Effective date: 25-Aug-2025 | Version: 1

CorePrep (or “COREPREP”) is a product of Vidya Jeevan (“Vidya Jeevan”, “Vidyajeevan” “we”, “us”, or “our”). This Privacy Policy describes how we collect, use, disclose, and protect personal data when you use our website portal.coreprep.in, mobile applications, services offered at our offline learning centre (the “Vidyajeevan Centre”), and related services (collectively, the “Services”). This Policy is drafted to align with the Digital Personal Data Protection Act, 2023 (India) and good industry practices

Data Fiduciary: Vidya Jeevan
Registered Address: Plot No.6, Surajpur - Kasna Rd, Institutional Area, Knowledge Park I, Greater Noida, Uttar Pradesh 201310
Grievance Officer / Data Protection Officer: Mr. Ritesh Kapoor
For any questions or to exercise privacy rights, please contact the Grievance Officer at the Vidya Jeevan Centre.

This Policy applies to: (a) visitors and registered users of the COREPREP or CorePrep web/app; (b) learners and walk‑in users at the Vidyajeevan Centre using our cubicles/computers; (c) candidates taking mock or demo exams hosted by us; and (d) customer support interactions. This Policy does not cover third‑party websites or services that we do not control.

We collect the following categories of personal data depending on your use of the Services:

• Identity & contact data: name, mobile number, email, photo (optional), postal address.
• Education/professional data: medical college/institute, year of graduation, registration number (if provided), target exam(s).
• Account & authentication data: username, hashed passwords, session tokens, OTP logs.
• Payment & transaction data: amount, order ID, payment instrument type and masked identifiers, billing address (payments are processed by third‑party gateways).
• Usage & analytics data: pages/screens visited, device identifiers, app and browser version, crash logs, referral source, cookies and similar technologies.
• Learning data: courses purchased, videos watched, time‑on‑task, MCQ attempts, scores, bookmarks, feedback, doubt tickets.
• Centre data: CCTV footage of common areas, entry/exit logs, cubicle allotment, computer login/activity metadata (e.g., timestamps, installed software checks), Wi‑Fi access logs.
• Communications: emails, calls, WhatsApp/SMS interactions with support, grievance tickets.
• KYC/ID (optional): if you choose to verify identity to use the Centre, acceptable IDs include passport, driving licence, or other government‑issued ID. Aadhaar is optional; you may choose another ID.

To ensure secure access to our premises, we collect and verify user identity using one of the following government-issued documents:

• Passport
• Driving License
• Voter ID
• PAN Card
• Aadhaar (optional)

You may select any one of these documents to verify your identity. Submission of Aadhaar is entirely voluntary and not required to gain access.

The ID is collected solely for identity verification to ensure authorized access to our premises.

• The uploaded ID is used only for verification purposes.
• We do not share your ID with third parties, except as required by law.

You are required to provide explicit consent before uploading your ID. You can refuse to provide Aadhaar and choose an alternative document without being denied access.

• Your ID is stored using secure encryption protocols.
• Only authorized personnel can access this data.
• The data is retained only for as long as necessary and then securely deleted.

• You may withdraw consent at any time, subject to verification implications.

We process personal data for the following purposes and rely on one or more lawful bases (your consent, performance of a contract, legitimate uses permitted under law, compliance with legal obligations):

• Create and manage your account; provide courses, tests, rankings, progress tracking and centre services.
• Process payments and prevent fraud (via payment gateways).
• Operate proctored or centre‑based demo exams and ensure academic integrity.
• Maintain security of our premises, networks and computers (including CCTV of common areas and basic device hygiene checks on centre computers).
• Provide customer support, issue resolution and grievance redressal.
• Improve content and features through analytics and A/B testing.
• Send service messages (transactional emails/SMS/WhatsApp) and, with your consent, limited marketing communications.
• Comply with law, enforce our Terms, and protect our rights and users’ safety.

We use cookies/SDKs for core functionality (login, load balancing), analytics, and remembering preferences. You can control cookies via browser settings; disabling some cookies may impact functionality.

We share data with trusted service providers under contracts, for example: cloud hosting, analytics, payment processing, SMS/WhatsApp/email delivery, customer support tools, and proctoring solutions. We may disclose data if required by law or to protect users and our Services. Where data is processed outside India, we implement appropriate safeguards and rely on legal transfer mechanisms as permitted by law.

Illustrative service categories:

• Cloud/hosting & CDN (e.g., AWS, Azure, GCP, Cloudflare).
• Payment gateways & fraud prevention (e.g., Razorpay, Stripe).
• Analytics & crash reporting (e.g., Google Analytics, Firebase Crashlytics).
• Messaging (e.g., Twilio/MSG91/WhatsApp Business).
• Proctoring/assessment (if enabled).

• Account data: retained for the life of your account and for up to 36 months after closure.
• Learning/assessment data: retained for 60 months after your plan ends for audit and academic analytics; de‑identified thereafter.
• Payment records: retained for statutory periods (tax/audit).
• CCTV (centre common areas): typically 180 days unless required longer for investigations.
• Network and security logs: typically 90 days, unless required longer for security/legal purposes.

• Correction & updating: correct inaccurate or incomplete data; phone number and email address cannot be changed.
• Deletion: request deletion of your account and personal data (subject to legal retention).
• Consent withdrawal: withdraw consent where processing is based on consent.
• Grievance: write to the Grievance Officer; unresolved issues may be escalated to the Data Protection Board once operational under law.

To exercise rights, email [email protected] from your registered email ID. We may verify your identity before acting on requests.

COREPREP or CorePrep is intended for adult learners (18+). If you are below 18, you should use the Services only under the supervision of a parent/guardian and after they have reviewed this Policy.

We use technical and organisational measures appropriate to the risk (e.g., encryption in transit, access controls, employee training). No system is completely secure; users should also practice good security hygiene.

Our Services may contain links to third‑party sites/apps. We are not responsible for their privacy practices. Please read their policies.

We may update this Policy from time to time. Material changes will be notified on the website/app, and the latest effective date will appear at the top.

Email: [email protected] | Address: Plot No.6, Surajpur - Kasna Rd, Institutional Area, Knowledge Park I, Greater Noida, Uttar Pradesh 201310