Privacy Policy

1) Scope

This Privacy Policy applies to our websites, mobile/desktop apps, Brainiac AI tutor, Brainepedia features (Experience Elevator, Professional Exams, Portfolio & CV), BPCoin/Brainnet tools, and related services (collectively, the “Services”).

2) Data We Collect

2.1 Information You Provide

• Account & Profile: name, email, phone, address, date of birth, country/state/city, profession, bio.
• Learning & Exams: submitted assignments, exam attempts/scores, certifications, portfolio/CV data, uploaded files (e.g., PDF/DOCX).
• Payments: billing details and transaction metadata (processed by PCI-compliant partners).
• Support & Feedback: messages, surveys, reviews, referrals.

2.2 Information We Collect Automatically

• Usage data: pages/features used, clickstream, session duration, device identifiers.
• Technical data: IP address, browser, OS, app version, crash logs, cookies.

2.3 From Third Parties

• Identity/verification providers (optional), analytics, marketing, payment processors.
• Social or professional networks if you connect them (e.g., LinkedIn profile import).

3) How We Use Your Data

• Provide and improve Services: learning paths, exam delivery, AI tutoring, portfolio/CV generation.
• Personalize experiences: recommended courses, projects, skills, and exam prep.
• Operate AI features: to process prompts, generate outputs, and improve model quality and safety.
• Communications: account notices, updates, marketing (you can opt out of marketing at any time).
• Security & integrity: fraud prevention, proctoring/anti-cheat measures, abuse detection.
• Compliance: legal, regulatory, and tax obligations.

4) AI Processing (Brainiac & Model Training)

• Brainiac processes your prompts, uploaded study/CV materials, and interaction signals to generate responses.
• Where permitted, de-identified or aggregated data may be used to improve model performance, safety, and features.
• You should not share confidential or sensitive information unless necessary. Verify critical outputs.

5) Blockchain & Wallet Data

• Wallet addresses, transaction hashes, validator activity, and on-chain events may be publicly visible by design.
• We may store wallet metadata necessary to operate Brainnet/BPCoin features (e.g., staking, vesting, rewards).
• Blockchain data may be immutable; requests for deletion may not be feasible for on-chain records.

6) Legal Basis

We process personal data under one or more of the following bases: consent, performance of a contract, legitimate interests (e.g., security, product improvement), legal obligation, or vital interests (rare).

7) How We Share Data

• Service Providers: hosting, analytics, payments, communications, proctoring, KYC (where applicable).
• Enterprise/Education Partners: with your authorization for verification, hiring, or credential validation.
• Legal & Safety: to comply with law, enforce terms, or protect rights/safety.
• Business Transfers: merger, acquisition, financing, or asset sale (with continued protections).

We do not sell your personal data.

8) International Transfers

Your data may be processed in countries outside your own. We use appropriate safeguards (e.g., contractual clauses) where required by law.

9) Data Retention

We retain data for as long as necessary to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements. We may retain de-identified or aggregated data for analytics and model improvement.

10) Security

We apply administrative, technical, and organizational safeguards (encryption in transit/at rest where applicable, access controls, monitoring). No system is 100% secure; you also play a role by protecting your credentials and devices.

11) Your Rights & Choices

• Access, correct, or delete your personal information (subject to legal/contractual limits).
• Object to or restrict processing; request data portability.
• Manage cookies/trackers via browser settings.
• Withdraw consent at any time (does not affect prior lawful processing).

Residents under NDPR/GDPR-like regimes may have additional rights. We will respond to verifiable requests within required timelines.

12) Children’s Privacy

Our Services are not directed to children under the age of digital consent unless used through an approved institution with verifiable consent. If we learn we collected such data without consent, we will delete it.

13) Cookies & Similar Technologies

We use cookies, SDKs, and similar tools for authentication, personalization, analytics, performance, and marketing. You can manage preferences in your browser and (where available) via our cookie controls.

14) Marketing Communications

You can opt out of marketing emails by using the unsubscribe link or contacting us. We may still send transactional or service-related messages.

15) Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated via email or in-product notice. Your continued use after the effective date means you accept the changes.

16) Contact & Data Protection

InfoBrain Technologies Nigeria Ltd
[Office Address], Lagos, Nigeria
Email: privacy@infobrainltd.com · Support: support@infobrainltd.com
Data Protection Contact (DPO): dpo@infobrainltd.com

If you believe your privacy rights have been infringed, you may also lodge a complaint with your local data protection authority.