Privacy
Privacy Policy
BookMyCollegeSeat.com · Last updated:
Short version: We collect your mobile number, email, and KCET rank to provide predictions.
We do not sell your data to anyone. Your rank and search history are used only to improve your experience on this platform.
You can request deletion of your account at any time.
1. Who We Are
BookMyCollegeSeat.com is operated by Codenza Systems, a sole proprietorship registered in Bangalore, Karnataka, India. We are the data controller for personal information collected through this Platform.
Contact: support@bookmycollegeseat.com
2. What Data We Collect
| Data | Why We Collect It | When |
|---|
| Mobile number | Account creation, OTP verification, account recovery | Registration |
| Email address | Account login, service communications | Registration |
| KCET rank | Core function — generating your college predictions | Profile setup (locked) |
| Name | Personalising your experience | Profile setup |
| Search activity | Showing relevant results, improving the platform, usage analytics | When you search |
| UPI UTR number | Payment verification and records | If you upgrade to Pro |
| IP address & device info | Security, fraud prevention, analytics | Every page visit |
| Chat messages | Generating AI responses; first 200 characters logged for abuse prevention | When you use AI Chat |
3. How We Use Your Data
- To provide predictions: Your rank and category are used to query our cutoff database and generate personalised college suggestions.
- To authenticate you: Your mobile number is used to send OTPs for login and account recovery.
- To communicate service updates: We may send SMS notifications about counselling schedule changes, new features, or account status. You can opt out at any time.
- To improve the platform: Anonymised and aggregated search patterns help us understand which colleges and courses students are searching for, so we can improve data quality.
- For payment verification: Your UTR number is stored to verify your payment and activate Pro access. It is not shared with any third party.
- For security: IP addresses and device information are logged to detect and prevent abuse.
We do not use your data for advertising, profiling for third parties, or any purpose beyond what is described above.
4. Data Sharing
We do not sell, rent, or share your personal data with third parties except in the following limited circumstances:
- SMS provider (Fast2SMS): Your mobile number is shared with Fast2SMS solely to deliver OTP messages. Fast2SMS is bound by their own privacy policy.
- Legal obligation: We may disclose data if required by Indian law, court order, or government authority.
- Business transfer: In the event of a merger or acquisition of Codenza Systems, your data may be transferred to the new entity, with notice provided to you.
5. Data Retention
- Account data (name, phone, email, rank) is retained as long as your account is active.
- Search activity logs are retained for up to 2 years for analytics purposes, then deleted.
- Payment records (UTR numbers) are retained for 7 years as required for financial record-keeping under Indian law.
- OTPs are deleted immediately after verification or expiry (10 minutes).
6. Your Rights
You have the following rights regarding your personal data:
- Access: You can view your stored data via your Profile page at any time.
- Correction: You can update your name and email. Your rank is locked by design once set.
- Deletion: You can request complete account deletion by emailing us. We will delete your account within 7 working days. Note that payment records are retained as required by law.
- Portability: You can request a copy of your data in CSV format by emailing us.
- Opt-out of SMS: Reply STOP to any of our SMS messages, or email us to stop non-essential communications.
7. Cookies and Local Storage
We use:
- PHP session cookies — essential for maintaining your login session. These expire when you close your browser or log out.
- Browser localStorage — used by the AI Chat to store your session token locally. No personal data is stored in localStorage beyond the session token.
We do not use advertising cookies, tracking pixels, or third-party analytics beyond what is described above.
8. Security
- Passwords are stored using bcrypt hashing — they are never stored in plain text.
- All connections to the Platform are over HTTPS (SSL/TLS encrypted).
- OTPs expire within 10 minutes and are single-use.
- We do not store UPI payment credentials — only the UTR reference number provided by you.
While we take reasonable measures to protect your data, no internet transmission is 100% secure. We cannot guarantee absolute security.
9. Children's Privacy
This Platform is intended for KCET candidates who are typically 17 years of age or older. We do not knowingly collect data from children under 15. If you believe a minor has registered without parental consent, please contact us for immediate deletion.
10. Third-Party Links
The Platform may link to external sites such as KEA (kea.kar.nic.in) or college websites. We are not responsible for the privacy practices of those sites.
11. Changes to This Policy
We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page will reflect any changes. For material changes, we will notify registered users via SMS. Continued use of the Platform constitutes acceptance of the updated policy.
12. Grievance Officer
In accordance with the Information Technology Act, 2000 and rules made thereunder, the name and contact details of the Grievance Officer are:
Codenza Systems
Bangalore, Karnataka, India
Email: support@bookmycollegeseat.com
Response time: Within 30 days of receipt of grievance.