Privacy Policy

Last Updated: April 13, 2026

Pariksha Taiyari (“we,” “our,” or “us”) operates the website parikshataiyari.com (the “Website”). We are committed to protecting the privacy and security of our users. This Privacy Policy describes in detail the types of information we collect from you when you visit our Website, create an account, use our services, or interact with us in any way. It also explains how we use, store, share, and protect that information.

This Privacy Policy is published in compliance with the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and other applicable Indian laws governing the collection, use, storage, and transfer of personal data.

By accessing or using our Website, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy. If you do not agree with any part of this policy, please do not use our services.

1. About Pariksha Taiyari

Pariksha Taiyari is an online educational platform dedicated to helping students prepare for competitive examinations in India, including but not limited to UPSC, SSC, Banking (IBPS, SBI, RBI), Railway (RRB), NDA, CDS, AFCAT, and other government examinations. We provide previous year question papers (PYQ) as online mock tests, downloadable study material PDFs, current affairs updates, daily one-liners, and topic-wise practice sets. Our platform includes a student dashboard where registered users can track their test history, view performance analytics, manage their profile, and access their purchased PDF library.

2. Information We Collect

2.1 Information You Provide Directly

When you register for an account on our Website, we ask you to provide certain personal information that is necessary to create and manage your account. This includes your full name, email address, and a password of your choice. You may also optionally provide your mobile number in the Indian +91 format during registration or later from your profile page.

If you choose to sign in using your Google account, we receive your name, email address, and a unique Google identifier from Google. We do not receive or have access to your Google password, contacts, files, or any other Google account data. The Google Sign-In feature is entirely optional and provided as a convenience for faster registration and login.

Once your account is created, you may choose to complete your profile by adding additional information such as your city, state, target examination (e.g., UPSC CSE, SSC CGL, IBPS PO), preferred language (Hindi or English), and a profile photo. All of this additional profile information is entirely voluntary and can be updated or removed at any time from your profile settings.

When you make a purchase from our PDF Store, the payment is processed securely through our third-party payment gateway (Razorpay). We store a record of your transaction, including the transaction ID, purchased product details, and purchase date. We never collect, see, or store your credit card number, debit card number, bank account details, or UPI PIN. All payment credentials are handled exclusively by the payment processor in compliance with industry security standards.

2.2 Information Collected Automatically

When you visit our Website, certain information is collected automatically by our servers. This includes your IP address, browser type and version, operating system, referring URL, pages visited, time and date of your visit, and time spent on each page. This information is used primarily for security purposes (such as detecting and blocking malicious activity), improving our services, and understanding how users interact with our platform.

2.3 Test and Progress Data

When you take a mock test on our platform, we automatically save your test results to your account. This includes the examination name, year, paper details, your score, number of correct, wrong, and skipped answers, time taken, and individual answer choices. This data is used to generate your personal performance analytics, including accuracy percentages, score trends, and comparative analysis across multiple test attempts. This test data is private and visible only to you through your student dashboard.

2.4 Cookies

Our Website uses a minimal number of cookies that are essential for the proper functioning of our services. When you log in, a session cookie is placed on your device to keep you authenticated as you navigate between pages. This cookie remains active for the duration of your login session (default 7 days, configurable by the administrator). We also use a CSRF (Cross-Site Request Forgery) token cookie to protect your account against certain types of security attacks when submitting forms or performing actions on the Website.

We do not use any advertising cookies, behavioral tracking cookies, or third-party analytics cookies that follow you across other websites. Our affiliate links (such as Amazon affiliate links) may set their own cookies when you click on them; however, these cookies are managed entirely by the respective affiliate programs and are governed by their own cookie policies.

2.5 Sensitive Personal Data

Under the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, certain categories of information are classified as “sensitive personal data.” On our platform, the only sensitive personal data we handle is your account password, which is stored exclusively in a securely hashed (bcrypt-encrypted) format and is never stored, viewed, or transmitted in plain text. We do not collect or store financial information such as credit card, debit card, or bank account details — all payment processing is handled directly by our PCI-DSS compliant payment gateway (Razorpay).

3. How We Use Your Information

We use the information we collect for the following purposes:

Account Management and Authentication: Your name, email, password, and Google ID (if applicable) are used to create your account, authenticate your identity when you log in, manage your sessions, and process password reset requests. Your mobile number, when provided and verified, serves as an additional layer of identity verification for sensitive actions on the platform.

OTP Verification: We send One-Time Passwords (OTPs) to your registered email address for various purposes, including account registration verification, OTP-based login, mobile number verification, and password reset. These OTPs are time-limited (default 10 minutes) and can only be used a limited number of times before expiration to ensure security.

Mobile Number Verification: Certain actions on our platform — specifically submitting a mock test result, downloading a PDF, making a purchase from the store, and deleting your account — require you to have a verified mobile number. This is a security measure designed to prevent abuse of our services, ensure that critical actions are performed by genuine users, and provide an additional point of contact for your account recovery.

Service Delivery: Your test progress data is used to generate your personal dashboard, performance analytics, and test history. Your purchase records are used to provide you access to your bought PDFs in your personal library and to generate secure, time-limited download links.

Communication: We may send you a welcome email upon registration, test result summaries after completing a mock test (when enabled), and essential service communications such as OTPs and security alerts. We do not send unsolicited marketing emails or sell your email address to third-party marketers.

Security and Abuse Prevention: Your IP address and request patterns are monitored to detect and prevent brute-force login attacks, automated bot access, and other forms of abuse. We implement rate limiting that temporarily blocks an IP address after too many failed login attempts, OTP requests, or other suspicious activities. This is essential to protect both your account and the integrity of our platform.

4. Google Sign-In

Our Website offers the option to register and log in using your Google account through Google Identity Services (GIS). When you use this feature, a secure popup window from Google appears asking for your consent. Upon your approval, Google sends us a digitally signed token containing only your name, email address, and a unique Google identifier. We verify this token directly with Google’s servers to confirm its authenticity before granting access to your account.

It is important to understand what we do not receive or access through Google Sign-In: we cannot see your Google password, we cannot read your Gmail messages, we cannot access your Google Drive files, we cannot see your Google contacts, and we cannot access any other data from your Google account. The permission scope is limited strictly to basic profile information (name and email), which is the minimum required to identify you.

If you register using Google Sign-In, your account is initially created without a password. You can set a password at any time from your profile settings, which will allow you to also log in using email and password. You can disconnect your Google account from your Pariksha Taiyari account at any time through the “Connected Accounts” section in your profile settings, provided you have already set a password (to ensure you always have at least one way to access your account).

5. Data Sharing and Disclosure

We take your privacy seriously and do not sell, rent, or trade your personal information to any third party for marketing or commercial purposes. Your data is shared only in the following limited and necessary circumstances:

Payment Processor: When you make a purchase from our PDF Store, your payment information is transmitted directly to our payment processor (Razorpay) through their secure payment gateway. We share only the minimum information necessary to process the transaction, such as the order amount and transaction reference. Razorpay processes your payment in accordance with their own privacy policy and PCI-DSS (Payment Card Industry Data Security Standard) compliance requirements.

Email Delivery: OTP codes, welcome emails, and test result notifications are sent through WordPress’s built-in email system (wp_mail). If you have configured an SMTP plugin on the server, emails are routed through that SMTP provider (such as Gmail, SendGrid, or Amazon SES). The email content is limited to the specific notification being sent.

Google Token Verification: When you log in using Google Sign-In, the authentication token provided by Google is verified by making a server-side request to Google’s token verification endpoint (oauth2.googleapis.com). This is a one-time verification request that confirms the token’s validity and does not involve sharing any additional user data with Google.

Legal Compliance: We may disclose your personal information if required to do so by law, in response to a valid legal process (such as a court order or government request), to protect our rights and property, or to prevent harm to users or the public as required under applicable Indian law.

6. Data Security

We implement multiple layers of security to protect your personal information from unauthorized access, alteration, disclosure, or destruction:

All passwords are hashed using the bcrypt algorithm before being stored in our database. This means that even if our database were compromised, your actual password could not be recovered from the stored hash. We never store passwords in plain text, and our staff cannot see your password.

Login sessions are managed using cryptographically secure random tokens that are generated using PHP’s random_bytes() function. These tokens are virtually impossible to guess or forge. Each session is associated with a specific student account and can be revoked individually or collectively.

All forms and AJAX requests on our platform are protected with CSRF (Cross-Site Request Forgery) tokens. This prevents malicious websites from performing actions on your behalf without your knowledge.

We employ rate limiting on sensitive endpoints such as login, registration, OTP requests, and Google authentication. After a configurable number of failed attempts, the originating IP address is temporarily blocked. This effectively mitigates brute-force attacks, credential stuffing, and automated abuse.

OTP codes are time-limited (default 10 minutes) and have a maximum number of verification attempts. After expiration or exceeding the attempt limit, the OTP becomes invalid and a new one must be requested.

While we employ industry-standard security practices to protect your data, it is important to acknowledge that no method of electronic transmission or storage is completely secure. We cannot provide an absolute guarantee of security, but we continuously work to improve our security measures and respond promptly to any identified vulnerabilities.

7. Data Retention

We retain your personal information for as long as your account remains active. Your test history, progress data, and purchase records are stored indefinitely to provide you with ongoing access to your performance analytics and purchased content library.

If you choose to delete your account, all your personal data — including your profile information, test history, progress records, library access, and OTP records — is permanently deleted from our active database. Residual copies may temporarily exist in automated system backups, which are regularly overwritten and are not used for any purpose. We do not manually access or restore deleted account data from backups under any circumstances.

Temporary data such as OTP codes, rate limiting records, and pending registration sessions are automatically purged after their expiration period (typically 10 to 30 minutes).

8. Your Rights and Choices

We believe you should have full control over your personal data. As a registered user of Pariksha Taiyari, you have the following rights:

Right to Access and Edit: You can view and edit your profile information — including your name, mobile number, city, state, target exam, and language preference — at any time from your profile settings page.

Right to Change Credentials: You can change your password from your profile settings. If you registered via Google and do not have a password, you can set one at any time.

Right to Disconnect Google: If your account is linked to a Google account, you can disconnect it from the “Connected Accounts” section in your profile settings (a password must be set first).

Right to Delete: You can permanently delete your account and all associated data at any time from the “Danger Zone” section in your profile settings. This action requires mobile verification and typing “DELETE” to confirm. Once deleted, your data cannot be recovered.

If you need assistance exercising any of these rights or have a request that cannot be fulfilled through the self-service options on the Website, please contact us at contact@parikshataiyari.com.

9. Third-Party Links and Affiliate Disclosure

Our Website may contain links to third-party websites, including affiliate links to platforms such as Amazon. When you click on an affiliate link and make a purchase, we may earn a small commission at no additional cost to you. These affiliate programs may set their own cookies on your device to track referrals; however, we have no control over these cookies or the privacy practices of third-party websites.

We encourage you to review the privacy policies of any third-party websites you visit through links on our platform. We are not responsible for the content, privacy practices, or security measures of any external websites.

10. Children’s Privacy

Our services are designed for students preparing for competitive examinations and are not intended for children under the age of 13. We do not knowingly collect personal information from children under 13 years of age. If we become aware that we have inadvertently collected data from a child under 13, we will take prompt steps to delete that information. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us at contact@parikshataiyari.com.

11. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our practices, services, or legal requirements. When we make changes, we will revise the “Last Updated” date at the top of this page. For significant changes that materially affect your rights or how we use your data, we will make reasonable efforts to notify you through a prominent notice on our Website. Your continued use of our services after any changes to this Privacy Policy constitutes your acceptance of the updated policy.

12. Grievance Officer

In accordance with the Information Technology Act, 2000 and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, the contact details of the Grievance Officer are provided below. If you have any complaints, concerns, or grievances regarding the processing of your personal information or any content on the Website, you may contact the Grievance Officer:

  • Designation: Grievance Officer, Pariksha Taiyari
  • Email: grievance@parikshataiyari.com
  • Postal Address: Pariksha Taiyari, India

We will acknowledge your complaint within 48 hours of receipt and make every effort to resolve your grievance within 30 days from the date of receipt, in accordance with applicable law.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to contact us: