LLevelUp IAS
Home

Privacy Policy

Privacy Policy

Version v1·Effective from 2025-01-01

Privacy Policy

Last updated: 20 May 2026

This Privacy Policy explains how LevelUp IAS ("we", "us") collects, uses, and protects personal data in line with the Digital Personal Data Protection Act, 2023 (DPDP Act) and the DPDP Rules, 2025.

1. Data we collect

  • Identity: name, phone, email, date of birth, gender, state of residence, Aadhaar/PAN (for KYC), profile photo (optional)
  • Academic: course preferences, attendance, test scores
  • Financial: payment records, GST invoices, refund records
  • Technical: IP address, browser, device, session timestamps

2. Purposes (purpose-bound consent)

We process your data for:

  1. Course delivery & student services — required to run your enrollment.
  2. Payments & statutory compliance — invoices, GST, PMLA, income-tax reporting.
  3. eKYC — Aadhaar and PAN verification through accredited providers.
  4. Operational communications — installment reminders, schedule updates, refund status.
  5. Marketing (optional, separately consented) — new course launches, offers.

You consent to (1)–(4) at admission. You may grant or withdraw (5) at any time without affecting (1)–(4).

3. Sharing

We do not sell your personal data. We share strictly as needed with:

  • Payment gateways (Razorpay/PayU/Cashfree) — only the data they need to process the payment.
  • eKYC providers (Cyrus / Digio / others) — only Aadhaar/PAN and OTP data.
  • Communication providers (Brevo for email, MSG91 for SMS) — your name, contact, and the message content.
  • Tally / accounting partners — for statutory bookkeeping and audit.
  • Government authorities — if compelled by law.

4. Retention

  • Invoices: 8 years (Income-tax Act)
  • KYC records: 10 years (PMLA)
  • Audit logs: 10 years
  • Marketing-only data: until you withdraw consent

After retention windows, we erase or anonymise the data.

5. Security

We use industry-standard safeguards including TLS for transit, envelope encryption for documents at rest, role-based access, and audit logging of every change to your record.

6. Your rights

You may:

  • Access your personal data through the Student Portal.
  • Correct inaccurate data (some fields require staff verification).
  • Erase data subject to legal retention requirements.
  • Withdraw consent for marketing communications at any time.
  • Nominate a representative to exercise these rights on your behalf.
  • Grieve to our Data Protection Officer at dpo@levelupias.com.

7. Children's data

Minors below the age of 18 must enrol via a parent or guardian who provides verifiable consent.

8. Updates

We may update this Privacy Policy. Material changes will be communicated by email at least 7 days before they take effect.

9. Contact

Data Protection Officer (DPO) — dpo@levelupias.com Grievance Officer — grievance@levelupias.com

Official URL: https://www.levelupias.com/privacy-policy/