1. Overview
This Privacy Policy describes how APilotsJourney ("we", "us", "our") collects, uses, and shares information about you when you use our platform at apilotsjourney.in and all related services.
This policy applies to all users — whether you are on the Free plan or a paying PRO subscriber. By creating an account, you confirm that you have read and understood this policy.
We are committed to full compliance with the Information Technology Act, 2000 and the IT (Amendment) Act, 2008 applicable in India.
2. Data We Collect
We collect only what is necessary to operate the platform effectively:
Account Data
- Name and email address (via registration or Google OAuth)
- Hashed password (never stored in plain text)
- Profile photo (if provided via OAuth)
- Selected DGCA subjects and exam target date
Performance & Usage Data
- Quiz attempts, scores, and answers per session
- Time spent per question and per subject
- Mock exam results and performance trends
- Features accessed (aggregated)
Technical Data
- IP address and approximate geographic region
- Browser type, OS, and device info
- Referral source
- Session timestamps
3. How We Use Your Data
Your data is used exclusively to provide, improve, and personalise the APilotsJourney platform:
- 1Authenticate you and manage your account access securely.
- 2Power the adaptive quiz engine to surface weak areas.
- 3Generate your personalised analytics dashboard and progress charts.
- 4Process your subscription payments and send billing receipts.
- 5Send important service notifications (account changes, system updates).
- 6Detect and prevent fraudulent activity or Terms violations.
- 7Improve platform performance using aggregated, anonymised data.
We never use your data for targeted advertising. We do not sell your information to data brokers or share it with marketing networks.
4. Data Sharing & Third Parties
We share your data only with trusted service providers who help us operate the platform. All third-party processors are contractually obligated to keep your data secure.
| Provider | Purpose |
|---|---|
| Neon DB (PostgreSQL) | Secure storage of user accounts and quiz data |
| Upstash Redis | Session caching and real-time task tracking |
| Cloudinary | Secure storage of uploaded study PDFs |
| Cashfree Payments | Payment processing for PRO subscriptions |
| Google OAuth | Single sign-on authentication (optional) |
| Vercel | Web hosting and edge CDN delivery |
| CloudAMQP | Background OCR job queue processing |
5. Data Security
- Passwords are hashed using bcrypt — never stored in plain text.
- Data in transit is encrypted via TLS 1.2+ (HTTPS enforced everywhere).
- Database access is isolated with role-based permissions and private VPC networking.
- JWT tokens are short-lived and rotated on sensitive operations.
- Redis sessions use encrypted TLS connections (rediss://).
Important: Despite these protections, no system can be guaranteed 100% secure. If you suspect unauthorised access, change your password immediately and contact support@apilotsjourney.in.
7. Your Rights
Email support@apilotsjourney.in to exercise any of these rights:
- AccessRequest a copy of all personal data we hold about you.
- CorrectionRequest correction of inaccurate or incomplete data.
- DeletionRequest permanent deletion of your account and associated data.
- PortabilityRequest an export of your quiz history and progress data.
- Opt-outUnsubscribe from non-essential emails via the link in each email.
We will respond to all data requests within 30 days of receipt.
8. Contact Us
APilotsJourney — Data Controller
Mumbai, Maharashtra, India
support@apilotsjourney.inOr use our Contact Us page and select "General Support".