Introduction
This Privacy Policy explains how Edrion AI, operated by Kaipullha Tech Labs (owned by Karol John and Danesh R), collects, uses, processes, shares, and protects information when you use our services.
We comply with applicable data protection laws, including the Indian DPDP Act 2023, GDPR, UK GDPR, CCPA/CPRA, COPPA, and other relevant regulations.
1. Information We Collect
1.1 Information You Provide
We may collect:
- Name, email address, and account identifiers
- Profile and onboarding information
- Account preferences and settings
- Payment-related information (processed by third-party providers)
1.2 User-Generated Content
This includes:
- Text queries and chat messages
- AI interactions and prompts
- Uploaded files, images, or documents
- Notes, assignments, or saved content
1.3 Automatically Collected Data
We may collect:
- Device type, browser, OS
- Approximate IP-based region (not precise GPS)
- Feature usage, session duration, interactions
- Diagnostics, crash logs, performance metrics
1.4 What We Do Not Collect
We do not collect:
- Precise real-time location (GPS)
- Biometric identifiers
- Government-issued IDs (unless legally required)
2. How We Use Information
We use collected data to:
- Provide and operate Edrion AI services
- Personalize learning experiences
- Improve AI systems, models, and features
- Analyze usage patterns and performance
- Conduct research and product development
- Provide support and communications
- Detect fraud, abuse, or security incidents
- Comply with legal obligations
3. Aggregated, Anonymized & Derived Data
We may create and use:
- Aggregated data (combined across users)
- Anonymized data (cannot reasonably identify individuals)
- Derived data (insights, statistics, trends, benchmarks generated from usage)
3. Aggregated, Anonymized & Derived Data (continued)
This data:
- Does not identify you personally
- May be used for research, analytics, AI training, benchmarking, reporting, and commercial purposes
- May be shared with or licensed to partners, institutions, researchers, or third parties
3. Aggregated, Anonymized & Derived Data (continued)
Personal data is never shared in identifiable form for these purposes.
4. Sharing of Information
We may share information with:
- Cloud hosting, analytics, and infrastructure providers
- Payment processors and authentication providers
- AI and data processing service providers
- Legal or regulatory authorities when required by law
4. Sharing of Information (continued)
We do not sell personal data as defined by applicable privacy laws.
5. Legal Basis for Processing (GDPR)
We process data based on:
- Contractual necessity
- Legitimate interests (analytics, security, improvement)
- User consent (where required)
- Legal obligations
6. Data Retention
We retain information:
- While your account is active
- As needed for legitimate business, legal, or compliance purposes
6. Data Retention (continued)
You may request deletion at any time, subject to legal requirements.
7. Children's Privacy
Users under 13 must use the service under parental guidance.
We do not knowingly collect personal data from children without appropriate consent.
8. Your Rights
Depending on your location, you may have rights to:
- Access, correct, or delete your data
- Restrict or object to processing
- Data portability
- Withdraw consent
- Lodge complaints with authorities
9. Security
We implement reasonable technical and organizational safeguards including:
- Encryption
- Access controls
- Secure infrastructure
- Monitoring and rate limiting
10. International Transfers
Data may be processed in India, the EU, the US, or other regions using lawful safeguards (e.g., SCCs).
11. Changes
We may update this policy periodically. Continued use constitutes acceptance.