← Back to CFGPrep

Privacy Policy

Last updated: March 17, 2026

1. Introduction

CFGPrep ("we", "us", or "our") operates cfgprep.in. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform. By using CFGPrep, you agree to the collection and use of information in accordance with this policy. Governing law: India.

2. Information We Collect

  • Account data: Name, email address, college, branch, graduation year
  • Payment data: Transaction records processed via Razorpay (we never store card details)
  • Usage data: Pages visited, problems solved, streak activity, AI feature usage
  • Content data: Code submissions, resume text uploaded for ATS analysis
  • Technical data: IP address, browser type, device identifiers, log files

3. How We Use Your Information

  • Deliver and improve CFGPrep services (DSA practice, OA simulation, HireVue prep)
  • Maintain your 15-day streak calendar and progress tracking
  • Process payments and manage subscription tiers
  • Send streak reminders and platform notifications (you can opt out)
  • Populate leaderboard with anonymised college-level rankings
  • Detect and prevent fraud or abuse
  • Comply with Indian law and legal obligations

4. Third Parties We Share Data With

Supabase — Database and authentication infrastructure. Data stored in EU/US data centres under Supabase's DPA.

Razorpay — Payment processing. Razorpay is PCI-DSS compliant and governs payment data under its own privacy policy.

Anthropic — AI analysis of resume text and code hints. Resume text is sent to Anthropic's Claude API for processing; it is not used to train their models per their API terms.

Vercel — Hosting and CDN. Vercel may log request metadata for performance and security.

Judge0 — Code execution sandbox for OA simulator. Code submissions are processed in isolated containers and not retained.

We do not sell your personal data to any third party.

5. Data Retention

We retain your account data for as long as your account is active. Upon account deletion request, all personal data is permanently deleted within 30 days. Code submissions and usage logs are retained for 90 days for platform integrity purposes, then purged. Payment records are retained for 7 years as required by Indian GST law.

6. Cookies

We use essential cookies for authentication (Supabase session tokens) and performance analytics (Vercel Analytics). We do not use advertising or tracking cookies. You can disable cookies in your browser, but this will prevent you from logging in.

7. Your Rights

  • Access, correct, or delete your personal data at any time via your account settings
  • Request a copy of all data we hold about you
  • Opt out of marketing communications
  • Raise a complaint with the Grievance Officer (details below)

8. Security

All data is encrypted in transit (TLS 1.3) and at rest. Supabase Row Level Security ensures users can only access their own data. Payment data is handled exclusively by Razorpay's PCI-DSS certified infrastructure — we never touch raw card numbers.

9. Grievance Officer

As required by the Information Technology Act, 2000 and Rules thereunder, our Grievance Officer can be contacted at:

Name: Lamaq Mujpurwala

Email: support@cfgprep.in

Response time: Within 30 days of receipt

Governing jurisdiction: India

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or via an in-app notice. Continued use of CFGPrep after the effective date constitutes acceptance of the updated policy.