Sign In
Follow Us
Sign In
logo
shape
shape
shape

Privacy Policy

Home / Privacy Policy

Last updated: June 30, 2026

This Privacy Policy explains how Bodhira.ai collects, uses, and protects your personal data. We comply with India's Digital Personal Data Protection Act, 2023.

1. Data We Collect

  • Account data: name, email, phone, role, school affiliation, grade, date of birth.
  • Learning data: lessons watched, quizzes attempted, assignments submitted, attendance, AI chat history and daily AI token usage.
  • Messages: conversations between parents and class teachers sent through the platform.
  • Technical data: IP address, browser, device info, session cookies for security.
  • Payment data: processed by Razorpay or Stripe; we never store full card numbers.

2. How We Use It

  • Provide and personalise the Service.
  • Generate learning analytics and AI recommendations.
  • Communicate about your account (grade notifications, assignment reminders).
  • Detect and prevent abuse.

3. Children's Data

For users under 18, a parent or guardian must consent to data processing through the school's enrolment process. Parents may request access, correction, or deletion of their child's data at any time.

4. Data Sharing

We share data only with:

  • Schools for users they have enrolled.
  • Service providers (hosting, email, payment gateway, Anthropic for AI features) under data processing agreements.
  • Authorities when legally required.

We do not sell personal data, ever.

5. AI Processing

Student queries sent to the AI Doubt Solver are processed by Anthropic's Claude model. Anthropic does not train models on this data per their API terms. We retain chat history on our servers so you, your teachers, and your school can review past conversations; you can delete sessions at any time. AI usage is metered with a daily per-student token allowance set by your school or the platform.

6. Retention

We retain account data while your account is active and for up to 12 months after closure for legal/audit purposes. Anonymised analytics may be retained longer.

7. Security

  • HTTPS in transit, AES-256 at rest.
  • Passwords stored as bcrypt hashes.
  • Sessions are HttpOnly and SameSite=Lax cookies.
  • Role-based access control on every endpoint.

8. Your Rights

You may:

  • Access your data via your profile page or by request.
  • Correct inaccurate data.
  • Delete your account.
  • Withdraw consent for processing (may limit Service availability).
  • File a grievance with our Data Protection Officer at dpo@bodhira.com.

9. Cookies

We use session cookies for authentication and CSRF protection. We don't use third-party tracking cookies.

10. Contact

Privacy concerns? Email our Data Protection Officer at dpo@bodhira.com.