Privacy Policy

1. Information We Collect

We collect information you provide directly to us when you create an account, book a session, or communicate with us. This may include:

• Name and email address
• Professional information (current role, company, experience level)
• Payment information
• Communication preferences
• Session booking details (date, time, session type, mentor selected)
• Technical data such as IP address, browser type, device information, and usage logs collected automatically when you use the platform

2. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our services
• Match you with appropriate mentors and mock interviewers
• Process payments and communicate about your bookings
• Send you updates, newsletters, and marketing communications (with your consent)
• Protect against fraud and unauthorized access
• Create and manage video meeting links for your booked sessions using third-party video conferencing services (currently Zoom; Google Meet in future)
• Monitor platform performance and troubleshoot technical issues

3. Information Sharing

We do not sell your personal information. We may share your information with:

• Mentors and coaches you've booked sessions with
• Service providers who help us operate our platform
• Law enforcement when required by law

4. Third-Party Services and Integrations

BeTopTen integrates with third-party services to deliver its core functionality. Below is a description of each integration, what data is shared, and why.

a) Video Conferencing — Zoom

We use the Zoom API to generate meeting links for mentorship and mock interview sessions. When a session is booked, we create a Zoom meeting and share the join link with both the mentor and the mentee. We do not record, store, or access any audio, video, or chat content from your Zoom sessions. The video call itself is governed by Zoom's own Privacy Policy and Terms of Service.

b) Video Conferencing — Google Meet (upcoming)

We use the Google Calendar API to create calendar events with Google Meet video links for your booked sessions. The only Google data we access is the ability to create calendar events on behalf of the authenticated user for the sole purpose of generating a meeting link. We do not read, modify, delete, or store any of your existing Google Calendar data. We do not access your Gmail, Google Drive, Google Contacts, or any other Google service. Our use of Google data is limited strictly to creating meeting events with video links for sessions booked on BeTopTen. Google Meet sessions are governed by Google's Privacy Policy.

c) Payment Processing

We use secure third-party payment processors to handle all transactions. Bank account details, payment card details, and other sensitive financial information are not stored with us in plain text. These are stored directly at the payment gateway's end in tokenized form, in compliance with PCI-DSS standards.

Any data stored at BeTopTen's end is in encrypted form. This data may be used by our internal teams to contact mentors or users in connection with our services. However, this data will not be shared with or sold to any third party.

d) Analytics

We may use analytics tools to understand how users interact with our platform. These tools collect anonymized usage data such as pages visited, session duration, and feature usage. No personally identifiable information is shared with analytics providers.

5. Data Encryption and Security

We take the security of your personal data seriously and implement industry-standard technical and organizational measures to protect it.

• All data transmitted between your browser and our servers is encrypted using TLS (Transport Layer Security) encryption.
• Sensitive data stored in our databases is encrypted at rest.
• We follow secure development practices including regular security reviews, access controls, and principle of least privilege for internal systems.
• Access to user data is restricted to authorized personnel only, on a need-to-know basis.
• We use secure, reputable third-party infrastructure providers that maintain their own rigorous security certifications.
• Third-party API credentials and tokens are stored securely and are never exposed to end users.

While no method of transmission or storage is 100% secure, we are committed to following all applicable security protocols and continuously improving our security posture.

6. Data Retention

We retain your personal data for as long as your account is active or as needed to provide you with our services. Specifically:

• Account information (name, email, professional details) is retained for the duration of your active account.
• Session booking records are retained for 24 months after the session date for reference and dispute resolution purposes.
• Payment transaction records are retained as required by applicable tax and financial regulations.
• Automatically collected technical data (IP address, usage logs) is retained for no more than 12 months.

Upon account deletion, we will delete or anonymize your personal data within 30 days, except where retention is required by law (for example, financial transaction records required for tax compliance).

7. Your Rights

You have the right to:

• Access and receive a copy of your personal data
• Rectify inaccurate personal data
• Request deletion of your personal data
• Object to processing of your personal data
• Data portability

To exercise any of these rights, email us at [email protected]. We will respond to your request within 30 days. If you are located in the European Economic Area (EEA) or the United Kingdom, you have additional rights under the General Data Protection Regulation (GDPR). Our legal basis for processing your personal data is: (a) your consent, where you have provided it; (b) the performance of a contract with you (i.e., providing the services you have signed up for); and (c) our legitimate interests in operating, improving, and securing the platform, where those interests are not overridden by your rights.

8. Revoking Third-Party Access

If you have connected your Google account to BeTopTen, you can revoke our access at any time by:

1. Visiting your Google Account permissions page at https://myaccount.google.com/permissions
2. Finding BeTopTen in the list of connected apps
3. Clicking "Remove Access"

You can also disconnect third-party services from within your BeTopTen account settings. Revoking access will prevent us from creating new meeting links via that service for future sessions. It will not delete data already created during past sessions.

9. International Data Transfers

BeTopTen serves users across multiple countries. Your personal data may be transferred to and processed in countries other than your country of residence, including India, where our servers are located. When we transfer data internationally, we ensure appropriate safeguards are in place to protect your data in compliance with applicable data protection laws.

10. Cookies and Tracking Technologies

We use cookies and similar technologies to:

• Keep you logged in to your account
• Remember your preferences and settings
• Understand how you use our platform so we can improve it
• Ensure the security of your account

You can control or disable cookies through your browser settings. However, disabling cookies may affect the functionality of certain features on our platform. We do not use cookies for third-party advertising purposes.

11. Children's Privacy

BeTopTen is intended for professional use by individuals aged 18 and above. We do not knowingly collect personal information from anyone under the age of 18. If we become aware that we have collected data from a minor, we will delete it promptly.

12. Corporate Details

Legal Name: Vinay Bansal HUF

Parent Company Name: SMARTSMITH

GST Number: 29AALHV7561C1Z0

Registered City: Bengaluru

13. Contact Us

If you have questions about this Privacy Policy, please contact us at:

Email: [email protected]