Introduction & Scope
Last updated: 1 July 2026
This Privacy Policy explains how Stash AI (“we”, “us”, “our”) collects, uses, stores, and protects your personal data when you use Jeenius — an AI-powered platform for JEE (Joint Entrance Examination) preparation. It applies to the Jeenius mobile apps (Android and iOS), the web app at ai.jeenius.tech, and our backend APIs and services, including AI doubt-solving, practice and mock tests, real-time duels, study plans, and analytics.
We process personal data in accordance with India’s Digital Personal Data Protection Act, 2023 (the “DPDP Act”) and the Information Technology Act, 2000 and rules made under it. By creating an account or using Jeenius, you agree to the practices described here. This policy should be read together with our Terms of Service and Refund & Cancellation Policy.
Who We Are
- Stash AI — an independent venture based in Kolkata, West Bengal, India, that builds and operates the Jeenius AI learning platform.
- Product — the Jeenius mobile and web apps and the backend services that power them (Django/DRF APIs, PostgreSQL with pgvector, Redis, hosted on AWS in the Mumbai (ap-south-1) region).
- Data Fiduciary — for the purposes of the DPDP Act, Stash AI is the Data Fiduciary that determines the purpose and means of processing your personal data.
If you have any questions about this policy or how we handle your data, contact us at support@jeenius.tech.
Data We Collect
We collect only the data we need to operate Jeenius and provide the features you use.
Account & Identity
Name, email address, password (stored only as a salted hash), phone number, date of birth, profile picture, and username. If you sign in with Google, we receive your basic Google profile (name, email, profile photo). A Supabase user ID is created to manage your authentication.
Education Profile
Details you provide such as current class, target exam year, attempt number, board, and school, plus optional information like city, state, country, address, and social-media handles you choose to add to your profile.
Learning & Activity Data
Question attempts and scores, practice/DPP and mock-test history, PYQ searches, flashcards, bookmarks and favourites, generated study plans, performance analysis, and gamification data (XP, level, streaks, trophies).
AI Interactions & Uploads
Your chat history with the AI doubt-solver, PYQ assistant, and book chat, along with images or documents you upload to get doubts solved or to use the Jeenius Studio (Forge) feature.
Duels & Social
Duel matches, scores, rankings, answer logs, and your social connections (friends and friend requests) where you use those features.
Payment Data
For paid plans we store Razorpay order, payment, and invoice references, the amount and status, and limited payment-method details returned by Razorpay (such as the last 4 digits of a card, card network, UPI ID, or wallet/bank name). We never receive or store your full card number, CVV, or UPI PIN — those are handled directly by Razorpay.
Device & Technical Data
A push-notification device token (for Firebase Cloud Messaging), your sign-in provider, and server-side technical logs such as IP address, request metadata, and error/crash information used to keep the service running and secure.
Note: we do not collect precise GPS location, and we do not collect biometric data.
How We Use Your Data
Provide & Personalise the Service
Authenticate you, save your progress, deliver practice questions and mock tests, run duels, generate study plans and performance analytics, and tailor content to your class and target year.
AI Features
Process the text and images you submit to generate doubt solutions, questions, explanations, study plans, and diagrams. See the AI Processing section below for the providers involved.
Payments
Process plan purchases and add-ons through Razorpay, issue invoices, and manage your plan entitlements.
Communications
Send transactional emails (verification, password reset, receipts) and push notifications (reminders, streaks, updates). You can control push notifications from your device settings.
Safety, Security & Legal
Detect and prevent abuse and fraud, enforce our Terms, keep the service secure and reliable, and comply with applicable law.
No ads · No data sale We do not sell your personal data, and we do not use it to serve third-party advertising.
AI Processing
Jeenius uses third-party AI services to power features like doubt-solving, question generation, study plans, image/diagram generation, and document OCR. To do this, we send the minimum content needed to generate a response — for example, your question text or an uploaded image — to our AI provider, OpenAI. Depending on configuration, we may also use Microsoft Azure OpenAI, Google Gemini, or Mistral (for document OCR) for specific features.
Search and similarity features are powered by text embeddings; some embeddings are generated on our own servers using an open-source model and are not shared with third parties.
AI output can be inaccurate or incomplete and should be independently verified. Please see the AI disclaimer in our Terms of Service.
Data Retention & Deletion
- Active accounts — we retain your data for as long as your account is active and you use the service.
- Account deletion — you can request deletion from within the app or at ai.jeenius.tech/delete-account. When you do, your personal information (such as email, name, phone, profile picture, and social links) is anonymised, and your learning, duel, chat, and social data is deleted.
- 30-day recovery window — after a deletion request, your account is retained for 30 days in case you change your mind. After 30 days, the data is permanently deleted/anonymised and cannot be recovered.
- Legal retention — certain records, such as payment and transaction records, may be retained for longer where required for tax, accounting, or anti-fraud purposes.
- Backups — residual copies in encrypted backups are removed in the normal backup-rotation cycle.
Your Rights & Choices
Under the DPDP Act and applicable law, you have the following rights in respect of your personal data:
- Access — request a summary of the personal data we process about you.
- Correction — update or correct your information. You can edit most profile details directly in the app under your profile.
- Erasure — request deletion of your account and personal data (see Data Retention & Deletion).
- Withdraw consent — withdraw consent you previously gave, where processing is based on consent. This will not affect processing already carried out.
- Grievance redressal — raise a concern about how we handle your data and have it addressed.
- Nominate — nominate another individual to exercise your rights in the event of death or incapacity, as provided under the DPDP Act.
To exercise any of these rights, email support@jeenius.tech from your registered email address (so we can verify your identity). We aim to respond within 30 days.
Grievance Officer
For privacy-related complaints or to exercise your rights under the DPDP Act, you can reach our Grievance Officer at support@jeenius.tech.
Children & Minors
Jeenius is built for students preparing for the JEE, many of whom are under 18. Under the DPDP Act, processing the personal data of a child (a person under 18 in India) requires verifiable consent from a parent or lawful guardian.
- If you are under 18, you must use Jeenius with the involvement and consent of a parent or guardian, who accepts these terms on your behalf.
- We do not knowingly use a child’s personal data for tracking, behavioural monitoring, or targeted advertising, and we do not undertake processing likely to cause harm to a child.
- A parent or guardian can contact us at support@jeenius.tech to access, correct, or delete a minor’s data.
If we learn that we have collected a child’s data without the required consent, we will take steps to delete it.
Security & International Transfers
How We Protect Your Data
- Encryption in transit — all traffic between your device and our servers is encrypted using HTTPS/TLS.
- Authentication — access is protected by token-based authentication (JWT); passwords are stored only as salted hashes, never in plain text.
- Managed infrastructure — data is stored on reputable managed cloud platforms (Supabase and AWS) with access controls that limit who can reach it.
- Payments — card and UPI details are handled by Razorpay, a PCI-DSS-compliant payment provider; we do not store full payment credentials.
No method of transmission or storage is completely secure, so we cannot guarantee absolute security. If we become aware of a personal-data breach affecting you, we will notify you and the relevant authority as required by law.
Where Your Data Is Processed
Our application servers and primary database are hosted in India (AWS Mumbai, ap-south-1). Some of our sub-processors — for example OpenAI and Google/Firebase — may process limited data on servers outside India to provide their services. Where data is transferred internationally, we share only what is necessary and rely on our providers’ contractual and security safeguards.
Updates & Contact
- Changes: we may update this policy from time to time. When we make material changes, we will update the “Last updated” date above and, where appropriate, notify you in the app or by email.
- Continued use: using Jeenius after an update means you accept the revised policy.
Contact: Stash AI, Kolkata, West Bengal, India — support@jeenius.tech