Last updated 3 July 2026
Account data: name, email, phone (optional), password (hashed by our authentication provider, never stored in plain text by us), and role (student or mentor).
Profile data: for mentors — bio, credentials/ID documents, expertise, pricing; for students — target exam, optional subject, preparation stage (all optional, used only to personalize your experience).
Booking & payment data: session details, and payment metadata processed via Razorpay. We store the amount, status, and gateway reference for a transaction — we do not store your card number or bank details; those are handled entirely by Razorpay under PCI-DSS compliance.
Usage data: pages visited and actions taken in-app, used to fix bugs and improve the product (see “Analytics” below).
We share data only with the service providers necessary to run SarthiLink: Supabase (database, authentication, file storage), Razorpay (payment processing). A mentor and student in a confirmed booking can see each other's name and the details needed to conduct the session — never each other's email or phone number unless you choose to share it directly. We do not sell personal data to third parties, ever.
We use privacy-conscious product analytics and error-tracking tools to understand how the platform is used and to catch bugs before they affect you. These tools are configured to avoid capturing payment details or passwords. You can request that your analytics history be cleared by contacting us.
We retain account and booking data for as long as your account is active, plus a reasonable period afterward for legal, accounting, and dispute-resolution purposes (typically up to 7 years for financial records, per Indian tax law). You can request deletion of your account at any time — see below.
You can access, correct, or request deletion of your personal data by contacting us at hello@sarthilink.com. Deleting your account removes your profile from public view; booking and payment records tied to completed transactions may be retained as described above.
Passwords are managed by our authentication provider and never visible to us in plain text. Sensitive credentials (payment gateway keys, service credentials) are stored as environment secrets, never in application code or exposed to the browser. Access to production data is restricted to the operator.
SarthiLink is intended for users 16 years and older. We do not knowingly collect data from children under 16.
In accordance with the Information Technology Act, 2000 and the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, our Grievance Officer can be reached at grievance@sarthilink.com. Full details on our Grievance Officer page.
We may update this policy as the platform evolves. Material changes will be reflected by the “Last updated” date above.