Privacy Policy

Last Updated: February 20, 2026

1. Introduction

Current Plus Point (“we”, “our”, “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our website or mobile application.

2. Information We Collect

We collect the following categories of data:

  • Personal Data: Name, email address, mobile number.
  • Account Data: Login credentials, encrypted passwords, JWT tokens.
  • Device Data: Device ID, operating system, app version, FCM token.
  • Usage Data: Test attempts, scores, time spent, language preference.
  • Payment Data: Transaction reference IDs (we do not store card/bank details).

3. Lawful Basis for Processing (GDPR)

We process your personal data based on:

  • Your explicit consent at registration.
  • Performance of a contract (providing test series and services).
  • Legal obligations under Indian laws.
  • Legitimate interests such as fraud prevention and service improvement.

4. How We Use Your Data

  • To create and manage user accounts.
  • To deliver test series and learning content.
  • To send exam alerts, updates, and notifications.
  • To process payments and verify transactions.
  • To detect misuse, cheating, or unauthorized access.
  • To improve platform performance and reliability.

5. Push Notifications

We use Firebase Cloud Messaging (FCM) to send important notifications such as exam alerts, test availability, and account-related updates. You may disable notifications from your device settings.

6. Cookies & Tracking

We may use cookies or similar technologies to maintain sessions, remember preferences, and improve user experience. These do not store sensitive personal information.

7. Third-Party Services

We use trusted third-party services:

  • Firebase (Google): Notifications, analytics, crash reporting.
  • Payment Gateways (Razorpay / PhonePe): Secure payment processing.

These services operate under their own privacy policies. We do not control or store their sensitive data.

8. Data Storage & Retention

Your data is stored on secure servers located in India or compliant regions. We retain personal data only as long as necessary to fulfill service requirements or legal obligations.

9. Data Security

We implement industry-standard security measures including encryption, access controls, and secure authentication. However, no system is completely secure, and users acknowledge this inherent risk.

10. User Rights (GDPR)

You have the right to:

  • Access your personal data.
  • Request correction of inaccurate data.
  • Request deletion of your account and personal data.
  • Withdraw consent for notifications or communications.
  • Object to certain data processing activities.

11. Account Deletion

You may request account deletion by contacting our support team. Upon verification, your data will be deleted unless retention is required by law.

12. Children’s Privacy

Our services are not intended for children under 13 years of age. We do not knowingly collect personal data from minors.

13. Data Sharing

We do not sell, rent, or trade your personal data. Data is shared only with trusted service providers or when required by law.

14. Legal Compliance

We comply with the Information Technology Act, 2000, India’s DPDP Act, and applicable GDPR principles for international users.

15. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date.

16. Contact Us

If you have questions, concerns, or data requests, contact us at:
Email: support@inhexa.in