: (a) provide your free, specific, informed, explicit, clear, unconditional and unambiguous consent to collection, disclosure, storage, processing, transfer and use of the Information you provide (including any changes thereto as provided by you) for any of the Services that we offer; and (b) consent to this Policy and our terms and conditions set out at https://theredpen.in/refunds-and-terms/. This Policy does not apply to anonymised data, as it cannot be used to identify you.

By choosing to provide your Information via the Website, including but not limited to the categories of Information mentioned in this Policy, you expressly consent to our use of your Information for the purposes listed in this Policy and you expressly consent to being contacted by us or our partners.

Please read this Policy carefully to understand our policies and practices regarding your Information and how we will treat it. By accessing or using the Website and the Services, you agree to this Policy. Our Website and the Services also incorporate privacy controls which affect how we will process your Information. Please refer to Section 6 for a list of rights with regard to your Information and how to exercise them.

This Policy may change from time to time. Your continued use of the Website and the Services after we make changes to this Policy is deemed to be acceptance of those changes, so please check the Policy periodically for updates. If you do not agree with the terms of this Policy, please do not access the Website and/or use our Services.

We may collect Information about you in a variety of ways. There are three general categories of Information we collect.

1. Information You Give to Us.
   

   1. For utilization of the Website and the Services, it is a prerequisite for you to share specific data collected through other platforms and mediums during the registration process, online application filing, signing up for the Services. When you use the Website and the Services, we may ask you to provide certain Information in connection with your use of the Services and to avail yourself the Services through the Website. We may collect this Information in various places, such as registration forms, contact us forms, or otherwise when you interact with us, including customer support. The Information we may collect via the Website and/or through other platforms and mediums and while providing you Services depends on the content and materials you use. We may collect data including but not limited to (i) your name, (ii) date of birth, (iii) email address or other contact information including phone numbers; (iv) residential / correspondence addresses; (v) education details etc.

   2. Towards completion of the user registration and onboarding process, and from time-to-time, towards you availing the Services offered on the Website, we may also collect and store, including but not limited to the following sensitive Information or Information: (i) passwords; (ii) banking information; and (c) other know your customer (KYC) documents including (i) passports, PAN card, Aadhaar card details, utility bills, photographs and other formal identification information.

      (data and information set out in Paragraph 2.1.(a) and 2.1.(b) shall collectively constitute Account Data). The Account Data may be processed for the purposes of providing to you our Services, satisfying anti-money laundering and know-your-customer obligations, any obligations under the applicable law, and ensuring the security of the Services, maintaining back-ups of our databases and communicating with you. This Account Data is necessary for the adequate performance of the contract between you and us and to allow us to comply with our legal obligations. Without it, we may not be able to provide you with all the requested Services.

   3. We may process Information contained in or relating to any communication that you send to us (Correspondence Data). The Correspondence Data may include the communication content and metadata associated with the communication. The Correspondence Data may be processed for the purposes of communicating with you and record-keeping and may also be retained on anonymous basis for training and quality purposes. The legal basis for this processing is our legitimate interests, namely the proper administration of our Website and business and communications with users.

   4. We may process Information included in your user registration and onboarding documents, which may include your location, time zone and any other details as provided therein (Profile Data). The Profile Data may be processed for the purposes of providing you a better user experience when using the Services. The legal basis for this processing is your consent.

   5. Pursuant to the Services you avail yourself of, from time to time, we may require you to provide additional information, as and when required, to comply with any applicable regulatory requirement or to provide additional Services/products via the Website, as and when offered. You may choose to provide such Information if you wish to use the Services provided on the Website.

2. Information We Automatically Collect from Your Use of the Services.
   

   1. When you access/ visit/ use the Website, we may automatically process Information about your computer and internet connection (including your IP/ MAC address, operating system and browser type), your mobile carrier, device information (including device and application IDs), search terms, cookie information, as well as information about the timing, frequency and pattern of your use of the Website and the Services, and information about the transactions you make for our Services, such as the name of the recipient, your name, the amount and type of cryptocurrency browsed and timestamp (Service Data).

   2. Service Data collected may include without limitation:

      1. Performance Data: Data about how the Website is performing including metrics of the performance and scale of the Website and the details about response times for user interfaces;
      2. Service Logs: Service logs are automatically generated by the Website recording events during the operation of the Website.

   3. The Service Data is processed for the purpose of providing our Services. The legal basis for this processing is the adequate performance of the contract between you and us, to enable us to comply with legal obligations and our legitimate interest in being able to provide and improve the functionalities of the Services. We also collect Information through cookies and similar technologies.

1. All Information that you provide to us must be true, complete and accurate, and you must notify us of any changes to such Information. Having accurate Information about you permits us to provide you with a smooth, efficient, and customized experience.
2. We use and process your data to carry out our contractual commitments towards you in connection with the Services, for purposes based on legitimate business interests and to provide better Services. In addition, we use your Information to comply with legal obligations and/or your consent.
3. We use and process your data to: (i) provide, measure, and improve our Services; (ii) create and maintain a trusted and safe and secure environment (such as complying with our legal obligations under applicable law and complying with our policies); and (iii) to support and enhance our data security measures, including for the purposes of preventing and mitigating the risks of fraud, error or other illegal or prohibited activity. The Information collected from our Website and Services allows us to collect statistics about our Website and Services to assess usage and effectiveness and to enhance the functionality of our Services.
4. We also use your Information to perform internal operations necessary to provide our Services, such as troubleshooting software bugs and operational problems, conducting data analysis, testing, and research to improve Services, and monitoring and analyzing usage and activity trends. We also use your Information to contact selected users to obtain feedback about our Services and for statistical consumer research purposes.
5. We may collect and use your contact information, including your mobile phone number, to communicate with you via WhatsApp regarding your use of our Website, our Services, updates, and other relevant information. By providing your mobile number and opting in to receive communications via WhatsApp, you consent to be contacted by us through WhatsApp for purposes including, but not limited to: (a) responding to your inquiries and providing user support; (b) sending service notifications, updates, and important information concerning the Services you have opted for or transactions; and (c) for informing you of new features, promotions, or offers related to our Services. We will not share your mobile number with third parties for their own marketing purposes. Your contact information will be used solely in accordance with this Policy. You may withdraw your consent or opt out of WhatsApp communications at any time by contacting us at unsubscribe@theredpen.in. For more information on how we process and safeguard your Information, please refer to the rest of this Policy. If you have any concerns or require further assistance regarding WhatsApp communications, please contact us at unsubscribe@theredpen.in.

1. Group entities: We may disclose your Information to any member of our group of companies (this means our subsidiaries, our ultimate holding company and all its subsidiaries) insofar as reasonably necessary for the purposes, and on the legal bases, set out in this Policy.
2. Third-Party Service Providers: We use third-party service providers to provide website and application development, hosting, maintenance, backup, storage, payment processing, analysis and other services for us in connection with the Website and the Services, which may require them to access or use certain Information about you to the extent required to perform such function. Our service providers and partners agree to strict confidentiality and data protection obligations. We may disclose Service Data to a variety of third party service providers insofar as reasonably necessary to improve the functionalities of the Services. For example, we may disclose Service Data to obtain useful analytics, determine location data and provide search engine functionality to our users. We may share aggregated Information with third parties to carry out research and analysis to help us improve the user experience of the Website and test new technologies and processes designed to enhance and improve the Website. We only use such Information to analyse how users are communicating with the Website in an effort to continuously improve it for you. Information provided by you in connection with mandatory verification checks of identity, such as a government identifier, mobile number, or email address, must be accurate and correct. Only required Information will be shared with authorized third parties for the purposes of such verification.
3. Aggregated data: We may share aggregated data (Information about our users that we combine together so that it no longer identifies or references an individual user) and other anonymized information for regulatory compliance, industry and market analysis, demographic profiling, marketing and advertising, and other business purposes.
4. Marketing Communications: With your explicit consent, or with an opportunity for you to withdraw consent, we may share your Information with third parties for marketing purposes, as permitted by applicable law.
5. By law or to protect rights: In addition to the specific disclosures of Information set out in this Section 4, we may disclose your Information (including to third parties) if we believe that it is reasonably necessary to comply with a law, regulation, legal obligation, legal process, or governmental request; or in order to protect your vital interests or the vital interests of another natural person; to protect the safety or integrity of the Services, or to explain why we have removed content from the Services; or to address fraud, security, or technical issues; or to protect our rights or property or the rights or property of those who use the Services.
6. Sale or bankruptcy: If we reorganize or sell all or a portion of our assets, undergo a merger, or are acquired by another entity, we may transfer your Information to the successor entity. If we go out of business or enter bankruptcy, your Information would be an asset transferred or acquired by a third party. You acknowledge that such transfers may occur, and that the transferee may decline to honor commitments we made in this Policy.
7. Performance of a contract: Where we have entered into a contract with you, we may process your Information to fulfill the terms of our contract. We are not responsible for the actions of third parties with whom you share personal or sensitive data, and we have no authority to manage or control third-party solicitations. If you no longer wish to receive correspondence, emails or other communications from third parties, you are responsible for contacting the third party directly.
8. We offer individuals the opportunity to choose (opt out) whether their Information is: (i) to be disclosed to a third party; or (ii) to be used for a purpose that is materially different from the purpose(s) for which it was originally collected or subsequently authorized by the individuals. In order to opt out from disclosure of your Information, please write to us at unsubscribe@theredpen.in.

1. Device Permission: Your device can have a permission system for specific types of device data and notifications, such as phone contacts, pictures, location services, push notifications and advertising identifiers. You can change the settings on your device to either consent to or oppose the collection or use of any such corresponding information or the display of the corresponding notifications. Of course, if you do that, certain services may lose functionality.
2. Nominate: You shall have the right to nominate any other individual, who shall, in the event of your death or incapacity, exercise your rights in accordance with applicable data protection laws.
3. Access/ verify/ rectify: You may access and verify (and, if required, rectify) your Information held by Red Pen by submitting a written request to us at unsubscribe@theredpen.in.
4. Reviewing/confirming your Information:You may have the right to review the Information we keep about you, which may be called right of access, right of portability or variations of those terms. You have the right to confirmation as to whether or not we process your Information and, where we do, access to the Information, together with certain additional information. That additional information includes details of the purposes of the processing, the categories of Information concerned and the recipients of the Information. Provided that the rights and freedoms of others are not affected, we will supply to you a copy of your Information. The first copy will be provided free of charge, but additional copies may be subject to a reasonable fee. You can access your Information by writing to us at: unsubscribe@theredpen.in.
5. Rectification of personal data: You have the right to have any inaccurate Information about you rectified and, taking into account the purposes of the processing, to have any incomplete Information about you completed. You can request correction or modification of your Information by writing to us at: unsubscribe@theredpen.in.
6. Delete/ erase: Please note that this right to delete will be subject to our retention requirements under applicable law and regulatory requirements. You have the right to the erasure/deletion of your Information without undue delay. Those circumstances include: the Information are no longer necessary in relation to the purposes for which they were collected or otherwise processed; you withdraw consent to consent-based processing; you object to the processing under certain rules of applicable data protection law; the processing is for direct marketing purposes; and the Information have been unlawfully processed. Such request to delete, erase or withdraw consent shall not be applicable on and shall not affect any act/omission by Red Pen prior to the receipt of such request from you. However, there are exclusions of the right to erasure. The general exclusions include where processing is necessary: for exercising the right of freedom of expression and information; for compliance with a legal obligation; or for the establishment, exercise or defense of legal claims. You can request the deletion of your Information by writing to us at: unsubscribe@theredpen.in. However, we will continue to retain Information which is required to be retained under the applicable laws.
7. Restriction of personal data: You have the right to restrict the processing of your Information. Those circumstances are: you contest the accuracy of the Information; processing is unlawful but you oppose erasure; we no longer need the Information for the purposes of our processing, but you require Information in order to establish, exercise or defend legal claims; and you have objected to processing, pending the verification of that objection. Where processing has been restricted on this basis, we may continue to store your Information. However, we will only otherwise process it: with your consent; for the establishment, exercise or defense of legal claims; for the protection of the rights of another natural or legal person; or for reasons of important public interest.
8. Right to object:
   1. You have the right to object to our processing of your Information on grounds relating to your particular situation, but such objection shall not be applicable where such processing is required for any legal basis and is necessary to be processed for the performance of a task carried out in the public interest or in the exercise of any official authority vested in us. If you make such an objection, we will cease to process the Information unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims. Cessation of processing of Information may restrict your use of the Website and the Services.
   2. You have the right to object to processing of your Information for direct marketing purposes (including profiling). If you make such an objection, we will cease processing for that purpose.
   3. You have the right to object to our processing of your Information for scientific or historical research purposes or statistical purposes on grounds relating to your particular situation, unless the processing is necessary for the performance of a task carried out for reasons of public interest.
9. To the extent that the legal basis for our processing of your Information is:
   1. consent; or
   2. that the processing is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract, and such processing is carried out by automated means, you have the right to receive your Information from us in a structured, commonly used and machine-readable format. However, this right does not apply where it would adversely affect the rights and freedoms of others. You can request to download your Information, by writing to us at: unsubscribe@theredpen.in
10. To the extent that the legal basis for our processing of your Information is consent, you have the right to withdraw that consent at any time. Subject to legal and contractual requirements for providing Services to you, you can refuse to consent to our collection, use, storage, retention, processing or disclosure of any Information about you, or you may withdraw your consent to our further collection, use, processing, storage, retention or disclosure of Information at any time in the future by writing to us at unsubscribe@theredpen.in. Withdrawal will not affect the lawfulness of processing before the withdrawal. However, we will continue to retain Information which is required to be retained under the applicable laws. Upon the user opting out to withdraw such consent, we will not be under any obligation to provide the Services to such user.
11. You may exercise any of your rights in relation to your Information by written notice to us, in addition to the other methods specified in this Section 6.

1. comply with the provisions of applicable data protections laws;
2. ensure not to impersonate another person while providing your Information for a specified purpose;
3. ensure not to suppress any material information while providing your Information for any document, unique identifier, proof of identity or proof of address issued by the State or any of its instrumentalities;
4. ensure not to register a false or frivolous grievance or complaint with us or the legal authorities; and
5. furnish only such Information as is verifiably authentic, while exercising the right to correction or erasure under the applicable data protection laws.

1. This Section 8 sets out our data storage and retention policies and procedure which are designed to help ensure that we comply with our legal obligations in relation to the storage, retention and deletion of Information. We and our service providers, maintain, store and process Information in India.
2. Information that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
3. We generally retain your Information for as long as is necessary for the performance of the contract between you and us, for providing you with the Services available on the Website and to comply with our legal obligations. If you no longer want us to use your Information to provide the Services to you, you can request that we erase your Information.
4. Post-termination of our agreement with You for providing the Services, we may continue to use your anonymised data aggregated or combined with other users’ anonymised data. In cases where a user has violated the terms and conditions of using our Services and Website or submits a request that his/her Information be deleted from the Website and by us, we will promptly take necessary actions to delete your Information, in accordance with Section 6.6.
5. Notwithstanding the other provisions of this Section 8, we may retain your Information where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

We do not knowingly collect, process, or retain Information of children without obtaining verifiable consent from their parent or lawful guardian. Where the Services offered by us are intended for or may be accessed by a user below 18 years of age, explicit, verifiable parental or guardian consent prior to collecting or processing any Information of the child shall be provided for each user. Parents or lawful guardians of such users shall have the right to review, correct, or request deletion or to exercise any other right as specified herein with respect to the user’s data at any time in the manner as provided in this Policy.

1. About cookies
   
   1. A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
   2. Cookies may be either persistent cookies or session cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
   3. Cookies do not typically contain any information that personally identifies a user, but Information that we store about you may be linked to the information stored in and obtained from cookies.
   4. We also use other technologies with similar functionality to cookies, such as web beacons, web storage, and unique advertising identifiers, to collect information about your activity, browser, and device.
2. We use these technologies for the following purposes:
   
   1. to identify you and provide you the Services;
   2. to store information about your preferences and to provide the Services to you;
   3. as an element of the security measures used to protect user Information and to protect our Website and Services generally;
   4. to help us analyse the use and performance of the Services; and
   5. to store your preferences in relation to the use of cookies more generally.
3. Cookies used by our service providers
   
   1. We use the following service providers to analyse the use of the Website and the Services. Each service provider gathers information about the Website and the Services by means of cookies and this information is used to create reports about with usage information. You can find information about the service providers’ privacy policies and practices at the URLs set forth below:

   Service Provider – Analytics	Privacy Policy
   Google Analytics	https://support.google.com/analytics/answer/6004245?hl=en
   Facebook	https://www.facebook.com/privacy/policy/
   Instagram	https://help.instagram.com/519522125107875
   Twitter (now X)	https://twitter.com/en/privacy
   LinkedIn	https://www.linkedin.com/legal/privacy-policy

4. Managing cookies
   
   1. Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version.
   2. Your mobile device or laptop may allow you to control cookies through its settings function. Refer to your device manufacturers instructions for more information.
   3. If you choose to decline cookies, some parts of the Website and the Services may not work as intended or may not work at all.

1. We have implemented measures designed to secure your Information from accidental loss and from unauthorized access, use, alteration and disclosure. The safety and security of your Information also depends on you.
2. Steps taken to ensure data security:
   
   1. All the user Information can only be accessed by the particular users; and
   2. All data is hosted on Hostinger Cloud Hosting Plan with DDoS Protection and Web Application Firewall installed along with Wordfence Security for added protection.
3. Unfortunately, the transmission of information via public networks such as the internet is not completely secure. Although we do our best to protect your Information, we cannot guarantee the security of your Information transmitted through the Website and the Services. Any transmission of Information is at your own risk. We are not responsible for the circumvention of any privacy settings or security measures contained on the Website and with respect to the Services.
4. While we have taken reasonable steps to secure the Information you provide us, please be aware that despite our efforts, no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other type of misuse. Any Information disclosed online is vulnerable to interception and misuse by unauthorized parties. Therefore, we cannot guarantee complete security if you provide Information.
5. We also audit our security practices and procedures annually or as and when the Website goes through a significant upgrade of its process.

1. We reserve the right to unconditionally modify, make changes to or update this Policy, at our discretion, at any time and without assigning any reason whatsoever. Any changes shall be effective immediately upon the posting of the revised Policy. We are constantly looking for new ways to improve our Services, including updating our Policy.
2. It is our policy to post any changes we make to our Policy on this page. If we make material changes to how we treat our users’ Information, we will notify you by e-mail to the primary e-mail address specified by you. The date the Policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date, active and deliverable e-mail address for you, and for periodically visiting our Website, undertaking our Services and this Policy to check for any changes.
3. You are encouraged to periodically review this Policy to stay informed of any such modifications, changes or updates. You will be deemed to have been made aware of, will be subject to, and will be deemed to have accepted and consented to the changes in any revised Policy by your continued use of the Website and/or the Services after the date such revised Policy is posted.

If you have questions, concerns, or suggestions regarding our Policy, we can be reached at unsubscribe@theredpen.in. In certain cases, you may have the ability to view or edit your Information online. In the event your Information is not accessible online and you wish to obtain a copy of particular Information you provided to us, or if you become aware that the Information is incorrect and you would like us to correct it, or if you would like to exercise any of your rights in relation to your Information, please contact our customer support services at unsubscribe@theredpen.in. In the event where your queries/complaints are not resolved within 30 days, you may contact us at grievances@theredpen.com.

1. In the event you have a grievance regarding our privacy policy or data usage practices, you may reach out to our customer support services at: +91 982049117.
2. In the event where your queries/ complaints are not resolved within 30 days, you may contact us at grievances@theredpen.com.

The data controller responsible for your Information is Red Pen. Please write to us at unsubscribe@theredpen.in.