Legal

Privacy Policy

This policy explains how EduPath handles student, parent, account, academic, identity, payment, and usage data.

Effective and last updated: June 25, 2026

Who controls your data

EduPath, operated by Astute Career Counselling Academy, controls personal data processed through this platform. Privacy requests may be sent to info@joinedupath.com.

Data we collect

  • Account details such as name, email address, mobile number, role, and login security records.
  • Academic and admission details such as exam scores, ranks, category, domicile, preferences, and counselling choices.
  • DigiLocker and APAAR identity data, verified fields, and documents you explicitly authorize us to retrieve.
  • Payment identifiers, order status, plan, and transaction metadata. Full card or UPI credentials remain with the payment provider.
  • Support, communication preferences, product events, device, browser, and security logs.
  • Optional analytics only after you select “Allow analytics.”

Why we use data

  • Create and secure accounts, verify identity, provide predictions, reports, counselling, and support.
  • Process payments, prevent fraud, enforce usage limits, diagnose failures, and protect the service.
  • Send service messages and, only where selected, promotional communication.
  • Improve recommendations using aggregated or de-identified information.
  • Meet legal, tax, dispute, and regulatory obligations.

Sharing and processors

Data is shared only as needed with hosting, database, object storage, email, WhatsApp, analytics, AI, DigiLocker, and payment providers. These providers process data to deliver contracted services. We do not sell personal data. AI requests may include relevant profile facts needed to answer an admission question; raw identity documents are not included.

Retention and security

Account and academic records are retained while your account is active and for legitimate legal, fraud-prevention, or dispute periods afterward. Reset tokens and temporary security records expire. DigiLocker documents are access-controlled; raw XML is not retained, and PDF database copies are used only when protected object storage is unavailable. Encryption, access controls, backups, monitoring, and rate limits reduce risk, but no internet service can promise absolute security.

Your choices and rights

  • Access, correct, or request deletion of personal data, subject to legal retention duties.
  • Withdraw optional communication or analytics consent without losing core service access.
  • Raise a grievance or nominate another person where applicable under Indian data-protection law.
  • Request human review of admission guidance; predictions are advisory and not final decisions.

Send requests from your registered email. Identity verification may be required before action.

Children and guardians

Students under 18 should use EduPath with parent or lawful guardian involvement. A guardian should review account, identity, payment, and consent choices made for a minor.

Changes

Material changes will be posted here with a new effective date. Where required, renewed consent will be requested before a new use of personal data begins.