Privacy Policy & Data Safety Form

Welcome to Creative Taleem, Pakistan's premier Digital Academy and EdTech platform specifically designed for Pakistani students. We are deeply committed to protecting your privacy and ensuring the paramount security of your personal information. As a dedicated educational platform empowering the youth of Pakistan, we believe that transparency is the foundation of trust. This extensive Privacy Policy is designed to detail exactly how we collect, use, store, and protect your data when you use our mobile applications and website. There are no hidden clauses; we want our students, parents, and educators to understand every single data practice we employ.

1. Comprehensive Overview

To provide you with a seamless and enriching educational experience, we collect specific, necessary types of information. We adhere to industry-standard encryption protocols (including encryption in transit) to ensure your data remains highly secured during transfer. We do not sell, rent, lease, or share your personal data with any third-party marketing agencies, brokers, or unrelated organizations under any circumstances.

2. Zero Data Sharing with Third Parties

No Data Shared with External Entities: Creative Taleem strictly does not share your personal information, learning data, financial interactions, or account details with any other external companies or organizations for their independent use.

Your data remains strictly within our securely encrypted ecosystem. The only scenarios where data is processed externally are when utilizing strictly necessary infrastructure providers (like secure email delivery or certified payment gateways to process transactions you initiate). These providers are legally bound to only process data to deliver the requested service and are prohibited from utilizing your data for any other purpose.

3. Jurisdiction & Scope (Pakistan)

Creative Taleem is a localized EdTech platform designed exclusively for students within Pakistan. Our platform curates educational content tailored exclusively for the Matric academic board and the provincial syllabus of Punjab (covering all cities within the Punjab province).

By utilizing our Digital Academy, you interact with an application engineered for the Pakistani educational ecosystem, and all personal data limits and rights correspond with relevant local tech laws.

4. Detailed Breakdown: Data We Collect and Its Purpose

Depending on your interaction with the Creative Taleem app, we collect specific data points. We believe in the principle of data minimization, collecting only what is strictly necessary to provide and maintain our services.

A. Personal Information & Authentication Methods

This category includes data that can identify you as a unique user. We require this to maintain your account continuity across devices. To make access easy and secure, we offer multiple ways to log in.

• Name: Essential for app functionality (displaying your profile, generating certificates), fraud prevention, platform security, compliance with educational standards, and overall account management.
• Email Address & Google Account (Gmail): Used as a primary authentication method. You have the freedom to register securely via a standard Email address, or utilize Google Sign-In (Gmail) for a faster, seamless login experience. We use this data strictly for core app functionality, vital developer communications, user authentication, fraud prevention, platform security, and sending account recovery links.
• Phone Number Registration & Login: We actively allow users to securely register and log in using their Phone Number via OTP (One-Time Password) verification. This serves as an exceptionally secure, passwordless login method, guarantees faster account recovery, provides vital secondary authentication measures, and enforces comprehensive platform security.
• User IDs: A system-generated alphanumeric sequence that links your account to your progress. Used securely for app functionality, fraud prevention, internal auditing, and account management.
• Other Info (e.g., Target Class, Province, City): Used exclusively for app functionality and internal account management. By knowing your academic year (specifically Matric) and your city within Punjab, we can dynamically personalize your feed to show the most relevant board-specific educational course material.
• Demographics & Profile Details (Optional): Your gender and date of birth (if provided) help us understand our student base and improve inclusivity across our content.
• Learning Preferences & App Analytics: We store details like whether you belong to the Science or Biology track and how you discovered us (e.g., Social Media). We track your total login counts and "last active" timestamps to maintain account security, curb unauthorized access, and ensure you remain connected to your study plan.

B. In-App Communications & Messages

We maintain records of communications directed to our support teams or automated systems.

• Emails & In-app messages: Whenever you contact support via email or interact with our in-app announcement widgets, we collect this messaging data solely to resolve your specific inquiry, improve developer communications, and maintain a secure environment free of fraud.

C. App Info and Diagnostics (Performance Data)

To ensure the application is running smoothly for all students, we automatically monitor anonymous performance metrics.

• Crash logs: If the application stops unexpectedly, we collect automatic, anonymous technical logs that detail what code caused the failure. This falls squarely under analytics and is vital for improving platform stability.
• Diagnostics: We measure how long a video takes to buffer or a test takes to load. Collected to analyze app performance, optimize slow operations, and drastically improve the end-user learning experience (Analytics).

D. Device Specifics & Notifications

• Device Information: We collect device-specific information such as your hardware brand, model (e.g., Xiaomi Redmi), operating system, and Android versions. This ensures our videos and tests display correctly on your specific screen and allows us to provide targeted technical support.
• Push Notifications (FCM Tokens): If you opt-in, we use secure device tokens to send you important class reminders, assignment notifications, and essential developer announcements.

E. Subscriptions, Payments & Refunds

If you enroll in any of our premium courses (such as the Kamyaabi Batch), we must maintain accurate transaction records.

• Subscription History: We securely log your chosen plan name, start and end dates, trial usage, and subscription status (active, expired, or cancelled) to ensure uninterrupted access to premium lectures.
• Payment Processing: We record the payment method selected (e.g., NayaPay, JazzCash, or bank cards) and the transaction amount. We categorically do not store your complete credit or debit card numbers—those are securely handled by official, certified payment gateways.
• Refund Data: Should you request a refund, we process and store the refund amount, the descriptive reason, and brief administrative notes to settle your claim effectively and maintain financial compliance.

F. User Reviews & Feedback

• App Ratings: We securely collect your 1 to 5-star ratings and written feedback. This invaluable data directly guides our future updates and curriculum development.

5. Industry-Standard Security Practices

Data is Encrypted in Transit: Data vulnerabilities often happen during transfer. We guarantee that whenever your data travels between your personal device (phone, tablet, computer) and our secure infrastructure, it is transferred over an industry-standard, encrypted Transport Layer Security (HTTPS/TLS) connection. This renders it unreadable to any malicious intercepts.

Data Security at Rest: In addition to secure transit protocols, any data resting in our digital vaults is encrypted at the database level. Passwords are irreversibly hashed before storage using advanced cryptographic algorithms. We actively monitor and audit our systems to deflect unauthorized access, accidental destruction, and unwarranted alterations.

6. Total Account Control & Data Deletion Rights

We believe you should have absolute control over your digital footprint. You possess the unalienable right to request the permanent deletion of your account and all associated personal data at any time. We make this process transparent, straightforward, and accessible without you needing to manually contact support.

Delete App Account & DataYou can instantly submit a request to permanently delete your account, your learning progress, and all associated personal data from our entire ecosystem by visiting our dedicated, secure data deletion portal:
Access Data Deletion Portal Here

7. Data Retention Policy & Log Data

We only retain your personal data for as long as your account is active, or as needed to provide you with our educational services. If you delete your account, your data is permanently purged from our active databases, aside from anonymized analytical data or data legally required to be kept for financial transaction compliance (e.g., invoices).

Our platform does not rely on invasive behavioral tracking cookies. Any local storage or session data used is strictly for keeping you logged in and preserving your progress across devices safely.

8. Protection of Minors

Creative Taleem is an educational platform intended for students. We are steadfastly committed to the safety of minors offline and online. We do not knowingly solicit or collect data for commercial marketing from minors, and all data collected from students is strictly utilized to provide educational insights, quiz grading, and platform functionality. If a parent or guardian discovers that a child under a certain age has provided us with personal information without consent, they may immediately contact us at our privacy desk to have that data eradicated from our systems permanently.

9. Policy Amendments

The digital landscape evolves, and so too must our security practices. We frequently review and may periodically update this Privacy Policy to ensure comprehensive alignment with emerging privacy laws, app store guidelines, and our own feature developments. We will proactively notify you of any material changes via an in-app banner or an explicit email notice well before the changes take effect.

10. App Versions and Ongoing Support

To guarantee maximum security standards and ensure you receive the most recent educational features, we continuously update our platform. Our older app versions may eventually lose compatibility and support as we roll out critical improvements and vital bug fixes.

Important: To protect your data, prevent app crashes, and secure your login experience, we strongly encourage all users to invariably update and maintain the latest version of the Creative Taleem app.

11. Detailed Data Usage and Processing

We process your data only for specific, legitimate purposes essential to providing our educational services. All processing is lawful, fair, and transparent.

• Educational Service Delivery: Using personal and learning data to provide customized courses, track progress, and deliver content.
• Account Management: Maintaining secure accounts, processing authentication, and managing subscriptions.
• Communication: Sending important updates, support responses, and educational notifications.
• Platform Improvement: Analyzing usage patterns to enhance features and fix issues.
• Legal Compliance: Meeting regulatory requirements and protecting platform integrity.
• Fraud Prevention: Detecting and preventing unauthorized access and fraudulent activities.

12. International Data Transfers

As a Pakistan-based platform, your data is primarily stored within Pakistan. However, for optimal service delivery, some processing may occur through secure international infrastructure.

• Cloud Infrastructure: We use certified cloud providers with data centers in multiple countries, all with adequate protection levels.
• Payment Processing: International payment gateways may process data in their jurisdictions for transaction security.
• Analytics Services: Anonymous analytics may be processed globally to improve our services.
• Legal Safeguards: All transfers comply with Pakistani data protection laws and include appropriate safeguards.

13. Cookies and Tracking Technologies

We use minimal tracking technologies to enhance your experience and maintain security.

• Essential Cookies: Required for app functionality, authentication, and security.
• Analytics Cookies: Anonymous usage tracking to improve performance (opt-out available).
• Session Storage: Temporary data storage for seamless app experience.
• No Third-Party Advertising: We do not use cookies for marketing or behavioral advertising.

14. Third-Party Service Providers

We work with trusted third parties to deliver our services, all bound by strict confidentiality agreements.

• Payment Processors: Secure transaction handling (e.g., NayaPay, JazzCash).
• Email Services: Secure communication delivery.
• Cloud Hosting: Reliable infrastructure for data storage.
• Analytics Providers: Anonymous performance monitoring.
• Customer Support: External help desk services for user assistance.

15. Data Subject Rights

You have comprehensive rights over your personal data under Pakistani law and our policies.

• Access Right: Request a copy of all your personal data we hold.
• Rectification Right: Correct inaccurate or incomplete data.
• Erasure Right: Request deletion of your data (subject to legal requirements).
• Portability Right: Receive your data in a structured format.
• Objection Right: Object to certain data processing activities.
• Consent Withdrawal: Withdraw consent for optional data processing.

16. Data Breach Notification

In the unlikely event of a data breach, we follow strict notification protocols.

• Immediate Response: Activate incident response team within 1 hour of detection.
• Assessment: Evaluate breach scope, impact, and affected data.
• Notification: Inform affected users within 72 hours if required by law.
• Regulatory Reporting: Notify relevant authorities as mandated.
• Remediation: Implement fixes and provide support to affected users.

17. Age Restrictions and Parental Controls

Creative Taleem is designed for Matric students, typically ages 14-18. We have additional protections for younger users.

• Minimum Age: Users must be at least 13 years old to use our services.
• Parental Consent: For users under 16, we recommend parental involvement.
• Content Filtering: Age-appropriate content delivery based on profile settings.
• Parental Access: Parents can request access to their child's account data.
• Educational Focus: All content is strictly educational, with no inappropriate material.

18. Data Minimization and Purpose Limitation

We adhere to the principles of data minimization and purpose limitation in all our practices.

• Collection Limitation: Only collect data necessary for service provision.
• Purpose Specification: Each data point has a specific, documented purpose.
• Use Limitation: Data is not used for purposes other than specified.
• Storage Limitation: Data is retained only as long as necessary.
• Regular Reviews: Periodic audits to ensure compliance with minimization principles.

19. Automated Decision Making

We use limited automated processing to enhance your learning experience.

• Personalized Content: Automated recommendations based on your learning history.
• Progress Tracking: Automated assessment of your educational progress.
• Security Monitoring: Automated detection of suspicious account activity.
• Human Oversight: All automated decisions can be reviewed by our team.
• Opt-out Options: You can disable personalized recommendations if preferred.

20. Compliance with Pakistani Laws

Our privacy practices comply with all applicable Pakistani legislation.

• Personal Data Protection Bill 2023: Comprehensive data protection framework.
• Prevention of Electronic Crimes Act 2016: Cyber security and data protection.
• Telecommunications Act 1996: Electronic communications privacy.
• Consumer Protection Act 2019: Consumer data rights.
• Electronic Transactions Ordinance 2002: Digital data handling.

21. Data Security Measures

We implement multiple layers of security to protect your data.

• Encryption: Data encrypted in transit and at rest using industry standards.
• Access Controls: Role-based access with multi-factor authentication.
• Regular Audits: Independent security audits and penetration testing.
• Employee Training: Ongoing privacy and security training for staff.
• Incident Response: 24/7 monitoring and rapid response capabilities.
• Backup Security: Encrypted backups with secure storage and recovery procedures.

22. Contact Information and Complaints

For privacy-related inquiries, complaints, or exercising your rights, contact our dedicated privacy team.