IGNEXII is an online learning platform accessible through https://ignexii.com and the IGNEXII mobile application. This Privacy Policy explains how we collect, use, disclose, store and protect your personal information when you use our services. By using IGNEXII you agree to this Privacy Policy.
We may collect your name, email address, phone number, billing information, login credentials, profile information, course activity, comments, downloadable resource usage, device information, IP address, browser details, cookies, analytics data and communications with us.
4. How We Use Information
We use your information to create accounts, provide courses, process subscriptions, authenticate users, improve learning experiences, provide customer support, communicate updates, send promotional emails, SMS and WhatsApp messages (where permitted), comply with law and protect our platform.
Category of Data
Purpose of Processing
Identity Data & Contact Data
Account registration; identity verification; communicating with You regarding Your subscription, account, or queries; sending administrative notices and service updates.
Account Credentials
Authentication and secure access to Your account; password recovery.
Payment and Financial Data
Processing subscription and enrolment fees; issuing invoices and receipts; complying with GST obligations; fraud prevention; record-keeping under the Income Tax Act, 1961.
Educational and Interaction Data
Delivering Course content; tracking and displaying Your progress; issuing certificates; improving Course quality; analysing learning outcomes.
Communications Data
Responding to Your queries; moderating platform discussions; improving the Platform; addressing complaints and grievances.
Device, Technical, and Usage Data
Maintaining platform security; diagnosing technical issues; improving platform performance and user experience; analysing engagement trends.
Location Data (approximate)
Fraud prevention; compliance with regional access restrictions; tailoring content or pricing where applicable.
Identity Verification Data
Compliance with KYC and anti-money laundering requirements under Applicable Laws.
5. Payments
Payments are processed securely through Razorpay. IGNEXII does not store your complete debit/credit card information. Payment information is processed according to Razorpay's security standards and applicable laws.
6. Community Features
Users may post comments and interact with other learners. Users are responsible for content they submit. IGNEXII may remove content violating applicable laws or community guidelines.
6.1 How to Manage Cookies
You may control and delete cookies through Your browser settings. Please note that disabling certain cookies may impair the functionality of the Platform.
7. Sharing Information
We may share information with trusted service providers including payment processors, cloud hosting providers, analytics providers and government authorities where legally required.
7.3 Legal and Regulatory Disclosure
We may disclose Your personal data without Your consent where required or permitted by Applicable Laws, including:
In response to a valid court order, summons, or direction issued by a competent court, tribunal, or judicial authority;
In response to a lawful demand or requisition by a government department, law enforcement agency, tax authority, or regulatory body;
To comply with Our obligations under the Information Technology Act, 2000, the Prevention of Money Laundering Act, 2002, the Income Tax Act, 1961, or any other Applicable Laws; or
Where disclosure is necessary to prevent, detect, or investigate an offence, fraud, or breach of these Terms.
8. Data Security
We implement reasonable administrative, technical and organizational safeguards to protect personal information. No internet transmission is completely secure.
9. DATA RETENTION
9.1 We retain Your personal data only for as long as is necessary for the purposes for which it was collected, or as required by Applicable Laws, whichever is longer.
9.2 Upon expiry of the applicable retention period, personal data shall be securely deleted or anonymised in a manner that renders it irretrievable, in accordance with the Operator’s internal data destruction procedures and the requirements of Applicable Laws.
9.3 Notwithstanding the above, We may retain personal data for a longer period where necessary to comply with a legal obligation, to defend or exercise legal claims, or pursuant to a direction from a competent authority.
10. DATA SECURITY
10.1 The Operator implements appropriate technical and organisational measures to protect Your personal data against unauthorised access, disclosure, alteration, loss, or destruction, in accordance with:
The Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011; and
Industry-standard security practices as applicable to an online educational platform of comparable nature and scale.
10.2 The security measures we employ include, without limitation:
Transmission of data over encrypted channels using SSL/TLS protocols;
Storage of passwords using one-way cryptographic hashing with salting;
Restricted access controls ensuring that personal data is accessible only to authorised personnel or systems on a need-to-know basis;
Regular security assessments of the Platform’s infrastructure; and
Data minimisation practices, collecting only the personal data necessary for the stated purposes.
10.3 While We take all reasonable measures to secure Your personal data, no method of transmission over the internet or electronic storage is completely secure. The Operator cannot guarantee absolute security. You are responsible for maintaining the confidentiality of Your account credentials.
10.4 Personal Data Breach. In the event of a personal data breach that is likely to result in a risk to the rights of Data Principals, the Operator shall:
Take immediate steps to contain and mitigate the breach;
Notify the Data Protection Board of India, upon its establishment and as required under the DPDPA and rules thereunder; and
Notify affected Subscribers at their registered email address, where required by the DPDPA or where the breach poses a high risk to the Subscriber’s rights and interests, providing details of the nature of the breach and recommended protective measures.
11. THIRD-PARTY LINKS AND INTEGRATED SERVICES
13.1 The Platform may contain links to third-party websites, payment gateways, social media platforms, or other external services. This Policy does not apply to such third-party services, and the Operator is not responsible for the privacy practices of any third party. We encourage You to review the privacy policies of any third-party services You access through the Platform.
13.2 Where We integrate third-party tools such as video hosting platforms, payment gateways, or single sign-on providers, Your use of such integrated services may involve the transmission of personal data to those providers in accordance with their own terms of service and privacy policies.
12. APPLICABLE LAWS AND COMPLIANCE FRAMEWORK
14.1 The Operator processes personal data in compliance with the following laws, rules, and regulatory frameworks, as applicable.
14.2 The Operator shall update its data processing practices and this Policy as required to reflect changes in the above regulatory framework, including the progressive notification of the DPDPA’s provisions and all other Applicable Law.
13. CHANGES TO THIS PRIVACY POLICY
16.1 The Operator reserves the right to update, modify, or revise this Policy at any time to reflect changes in Our data processing practices, applicable legal requirements, or Platform operations. The revised Policy shall be posted on the Platform with an updated “Last Updated” date.
16.2 For material changes to this Policy including changes that significantly alter the purposes of processing, categories of data collected, sharing practices, or Your rights We shall provide You with prior notice via email to Your registered address, and shall seek fresh consent where required by Applicable Laws.
16.3 Your continued use of the Platform following the effective date of a revised Policy shall constitute Your acceptance of the revised terms, except where Your fresh consent is required, in which case continued use shall be conditional on such consent being provided.
17. GOVERNING LAW
17.1 This Privacy Policy shall be governed by and construed in accordance with the laws of India.