Privacy Policy

Last updated: 21-April-2021

In this policy, we describe what data we collect and why, how your data is handled, and your rights to your data. We never sell your data to a third party.

This policy applies to all software products built and maintained by Cerebroid Education Private Limited, currently the FlashCardz study system.

What we collect and why
As a principle we collect only what we need. Here’s what that means in practice:

Identity & access
When you sign up for the FlashCardz study system, we typically ask for identifying information such as your name, email address, and your mobile number. That’s just so we can identify you as an authentic user and prevent unauthorised access to your account. When onboarding institutions like schools and coaching classes, we ask for such identifying information for each user who is authorised to use the system. We’ll never sell your personal information to third parties, and we won’t use your name or the institution’s name in marketing statements without your permission.

Billing information
When you pay for use of the FlashCardz system, we ask for your credit card, debit card or other payment method information and billing address. That’s so we can charge you for service, calculate taxes due, and send you confirmation of payment. Your payment information is passed directly to our payment processor and doesn’t ever go through our servers. We store a record of the payment transaction, and billing address, for account history.

Website interactions
When you browse our marketing website, your browser automatically shares certain information such as which operating system and browser version you are using. We track that information using google analytics, along with the pages you are visiting, page load timing, and which website referred you for statistical purposes like conversion rates and to test new designs. We sometimes track specific link clicks to help inform some design decisions. None of this information is stored on our servers.

Cookies
We do use persistent first-party cookies to store certain preferences, make it easier for you to use our applications. A cookie is a piece of text stored by your browser to help it remember your login information, site preferences, and more. You can adjust cookie retention settings in your own browser.

Voluntary correspondence
When you write to us with a suggestion, question or to ask for help, we keep that correspondence, including the email address, so that we have a history of past correspondences to reference if you reach out in the future.

We also store any information you volunteer like surveys. Sometimes when we do customer interviews, we may ask for your permission to record the conversation for future reference or use. We only do so if you give your express consent.

Information we do not collect

We don’t ask for or collect any characteristics of protected classifications including age, race, gender, religion, sexual orientation, gender identity, gender expression, or physical and mental abilities or disabilities. We also do not collect any biometric data.

When we access or share your information
Our default practice is to not access your information. The only times we’ll ever access or share your info are:

To provide products or services you’ve requested.
The information we collects helps us to enable you to log in, to personalise your experience, and to prevent unauthorised access to your account.

To help you troubleshoot

To help you solve a problem or squash a software bug, with your permission. If at any point we need to access your account to help you with a Support case, we will ask for your consent before proceeding.

To investigate unauthorised use

To investigate, prevent, or act regarding unauthorised use of our products. Accessing a customer’s account when investigating potential abuse is a measure of last resort. We have an obligation to protect the privacy and safety of both our customers and the people reporting issues to us. We do our best to balance those responsibilities throughout the process.

When required under applicable law

Cerebroid Education Pvt Ltd is a company incorporated in India, all data infrastructure is currently located on Amazon Web Services (AWS) servers in the USA.

In the unlikely event that a law enforcement authority, with the necessary authorisation, requires that we share data, we must comply. In such an event we would share the bare minimum data that satisfies such a request.

Similarly, if we are audited by a tax authority, we may be required to share billing-related information. If that happens, we only share the bare minimum needed such as billing addresses and amount paid.

If Cerebroid Education Pvt Ltd is acquired by or merged with another company, we’ll notify all our subscribers well before any info about them is transferred and becomes subject to a different privacy policy.

How we secure your data
All data is encrypted via SSL when transmitted from our servers to your browser. The database backups are also encrypted.

Most data is not encrypted while it is stored in our database (since it needs to be ready to send to you when you need it), but we go to great lengths to secure your data.

Have any questions, comments, or concerns about this privacy policy, your data, or your rights with respect to your information? Please get in touch by emailing us at info@flashcardz.in and we’ll be happy to answer them.