top of page

Leap Data Protection and Privacy Policy.

# Leap Data Protection and Privacy Policy

## (Learneasy Academy – Privacy Compliance Policy)

 

**Effective Date: 01/04/2025**  

**Last Updated: 24/01/2025**

 

---

 

## Part I: Introduction

 

### Section 1: Title and Scope

This Privacy Policy ("Policy") governs how the Leap application ("Leap", "we", "our", "us") collects, uses, stores, protects and deletes user data. This policy applies to all individuals who install, register, or use Leap and its related services, including Google Calendar API integrations, keyboard functionality, network intelligence features, DND (Do Not Disturb) mode, and media management.

 

### Section 2: Purpose

This policy ensures transparency, legal compliance, and responsible data practices while enabling core app features such as:

- Scheduling classes and generating Google Meet links

- Managing timetables and homework

- Improving typing experiences and suggestions

- Network intelligence and contact analysis

- Payment processing and fee management

- Real-time notifications and messaging

- DND (Do Not Disturb) mode for focused learning

- Optimized media access for faster app performance

 

### Section 3: Definitions

- **User** – Anyone using Leap.

- **Personal Data** – Any information that can identify a user.

- **Keystroke Data** – Non-identifiable typing patterns used for suggestions and gamification.

- **Sensitive Data** – Passwords, OTPs, banking info, government IDs, secure field input.

- **Calendar Data** – Google Calendar event and availability information accessed via permitted OAuth scopes.

- **Contact Data** – Phone numbers, names, and contact information from user's device contacts.

- **Clipboard Data** – Content temporarily stored in device clipboard when user performs copy/paste operations.

- **Notification Data** – Notification content from system and third-party applications accessed for DND mode functionality.

- **Media Data** – Photos, images, and visual content stored on user's device.

 

---

 

## Part II: Data Collected

 

### Section 4: Categories of Data Collected

 

#### 4.1 Google OAuth & Calendar Data

Leap uses Google Sign-In and Google Calendar to enable tutors to schedule online classes and automatically generate Google Meet links.

 

**Leap may request the following scopes:**

 

**Non-sensitive Scopes:**

- `.../auth/calendar.app.created` – Create secondary calendars & events

- `.../auth/calendar.calendarlist.readonly` – View list of user's calendars

- `.../auth/calendar.events.freebusy` – View free/busy information

- `.../auth/calendar.events.public.readonly` – View public calendar events

- `.../auth/calendar.settings.readonly` – View calendar settings

- `.../auth/calendar.freebusy` – View availability

 

**Sensitive Scopes (Approval required by Google):**

- `.../auth/calendar` – Full calendar access

- `.../auth/calendar.acls + .readonly` – View/manage sharing permissions

- `.../auth/calendar.readonly` – View calendar data

- `.../auth/calendar.calendarlist` – Manage subscribed calendars

- `.../auth/calendar.calendars + .readonly` – View/edit calendar properties

- `.../auth/calendar.events` – Create & edit events

- `.../auth/calendar.events.owned + .readonly` – Manage events on owned calendars

- `.../auth/calendar.events.readonly` – View event details

 

**IMPORTANT CLARIFICATION (Required by Google):**

Although Leap requests these scopes, Leap ONLY uses them to create new calendar events with Google Meet links.

 

**Leap does NOT:**

- Read existing events

- Edit existing events

- Delete events

- View private calendar content

- Modify calendar settings

- Access participant lists

- Sync full calendars

 

We only create a new event when a tutor schedules a class.

 

#### 4.2 Authentication Data

- Name

- Email address

- Profile photo

 

Used ONLY for login and account creation.

 

#### 4.3 User Profile & App Usage Data

- Timetable usage

- Homework feature usage

- Marks tracking

- Feature logs

- Class attendance records

- Payment and invoice history

- DND mode activation status and preferences

- FCM (Firebase Cloud Messaging) tokens for push notifications

 

#### 4.4 Keystroke Data (Non-Identifiable)

We collect:

- Typing speed

- Key frequency

- Aggregate typing patterns

- Typed words and phrases (for analytics and leaderboard features)

 

**Data Storage:**

- Keystroke data is stored in Firebase Realtime Database under `keystrokes/{userId}`

- Data includes word patterns and timestamps

- Used to improve suggestions and gamification

- **This data is NOT linked to specific text content or personal information**

- Data is aggregated for leaderboard and analytics purposes

 

#### 4.5 Clipboard Data

**IMPORTANT: On-Demand Access Only**

 

Leap accesses clipboard content **ONLY** when:

- The user explicitly clicks the "Paste" button in the keyboard interface

- The user performs a paste action through the keyboard

 

**Leap does NOT:**

- Continuously monitor clipboard

- Automatically read clipboard content

- Store clipboard data on servers

- Upload clipboard content to our databases

- Access clipboard without user action

 

**Clipboard content is:**

- Read only at the moment of paste

- Used solely to insert text into the active input field

- Not saved, logged, or transmitted to our servers

- Not analyzed or processed beyond the paste operation

 

#### 4.6 Notification Permissions

 

##### 4.6.1 Outbound Notifications (POST_NOTIFICATIONS)

Leap requests `POST_NOTIFICATIONS` permission to:

- Send push notifications about class schedules

- Notify users about homework assignments

- Alert users about payment due dates

- Send real-time updates about student requests

- Deliver system and feature updates

 

##### 4.6.2 Inbound Notification Access (Notification Listener Service) - DND Mode Feature

**IMPORTANT: Optional Feature for Focused Learning**

 

Leap may request notification listener access (`BIND_NOTIFICATION_LISTENER_SERVICE`) **ONLY** for the optional DND (Do Not Disturb) mode feature.

 

**Purpose of DND Mode:**

- Help students maintain focus during study time

- Allow parents to activate DND mode for their children upon student request

- Enable tutors to activate DND mode during class sessions

- Hide unwanted notifications from third-party apps to reduce distractions

 

**How DND Mode Works:**

1. **Student Request:** A student can request their parent to activate DND mode if they want to avoid phone distractions

2. **Parent Activation:** Parents can activate DND mode for their children through the parent account

3. **Tutor Activation:** Tutors can activate DND mode during class sessions to ensure focused learning

4. **Notification Filtering:** When DND mode is active, Leap filters and hides notifications from non-essential apps

5. **User Control:** DND mode is completely optional and can be turned on or off at any time by the user, parent, or tutor

 

**What Leap Does with Notification Access:**

- Reads notification content to identify which notifications to hide

- Filters notifications based on DND mode settings

- Hides unwanted notifications when DND mode is active

- Allows essential Leap notifications (class reminders, homework) to pass through

 

**What Leap Does NOT Do:**

- Store notification content from other apps

- Upload notification data to our servers

- Share notification content with third parties

- Use notification data for marketing or advertising

- Access notifications when DND mode is disabled

- Monitor notifications without user consent

 

**User Control & Consent:**

- Notification listener access requires explicit user permission

- DND mode is opt-in only

- Users can disable DND mode at any time

- Parents can only activate DND for their own children

- Tutors can activate DND only during their class sessions

- Notification access is automatically disabled when DND mode is turned off

 

**Data Handling:**

- Notification content is processed locally on the device

- Notification data is NOT stored in our databases

- Notification data is NOT transmitted to our servers

- Notification filtering rules are stored locally on device

- DND mode preferences are stored in Firebase (on/off status only, not notification content)

 

#### 4.7 Contact Data (Network Intelligence Feature)

Leap may request `READ_CONTACTS` permission to:

- Enable network intelligence analysis (for admin users)

- Identify connections between users

- Analyze contact patterns for educational insights

- Generate network summaries and classifications

 

**How Contact Data is Used:**

- Contact data is analyzed using AI (Gemini API) to classify contacts (e.g., students, teachers, friends)

- Analysis results are stored in Firebase for admin dashboard viewing

- Contact names and phone numbers are processed to identify network patterns

- **Contact data is NOT shared with third parties**

- **Contact data is NOT used for marketing or advertising**

 

**User Control:**

- Users can choose to sync or not sync contacts

- Contact sync is optional and requires explicit user consent

- Users can delete synced contacts at any time through the admin panel

 

#### 4.8 Media Access & Automatic Photo Upload

 

##### 4.8.1 Media Permissions

Leap requests media permissions (`READ_EXTERNAL_STORAGE`, `READ_MEDIA_IMAGES`) for:

- Profile photo uploads

- Homework image attachments

- Gallery access for sharing images in chat

- Automatic upload of recent photos (for app optimization)

 

##### 4.8.2 Automatic Photo Upload (App Performance Optimization)

**Purpose: Faster App Performance & User Experience**

 

Leap may automatically upload recent photos from the user's device to:

- Pre-load frequently accessed images

- Improve app loading speed

- Enhance user experience by reducing wait times

- Optimize gallery and media selection features

 

**What Photos Are Uploaded:**

- Recent photos from the user's device (automatically uploaded in background)

- Photos explicitly selected by the user for features like homework, chat, or profile pictures

- Both recent photos and user-selected photos are uploaded to Firebase Storage

- Photos are uploaded automatically in the background when media permissions are granted

- Users will receive a notification when photos are being uploaded in the background

- Upload occurs only when user has granted media permissions

- Upload is limited to optimize storage and bandwidth

 

**What Leap Does NOT Do:**

- Upload all photos from device

- Upload photos without user permission

- Access photos when media permission is denied

- Upload videos automatically (videos require explicit user selection)

- Share uploaded photos with third parties

- Use photos for marketing or advertising

 

**User Control:**

- Media permissions can be revoked at any time

- Users can disable automatic photo upload in settings

- Users can **request deletion** of uploaded photos from Firebase Storage

- Users can contact support to request deletion of recent photos or user-selected photos

- Both recent photos and user-selected photos can be deleted upon user request

 

**Data Handling:**

- Uploaded photos (both recent and user-selected) are stored in Firebase Storage

- Photos are stored in `rapidModeImages/{userId}` for optimized images

- Photos are encrypted in transit and at rest

- Photos are accessible only to the user who uploaded them

- Users can request deletion of photos at any time

- Old photos are automatically deleted based on retention policy

 

**Video Access:**

- Videos are **NOT** accessed automatically

- Videos require explicit user selection

- Videos are uploaded only when user chooses to share them

- Video upload follows the same security and privacy measures as photos

 

#### 4.9 Local Dictionary Words

Users may add custom words to their personal dictionary.

- These are stored **only on the user's device**

- **NOT uploaded to our servers**

- **NOT shared with other users**

 

#### 4.10 Location Data

Leap may request location permissions for:

- Finding nearby tutors (if applicable)

- Map-based location selection for class scheduling

- Location is used **only when explicitly requested by the user** for specific features

 

---

 

## Part III: Sensitive Data Protection

 

### Section X: Passwords & Sensitive Input (Critical for Keyboard Apps)

 

**Leap does NOT record or process:**

- Passwords

- OTPs (One-Time Passwords)

- Banking details

- Payment card numbers

- Aadhaar / Government ID numbers

- Any secure-field input

 

**When the system detects a password/secure input field:**

- ✔ All keystroke tracking stops

- ✔ Leap receives NO typed characters

- ✔ No predictions or analytics are generated

- ✔ No data is stored, uploaded, or transmitted

- ✔ Clipboard access is disabled for secure fields

- ✔ Notification access is disabled for secure fields

 

**Secure Field Detection:**

Leap automatically detects password fields, OTP fields, and other secure input types using Android's input type flags. When detected, all data collection and processing for that field is immediately disabled.

 

---

 

## Part IV: How We Use Data

 

### Section 5: Data Usage Purposes

 

#### 5.1 Calendar API Usage (Required Disclosure)

Leap uses requested Google Calendar scopes only to:

- Create a calendar event for the tutor

- Automatically attach a Google Meet link

- Add the event to the tutor's chosen calendar

 

We do not view, edit, delete, or monitor user calendars beyond creating new events.

 

#### 5.2 Clipboard Usage

Clipboard content is accessed **only** when:

- User clicks the paste button in the keyboard

- User performs a paste gesture

 

**Clipboard data is:**

- Used solely to insert text into the active field

- Not stored, logged, or transmitted

- Not analyzed or processed

- Immediately discarded after paste operation

 

#### 5.3 Notification Usage

 

##### 5.3.1 Outbound Notifications

Notifications are used **only** to:

- Send important updates to users

- Alert users about class schedules

- Notify about homework assignments

- Inform about payment due dates

 

**Notification Storage:**

- Notification content we send **MAY be stored** in Firebase with user permission

- Storage occurs in Firebase Realtime Database nodes:

  - `studentNotifications/{userId}` - student notification history

  - `tutorNotifications/{tutorId}` - tutor notification history

  - `adminNotifications` - admin notification history

- Storage is enabled only when user has granted notification permissions and enabled notifications in app settings

- Users can disable notification storage by disabling notifications in app settings

- Notification data is retained for up to 90 days for delivery tracking and in-app notification history

 

##### 5.3.2 Inbound Notification Access (DND Mode)

Notification content from other apps is accessed **only** for:

- Filtering unwanted notifications when DND mode is active

- Identifying which notifications to hide based on DND settings

- Ensuring essential Leap notifications are not blocked

 

**Notification data is:**

- Processed locally on device

- NOT stored in our databases

- NOT transmitted to our servers

- NOT shared with third parties

- Used solely for DND mode filtering functionality

 

**We do NOT:**

- Read notifications when DND mode is disabled

- Store notification content from other apps

- Use notification data for any purpose other than DND filtering

- Access notifications without explicit user consent and DND activation

 

#### 5.4 Contact Data Usage (Network Intelligence)

Contact data is used **only** for:

- Network intelligence analysis (admin feature)

- Identifying connections between users

- Generating educational insights

- Classifying contacts using AI analysis

 

**Contact data is:**

- Processed using Gemini AI for classification

- Stored securely in Firebase

- Accessible only to authorized admin users

- Never shared with third parties

- Never used for marketing

 

#### 5.5 Media Data Usage

 

##### 5.5.1 Automatic Photo Upload

Automatically uploaded photos (recent photos) and user-selected photos are used **only** for:

- Pre-loading images for faster app performance

- Reducing wait times when accessing gallery

- Optimizing user experience

- Improving app responsiveness

- Supporting features like homework submissions, chat media, and profile pictures

 

**Uploaded photos (both recent and user-selected) are:**

- Stored in Firebase Storage (`rapidModeImages/{userId}` for optimized images)

- Encrypted in transit and at rest

- Accessible only to the uploading user

- Users receive notification when photos are uploaded in background

- Deleted based on retention policy (90 days for automatically uploaded photos)

- Users can request deletion at any time

- NOT shared with other users

- NOT used for marketing

 

##### 5.5.2 User-Selected Media

User-selected photos and videos are used for:

- Profile pictures

- Homework submissions

- Chat media sharing

- Feature-specific content

 

**User-selected media:**

- Requires explicit user selection

- Stored securely in Firebase Storage (along with automatically uploaded recent photos)

- Shared only with intended recipients (e.g., tutor for homework)

- Users can request deletion at any time

- Both recent photos and user-selected photos are uploaded and can be deleted upon user request

 

#### 5.6 Other Uses

- Improve typing accuracy and suggestions

- Personalize user experience

- Display leaderboards and rewards using non-sensitive metadata

- Improve app performance, security, and stability

- Provide customer support

- Process payments and manage fees

- Enable real-time messaging between users

- Enable DND mode for focused learning

 

---

 

## Part V: Data Sharing & Protection

 

### Section 6: Data Sharing

 

#### 6.1 Service Providers

We only share data with service providers who act on our behalf:

 

- **Google Firebase Authentication** – User authentication

- **Firebase Realtime Database** – Data storage

- **Google Cloud Platform Hosting** – Application hosting

- **Firebase Analytics / Crashlytics** – App analytics and error tracking

- **Firebase Storage** – Media file storage (photos, videos)

- **Google Calendar API** – Calendar event creation

- **Gemini AI (Google)** – Contact classification for network intelligence

- **Razorpay** – Payment processing (payment data handled by Razorpay, not stored by us)

 

#### 6.2 Data Sharing Policies

 

**We do not sell user data.**

 

**We do not share contact data with third parties.**

 

**We do not share clipboard content with any service.**

 

**We do not share notification content with any service.**

 

**We do not share automatically uploaded photos with any service.**

 

**All data sharing is limited to:**

- Service providers necessary for app functionality

- Authorized personnel within Learneasy Academy

- Legal compliance requirements (when legally obligated)

 

#### 6.3 Network Intelligence Data Sharing

Contact classification results (generated by Gemini AI) are:

- Stored in Firebase Realtime Database

- Accessible only to authorized admin users

- Used solely for network intelligence dashboard

- Never shared with external parties

- Never used for marketing or advertising

 

#### 6.4 DND Mode Data Sharing

DND mode data (notification filtering preferences) is:

- Stored locally on device (notification content)

- DND on/off status stored in Firebase (for parent/tutor control)

- NOT shared with third parties

- NOT used for any purpose other than DND functionality

 

#### 6.5 Media Data Sharing

Uploaded photos and videos are:

- Stored in Firebase Storage

- Accessible only to the user who uploaded them

- Shared only when user explicitly shares (e.g., homework to tutor)

- NOT shared with third parties

- NOT used for marketing or advertising

 

---

 

## Part VI: Data Storage & Protection

 

### Section 7: Data Storage & Protection

 

#### 7.1 Security Measures

- Data encrypted in transit (TLS/SSL)

- Data encrypted at rest in Firebase

- Access restricted to authorized personnel only

- Multi-factor authentication enforced for admin access

- Regular security audits performed

- Secure password handling (never stored or logged)

- Compliance with Google Play Store policies

- Compliance with Indian data protection laws

 

#### 7.2 Clipboard Data

- **NOT stored** in our databases

- **NOT transmitted** to our servers

- **NOT logged** in our systems

- Exists only in device memory during paste operation

 

#### 7.3 Notification Data

 

##### 7.3.1 Outbound Notifications (Sent by Leap)

- Notification content we send (class reminders, homework, etc.) **MAY be stored** in Firebase with user permission

- Notifications are stored in Firebase Realtime Database nodes:

  - `studentNotifications/{userId}` - for student notifications

  - `tutorNotifications/{tutorId}` - for tutor notifications

  - `adminNotifications` - for admin notifications

  - `notificationQueue` - for notification delivery tracking

- Storage occurs only when user has granted notification permissions and enabled notifications in app settings

- Users can disable notification storage by disabling notifications in app settings

- Notification data is retained for up to 90 days for delivery tracking and in-app notification history

 

##### 7.3.2 Inbound Notification Access (DND Mode)

- Notification content from other apps is **NOT stored** in our databases

- Notification content is **NOT transmitted** to our servers

- Notification content is processed locally and immediately discarded

- Only DND mode preferences (on/off status) are stored in Firebase

- Notification listener access is disabled when DND mode is off

 

#### 7.4 Contact Data

- Stored in Firebase Realtime Database

- Encrypted in transit and at rest

- Accessible only to authorized admin users

- Can be deleted by admin users at any time

 

#### 7.5 Media Data

- Photos (both recent and user-selected) stored in Firebase Storage

- Photos stored in `rapidModeImages/{userId}` for optimized images

- Encrypted in transit and at rest

- Accessible only to the uploading user

- Automatic deletion based on retention policy (90 days for automatically uploaded photos)

- User can request deletion of photos at any time

 

#### 7.6 Data Safety Guarantees

- All data is kept safe and secure

- Data will NOT be sold to any party

- Data will NOT be published anywhere

- Data access is strictly controlled

- Regular security monitoring and updates

 

---

 

## Part VII: Retention & Deletion

 

### Section 8: Retention Policies

 

#### 8.1 Retention Periods

- **Account data:** Retained until deletion request

- **Calendar-related data:** Stored only as needed for class scheduling

- **Keystroke analytics:** Stored in Firebase (`keystrokes/{userId}`) in aggregated form (non-identifiable)

- **FCM tokens:** Stored in Firebase (`users/{userId}/fcmToken`) until user deletion or token refresh

- **Contact data:** Retained until user requests deletion or admin removes it

- **Clipboard data:** **NOT retained** (never stored)

- **Notification data (inbound/DND):** **NOT retained** (notification content from other apps never stored, only DND preferences)

- **Notification data (outbound):** **MAY be stored** in Firebase with user permission, retained for up to 90 days for delivery tracking and in-app history

- **Automatically uploaded photos:** Stored in Firebase Storage (`rapidModeImages/{userId}`), retained for up to 90 days, then automatically deleted

- **User-uploaded photos:** Stored in Firebase Storage, retained until user requests deletion or account deletion

- **Crash logs:** Up to 12 months

- **Backups:** Purged within 90 days

 

#### 8.2 Automatic Deletion

- Old data is automatically deleted based on retention policies

- Automatically uploaded photos are deleted after 90 days

- Notification content is never stored, so no deletion needed

- Backup data is purged within 90 days

 

#### 8.3 User-Initiated Deletion

Users can request deletion of:

- Their account and all associated data

- Specific photos or media files

- Contact sync data

- Network intelligence analysis results

 

### Section 9: User Rights

 

Users may request:

- **Access** – View their personal data

- **Correction** – Update inaccurate information

- **Data portability** – Export their data

- **Deletion** – Remove their account and data

- **Restriction of processing** – Limit how data is used

- **Objection** – Object to certain data processing

- **DND Mode Control** – Enable or disable DND mode at any time

- **Media Upload Control** – Disable automatic photo upload

 

### Section 10: Data Deletion Procedure

 

When a user requests deletion via:

- 👉 https://www.learneasy.biz/accountdeletion

- or

- 👉 info@learneasy.biz

 

**We delete:**

- ✔ Firebase Authentication user

- ✔ All Firebase Realtime Database records (including keystroke data, notifications, user data)

- ✔ All FCM tokens (`users/{userId}/fcmToken`)

- ✔ All profile data

- ✔ All app usage data

- ✔ All contact sync data (if applicable)

- ✔ All network intelligence analysis results

- ✔ All payment and invoice records

- ✔ All uploaded photos and media files (from `rapidModeImages/{userId}` and other storage paths)

- ✔ All DND mode preferences

- ✔ All notification listener access permissions

- ✔ All notification history (studentNotifications, tutorNotifications, adminNotifications)

 

**Backups are purged within 90 days.**

 

**Note:**

- Clipboard data is never stored, so no deletion is needed

- Notification content from other apps is never stored, so no deletion is needed

- Old data is automatically deleted per retention policy

 

---

 

## Part VIII: Special Features & Permissions

 

### Section 11: DND (Do Not Disturb) Mode Feature

 

#### 11.1 Feature Overview

DND mode is an optional feature designed to help students maintain focus during study time by filtering unwanted notifications.

 

#### 11.2 How DND Mode Works

1. **Activation Methods:**

   - Students can request parents to activate DND mode

   - Parents can activate DND mode for their children

   - Tutors can activate DND mode during class sessions

   - Users can activate DND mode themselves

 

2. **Notification Filtering:**

   - When active, DND mode filters notifications from non-essential apps

   - Essential Leap notifications (class reminders, homework) are allowed through

   - Filtering rules are customizable by user/parent/tutor

 

3. **User Control:**

   - DND mode can be turned on or off at any time

   - Notification listener access can be revoked at any time

   - DND preferences are stored locally and in Firebase (on/off status only)

 

#### 11.3 Privacy & Data Handling

- Notification content is processed locally on device

- Notification content is NOT stored in our databases

- Notification content is NOT transmitted to our servers

- Only DND mode status (on/off) is stored in Firebase

- Notification listener access is disabled when DND mode is off

 

#### 11.4 Parental Control

- Parents can activate DND mode for their children

- Parental activation requires parent account access

- Students can request DND activation from parents

- Parents can deactivate DND mode at any time

 

#### 11.5 Tutor Control

- Tutors can activate DND mode during their class sessions

- Tutor activation is limited to class duration

- Tutors cannot access notification content

- DND mode automatically deactivates after class ends (optional)

 

### Section 12: Automatic Photo Upload Feature

 

#### 12.1 Feature Overview

Automatic photo upload is designed to improve app performance and user experience by pre-loading recent photos.

 

#### 12.2 How It Works

- Leap automatically uploads recent photos from the user's device

- Both recent photos and user-selected photos are uploaded

- Upload occurs in the background when media permissions are granted

- Users will receive a notification when photos are being uploaded in the background

- Photos are stored in Firebase Storage (`rapidModeImages/{userId}`) for faster access

- Upload is limited to optimize storage and bandwidth

 

#### 12.3 User Control

- Users can disable automatic photo upload in app settings

- Users can revoke media permissions at any time

- Users can **request deletion** of uploaded photos (both recent and user-selected)

- Users can contact support to request deletion of photos from Firebase Storage

- Both recent photos and user-selected photos can be deleted upon user request

- Only recent photos are automatically uploaded, not entire gallery

 

#### 12.4 Privacy & Data Handling

- Uploaded photos (both recent and user-selected) are stored securely in Firebase Storage

- Photos are stored in `rapidModeImages/{userId}` for optimized images

- Photos are encrypted in transit and at rest

- Photos are accessible only to the uploading user

- Photos are automatically deleted after 90 days

- Users can request deletion of photos at any time

- Photos are NOT shared with other users

- Photos are NOT used for marketing or advertising

 

#### 12.5 Video Access

- Videos are **NOT** accessed automatically

- Videos require explicit user selection

- Videos are uploaded only when user chooses to share them

- Video upload follows same security measures as photos

 

---

 

## Part IX: Keyboard-Specific Permissions

 

### Section 13: Detailed Permission Breakdown

 

#### 13.1 Clipboard Access

- **Permission:** `READ_CLIPBOARD`

- **Purpose:** Enable paste functionality in keyboard

- **Access Pattern:** On-demand only (when user clicks paste button)

- **Data Handling:** Content is NOT stored, logged, or transmitted

- **Security:** Clipboard access is disabled for secure fields (passwords, OTPs)

 

#### 13.2 Notification Permissions

 

##### 13.2.1 Outbound Notifications

- **Permission:** `POST_NOTIFICATIONS`

- **Purpose:** Send push notifications to users

- **Access Pattern:** Outbound notifications only (we send, we don't read by default)

- **Data Handling:** Notification content we send is stored in Firebase for delivery tracking

 

##### 13.2.2 Inbound Notification Access (DND Mode)

- **Permission:** `BIND_NOTIFICATION_LISTENER_SERVICE`

- **Purpose:** Filter notifications for DND mode feature

- **Access Pattern:** Only when DND mode is active and user has granted permission

- **Data Handling:** Notification content is processed locally, NOT stored or transmitted

- **User Control:** Can be disabled at any time, requires explicit user consent

 

#### 13.3 Contact Access

- **Permission:** `READ_CONTACTS`

- **Purpose:** Network intelligence analysis (admin feature)

- **Access Pattern:** Optional sync, requires user consent

- **Data Handling:** Contacts are analyzed using AI and results stored in Firebase

- **User Control:** Can be disabled at any time

 

#### 13.4 Location Access

- **Permissions:** `ACCESS_FINE_LOCATION`, `ACCESS_COARSE_LOCATION`

- **Purpose:** Map-based location selection, finding nearby services

- **Access Pattern:** Only when user explicitly requests location-based features

- **Data Handling:** Location data is used temporarily and not stored long-term

 

#### 13.5 Media Access

- **Permissions:** `READ_EXTERNAL_STORAGE`, `READ_MEDIA_IMAGES`

- **Purpose:** Profile photos, homework images, chat media, automatic photo upload

- **Access Pattern:**

  - Automatic upload: Background upload of recent photos (optional, can be disabled)

  - User selection: Only when user chooses to upload/share media

- **Data Handling:**

  - Media is stored in Firebase Storage

  - Accessible only to authorized users

  - Automatically deleted per retention policy

 

---

 

## Part X: Compliance & Legal

 

### Section 14: Legal Basis

- **Consent:** User provides explicit consent by using the app and granting permissions

- **Legitimate Interest:** Improving app functionality and user experience

- **Contract Performance:** Delivering services as per user agreement

- **Legal Obligation:** Compliance with applicable data protection laws

 

### Section 15: Regulatory Compliance

 

#### 15.1 Google Play Store Compliance

- All Google Play Store rules and policies are followed

- Required disclosures are made in Play Console

- Permissions are properly declared and explained

- Data handling practices comply with Play Store requirements

 

#### 15.2 Indian Legal Compliance

- Compliance with applicable Indian data protection laws

- Compliance with Information Technology Act, 2000

- Compliance with any applicable state regulations

- Regular legal review and updates

 

#### 15.3 International Data Protection

- Compliance with general data protection principles

- User rights are respected and enforced

- Data breach notification procedures in place

- Regular compliance audits

 

### Section 16: International Data Transfers

Data may be stored and processed in:

- India (primary)

- Google Cloud Platform servers (may be in various regions)

- Firebase servers (may be in various regions)

 

All transfers comply with applicable data protection regulations.

 

### Section 17: Children's Privacy

Leap is designed for educational use and may be used by minors under parental supervision. We do not knowingly collect personal information from children under 13 without parental consent.

 

**Parental Controls:**

- Parents can manage their children's accounts

- Parents can control DND mode activation

- Parents can review and delete children's data

- Parental consent is required for certain features

 

---

 

## Part XI: User Control & Settings

 

### Section 18: Privacy Controls

 

#### 18.1 Permission Management

Users can:

- Grant or revoke permissions at any time

- Disable automatic features (photo upload, DND mode)

- Control data sharing preferences

- Manage notification settings

 

#### 18.2 Feature-Specific Controls

 

##### 18.2.1 DND Mode Controls

- Enable/disable DND mode

- Customize notification filtering rules

- Set DND mode schedules

- Revoke notification listener access

 

##### 18.2.2 Media Upload Controls

- Enable/disable automatic photo upload

- Control which photos are uploaded

- Delete uploaded photos

- Manage media permissions

 

##### 18.2.3 Contact Sync Controls

- Enable/disable contact syncing

- Delete synced contacts

- Control network intelligence features

 

#### 18.3 Data Management

Users can:

- View their stored data

- Export their data

- Delete specific data types

- Request complete account deletion

 

---

 

## Part XII: Contact & Policy Changes

 

### Section 19: Contact Information

**Learneasy Academy**  

Chennai, India  

Phone: +91 98416 11568  

Email: info@learneasy.biz  

Data Portal: https://www.learneasy.biz/accountdeletion

 

**For Privacy Concerns:**

- Email: info@learneasy.biz

- Include "Privacy Policy Inquiry" in subject line

- Response within 7 business days

 

**For Data Deletion Requests:**

- Visit: https://www.learneasy.biz/accountdeletion

- Or email: info@learneasy.biz

- Include user ID and deletion request details

 

**For Technical Issues:**

- Email: info@learneasy.biz

- Include device information and issue description

 

### Section 20: Policy Updates & Amendments

 

#### 20.1 Update Notification

We may update this Policy and will notify users via:

- Email notification to registered users

- In-app messages and notifications

- Updated effective date at the top of this document

- Prominent notice in the app for significant changes

 

#### 20.2 Change History

- **Last Updated:** 24/01/2025

- **Previous Version:** 01/04/2025

- **Major Changes in This Version:**

  - Added DND mode notification access disclosure

  - Added automatic photo upload feature disclosure

  - Expanded media access explanations

  - Enhanced user control sections

  - Added detailed permission breakdowns

 

#### 20.3 User Acceptance

By using Leap, the user acknowledges and agrees to this Policy. Continued use of the app after policy updates constitutes acceptance of the revised policy.

 

**Users who do not agree with policy changes may:**

- Disable specific features (DND mode, automatic photo upload)

- Revoke permissions

- Request account deletion

- Stop using the app

 

---

 

## Part XIII: Data Safety & Security Guarantees

 

### Section 21: Our Commitments

 

#### 21.1 Data Safety Guarantees

- **We do NOT sell user data** to any party

- **We do NOT publish user data** anywhere

- **We do NOT share data** with unauthorized parties

- All data is kept safe and secure

- Data access is strictly controlled

- Regular security monitoring and updates

 

#### 21.2 Security Measures

- End-to-end encryption for sensitive data

- Secure authentication and authorization

- Regular security audits and penetration testing

- Incident response procedures

- Data breach notification protocols

- Employee training on data protection

 

#### 21.3 Third-Party Services

- All third-party services are vetted for security

- Data sharing agreements are in place

- Service providers comply with data protection standards

- Regular review of third-party security practices

 

---

 

## Part XIV: Special Scenarios & Use Cases

 

### Section 22: DND Mode Use Cases

 

#### 22.1 Student-Requested DND

- Student wants to avoid phone distractions during study

- Student requests parent to activate DND mode

- Parent activates DND mode through parent account

- Unwanted notifications are filtered

- Student can focus on studies

 

#### 22.2 Tutor-Initiated DND

- Tutor starts a class session

- Tutor activates DND mode for the class

- Students' notifications are filtered during class

- Essential class-related notifications are allowed

- DND mode can be deactivated after class

 

#### 22.3 Self-Activated DND

- User activates DND mode themselves

- User can customize filtering rules

- User can set schedules for DND mode

- User can deactivate at any time

 

### Section 23: Media Upload Scenarios

 

#### 23.1 Automatic Upload

- User grants media permissions

- App automatically uploads recent photos in background

- Photos are pre-loaded for faster access

- User can disable this feature anytime

 

#### 23.2 User-Selected Upload

- User selects photos for homework submission

- User selects photos for profile picture

- User selects photos for chat sharing

- Only selected photos are uploaded

 

#### 23.3 Video Upload

- Videos are never uploaded automatically

- Videos require explicit user selection

- Videos are uploaded only when user shares them

- Same security measures apply to videos

 

---

 

## Part XV: Technical Details

 

### Section 24: Implementation Details

 

#### 24.1 Notification Listener Implementation

- Uses Android `NotificationListenerService`

- Requires explicit user permission in Android settings

- Processes notifications locally on device

- Filters notifications based on DND rules

- Does not store notification content

 

#### 24.2 Photo Upload Implementation

- Uses Firebase Storage for media storage

- Implements background upload service

- Limits upload to recent photos only

- Implements automatic deletion after retention period

- Uses encryption for data in transit and at rest

 

#### 24.3 Data Encryption

- TLS/SSL for data in transit

- Firebase encryption for data at rest

- Secure key management

- Regular encryption key rotation

 

---

 

## Part XVI: Frequently Asked Questions

 

### Section 25: Common Questions

 

#### 25.1 About DND Mode

**Q: Does Leap read all my notifications?**  

A: Leap only accesses notifications when DND mode is active and you have granted permission. Notification content is processed locally and never stored.

 

**Q: Can I disable DND mode?**  

A: Yes, you can disable DND mode at any time through app settings or by revoking notification listener permission.

 

**Q: Who can activate DND mode for me?**  

A: You can activate it yourself, or your parent can activate it if you request them to do so. Tutors can activate it during class sessions.

 

#### 25.2 About Photo Upload

**Q: Does Leap upload all my photos?**  

A: No, Leap uploads recent photos automatically and also uploads photos you explicitly select for features like homework or chat. You can disable automatic upload anytime.

 

**Q: Are my photos safe?**  

A: Yes, all photos are encrypted and stored securely in Firebase Storage. They are accessible only to you and are automatically deleted after Certain period as per retention policy.

 

**Q: Can I delete uploaded photos?**  

A: Yes, you can request deletion of uploaded photos (both recent and user-selected) by contacting support or requesting account deletion. Photos are stored in Firebase Storage and can be deleted upon your request.

 

#### 25.3 About Data Deletion

**Q: How do I delete my data?**  

A: Visit https://www.learneasy.biz/accountdeletion or email info@learneasy.biz with your deletion request.

 

**Q: How long does deletion take?**  

A: Account deletion is processed within 7 business days. Backups are purged within 90 days.

 

---

 

## Part XVII: Legal & Compliance Details

 

### Section 26: Legal Framework

 

#### 26.1 Applicable Laws

- Information Technology Act, 2000 (India)

- Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011

- Any applicable state data protection laws

- Google Play Store Developer Policy

- General data protection principles

 

#### 26.2 Compliance Measures

- Regular legal review of privacy practices

- Compliance audits

- Employee training on data protection

- Incident response procedures

- Data breach notification protocols

 

#### 26.3 Dispute Resolution

- Users can contact info@learneasy.biz for privacy concerns

- Complaints are addressed within 7 business days

- Escalation procedures are in place

- Legal remedies are available as per applicable laws

 

---

 

## Part XVIII: Contact & Support

 

### Section 27: Support Channels

 

#### 27.1 Privacy Inquiries

- Email: info@learneasy.biz

- Subject: "Privacy Policy Inquiry"

- Response Time: 7 business days

 

#### 27.2 Data Deletion Requests

- Portal: https://www.learneasy.biz/accountdeletion

- Email: info@learneasy.biz

- Subject: "Data Deletion Request"

- Required Information: User ID, email address

 

#### 27.3 Technical Support

- Email: info@learneasy.biz

- Include: Device information, issue description, screenshots if applicable

 

#### 27.4 General Inquiries

- Phone: +91 98416 11568

- Email: info@learneasy.biz

- Address: Learneasy Academy, Chennai, India

 

---

 

## Part XIX: Policy Acceptance & Acknowledgment

 

### Section 28: User Agreement

 

By installing, registering, or using Leap, you acknowledge that:

- You have read and understood this Privacy Policy

- You agree to the data collection and usage practices described

- You consent to the permissions requested by the app

- You understand your rights regarding data access, correction, and deletion

- You accept that policy updates may occur and continued use constitutes acceptance

 

### Section 29: Policy Version

- **Current Version:** 2.0

- **Effective Date:** 01/04/2025

- **Last Updated:** 24/01/2025

---

 

**END OF PRIVACY POLICY**

 

---

 

## Appendix A: Quick Reference Guide

 

### Permissions Summary

| Permission | Purpose | Required | Can Disable |

|-----------|---------|----------|-------------|

| READ_CLIPBOARD | Paste functionality | Yes | No (but only accessed on-demand) |

| POST_NOTIFICATIONS | Send notifications | Yes | Yes |

| BIND_NOTIFICATION_LISTENER | DND mode filtering | Optional | Yes |

| READ_CONTACTS | Network intelligence | Optional | Yes |

| READ_MEDIA_IMAGES | Photo access | Optional | Yes |

| ACCESS_FINE_LOCATION | Location features | Optional | Yes |

 

### Feature Control Summary

| Feature | Default | Can Disable | Data Stored |

|--------|---------|-------------|-------------|

| Clipboard Access | On (on-demand) | No | No |

| DND Mode | Off | Yes | Status only |

| Auto Photo Upload | On (if permission granted) | Yes | Yes (90 days) |

| Contact Sync | Off | Yes | Yes |

| Location Access | Off | Yes | No |

 

---

 

**For the most current version of this policy, please visit: https://www.learneasy.biz/privacy-policy**

bottom of page