UB World - Privacy Policy

Who we are

Our website address is: https://www.ubworld.in

What personal data we collect and why we collect it

Contact Forms

When you contact us through the contact form on our website, we collect certain personal information from you, such as:

• Your full name
• Email address
• Phone number
• Your city name
• And your written message

Why do we collect this information?

We collect this information for the following purposes:

• To respond to your inquiries or concerns
• To improve our services
• To maintain a record for future reference
• To provide customer support and assistance

How is this information used?

The information you share is used solely for the purpose for which you contacted us. We do not share your information with any third parties without your explicit consent.

Data Retention Period:

Messages and related information submitted through the contact form are securely stored for a specific period of time, so that they may be used for future reference, verification, or service quality improvement.

Your Rights:

You may request the following at any time:

• A copy of the contact information you submitted
• Deletion of your information (unless it is required to be retained for legal reasons)

Security:

We take all reasonable steps to keep your submitted information secure and to protect it from unauthorized access, use, or disclosure by implementing appropriate technical measures.

Media Uploads

If you upload images to the site, please avoid including location data (EXIF GPS) in the files.

Why? Because visitors to the website can download and extract location data from such images.

Cookies

We use cookies to improve your experience. Here's how:

• If you leave a comment, you may choose to save your name, email, and website in cookies. These last for one year, so you won't have to re-enter them when commenting again.
• When you visit the login page, we set a temporary cookie to check if your browser accepts cookies. It contains no personal data and is deleted when you close the browser.
• After you log in, we use cookies to:
  • Store your login status (for 2 days)
  • Save your screen display preferences (for 1 year)
  • If you choose "Remember Me", your login will stay active for 2 weeks
• When you log out, login cookies are removed.
• If you edit or publish an article, a cookie is saved in your browser indicating the post ID. It does not contain personal data and expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Analytics

Who we share your data with

We do not trade or sell your personal data to anyone. However, to keep our website secure and functional, improve services, and comply with legal obligations, we may need to share limited information with some trusted third parties. These parties fall under the following major categories:

Category	Examples	Types of Data Shared	Purpose
Web Hosting & Infrastructure	AWS, DigitalOcean, or Indian hosting firms	IP address, log files	To operate servers, ensure performance, and maintain security
Email & Communication Services	Gmail / Outlook / SMTP service	Name, email address, contact message	To respond to your messages, send updates or notifications
Payment Processors (if any)	PhonePe	Name, email, payment amount, partial card information	For secure payment processing and refunds
Legal / Compliance Authorities	Courts, government agencies	Requested relevant information	To comply with legal duties or prevent fraud
Business Transfers	Acquisition, merger, asset sale	Relevant user data	To continue providing service in the event of a business ownership change

Key Points:

1. Minimum Data Sharing: We only share the minimum amount of data required for the specific service or legal requirement.
2. Privacy Law Compliance: All third parties are expected to follow applicable privacy laws such as GDPR and the Indian DPDP Bill to safeguard your data.
3. No Marketing Data Sharing: We do not share personally identifiable information (PII) with advertising or marketing networks unless you have explicitly opted in.
4. Policy Updates: If the nature of data sharing or the list of third parties changes significantly in the future, we will update this policy and provide a notice on key pages.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue. For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Once your information is submitted on our website, it may be transmitted to the following locations and services depending on which service or form you have used:

1. Automated Spam Detection Services

When you leave a comment or fill out a contact form, your information (such as IP address, browser user agent, and message content) may be sent to automated spam filtering services like Akismet, Google reCAPTCHA, etc.

Purpose: To protect the website from spam and misuse.

2. Web Hosting and Server Locations

The data on our website (including your information) is stored on the servers of the web hosting provider we use. These servers may be located in India or outside India, such as in the USA, Europe, or Asia, depending on the data center location.

3. Cloud Services and Backup

Your data may be temporarily stored on secure cloud storage services like Google Cloud, Amazon Web Services (AWS), or similar, for the purpose of backup and maintaining operational continuity.

4. Email Servers / SMTP Services

If you submit a contact form, the information you provide (e.g., name, email, message) is sent to our email account (e.g., Gmail, Zoho, or SMTP server), so that we can respond to your query.

5. Analytics and Tracking Services

If you have consented to cookies, certain data such as IP address, device type, browser details, etc., may be sent to services like Google Analytics, Facebook Pixel, etc., in order to help us understand how our website is being used and to improve user experience.

Important Notes:

• We ensure that all services receiving your data comply with data protection laws, such as GDPR and the Indian Digital Personal Data Protection Act.
• Under no circumstances do we transmit your data beyond what is necessary for service, security, or legal compliance.
• Only the minimum required data is shared with trusted third-party services.

Your contact information

If you have any questions related to our Privacy Policy, or if you wish to inquire about the use, collection, or deletion of your personal data, you may contact us through the following means:

Contact via Email:

Email ID: info@ubworld.in
You may send any privacy-related queries or requests to this email address.

Phone Number:

Mobile: +91-7004864923

Website Contact Form:

You can also reach us through the Contact Us page on our website.

Special Instructions for Data Privacy Requests:

If you would like to:

• Request a copy of the personal data we hold about you, or
• Request deletion of your data

Please contact us via email. You may be asked to provide additional information (such as email verification or your user ID) to confirm your identity before we can process your request.

Additional information

How We Protect Your Data

We take the security of your personal information very seriously and implement appropriate technical, administrative, and physical safeguards to protect it from unauthorized access, use, alteration, or disclosure. The key security measures we employ include:

1. Secure Server Infrastructure

Our website and database are secured with SSL (Secure Socket Layer) certificates, ensuring that all communication between you and our site is encrypted. This protects your data from being intercepted or stolen during transmission.

2. Access Control

• Access to your data is strictly limited to authorized personnel only.
• Our admin panel and backend systems are password-protected, and we may implement two-factor authentication (2FA) for enhanced security.

3. Data Encryption

• Sensitive data is encrypted when necessary, both in transit and at rest.
• Passwords and similar information are secured using hashing techniques to ensure they cannot be read even if accessed.

4. Regular Backups & Updates

• We take regular backups of the website and databases to ensure data recovery in case of a technical failure or attack.
• All software and plugins are updated regularly to patch known security vulnerabilities.

5. Spam & Malware Protection

• Our website is protected with spam filters, firewalls, and malware scanning tools.
• We conduct regular scans to detect and remove any malware, viruses, or malicious scripts.

6. Legal Compliance

We comply with the Indian Digital Personal Data Protection Bill (DPDP) and, where applicable, with international privacy standards such as the General Data Protection Regulation (GDPR).

Your Role in Data Security

While we take every possible step to secure your data, no internet-based system is 100% secure. Therefore, we request your cooperation:

• Keep your passwords confidential
• Avoid sharing sensitive information over public or unsecured networks

If you suspect that your information has been compromised or your privacy has been violated, please contact us immediately at info@ubworld.in.

What data breach procedures we have in place

We are committed to ensuring that your personal information remains secure and confidential at all times. While we implement all necessary security measures, in the unlikely event of a data breach—such as unauthorized access, data theft, or loss—we follow a clearly defined response protocol:

1. Immediate Detection and Assessment

• Our website and servers are protected by active security monitoring tools that help detect any suspicious activity instantly.
• As soon as a breach is suspected, our technical team initiates a prompt investigation to assess the nature and extent of the incident.

2. Isolating Affected Systems

• If a specific server, database, or account is affected, it is temporarily suspended to prevent further damage.
• All potentially compromised passwords or API keys are immediately reset.

3. User Notification

• If the breach affects your personal information, we will notify you via email within 48 to 72 hours.
• This notification will include the nature of the breach, type of information affected, potential risks, and recommended steps for your protection.

4. Reporting to Authorities

• If required, we will report the incident to the relevant government authorities or data protection bodies, such as CERT-In or the DPDP Board, to ensure legal and regulatory compliance.

5. Corrective Measures

• We identify and immediately fix any security vulnerabilities that may have led to the breach.
• Our security policies, password protocols, and server/software infrastructure are updated as needed to prevent future attacks.

6. Log & Audit Trail Review

• After the breach, we conduct a thorough audit of system logs and activity reports to ensure no hidden or ongoing malicious activity is present.

Your Role:

• If you notice any suspicious emails, unauthorized logins, or unusual activity on your account, please notify us immediately at contact@ubworld.in.
• For your own safety, we recommend that you change your passwords regularly and enable Two-Factor Authentication (2FA) where available.

Conclusion

Our team treats data security as a top priority. In the event of any breach, we will act with transparency and accountability to safeguard your information and maintain your trust.

What third parties we receive data from

Our website may occasionally receive limited and specific types of data from trusted third-party services to help us improve, secure, and personalize our services.

1. Social Media Platforms

If you log in or register through third-party platforms such as Google, Facebook, or other social media accounts, we may receive the following information:

• Your name
• Email address
• Profile picture
• Public profile details

This data is only received with your explicit consent and is used solely to create your account or provide a personalized experience.

2. Analytics Services

We may receive user behavior data from services like Google Analytics, Search Console, or similar tools, such as:

• Visitor location, device, and browser type
• Traffic source
• Time spent on site
• Click and page view statistics

This information is non-personally identifiable and used strictly to analyze and improve website performance.

3. Payment Gateways

If you make a payment through our website (via Razorpay, PayPal, Stripe, etc.), we may receive:

• Payment confirmation
• Transaction status (successful/failed)
• Payment date and amount

We do not store your card or bank details under any circumstances.

4. Email Marketing or Communication Services

If you use our newsletter or contact forms, we may receive interaction data from services like Mailchimp, Sendinblue, etc., including:

• Subscription status
• Whether emails were opened or clicked
• Responses to feedback forms

5. CAPTCHA & Spam Protection Services

Services like Google reCAPTCHA may send us technical details to verify whether the user is human, such as:

• User's IP address
• Browser behavior
• Device information

Important Notes:

• We only receive data from reliable third-party sources that comply with applicable privacy laws like GDPR and the Indian DPDP Bill.
• Any data received from a third party is used only for the specific, limited purposes mentioned above.
• We do not collect or purchase user data from third parties for marketing purposes without your explicit consent.

What automated decision making and/or profiling we do with user data

Our website uses certain automated processes with minimal human intervention. These are implemented to enhance user experience, personalize services, and improve the overall functionality of the site.

1. Spam Detection and Blocking

When users leave comments or submit forms, the data is scanned by automated systems such as Akismet or Google reCAPTCHA.

These systems automatically determine whether the message is spam based on factors such as:

• IP address
• Browser information
• Keywords used
• Historical user behavior

2. Personalized Recommendations

If your website includes features like video, article, or course suggestions, these may be automatically generated based on:

• User's browsing history
• Pages previously viewed
• Stated or inferred interests

Example: "Since you watched this video, you might also like..."

3. User Profiling for Analytics

Certain analytics tools may group users into behavioral segments, such as:

• Returning users
• New visitors
• Mobile vs. desktop users
• Highly active users

This profiling is purely for statistical and performance optimization purposes and is not used to make personal decisions about any individual.

4. Do We Make Any Legally or Economically Impactful Decisions?

No.

We do not make any automated decisions that affect users' legal rights, eligibility (e.g., for loans, employment, or access), or cause economic gain or loss.

Your Rights

If you do not wish for your data to be used for profiling or automated decision-making, you may opt out by contacting us at:

📧 info@ubworld.in

Conclusion

Our goal is solely to use your data to improve your website experience and not to impact your rights or freedoms through automated decisions.

Industry regulatory disclosure requirements

We comply with all applicable legislative and regulatory guidelines set forth by the Government of India and other relevant authorities related to our sector, which includes education, digital services, and e-commerce.

If we are required to disclose your personal data for legal, regulatory, or compliance purposes, such disclosure will occur only under the following circumstances:

1. Legal Obligation

If compelled by a court order, government directive, or any legitimate legal process, we may disclose necessary user data to the appropriate legal authorities in accordance with the law.

2. Regulatory Reporting

If our services fall under the scope of an educational regulator, administrative authority, or industry governing body, we may share relevant information (such as course content, payment details, or user activities) only if required for regulatory compliance.

3. User Safety & Public Interest

In cases where user safety, public welfare, privacy, or law and order is at risk, we may share essential data with security or enforcement agencies such as:

• Cyber Crime Cell
• Ministry of Information Technology
• Data Protection Authority (DPDP Board, India)

4. Compliance with Data Protection Laws

We strictly follow the Digital Personal Data Protection Act (DPDPA), 2023, and, where applicable, international privacy laws like the General Data Protection Regulation (GDPR). This includes:

• Notifying users before processing their data
• Obtaining clear and informed consent
• Maintaining proper records of all data processing activities

5. Transparency Policy

Except where legally restricted, we aim to notify users prior to any such disclosure of their personal data. Our goal is to maintain transparency and build trust with all users.

Conclusion

We only disclose personal data when legally required, aligned with industry standards, and in a manner that respects user interests. We do not sell or disclose data for commercial gain without your explicit consent.