Prelims Arenaby bloom UPSC

Privacy Policy

Last updated: February 20, 2026

1. Information We Collect

We collect the following types of information:

Account Information: Name, email address, and authentication details (password hash or Google OAuth token) when you create an account.

Practice Data: Your answers to questions, confidence selections, session durations, topic progress, and learning loop activity. This is core to how Bloom works — it powers your 4-state diagnosis and blind spot tracking.

Payment Information: Transaction records including Razorpay order and payment IDs, amount, and coupon usage. We do not store your card numbers, UPI PINs, or bank details — Razorpay handles all sensitive payment processing.

Usage Analytics: Page views, feature usage, session recordings (via Posthog), and traffic source data (via Google Analytics). This helps us understand how the Platform is used and improve it.

Device Information: Browser type, device type, operating system, and screen size — collected automatically for analytics and to ensure the Platform works correctly on your device.

2. How We Use Your Information

Your data is used to: provide and personalize the service (4-state diagnosis, spaced repetition, topic recommendations); process payments; send essential communications (account verification, payment confirmations); improve the Platform based on usage patterns; and ensure security.

We do not sell your personal data. We do not share your practice performance with other users. Your blind spots, scores, and learning data are private to your account.

3. Data Storage and Security

Your data is stored on Supabase (hosted on AWS in the Asia-Pacific region). All data is encrypted at rest (AES-256) and in transit (TLS/HTTPS). Access to your data is protected by Row Level Security — only you can see your own practice data, answers, and progress.

Authentication is handled by Supabase Auth with bcrypt password hashing. We never store plaintext passwords.

4. Third-Party Services

We use the following third-party services:

  • Supabase — Database, authentication, and storage
  • Razorpay — Payment processing (PCI DSS compliant)
  • Google OAuth — Optional sign-in via Google
  • Posthog — Product analytics and session recordings
  • Google Analytics — Website traffic analytics
  • Vercel — Website hosting and deployment

Each service has its own privacy policy. We only share the minimum data required for each service to function.

5. Cookies and Tracking

We use cookies for: authentication (keeping you logged in), analytics (understanding usage patterns), and preferences (theme settings). You can disable cookies in your browser settings, but this may affect Platform functionality.

6. Your Rights

You have the right to:

  • Access your personal data — you can view all your practice data, answers, and progress in the Platform
  • Delete your account and all associated data — available in Settings, or by contacting us
  • Correct your personal information — update your name and email in Settings
  • Export your data — contact us at guru@bloomupsc.com and we will provide your data within 30 days

7. Data Retention

We retain your account and practice data for as long as your account is active. If you delete your account, all personal data is permanently removed within 30 days. Anonymized, aggregated data (e.g., “X% of users got this question wrong”) may be retained for product improvement.

8. Children's Privacy

Prelims Arena is intended for users aged 16 and above. We do not knowingly collect data from children under 16. If you believe we have collected data from a minor, contact us immediately.

9. Changes to This Policy

We may update this policy from time to time. Changes will be posted on this page with an updated date. Significant changes will be communicated via email.

10. Contact

For privacy-related questions or requests:
Email: guru@bloomupsc.com
Website: bloomupsc.com