Last Updated: February 2025

Privacy Policy

Your privacy matters to us. This policy explains exactly what data we collect, why we collect it, and how we keep it safe.

Introduction

Welcome to MyPledge — a student productivity and wellness platform. We are committed to protecting your personal information and your right to privacy. This Privacy Policy describes how MyPledge ("we", "us", or "our") collects, uses, discloses, and safeguards your information when you use our mobile application and website.

By using MyPledge, you consent to the data practices described in this policy. If you disagree with any part of this policy, please discontinue use of our platform immediately.

This policy applies to all users of the MyPledge platform, including students, parents, institute administrators, and any other visitors to our website.

Data We Collect

We collect different types of data depending on how you interact with our platform. We collect only what is necessary to provide you with a high-quality experience.

Identity & Account Data

Phone number (for OTP authentication), full name, student ID, class/batch information, profile photo, and email address (optional).

Usage & Productivity Data

App usage patterns, screen time, task completion rates, challenge participation, goal-setting history, and productivity metrics.

Wellness & Mental Health Data

Journal entries, mood tracking responses, wellness check-in answers, and any mental health self-assessments. This data is treated with the highest sensitivity.

Device & Technical Data

Device type and OS, FCM (push notification) tokens, IP address, crash logs, and app performance data to maintain service quality.

Location Data

Coarse location data may be collected only when you trigger the Emergency SOS feature, to help notify your emergency contacts. We do not track your location continuously.

Institute-Linked Data

Enrolment details, academic year, division, roll number, and any information provided or imported by your educational institution.

Sensitive Data Notice: Wellness and mental health data (journal entries, mood logs) are encrypted at rest and are never shared with institutes, parents, or third parties without your explicit consent.

How We Use Your Data

We use the information we collect for the following purposes:

  • Service Delivery: To operate, maintain, and improve the MyPledge platform and provide personalised features.
  • Authentication: To verify your identity via OTP and manage secure login sessions using JWT tokens.
  • Productivity Analytics: To generate individual progress reports, track goals, and provide actionable insights to help you succeed.
  • Institute Reporting: To produce aggregated and individual engagement analytics for institute administrators to monitor student well-being and participation.
  • Notifications: To send you reminders, challenge updates, achievement badges, and important platform announcements via push notifications.
  • Emergency Services: To dispatch your Emergency SOS alert along with your location (if permitted) to your designated emergency contacts.
  • Subscription Management: To process voucher redemptions, manage subscription tiers, and handle billing-related communications.
  • Safety & Compliance: To detect fraud, prevent abuse, and comply with applicable laws and legal obligations.
  • Platform Improvement: To analyse usage patterns, fix bugs, and develop new features based on how users interact with the app.
We do not use your data for advertising, profiling for third-party marketing, or any purpose not listed above.

Data Sharing & Disclosure

We do not sell your personal data. We share it only in the following limited circumstances:

  • With Your Institute: Academic engagement data, challenge participation, and productivity scores may be visible to institute administrators and teachers linked to your account. Personal wellness data is excluded.
  • With Parents / Guardians: If you or your institute grants parental access, parents can view summarised analytics. Detailed journal entries remain private.
  • With Service Providers: We use trusted third-party providers (cloud hosting, SMS gateway, push notification services) who are contractually bound to protect your data and use it only to fulfil their service.
  • Emergency Contacts: Your location and alert message are shared with your designated contacts only when you activate the Emergency SOS feature.
  • Legal Requirements: We may disclose your data when required by law, court order, or governmental authority, or to protect our rights and safety.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, user data may be transferred. We will notify you via email or in-app notice before your data is transferred to a new privacy policy.

Data Retention

We retain your personal data only as long as necessary to fulfil the purposes described in this policy or as required by law. Below is a summary of our retention practices:

Data Type Retention Period Notes
Account Data Duration of account + 2 years Deleted upon verified account deletion request
Wellness & Journal Data Duration of account Immediately deleted when account is closed
Usage Analytics 3 years Anonymised after 1 year for aggregated reporting
Notification Tokens Until app is uninstalled or token refreshed Automatically cleared on logout
SOS Location Data 24 hours Deleted automatically after alert resolves
Transaction Records 7 years Required for financial and tax compliance

To request deletion of your data, please contact us at support@mypledgeapp.com. We will process verified requests within 30 days.

Cookies & Tracking

Our website uses a minimal set of cookies to ensure proper functionality and improve your experience. Our mobile app does not use browser cookies.

Essential Cookies

Required for core website functionality such as session management and CSRF protection. Cannot be disabled.

Analytics Cookies

Help us understand how visitors interact with our site. Collected data is aggregated and anonymous.

Advertising Cookies

We do not use advertising or tracking cookies. No third-party ad networks are used.

You can control cookie preferences through your browser settings. Disabling essential cookies may affect website functionality.

Children's Privacy

MyPledge is designed for students, which may include minors under 18 years of age. We take extra precautions to protect younger users:

  • For users under 18, institute or parental consent may be required during enrolment, as managed by the institution.
  • We do not knowingly collect data from children under 13 without verifiable parental or guardian consent.
  • Personal wellness data of minors is strictly private and is not shared with institutes or other users.
  • Parents can contact us to review, update, or delete data belonging to their minor child.
If you believe we have inadvertently collected data from a child under 13 without appropriate consent, please contact us immediately at support@mypledgeapp.com.

Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal data. We are committed to honouring these rights.

Right to Access
Request a copy of the personal data we hold about you.
Right to Rectification
Correct inaccurate or incomplete information in your profile.
Right to Erasure
Request deletion of your data ("right to be forgotten"), subject to legal requirements.
Right to Restrict Processing
Ask us to limit how we use your data in certain circumstances.
Right to Data Portability
Receive your data in a structured, machine-readable format.
Right to Object
Object to processing of your data for certain purposes.

To exercise any of these rights, email us at support@mypledgeapp.com with subject line "Privacy Rights Request". We will respond within 30 days.

Third-Party Services

We work with carefully selected third-party service providers to operate our platform. Each provider is bound by a data processing agreement and is not permitted to use your data for their own purposes.

  • Cloud Hosting: Our servers and databases are hosted on secure cloud infrastructure with industry-standard encryption and access controls.
  • SMS / OTP Gateway: A third-party SMS provider delivers one-time passwords to your phone number for authentication. Only your phone number is shared for this purpose.
  • Push Notifications (FCM): Google Firebase Cloud Messaging is used to deliver push notifications. FCM tokens are used solely for this purpose.
  • Payment Processing: If applicable, payments are handled by certified payment gateways. MyPledge does not store card numbers or sensitive payment credentials.
  • Crash Reporting: We may use a crash analytics tool to capture app errors to improve stability. These logs are anonymised and contain no personal wellness data.

Our platform may contain links to third-party websites. We are not responsible for the privacy practices of those sites and encourage you to review their privacy policies.

Security Measures

We implement multiple layers of security to protect your data against unauthorised access, alteration, or disclosure:

JWT Authentication

All API requests require a signed JSON Web Token, ensuring only authenticated users can access their data.

Encryption at Rest & Transit

Sensitive data is encrypted at rest. All data in transit is protected using TLS/HTTPS.

OTP-Based Login

We use phone-based OTP instead of passwords, reducing the risk of credential-based attacks.

Access Controls

Role-based access control ensures each user (student, teacher, admin, parent) sees only data relevant to their role.

Breach Notification: In the unlikely event of a data breach that affects your personal information, we will notify you within 72 hours via your registered contact details.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make significant changes, we will:

  • Send an in-app notification to all registered users.
  • Update the "Last Updated" date at the top of this page.
  • Provide at least 14 days' notice before new terms take effect, where applicable.

Your continued use of MyPledge after the effective date constitutes your acceptance of the revised Privacy Policy.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, our privacy team is here to help.

Email
support@mypledgeapp.com
Response Time

We aim to respond within 3 business days.

Data Officer

Subject line: "Privacy Rights Request"