Terms, Privacy & Security Policy
Last updated: June 25, 2026
1. Terms & Conditions
Welcome to AiGyan India. By accessing this website, you agree to comply with and be bound by the following terms of use:
- Usage Eligibility: The content provided is for educational and informational purposes for students, developers, and tech enthusiasts aged 13 and above.
- User Accounts: You must keep your credentials secure. Any malicious activity traced to your account may lead to immediate suspension without notice.
- Intellectual Property: All tool directory compilations, tutorial guides, and custom designs are owned by AiGyan India. You may share content using the provided links, but unauthorized scraping, copying, or commercial use is strictly prohibited.
- Acceptable Use: You agree not to use this platform for illegal activities, to spread misinformation, or to harass other users. Violations may result in account termination.
- Disclaimer: AiGyan India provides AI tools for educational purposes. We do not endorse any specific third-party tool and are not responsible for decisions made based on information found on this platform.
2. Privacy Policy
We respect your privacy and are committed to protecting your personal data. Here is how we handle user data:
- Data Collection: We collect signup details (name, email, age, gender, profession, phone, and discovery source) to customize your dashboard and improve user experience.
- Email Communications: Curated newsletters and system notices are sent only if email consent is checked at signup. You can opt out at any time by contacting us at support@aigyanindia.info.
- No Passwords Shared: Your passwords are securely hashed using bcrypt with salting. When database backups are compiled, password hashes are strictly excluded.
- Data Retention: We retain your data for as long as your account is active. You may request deletion of your account and associated data at any time.
- Third-Party Services: We use Supabase for database services, Google Fonts for typography, and Cloudflare for CDN. Each provider has their own privacy policy.
- Cookies: We use session cookies (necessary for login functionality) and local storage for theme preferences. We do not use tracking or advertising cookies.
3. GDPR Compliance (EU Users)
AiGyan India is committed to full compliance with the General Data Protection Regulation (GDPR) for all users in the European Union and European Economic Area.
Your Rights Under GDPR:
- Right to Access (Art. 15): You have the right to request a copy of all personal data we hold about you.
- Right to Rectification (Art. 16): You may request correction of any inaccurate personal information.
- Right to Erasure / "Right to be Forgotten" (Art. 17): You may request complete deletion of your personal data from our systems.
- Right to Data Portability (Art. 20): You can request your data in a structured, machine-readable format (JSON/CSV).
- Right to Restrict Processing (Art. 18): You may request that we limit how we use your data under certain circumstances.
- Right to Object (Art. 21): You can object to the processing of your personal data for direct marketing purposes at any time.
- Right not to be subject to Automated Decision-Making (Art. 22): We do not use fully automated decision-making or profiling that produces legal or significant effects.
Lawful Basis for Processing:
- Contract: Processing necessary to provide the AiGyan platform services you have signed up for.
- Consent: Newsletter communications (explicit opt-in at registration).
- Legitimate Interest: Platform security, fraud prevention, and analytics.
To exercise any of the above rights or for GDPR-related inquiries, contact our Data Protection Officer at: dpo@aigyanindia.info
4. Digital Personal Data Protection (DPDP) Act 2023 — India
AiGyan India is committed to full compliance with the Digital Personal Data Protection (DPDP) Act, 2023 — India's landmark data protection legislation.
Your Rights as a Data Principal:
- Right to Information (Section 11): You have the right to know what personal data we process, the purpose of processing, and with whom it is shared.
- Right to Correction and Erasure (Section 12): You may correct inaccurate personal data or request erasure when the purpose of processing is fulfilled.
- Right to Grievance Redressal (Section 13): You may raise complaints about data handling, which we will address within 30 days.
- Right to Nominate (Section 14): You may nominate another individual to exercise your rights in the event of your death or incapacity.
- Right to Withdraw Consent (Section 6): Where we process data based on consent, you can withdraw consent at any time without affecting past processing.
Our Obligations as Data Fiduciary:
- Purpose Limitation: We collect only the personal data strictly necessary for providing AiGyan services.
- Data Localisation: User data of Indian residents is stored on servers compliant with applicable Indian data localisation requirements.
- Breach Notification: In the event of a data breach, we will notify affected users and the Data Protection Board of India within the required timeframe.
- Parental Consent: Users under 18 require verifiable parental consent in accordance with DPDP provisions.
- Significant Data Fiduciary: We continuously evaluate our obligations under the DPDP Act as our platform grows.
For DPDP Act related grievances or data principal rights requests (India): privacy@aigyanindia.info
5. Security Policy
We implement multiple layers of security to protect your data and our platform:
- Password Hashing: All passwords are hashed using bcrypt with random salts — never stored in plaintext.
- CSRF Protection: All state-changing requests are protected with rotating CSRF tokens.
- HTTPS/TLS: All communications are encrypted in transit using TLS 1.2+.
- Rate Limiting: Login and OTP endpoints are rate-limited to prevent brute-force attacks.
- Security Headers: We enforce X-Content-Type-Options, X-Frame-Options, Referrer-Policy, and HSTS headers.
- Human Verification: Bot-prevention math challenge and slider verification protect our platform from automated abuse.
- Input Sanitization: All user inputs are validated and sanitized to prevent SQL injection and XSS attacks.
- Session Security: Sessions are HTTPOnly, SameSite=Lax, and Secure (HTTPS-only in production).
Contact & Data Requests
For any privacy-related requests, data erasure, or compliance queries: