Privacy Policy for Pulisync

1.1 Personal Information

• Name (first name, last name)
• Email address
• Phone number
• Billing and shipping address
• Payment information (credit card details, digital wallet IDs, transaction history)
• Institution details (school name, student details, affiliation)
• Identity verification data (if required for regulatory compliance)

1.2 Non-Personal Information

• Device information (IP address, browser type, OS, device model)
• Usage data (pages visited, time spent, features used)
• Location data (with user consent for location-based services)

1.3 Data Collected from Third Parties

• Payment providers (for successful or failed transactions)
• Educational institutions (for account verification and service integration)
• Third-party analytics tools (Google Analytics, Hotjar, etc.)

2.1 Service Delivery and Account Management

• To create and manage user accounts
• To authenticate users and enable secure logins
• To facilitate financial transactions and manage payments
• To provide customer support and resolve issues

2.2 Communication and Notifications

• To send account verification, payment confirmations, and security alerts
• To notify users of service updates, policy changes, and technical issues
• To deliver marketing communications (if consent is provided)

2.3 Security and Fraud Prevention

• To prevent unauthorized access, data breaches, and fraudulent activities
• To conduct security monitoring and detect suspicious behavior
• To comply with legal obligations (AML/KYC verification, if applicable)

2.4 Analytics and Platform Optimization

• To analyze user behavior and improve website functionality
• To generate reports on system usage and performance
• To conduct A/B testing for UI/UX enhancements

• We process your data under the following legal grounds:
• Contractual Necessity: Processing data to fulfill our service obligations.
• Legitimate Interests: Analyzing usage patterns to improve the platform.
• Consent: When users explicitly agree to marketing communications.
• Legal Compliance: Adhering to data protection laws and financial regulations.

4.1 With Third-Party Service Providers

We partner with:

• Payment processors (Stripe, PayPal, Razorpay) for secure transactions.
• Hosting providers (AWS, DigitalOcean) for data storage.
• Communication services (SendGrid, Twilio) for emails and SMS notifications.

4.2 With Educational Institutions

If your account is linked to a school, some data may be shared with school administrators for account management and service integration.

4.3 Legal Disclosures

We may disclose user data:

• To comply with legal obligations (court orders, regulatory requirements).
• To prevent fraud or security threats.

• Encryption: AES-256 encryption for stored data and TLS 1.2 for secure data transmission.
• Multi-Factor Authentication (MFA): Required for high-risk transactions.
• Access Controls: Role-based access to sensitive data.
• Regular Security Audits: Routine vulnerability testing and penetration testing.
• Data Anonymization: Personally identifiable data is masked when not required.

• Account Information: Stored until user requests deletion.
• Payment Records: Retained for 7 years (for regulatory compliance).
• Log Files & Analytics Data: Stored for 12 months.

• Account Information: Stored until user requests deletion.
• Payment Records: Retained for 7 years (for regulatory compliance).
• Log Files & Analytics Data: Stored for 12 months.

• Essential functions: Authentication, user preferences.
• Performance tracking: Google Analytics, Hotjar.
• Advertising (if applicable): Google Ads, Facebook Pixel.

We ensure compliance through:

• Standard Contractual Clauses (SCCs) for EU users.
• Privacy Shield (if applicable) for US-based transfers.

We reserve the right to modify this Privacy Policy periodically. If changes occur:

• We will notify users via email or app alerts.
• Continued use of Pulisync after updates constitutes acceptance.