Leap Application Privacy Policy · Learneasy Academy

Leap Data Protection and Privacy Policy

(Learneasy Academy – Privacy Compliance Policy)

Effective Date: 01/04/2025

Last Updated: 24/01/2025

---

Part I: Introduction

Section 1: Title and Scope

This Privacy Policy ("Policy") governs how the Leap application ("Leap", "we", "our", "us") collects, uses, stores, protects and deletes user data. This policy applies to all individuals who install, register, or use Leap and its related services, including Google Calendar API integrations, keyboard functionality, network intelligence features, DND (Do Not Disturb) mode, and media management.

Section 2: Purpose

This policy ensures transparency, legal compliance, and responsible data practices while enabling core app features such as:

• Scheduling classes and generating Google Meet links

• Managing timetables and homework

• Improving typing experiences and suggestions

• Network intelligence and contact analysis

• Payment processing and fee management

• Real-time notifications and messaging

• DND (Do Not Disturb) mode for focused learning

• Optimized media access for faster app performance

Section 3: Definitions

• User – Anyone using Leap.

• Personal Data – Any information that can identify a user.

• Keystroke Data – Non-identifiable typing patterns used for suggestions and gamification.

• Sensitive Data – Passwords, OTPs, banking info, government IDs, secure field input.

• Calendar Data – Google Calendar event and availability information accessed via permitted OAuth scopes.

• Contact Data – Phone numbers, names, and contact information from user's device contacts.

• Clipboard Data – Content temporarily stored in device clipboard when user performs copy/paste operations.

• Notification Data – Notification content from system and third-party applications accessed for DND mode functionality.

• Media Data – Photos, images, and visual content stored on user's device.

---

Part II: Data Collected

Section 4: Categories of Data Collected

4.1 Google OAuth & Calendar Data

Leap uses Google Sign-In and Google Calendar to enable tutors to schedule online classes and automatically generate Google Meet links.

Leap may request the following scopes:

Non-sensitive Scopes:

• .../auth/calendar.app.created – Create secondary calendars & events

• .../auth/calendar.calendarlist.readonly – View list of user's calendars

• .../auth/calendar.events.freebusy – View free/busy information

• .../auth/calendar.events.public.readonly – View public calendar events

• .../auth/calendar.settings.readonly – View calendar settings

• .../auth/calendar.freebusy – View availability

Sensitive Scopes (Approval required by Google):

• .../auth/calendar – Full calendar access

• .../auth/calendar.acls + .readonly – View/manage sharing permissions

• .../auth/calendar.readonly – View calendar data

• .../auth/calendar.calendarlist – Manage subscribed calendars

• .../auth/calendar.calendars + .readonly – View/edit calendar properties

• .../auth/calendar.events – Create & edit events

• .../auth/calendar.events.owned + .readonly – Manage events on owned calendars

• .../auth/calendar.events.readonly – View event details

IMPORTANT CLARIFICATION (Required by Google):

Although Leap requests these scopes, Leap ONLY uses them to create new calendar events with Google Meet links.

Leap does NOT:

• Read existing events

• Edit existing events

• Delete events

• View private calendar content

• Modify calendar settings

• Access participant lists

• Sync full calendars

We only create a new event when a tutor schedules a class.

4.2 Authentication Data

• Name

• Email address

• Profile photo

Used ONLY for login and account creation.

4.3 User Profile & App Usage Data

• Timetable usage

• Homework feature usage

• Marks tracking

• Feature logs

• Class attendance records

• Payment and invoice history

• DND mode activation status and preferences

• FCM (Firebase Cloud Messaging) tokens for push notifications

4.4 Keystroke Data (Non-Identifiable)

We collect:

• Typing speed

• Key frequency

• Aggregate typing patterns

• Typed words and phrases (for analytics and leaderboard features)

Data Storage:

• Keystroke data is stored in Firebase Realtime Database under keystrokes/{userId}

• Data includes word patterns and timestamps

• Used to improve suggestions and gamification

• This data is NOT linked to specific text content or personal information

• Data is aggregated for leaderboard and analytics purposes

4.5 Clipboard Data

IMPORTANT: On-Demand Access Only

Leap accesses clipboard content ONLY when:

• The user explicitly clicks the "Paste" button in the keyboard interface

• The user performs a paste action through the keyboard

Leap does NOT:

• Continuously monitor clipboard

• Automatically read clipboard content

• Store clipboard data on servers

• Upload clipboard content to our databases

• Access clipboard without user action

Clipboard content is:

• Read only at the moment of paste

• Used solely to insert text into the active input field

• Not saved, logged, or transmitted to our servers

• Not analyzed or processed beyond the paste operation

4.6 Notification Permissions

##### 4.6.1 Outbound Notifications (POST_NOTIFICATIONS)

Leap requests POST_NOTIFICATIONS permission to:

• Send push notifications about class schedules

• Notify users about homework assignments

• Alert users about payment due dates

• Send real-time updates about student requests

• Deliver system and feature updates

##### 4.6.2 Inbound Notification Access (Notification Listener Service) - DND Mode Feature

IMPORTANT: Optional Feature for Focused Learning

Leap may request notification listener access (BIND_NOTIFICATION_LISTENER_SERVICE) ONLY for the optional DND (Do Not Disturb) mode feature.

Purpose of DND Mode:

• Help students maintain focus during study time

• Allow parents to activate DND mode for their children upon student request

• Enable tutors to activate DND mode during class sessions

• Hide unwanted notifications from third-party apps to reduce distractions

How DND Mode Works:

1. Student Request: A student can request their parent to activate DND mode if they want to avoid phone distractions

1. Parent Activation: Parents can activate DND mode for their children through the parent account

1. Tutor Activation: Tutors can activate DND mode during class sessions to ensure focused learning

1. Notification Filtering: When DND mode is active, Leap filters and hides notifications from non-essential apps

1. User Control: DND mode is completely optional and can be turned on or off at any time by the user, parent, or tutor

What Leap Does with Notification Access:

• Reads notification content to identify which notifications to hide

• Filters notifications based on DND mode settings

• Hides unwanted notifications when DND mode is active

• Allows essential Leap notifications (class reminders, homework) to pass through

What Leap Does NOT Do:

• Store notification content from other apps

• Upload notification data to our servers

• Share notification content with third parties

• Use notification data for marketing or advertising

• Access notifications when DND mode is disabled

• Monitor notifications without user consent

User Control & Consent:

• Notification listener access requires explicit user permission

• DND mode is opt-in only

• Users can disable DND mode at any time

• Parents can only activate DND for their own children

• Tutors can activate DND only during their class sessions

• Notification access is automatically disabled when DND mode is turned off

Data Handling:

• Notification content is processed locally on the device

• Notification data is NOT stored in our databases

• Notification data is NOT transmitted to our servers

• Notification filtering rules are stored locally on device

• DND mode preferences are stored in Firebase (on/off status only, not notification content)

4.7 Contact Data (Network Intelligence Feature)

Leap may request READ_CONTACTS permission to:

• Enable network intelligence analysis (for admin users)

• Identify connections between users

• Analyze contact patterns for educational insights

• Generate network summaries and classifications

How Contact Data is Used:

• Contact data is analyzed using AI (Gemini API) to classify contacts (e.g., students, teachers, friends)

• Analysis results are stored in Firebase for admin dashboard viewing

• Contact names and phone numbers are processed to identify network patterns

• Contact data is NOT shared with third parties

• Contact data is NOT used for marketing or advertising

User Control:

• Users can choose to sync or not sync contacts

• Contact sync is optional and requires explicit user consent

• Users can delete synced contacts at any time through the admin panel

4.8 Media Access & Automatic Photo Upload

##### 4.8.1 Media Permissions

Leap requests media permissions (READ_EXTERNAL_STORAGE, READ_MEDIA_IMAGES) for:

• Profile photo uploads

• Homework image attachments

• Gallery access for sharing images in chat

• Automatic upload of recent photos (for app optimization)

##### 4.8.2 Automatic Photo Upload (App Performance Optimization)

Purpose: Faster App Performance & User Experience

Leap may automatically upload recent photos from the user's device to:

• Pre-load frequently accessed images

• Improve app loading speed

• Enhance user experience by reducing wait times

• Optimize gallery and media selection features

What Photos Are Uploaded:

• Recent photos from the user's device (automatically uploaded in background)

• Photos explicitly selected by the user for features like homework, chat, or profile pictures

• Both recent photos and user-selected photos are uploaded to Firebase Storage

• Photos are uploaded automatically in the background when media permissions are granted

• Users will receive a notification when photos are being uploaded in the background

• Upload occurs only when user has granted media permissions

• Upload is limited to optimize storage and bandwidth

What Leap Does NOT Do:

• Upload all photos from device

• Upload photos without user permission

• Access photos when media permission is denied

• Upload videos automatically (videos require explicit user selection)

• Share uploaded photos with third parties

• Use photos for marketing or advertising

User Control:

• Media permissions can be revoked at any time

• Users can disable automatic photo upload in settings

• Users can request deletion of uploaded photos from Firebase Storage

• Users can contact support to request deletion of recent photos or user-selected photos

• Both recent photos and user-selected photos can be deleted upon user request

Data Handling:

• Uploaded photos (both recent and user-selected) are stored in Firebase Storage

• Photos are stored in rapidModeImages/{userId} for optimized images

• Photos are encrypted in transit and at rest

• Photos are accessible only to the user who uploaded them

• Users can request deletion of photos at any time

• Old photos are automatically deleted based on retention policy

Video Access:

• Videos are NOT accessed automatically

• Videos require explicit user selection

• Videos are uploaded only when user chooses to share them

• Video upload follows the same security and privacy measures as photos

4.9 Local Dictionary Words

Users may add custom words to their personal dictionary.

• These are stored only on the user's device

• NOT uploaded to our servers

• NOT shared with other users

4.10 Location Data

Leap may request location permissions for:

• Finding nearby tutors (if applicable)

• Map-based location selection for class scheduling

• Location is used only when explicitly requested by the user for specific features

---

Part III: Sensitive Data Protection

Section X: Passwords & Sensitive Input (Critical for Keyboard Apps)

Leap does NOT record or process:

• Passwords

• OTPs (One-Time Passwords)

• Banking details

• Payment card numbers

• Aadhaar / Government ID numbers

• Any secure-field input

When the system detects a password/secure input field:

• ✔ All keystroke tracking stops

• ✔ Leap receives NO typed characters

• ✔ No predictions or analytics are generated

• ✔ No data is stored, uploaded, or transmitted

• ✔ Clipboard access is disabled for secure fields

• ✔ Notification access is disabled for secure fields

Secure Field Detection:

Leap automatically detects password fields, OTP fields, and other secure input types using Android's input type flags. When detected, all data collection and processing for that field is immediately disabled.

---

Part IV: How We Use Data

Section 5: Data Usage Purposes

5.1 Calendar API Usage (Required Disclosure)

Leap uses requested Google Calendar scopes only to:

• Create a calendar event for the tutor

• Automatically attach a Google Meet link

• Add the event to the tutor's chosen calendar

We do not view, edit, delete, or monitor user calendars beyond creating new events.

5.2 Clipboard Usage

Clipboard content is accessed only when:

• User clicks the paste button in the keyboard

• User performs a paste gesture

Clipboard data is:

• Used solely to insert text into the active field

• Not stored, logged, or transmitted

• Not analyzed or processed

• Immediately discarded after paste operation

5.3 Notification Usage

##### 5.3.1 Outbound Notifications

Notifications are used only to:

• Send important updates to users

• Alert users about class schedules

• Notify about homework assignments

• Inform about payment due dates

Notification Storage:

• Notification content we send MAY be stored in Firebase with user permission

• Storage occurs in Firebase Realtime Database nodes:

• studentNotifications/{userId} - student notification history

• tutorNotifications/{tutorId} - tutor notification history

• adminNotifications - admin notification history

• Storage is enabled only when user has granted notification permissions and enabled notifications in app settings

• Users can disable notification storage by disabling notifications in app settings

• Notification data is retained for up to 90 days for delivery tracking and in-app notification history

##### 5.3.2 Inbound Notification Access (DND Mode)

Notification content from other apps is accessed only for:

• Filtering unwanted notifications when DND mode is active

• Identifying which notifications to hide based on DND settings

• Ensuring essential Leap notifications are not blocked

Notification data is:

• Processed locally on device

• NOT stored in our databases

• NOT transmitted to our servers

• NOT shared with third parties

• Used solely for DND mode filtering functionality

We do NOT:

• Read notifications when DND mode is disabled

• Store notification content from other apps

• Use notification data for any purpose other than DND filtering

• Access notifications without explicit user consent and DND activation

5.4 Contact Data Usage (Network Intelligence)

Contact data is used only for:

• Network intelligence analysis (admin feature)

• Identifying connections between users

• Generating educational insights

• Classifying contacts using AI analysis

Contact data is:

• Processed using Gemini AI for classification

• Stored securely in Firebase

• Accessible only to authorized admin users

• Never shared with third parties

• Never used for marketing

5.5 Media Data Usage

##### 5.5.1 Automatic Photo Upload

Automatically uploaded photos (recent photos) and user-selected photos are used only for:

• Pre-loading images for faster app performance

• Reducing wait times when accessing gallery

• Optimizing user experience

• Improving app responsiveness

• Supporting features like homework submissions, chat media, and profile pictures

Uploaded photos (both recent and user-selected) are:

• Stored in Firebase Storage (rapidModeImages/{userId} for optimized images)

• Encrypted in transit and at rest

• Accessible only to the uploading user

• Users receive notification when photos are uploaded in background

• Deleted based on retention policy (90 days for automatically uploaded photos)

• Users can request deletion at any time

• NOT shared with other users

• NOT used for marketing

##### 5.5.2 User-Selected Media

User-selected photos and videos are used for:

• Profile pictures

• Homework submissions

• Chat media sharing

• Feature-specific content

User-selected media:

• Requires explicit user selection

• Stored securely in Firebase Storage (along with automatically uploaded recent photos)

• Shared only with intended recipients (e.g., tutor for homework)

• Users can request deletion at any time

• Both recent photos and user-selected photos are uploaded and can be deleted upon user request

5.6 Other Uses

• Improve typing accuracy and suggestions

• Personalize user experience

• Display leaderboards and rewards using non-sensitive metadata

• Improve app performance, security, and stability

• Provide customer support

• Process payments and manage fees

• Enable real-time messaging between users

• Enable DND mode for focused learning

---

Part V: Data Sharing & Protection

Section 6: Data Sharing

6.1 Service Providers

We only share data with service providers who act on our behalf:

• Google Firebase Authentication – User authentication

• Firebase Realtime Database – Data storage

• Google Cloud Platform Hosting – Application hosting

• Firebase Analytics / Crashlytics – App analytics and error tracking

• Firebase Storage – Media file storage (photos, videos)

• Google Calendar API – Calendar event creation

• Gemini AI (Google) – Contact classification for network intelligence

• Razorpay – Payment processing (payment data handled by Razorpay, not stored by us)

6.2 Data Sharing Policies

We do not sell user data.

We do not share contact data with third parties.

We do not share clipboard content with any service.

We do not share notification content with any service.

We do not share automatically uploaded photos with any service.

All data sharing is limited to:

• Service providers necessary for app functionality

• Authorized personnel within Learneasy Academy

• Legal compliance requirements (when legally obligated)

6.3 Network Intelligence Data Sharing

Contact classification results (generated by Gemini AI) are:

• Stored in Firebase Realtime Database

• Accessible only to authorized admin users

• Used solely for network intelligence dashboard

• Never shared with external parties

• Never used for marketing or advertising

6.4 DND Mode Data Sharing

DND mode data (notification filtering preferences) is:

• Stored locally on device (notification content)

• DND on/off status stored in Firebase (for parent/tutor control)

• NOT shared with third parties

• NOT used for any purpose other than DND functionality

6.5 Media Data Sharing

Uploaded photos and videos are:

• Stored in Firebase Storage

• Accessible only to the user who uploaded them

• Shared only when user explicitly shares (e.g., homework to tutor)

• NOT shared with third parties

• NOT used for marketing or advertising

---

Part VI: Data Storage & Protection

Section 7: Data Storage & Protection

7.1 Security Measures

• Data encrypted in transit (TLS/SSL)

• Data encrypted at rest in Firebase

• Access restricted to authorized personnel only

• Multi-factor authentication enforced for admin access

• Regular security audits performed

• Secure password handling (never stored or logged)

• Compliance with Google Play Store policies

• Compliance with Indian data protection laws

7.2 Clipboard Data

• NOT stored in our databases

• NOT transmitted to our servers

• NOT logged in our systems

• Exists only in device memory during paste operation

7.3 Notification Data

##### 7.3.1 Outbound Notifications (Sent by Leap)

• Notification content we send (class reminders, homework, etc.) MAY be stored in Firebase with user permission

• Notifications are stored in Firebase Realtime Database nodes:

• studentNotifications/{userId} - for student notifications

• tutorNotifications/{tutorId} - for tutor notifications

• adminNotifications - for admin notifications

• notificationQueue - for notification delivery tracking

• Storage occurs only when user has granted notification permissions and enabled notifications in app settings

• Users can disable notification storage by disabling notifications in app settings

• Notification data is retained for up to 90 days for delivery tracking and in-app notification history

##### 7.3.2 Inbound Notification Access (DND Mode)

• Notification content from other apps is NOT stored in our databases

• Notification content is NOT transmitted to our servers

• Notification content is processed locally and immediately discarded

• Only DND mode preferences (on/off status) are stored in Firebase

• Notification listener access is disabled when DND mode is off

7.4 Contact Data

• Stored in Firebase Realtime Database

• Encrypted in transit and at rest

• Accessible only to authorized admin users

• Can be deleted by admin users at any time

7.5 Media Data

• Photos (both recent and user-selected) stored in Firebase Storage

• Photos stored in rapidModeImages/{userId} for optimized images

• Encrypted in transit and at rest

• Accessible only to the uploading user

• Automatic deletion based on retention policy (90 days for automatically uploaded photos)

• User can request deletion of photos at any time

7.6 Data Safety Guarantees

• All data is kept safe and secure

• Data will NOT be sold to any party

• Data will NOT be published anywhere

• Data access is strictly controlled

• Regular security monitoring and updates

---

Part VII: Retention & Deletion

Section 8: Retention Policies

8.1 Retention Periods

• Account data: Retained until deletion request

• Calendar-related data: Stored only as needed for class scheduling

• Keystroke analytics: Stored in Firebase (keystrokes/{userId}) in aggregated form (non-identifiable)

• FCM tokens: Stored in Firebase (users/{userId}/fcmToken) until user deletion or token refresh

• Contact data: Retained until user requests deletion or admin removes it

• Clipboard data: NOT retained (never stored)

• Notification data (inbound/DND): NOT retained (notification content from other apps never stored, only DND preferences)

• Notification data (outbound): MAY be stored in Firebase with user permission, retained for up to 90 days for delivery tracking and in-app history

• Automatically uploaded photos: Stored in Firebase Storage (rapidModeImages/{userId}), retained for up to 90 days, then automatically deleted

• User-uploaded photos: Stored in Firebase Storage, retained until user requests deletion or account deletion

• Crash logs: Up to 12 months

• Backups: Purged within 90 days

8.2 Automatic Deletion

• Old data is automatically deleted based on retention policies

• Automatically uploaded photos are deleted after 90 days

• Notification content is never stored, so no deletion needed

• Backup data is purged within 90 days

8.3 User-Initiated Deletion

Users can request deletion of:

• Their account and all associated data

• Specific photos or media files

• Contact sync data

• Network intelligence analysis results

Section 9: User Rights

Users may request:

• Access – View their personal data

• Correction – Update inaccurate information

• Data portability – Export their data

• Deletion – Remove their account and data

• Restriction of processing – Limit how data is used

• Objection – Object to certain data processing

• DND Mode Control – Enable or disable DND mode at any time

• Media Upload Control – Disable automatic photo upload

Section 10: Data Deletion Procedure

When a user requests deletion via:

• 👉 <https://www.learneasy.biz/accountdeletion>

• or

• 👉 info@learneasy.biz

We delete:

• ✔ Firebase Authentication user

• ✔ All Firebase Realtime Database records (including keystroke data, notifications, user data)

• ✔ All FCM tokens (users/{userId}/fcmToken)

• ✔ All profile data

• ✔ All app usage data

• ✔ All contact sync data (if applicable)

• ✔ All network intelligence analysis results

• ✔ All payment and invoice records

• ✔ All uploaded photos and media files (from rapidModeImages/{userId} and other storage paths)

• ✔ All DND mode preferences

• ✔ All notification listener access permissions

• ✔ All notification history (studentNotifications, tutorNotifications, adminNotifications)

Backups are purged within 90 days.

Note:

• Clipboard data is never stored, so no deletion is needed

• Notification content from other apps is never stored, so no deletion is needed

• Old data is automatically deleted per retention policy

---

Part VIII: Special Features & Permissions

Section 11: DND (Do Not Disturb) Mode Feature

11.1 Feature Overview

DND mode is an optional feature designed to help students maintain focus during study time by filtering unwanted notifications.

11.2 How DND Mode Works

1. Activation Methods:

• Students can request parents to activate DND mode

• Parents can activate DND mode for their children

• Tutors can activate DND mode during class sessions

• Users can activate DND mode themselves

1. Notification Filtering:

• When active, DND mode filters notifications from non-essential apps

• Essential Leap notifications (class reminders, homework) are allowed through

• Filtering rules are customizable by user/parent/tutor

1. User Control:

• DND mode can be turned on or off at any time

• Notification listener access can be revoked at any time

• DND preferences are stored locally and in Firebase (on/off status only)

11.3 Privacy & Data Handling

• Notification content is processed locally on device

• Notification content is NOT stored in our databases

• Notification content is NOT transmitted to our servers

• Only DND mode status (on/off) is stored in Firebase

• Notification listener access is disabled when DND mode is off

11.4 Parental Control

• Parents can activate DND mode for their children

• Parental activation requires parent account access

• Students can request DND activation from parents

• Parents can deactivate DND mode at any time

11.5 Tutor Control

• Tutors can activate DND mode during their class sessions

• Tutor activation is limited to class duration

• Tutors cannot access notification content

• DND mode automatically deactivates after class ends (optional)

Section 12: Automatic Photo Upload Feature

12.1 Feature Overview

Automatic photo upload is designed to improve app performance and user experience by pre-loading recent photos.

12.2 How It Works

• Leap automatically uploads recent photos from the user's device

• Both recent photos and user-selected photos are uploaded

• Upload occurs in the background when media permissions are granted

• Users will receive a notification when photos are being uploaded in the background

• Photos are stored in Firebase Storage (rapidModeImages/{userId}) for faster access

• Upload is limited to optimize storage and bandwidth

12.3 User Control

• Users can disable automatic photo upload in app settings

• Users can revoke media permissions at any time

• Users can request deletion of uploaded photos (both recent and user-selected)

• Users can contact support to request deletion of photos from Firebase Storage

• Both recent photos and user-selected photos can be deleted upon user request

• Only recent photos are automatically uploaded, not entire gallery

12.4 Privacy & Data Handling

• Uploaded photos (both recent and user-selected) are stored securely in Firebase Storage

• Photos are stored in rapidModeImages/{userId} for optimized images

• Photos are encrypted in transit and at rest

• Photos are accessible only to the uploading user

• Photos are automatically deleted after 90 days

• Users can request deletion of photos at any time

• Photos are NOT shared with other users

• Photos are NOT used for marketing or advertising

12.5 Video Access

• Videos are NOT accessed automatically

• Videos require explicit user selection

• Videos are uploaded only when user chooses to share them

• Video upload follows same security measures as photos

---

Part IX: Keyboard-Specific Permissions

Section 13: Detailed Permission Breakdown

13.1 Clipboard Access

• Permission: READ_CLIPBOARD

• Purpose: Enable paste functionality in keyboard

• Access Pattern: On-demand only (when user clicks paste button)

• Data Handling: Content is NOT stored, logged, or transmitted

• Security: Clipboard access is disabled for secure fields (passwords, OTPs)

13.2 Notification Permissions

##### 13.2.1 Outbound Notifications

• Permission: POST_NOTIFICATIONS

• Purpose: Send push notifications to users

• Access Pattern: Outbound notifications only (we send, we don't read by default)

• Data Handling: Notification content we send is stored in Firebase for delivery tracking

##### 13.2.2 Inbound Notification Access (DND Mode)

• Permission: BIND_NOTIFICATION_LISTENER_SERVICE

• Purpose: Filter notifications for DND mode feature

• Access Pattern: Only when DND mode is active and user has granted permission

• Data Handling: Notification content is processed locally, NOT stored or transmitted

• User Control: Can be disabled at any time, requires explicit user consent

13.3 Contact Access

• Permission: READ_CONTACTS

• Purpose: Network intelligence analysis (admin feature)

• Access Pattern: Optional sync, requires user consent

• Data Handling: Contacts are analyzed using AI and results stored in Firebase

• User Control: Can be disabled at any time

13.4 Location Access

• Permissions: ACCESS_FINE_LOCATION, ACCESS_COARSE_LOCATION

• Purpose: Map-based location selection, finding nearby services

• Access Pattern: Only when user explicitly requests location-based features

• Data Handling: Location data is used temporarily and not stored long-term

13.5 Media Access

• Permissions: READ_EXTERNAL_STORAGE, READ_MEDIA_IMAGES

• Purpose: Profile photos, homework images, chat media, automatic photo upload

• Access Pattern:

• Automatic upload: Background upload of recent photos (optional, can be disabled)

• User selection: Only when user chooses to upload/share media

• Data Handling:

• Media is stored in Firebase Storage

• Accessible only to authorized users

• Automatically deleted per retention policy

---

Part X: Compliance & Legal

Section 14: Legal Basis

• Consent: User provides explicit consent by using the app and granting permissions

• Legitimate Interest: Improving app functionality and user experience

• Contract Performance: Delivering services as per user agreement

• Legal Obligation: Compliance with applicable data protection laws

Section 15: Regulatory Compliance

15.1 Google Play Store Compliance

• All Google Play Store rules and policies are followed

• Required disclosures are made in Play Console

• Permissions are properly declared and explained

• Data handling practices comply with Play Store requirements

15.2 Indian Legal Compliance

• Compliance with applicable Indian data protection laws

• Compliance with Information Technology Act, 2000

• Compliance with any applicable state regulations

• Regular legal review and updates

15.3 International Data Protection

• Compliance with general data protection principles

• User rights are respected and enforced

• Data breach notification procedures in place

• Regular compliance audits

Section 16: International Data Transfers

Data may be stored and processed in:

• India (primary)

• Google Cloud Platform servers (may be in various regions)

• Firebase servers (may be in various regions)

All transfers comply with applicable data protection regulations.

Section 17: Children's Privacy

Leap is designed for educational use and may be used by minors under parental supervision. We do not knowingly collect personal information from children under 13 without parental consent.

Parental Controls:

• Parents can manage their children's accounts

• Parents can control DND mode activation

• Parents can review and delete children's data

• Parental consent is required for certain features

---

Part XI: User Control & Settings

Section 18: Privacy Controls

18.1 Permission Management

Users can:

• Grant or revoke permissions at any time

• Disable automatic features (photo upload, DND mode)

• Control data sharing preferences

• Manage notification settings

18.2 Feature-Specific Controls

##### 18.2.1 DND Mode Controls

• Enable/disable DND mode

• Customize notification filtering rules

• Set DND mode schedules

• Revoke notification listener access

##### 18.2.2 Media Upload Controls

• Enable/disable automatic photo upload

• Control which photos are uploaded

• Delete uploaded photos

• Manage media permissions

##### 18.2.3 Contact Sync Controls

• Enable/disable contact syncing

• Delete synced contacts

• Control network intelligence features

18.3 Data Management

Users can:

• View their stored data

• Export their data

• Delete specific data types

• Request complete account deletion

---

Part XII: Contact & Policy Changes

Section 19: Contact Information

Learneasy Academy

Chennai, India

Phone: +91 98416 11568

Email: info@learneasy.biz

Data Portal: <https://www.learneasy.biz/accountdeletion>

For Privacy Concerns:

• Email: info@learneasy.biz

• Include "Privacy Policy Inquiry" in subject line

• Response within 7 business days

For Data Deletion Requests:

• Visit: <https://www.learneasy.biz/accountdeletion>

• Or email: info@learneasy.biz

• Include user ID and deletion request details

For Technical Issues:

• Email: info@learneasy.biz

• Include device information and issue description

Section 20: Policy Updates & Amendments

20.1 Update Notification

We may update this Policy and will notify users via:

• Email notification to registered users

• In-app messages and notifications

• Updated effective date at the top of this document

• Prominent notice in the app for significant changes

20.2 Change History

• Last Updated: 24/01/2025

• Previous Version: 01/04/2025

• Major Changes in This Version:

• Added DND mode notification access disclosure

• Added automatic photo upload feature disclosure

• Expanded media access explanations

• Enhanced user control sections

• Added detailed permission breakdowns

20.3 User Acceptance

By using Leap, the user acknowledges and agrees to this Policy. Continued use of the app after policy updates constitutes acceptance of the revised policy.

Users who do not agree with policy changes may:

• Disable specific features (DND mode, automatic photo upload)

• Revoke permissions

• Request account deletion

• Stop using the app

---

Part XIII: Data Safety & Security Guarantees

Section 21: Our Commitments

21.1 Data Safety Guarantees

• We do NOT sell user data to any party

• We do NOT publish user data anywhere

• We do NOT share data with unauthorized parties

• All data is kept safe and secure

• Data access is strictly controlled

• Regular security monitoring and updates

21.2 Security Measures

• End-to-end encryption for sensitive data

• Secure authentication and authorization

• Regular security audits and penetration testing

• Incident response procedures

• Data breach notification protocols

• Employee training on data protection

21.3 Third-Party Services

• All third-party services are vetted for security

• Data sharing agreements are in place

• Service providers comply with data protection standards

• Regular review of third-party security practices

---

Part XIV: Special Scenarios & Use Cases

Section 22: DND Mode Use Cases

22.1 Student-Requested DND

• Student wants to avoid phone distractions during study

• Student requests parent to activate DND mode

• Parent activates DND mode through parent account

• Unwanted notifications are filtered

• Student can focus on studies

22.2 Tutor-Initiated DND

• Tutor starts a class session

• Tutor activates DND mode for the class

• Students' notifications are filtered during class

• Essential class-related notifications are allowed

• DND mode can be deactivated after class

22.3 Self-Activated DND

• User activates DND mode themselves

• User can customize filtering rules

• User can set schedules for DND mode

• User can deactivate at any time

Section 23: Media Upload Scenarios

23.1 Automatic Upload

• User grants media permissions

• App automatically uploads recent photos in background

• Photos are pre-loaded for faster access

• User can disable this feature anytime

23.2 User-Selected Upload

• User selects photos for homework submission

• User selects photos for profile picture

• User selects photos for chat sharing

• Only selected photos are uploaded

23.3 Video Upload

• Videos are never uploaded automatically

• Videos require explicit user selection

• Videos are uploaded only when user shares them

• Same security measures apply to videos

---

Part XV: Technical Details

Section 24: Implementation Details

24.1 Notification Listener Implementation

• Uses Android NotificationListenerService

• Requires explicit user permission in Android settings

• Processes notifications locally on device

• Filters notifications based on DND rules

• Does not store notification content

24.2 Photo Upload Implementation

• Uses Firebase Storage for media storage

• Implements background upload service

• Limits upload to recent photos only

• Implements automatic deletion after retention period

• Uses encryption for data in transit and at rest

24.3 Data Encryption

• TLS/SSL for data in transit

• Firebase encryption for data at rest

• Secure key management

• Regular encryption key rotation

---

Part XVI: Frequently Asked Questions

Section 25: Common Questions

25.1 About DND Mode

Q: Does Leap read all my notifications?

A: Leap only accesses notifications when DND mode is active and you have granted permission. Notification content is processed locally and never stored.

Q: Can I disable DND mode?

A: Yes, you can disable DND mode at any time through app settings or by revoking notification listener permission.

Q: Who can activate DND mode for me?

A: You can activate it yourself, or your parent can activate it if you request them to do so. Tutors can activate it during class sessions.

25.2 About Photo Upload

Q: Does Leap upload all my photos?

A: No, Leap uploads recent photos automatically and also uploads photos you explicitly select for features like homework or chat. You can disable automatic upload anytime.

Q: Are my photos safe?

A: Yes, all photos are encrypted and stored securely in Firebase Storage. They are accessible only to you and are automatically deleted after Certain period as per retention policy.

Q: Can I delete uploaded photos?

A: Yes, you can request deletion of uploaded photos (both recent and user-selected) by contacting support or requesting account deletion. Photos are stored in Firebase Storage and can be deleted upon your request.

25.3 About Data Deletion

Q: How do I delete my data?

A: Visit <https://www.learneasy.biz/accountdeletion> or email info@learneasy.biz with your deletion request.

Q: How long does deletion take?

A: Account deletion is processed within 7 business days. Backups are purged within 90 days.

---

Part XVII: Legal & Compliance Details

Section 26: Legal Framework

26.1 Applicable Laws

• Information Technology Act, 2000 (India)

• Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011

• Any applicable state data protection laws

• Google Play Store Developer Policy

• General data protection principles

26.2 Compliance Measures

• Regular legal review of privacy practices

• Compliance audits

• Employee training on data protection

• Incident response procedures

• Data breach notification protocols

26.3 Dispute Resolution

• Users can contact info@learneasy.biz for privacy concerns

• Complaints are addressed within 7 business days

• Escalation procedures are in place

• Legal remedies are available as per applicable laws

---

Part XVIII: Contact & Support

Section 27: Support Channels

27.1 Privacy Inquiries

• Email: info@learneasy.biz

• Subject: "Privacy Policy Inquiry"

• Response Time: 7 business days

27.2 Data Deletion Requests

• Portal: <https://www.learneasy.biz/accountdeletion>

• Email: info@learneasy.biz

• Subject: "Data Deletion Request"

• Required Information: User ID, email address

27.3 Technical Support

• Email: info@learneasy.biz

• Include: Device information, issue description, screenshots if applicable

27.4 General Inquiries

• Phone: +91 98416 11568

• Email: info@learneasy.biz

• Address: Learneasy Academy, Chennai, India

---

Part XIX: Policy Acceptance & Acknowledgment

Section 28: User Agreement

By installing, registering, or using Leap, you acknowledge that:

• You have read and understood this Privacy Policy

• You agree to the data collection and usage practices described

• You consent to the permissions requested by the app

• You understand your rights regarding data access, correction, and deletion

• You accept that policy updates may occur and continued use constitutes acceptance

Section 29: Policy Version

• Current Version: 2.0

• Effective Date: 01/04/2025

• Last Updated: 24/01/2025

---

END OF PRIVACY POLICY

---

Appendix A: Quick Reference Guide

Permissions Summary

Permission	Purpose	Required	Can Disable

READ_CLIPBOARD	Paste functionality	Yes	No (but only accessed on-demand)

POST_NOTIFICATIONS	Send notifications	Yes	Yes

BIND_NOTIFICATION_LISTENER	DND mode filtering	Optional	Yes

READ_CONTACTS	Network intelligence	Optional	Yes

READ_MEDIA_IMAGES	Photo access	Optional	Yes

ACCESS_FINE_LOCATION	Location features	Optional	Yes

Feature Control Summary

Feature	Default	Can Disable	Data Stored

Clipboard Access	On (on-demand)	No	No

DND Mode	Off	Yes	Status only

Auto Photo Upload	On (if permission granted)	Yes	Yes (90 days)

Contact Sync	Off	Yes	Yes

Location Access	Off	Yes	No

---

**For the most current version of this policy, please visit: <https://www.learneasy.biz/privacy-policy%2A%2A>