Leap Data Protection and Privacy Policy.

Leap Data Protection and Privacy Policy

(Learneasy Academy – Privacy Compliance Policy)
Effective Date: 01/04/2025

Part I: Introduction

Section 1: Title and Scope

This Privacy Policy (“Policy”) governs how the Leap application (“Leap”, “we”, “our”, “us”) collects, uses, stores, protects and deletes user data. This policy applies to all individuals who install, register, or use Leap and its related services, including Google Calendar API integrations.

Section 2: Purpose

This policy ensures transparency, legal compliance, and responsible data practices while enabling core app features such as scheduling classes, generating Google Meet links, managing timetables, and improving typing experiences.

Section 3: Definitions

• User – Anyone using Leap.

• Personal Data – Any information that can identify a user.

• Keystroke Data – Non-identifiable typing patterns used for suggestions and gamification.

• Sensitive Data – Passwords, OTPs, banking info, government IDs, secure field input.

• Calendar Data – Google Calendar event and availability information accessed via permitted OAuth scopes.

Part II: Data Collected

Section 4: Categories of Data Collected

4.1 Google OAuth & Calendar Data

Leap uses Google Sign-In and Google Calendar to enable tutors to schedule online classes and automatically generate Google Meet links.

Leap may request the following scopes:

Non-sensitive Scopes

• .../auth/calendar.app.created – Create secondary calendars & events

• .../auth/calendar.calendarlist.readonly – View list of user's calendars

• .../auth/calendar.events.freebusy – View free/busy information

• .../auth/calendar.events.public.readonly – View public calendar events

• .../auth/calendar.settings.readonly – View calendar settings

• .../auth/calendar.freebusy – View availability

Sensitive Scopes

(Approval required by Google)

• .../auth/calendar – Full calendar access

• .../auth/calendar.acls + .readonly – View/manage sharing permissions

• .../auth/calendar.readonly – View calendar data

• .../auth/calendar.calendarlist – Manage subscribed calendars

• .../auth/calendar.calendars + .readonly – View/edit calendar properties

• .../auth/calendar.events – Create & edit events

• .../auth/calendar.events.owned + .readonly – Manage events on owned calendars

• .../auth/calendar.events.readonly – View event details

IMPORTANT CLARIFICATION (Required by Google):

Although Leap requests these scopes, Leap ONLY uses them to create new calendar events with Google Meet links.
Leap does NOT:

• read existing events

• edit existing events

• delete events

• view private calendar content

• modify calendar settings

• access participant lists

• sync full calendars

We only create a new event when a tutor schedules a class.

4.2 Authentication Data

• Name

• Email address

• Profile photo
  Used ONLY for login and account creation.

4.3 User Profile & App Usage Data

• Timetable usage

• Homework feature usage

• Marks tracking

• Feature logs

4.4 Keystroke Data (Non-Identifiable)

We collect:

• typing speed

• key frequency

• aggregate typing patterns

Used to improve suggestions and gamification.

4.5 Clipboard Data

Accessed only when the user pastes.
Clipboard content is not saved unless user explicitly chooses to store something.

4.6 Local Dictionary Words

Users may add custom words.
These are stored only on the user’s device, not uploaded to our servers.

Section X: Passwords & Sensitive Input (Critical for Keyboard Apps)

Leap does NOT record or process:

• Passwords

• OTPs

• Banking details

• Payment card numbers

• Aadhaar / Government ID numbers

• Any secure-field input

When the system detects a password/secure input field:

✔ All keystroke tracking stops
✔ Leap receives NO typed characters
✔ No predictions or analytics are generated
✔ No data is stored, uploaded, or transmitted

Part III: How We Use Data

Section 5: Data Usage Purposes

5.1 Calendar API Usage (Required Disclosure)

Leap uses requested Google Calendar scopes only to:

• Create a calendar event for the tutor

• Automatically attach a Google Meet link

• Add the event to the tutor’s chosen calendar

We do not view, edit, delete, or monitor user calendars.

5.2 Other Uses

• Improve typing accuracy

• Personalize user suggestions

• Display leaderboards and rewards using non-sensitive metadata

• Improve app performance, security, and stability

• Provide customer support

Part IV: Data Sharing & Protection

Section 6: Data Sharing

We only share data with service providers who act on our behalf:

• Google Firebase Authentication

• Firebase Realtime Database

• Google Cloud Platform Hosting

• Firebase Analytics / Crashlytics

We do not sell user data.

Section 7: Data Storage & Protection

• Data encrypted in transit (TLS) and at rest

• Access restricted to authorized personnel

• Multi-factor authentication enforced

• Regular security audits performed

Part V: Retention & Deletion

Section 8: Retention

• Account data: retained until deletion request

• Calendar-related data: stored only as needed for class scheduling

• Keystroke analytics: stored in aggregated form only

• Crash logs: up to 12 months

• Backups: purged within 90 days

Section 9: User Rights

Users may request:

• Access

• Correction

• Data portability

• Deletion

• Restriction of processing

Section 10: Data Deletion Procedure

When a user requests deletion via:

👉 https://www.learneasy.biz/accountdeletion
or
👉 info@learneasy.biz

We delete:

✔ Firebase Authentication user
✔ All Firebase Realtime Database records
✔ All profile data
✔ All app usage data

Backups are purged within 90 days.

Part VI: Contact & Policy Changes

Section 11: Contact

Learneasy Academy
Chennai, India
Phone: +91 98416 11568
Email: info@learneasy.biz
Data Portal: https://www.learneasy.biz/accountdeletion

Section 12: Amendments

We may update this Policy and will notify users via email or in-app messages.

Section 13: Acceptance

By using Leap, the user acknowledges and agrees to this Policy.