Back to Home

Privacy Policy

Last updated: February 17, 2026

Thinqr (OPC) Pvt Ltd (“Company,” “we,” “us,” or “our”) operates the ThinqRx platform accessible at https://www.thinqrx.in (the “Platform”). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Platform.

By accessing or using ThinqRx, you agree to this Privacy Policy. If you do not agree, please discontinue use of the Platform immediately.

1. Information We Collect

1.1 Information You Provide Directly

  • Account Information: Name, email address, and password (encrypted) when you register.
  • Payment Information: When you purchase a subscription plan, payment is processed through Razorpay. We store your Razorpay order ID, payment ID, transaction amount, currency, and payment status. We do not store your credit/debit card numbers, UPI IDs, or banking credentials — these are handled entirely by Razorpay.
  • Communications: Any messages, feedback, or support queries you send to us.

1.2 Information Collected Automatically

  • Device Information: We collect device fingerprints (hashed using SHA-256), User-Agent strings, and partial IP addresses (first three octets only) to enforce our 2-device limit per account and prevent unauthorized access.
  • Usage Data: Pages visited, features used, AI notes generated, practice tests attempted, mock test submissions, and performance analytics.
  • Log Data: Server logs including access timestamps, error logs, and API request metadata.

1.3 Information from Third-Party Services

  • Supabase: Authentication tokens and session data.
  • Razorpay: Payment confirmation and transaction status.

2. How We Use Your Information

We use the information we collect to:

  1. Provide, operate, and maintain the Platform and your account;
  2. Process payments and activate subscription plans;
  3. Generate AI-powered study notes, practice tests, and performance analytics;
  4. Enforce account security, including the 2-device limit;
  5. Communicate with you regarding your account, transactions, and support queries;
  6. Monitor and analyse usage trends to improve the Platform;
  7. Detect, prevent, and address fraud, abuse, or technical issues;
  8. Comply with legal obligations under applicable Indian law.

3. How We Share Your Information

We do not sell, rent, or trade your personal information. We may share your information only in the following circumstances:

  1. Service Providers: We share data with trusted third-party service providers who assist us in operating the Platform:
    • Supabase (database and authentication)
    • OpenAI (AI content generation — no personally identifiable information is sent; only academic subject/topic data)
    • Razorpay (payment processing)
    • Upstash (rate limiting and usage tracking)
    • Vercel (hosting and content delivery)
  2. Legal Requirements: We may disclose your information if required to do so by law, court order, or governmental authority under Indian law.
  3. Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction.
  4. Protection of Rights: To enforce our Terms of Service, protect the safety of users, or defend against legal claims.

4. Data Storage and Security

  • Your data is stored on Supabase-managed PostgreSQL databases with Row Level Security (RLS) enabled.
  • Passwords are encrypted and never stored in plain text.
  • Device fingerprints are hashed using SHA-256 before storage.
  • IP addresses are truncated (only first three octets stored) to protect your privacy.
  • Payment data is processed over secure, encrypted channels by Razorpay (PCI-DSS compliant).
  • We implement industry-standard security measures including HTTPS encryption, rate limiting, and access controls.

While we strive to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

5. Data Retention

  • Account data is retained as long as your account remains active.
  • Payment records are retained for a minimum of 8 (eight) years as required under Indian tax and financial regulations.
  • Usage analytics and test attempt data are retained for the duration of your account.
  • Upon account deletion (requested via email), we will delete or anonymize your personal data within 30 days, except where retention is required by law.

6. Your Rights

Subject to applicable Indian law, you have the right to:

  1. Access: Request a copy of the personal data we hold about you.
  2. Correction: Request correction of inaccurate or incomplete data.
  3. Deletion: Request deletion of your account and personal data by emailing us at info@thinqrx.in.
  4. Withdraw Consent: Withdraw consent for data processing at any time, though this may result in loss of access to certain Platform features.

To exercise any of these rights, contact us at info@thinqrx.in. We will respond within 30 days.

7. Children's Privacy

ThinqRx is intended for users who are 18 years of age or older, or who are at least 16 years old with parental/guardian consent. We do not knowingly collect personal information from children under 16. If we become aware that we have collected data from a child under 16 without appropriate consent, we will delete it promptly.

8. Cookies and Tracking

  • We use essential authentication cookies (Supabase session cookies with the “sb-” prefix) to maintain your login session. These are strictly necessary for the Platform to function.
  • We use device fingerprinting (not traditional tracking cookies) solely to enforce the 2-device limit per account.
  • We do not use third-party advertising cookies or cross-site tracking technologies.

9. Third-Party Links

The Platform may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies before providing any personal information.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The updated version will be indicated by the “Last updated” date at the top. We encourage you to review this page periodically. Continued use of the Platform after changes constitutes acceptance of the revised policy.

11. Grievance Officer

In accordance with the Information Technology Act, 2000 and the rules made thereunder, the Grievance Officer for the purpose of this Privacy Policy is:

Name: Grievance Officer

Company: Thinqr (OPC) Pvt Ltd

Address: Kakinada, Andhra Pradesh, India

Email: info@thinqrx.in

The Grievance Officer shall address your concerns within 30 days of receiving a complaint.

12. Contact Us

If you have questions about this Privacy Policy, please contact us:

Thinqr (OPC) Pvt Ltd

Registered Office: Kakinada, Andhra Pradesh, India

(Registered under ROC Vijayawada, Andhra Pradesh)

Email: info@thinqrx.in

Website: https://www.thinqrx.in