Privacy Policy

XpertBiz Network ("XpertBiz", "we", "our", "us") operates a SaaS-based Community & Learning Management Platform. This Privacy Policy explains what personal data we collect, how we use it, and the choices you have. We are based at EFC Prime, Baner, Pune 411045, India.

• Account data: name, email address, mobile number, password hash, profile photo, cover banner, bio and social links.
• Payment data: billing name, amount and transaction reference IDs returned by Razorpay. We do not store full card numbers, CVVs or netbanking credentials.
• Usage data: pages visited, IP address, device/browser metadata, approximate geolocation (for currency switching), referrer URLs.
• Content: posts, comments, polls, courses, messages and any media you upload through the platform.
• Cookies: session cookies and a small number of preference cookies (e.g. dark-mode, locale).

• Create and operate your account, profile and communities.
• Process subscription and one-time payments via Razorpay.
• Deliver notifications, transactional emails and important updates.
• Improve product performance, security and customer support.
• Comply with legal, tax and accounting obligations.

We process personal data on the basis of (a) the contract we have with you, (b) our legitimate business interests, (c) your consent (where required), and (d) compliance with applicable Indian laws.

We share personal data only with:

• Razorpay — to process payments. Their privacy policy is available at razorpay.com/privacy.
• Hosting & storage providers that operate the infrastructure on which the Service runs.
• Communication providers for transactional email/SMS.
• Law-enforcement / regulators when required by a valid legal order.

We do not sell personal data to third parties.

• HTTPS encryption in transit across the entire platform.
• Passwords stored as one-way bcrypt hashes — never in plain text.
• JWT-based authentication with short-lived tokens and httpOnly cookies.
• Access to production systems is restricted and audited.
• Payments handled entirely on Razorpay's PCI-DSS Level 1 certified infrastructure. We never see your full card / UPI / netbanking credentials.
• File uploads (avatars, covers, course media) stored on a managed object storage service with private access keys.
• Regular backups and monitoring for anomalous activity.

We retain personal data for as long as your account is active and as required for our legitimate business and legal purposes. You may request deletion of your account by writing to info@xpertbiznetwork.com; certain transactional records may be retained as required by Indian tax law for up to 8 years.

• Access the personal data we hold about you.
• Correct inaccurate or outdated information.
• Request deletion of your account and associated data.
• Object to or restrict certain processing.
• Withdraw consent for marketing communications at any time.

To exercise any of these rights, email info@xpertbiznetwork.com.

The Service is not intended for individuals under 18. We do not knowingly collect data from minors.

We may update this Policy from time to time. Material changes will be posted on this page and, where appropriate, notified to you by email.

For any privacy-related concerns, contact our Grievance Officer at info@xpertbiznetwork.com or call +91 91561 86003. Address: EFC Prime, Baner, Pune 411045, India.