Privacy Policy

1 About This Policy

Art Pyramid Private Limited ("Jumpie", "We", "Us") operates the Jumpie platform ("Platform") — a SaaS tool designed to help freelance instructors manage their classes, students, attendance, invoices, and payments.

This Privacy Policy applies to:

• Instructors: freelance teachers, coaches, trainers, and tutors who use the Platform to manage their practice;
• Students / Customer Users: individuals enrolled in Classes managed by Instructors on the Platform;
• Visitors: anyone who browses our website at www.jumpie.in.

By registering on or using the Platform, you acknowledge that you have read and understood this Privacy Policy and consent to the processing of your personal data as described herein.

2 Our Role Under the DPDP Act, 2023

The Digital Personal Data Protection Act, 2023 ("DPDP Act") is the primary law governing the protection of digital personal data in India. Under this framework:

• Jumpie as Data Fiduciary: Jumpie determines the purpose and means of processing personal data of Instructors and Students who register on the Platform. Jumpie is therefore a Data Fiduciary under the DPDP Act and is responsible for complying with all applicable obligations.
• Instructors as Data Fiduciaries: When Instructors input, upload, or manage the personal data of their Students through the Platform, the Instructor independently determines the purpose of such processing. Instructors are themselves Data Fiduciaries in respect of their Students' personal data.
• Jumpie as Data Processor: Jumpie also acts as a Data Processor on behalf of Instructors when hosting or processing Student data that Instructors have provided.

3 Personal Data We Collect

3.1 Data You Provide Directly

When you register or use the Platform, we collect:

• Identity Data: Full name, display name;
• Contact Data: Email address, mobile number;
• Professional Data (Instructors): Areas of expertise, class descriptions, session details, pricing;
• Payment Data: Bank account details or UPI ID (for payment remittance to Instructors); billing information;
• Student Data (uploaded by Instructors): Name, contact details, class enrolment records, attendance data, invoice and payment records;
• Communications: Any messages, support requests, or grievances you send us.

3.2 Data Collected Automatically

When you use our Platform, we automatically collect:

• Usage Data: Pages visited, features used, clicks, session duration, and navigation paths;
• Device & Technical Data: IP address, browser type and version, operating system, device identifiers;
• Log Data: Server logs, timestamps, error reports, and crash data;
• Cookies and similar tracking technologies: as described in Section 10 of this Policy.

3.3 Data We Do Not Collect

We do not intentionally collect:

• Sensitive personal data such as biometric data, health records, caste, religion, political opinions, or sexual orientation;
• Personal data of children below 18 years of age without verified parental or guardian consent;
• Financial credentials such as full card numbers or banking passwords.

4 How We Use Your Personal Data

We process your personal data only for specified, lawful, and necessary purposes:

4.1 Service Delivery

• To register and authenticate your account;
• To enable Instructors to create and manage Classes, Sessions, and Students;
• To allow Students to view their enrolled Classes, Sessions, and invoices;
• To process invoice generation and payment collection;
• To track and display attendance records.

4.2 Communication

• To send you transactional notifications (invoice receipts, payment confirmations, session reminders);
• To respond to your support queries and grievances;
• To send service-related announcements (planned maintenance, policy updates).

4.3 Platform Improvement

• To analyse usage patterns and improve features;
• To diagnose technical issues and fix bugs;
• To develop new features and products (using anonymised or aggregated data).

4.4 Legal and Compliance

• To comply with legal obligations under applicable Indian law;
• To respond to lawful requests from courts, law enforcement, or government authorities;
• To enforce our Terms and Conditions and protect our legal rights.

5 Consent and Legal Basis for Processing

Under the DPDP Act, 2023, we process your personal data only where:

• Consent: You have given free, specific, informed, unconditional, and unambiguous consent. You provide this consent at the time of registration and can withdraw it at any time (see Section 9).
• Legitimate Uses: Processing is necessary for legitimate uses recognised under the DPDP Act, such as compliance with legal obligations, prevention of fraud, or processing of publicly available data.

For Instructors processing Student data, the DPDP Act requires that Instructors obtain appropriate consent from their Students independently before uploading or managing Student data through the Platform. Instructors are solely responsible for obtaining and documenting such consent.

5.1 Consent for Children's Data

If a Student is a minor (below 18 years of age), the Instructor must obtain verifiable consent from the parent or legal guardian of that minor before adding them to the Platform. Jumpie reserves the right to suspend accounts found to have added minors without such consent.

6 Sharing and Disclosure of Personal Data

We do not sell your personal data. We share it only in the following limited circumstances:

6.1 Within the Platform

• Student data is accessible to the relevant Instructor who enrolled the Student;
• A Student enrolled with multiple Instructors on Jumpie can view their own Class, Session, and Invoice data from all such Instructors through their unified login — but Instructor A cannot access data of Instructor B's Students.

6.2 Third-Party Service Providers

We engage trusted third-party service providers to assist in operating the Platform:

• Cloud Hosting Providers: to host and store Platform data (servers located in India or within jurisdictions compliant with Indian data protection standards);
• Payment Gateway Partners: to facilitate secure payment transactions (e.g., Razorpay, PayU, or similar NPCI-compliant partners);
• Analytics Providers: to understand Platform usage (using anonymised data);
• Communication Platforms: for sending email and SMS notifications (e.g., transactional SMS via TRAI-registered providers).

All third-party processors are contractually obligated to handle data securely, use it only for the specified purpose, and comply with applicable Indian law.

6.3 Legal Disclosures

We may disclose personal data when required by law, court order, or request of a competent government authority in India, or where necessary to protect the rights, property, or safety of Jumpie, its users, or the public.

6.4 Business Transfers

In the event of a merger, acquisition, or sale of all or a portion of Jumpie's assets, personal data may be transferred to the acquiring entity, subject to equivalent privacy protections and notice to affected users.

7 Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes described in this Policy:

• Active Account Data: retained for the duration of your active account on the Platform;
• Invoices and Payment Records: retained for 7 (seven) years in compliance with Indian accounting and tax laws (Income Tax Act, 1961; GST laws);
• Post-Account Closure: Upon account deletion, personal data will be anonymised or deleted within 90 (ninety) days, except where longer retention is required by law;
• Backup Data: Backup copies may be retained for up to 180 (one hundred eighty) days for disaster recovery purposes before being securely deleted.

8 Data Security

Jumpie implements industry-standard technical and organisational measures to protect your personal data, including:

• Encryption: Data in transit is protected using TLS/HTTPS; data at rest is encrypted using AES-256 or equivalent standards;
• Access Controls: Role-based access controls ensure only authorised personnel can access personal data;
• Authentication: Multi-factor authentication is available for Instructor accounts;
• Audit Logs: Access and changes to sensitive data are logged and monitored;
• Vulnerability Management: Regular security testing, penetration testing, and patch management;
• Incident Response: A documented data breach response procedure is in place.

8.1 Data Breach Notification

In the event of a personal data breach that is likely to result in harm to Data Principals:

• Jumpie will notify the Data Protection Board of India as required under the DPDP Act;
• Affected users will be notified without undue delay, providing details of the nature of the breach and remedial steps taken;
• Instructors who process Student data are independently obligated to notify affected Students and Jumpie of any breach of Student data in their possession.

9 Your Rights as a Data Principal

Under the DPDP Act, 2023, you have the following rights with respect to your personal data:

To exercise any of these rights, please contact us at info@jumpie.com. We will respond to verified requests within 30 (thirty) days.

10 Cookies and Tracking Technologies

The Platform uses cookies and similar technologies to enhance your experience. Cookies are small text files stored on your device that help us remember your preferences and understand usage patterns.

• Essential Cookies: Required for the Platform to function (login sessions, security tokens). These cannot be disabled.
• Performance Cookies: Help us understand how users interact with the Platform (page views, navigation flows). Data collected is aggregated and anonymised.
• Preference Cookies: Remember your settings and preferences for a better experience.

You may manage or disable non-essential cookies through your browser settings. Disabling cookies may affect certain features of the Platform. We do not use cookies for third-party advertising or cross-site behavioural tracking.

11 Cross-Border Data Transfers

Jumpie primarily stores and processes personal data on servers located in India.

Where we engage third-party processors outside India (for services such as cloud infrastructure, analytics, or communications), we ensure that such transfers are permitted under applicable Indian law and that equivalent data protection standards are maintained through contractual obligations or other appropriate safeguards.

The Government of India may notify certain countries to which data transfers are restricted. We will comply with any such notifications as and when issued under the DPDP Act.

12 Grievance Officer

In accordance with the DPDP Act, 2023, and the IT (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, Jumpie has appointed a Grievance Officer to address concerns related to privacy and data protection:

If you are not satisfied with our response, you may approach the Data Protection Board of India, once it is constituted and operational under the DPDP Act.

13 Children's Privacy

The Platform is not intended for use by individuals below 18 years of age. Jumpie does not knowingly collect personal data from minors without verified parental or guardian consent.

Instructors who wish to add minor students to the Platform must ensure they have obtained verifiable parental or guardian consent before doing so. If Jumpie discovers that personal data of a minor has been collected without consent, it will take steps to delete such data promptly.

Parents or guardians who believe their child's data has been collected without consent should contact us at info@jumpie.com.

14 Changes to This Privacy Policy

Jumpie may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or business operations. When we make material changes, we will:

• Notify you via email to your registered address;
• Display a prominent notice on the Platform;
• Update the "Effective Date" at the top of this Policy.

Your continued use of the Platform after the effective date of the revised Policy constitutes your acceptance of the changes. We encourage you to review this Policy periodically.

15 Contact Us

For any privacy-related queries, requests, or concerns, please contact us at: