Privacy Policy

Version: 2026-02-20

Last updated: 2026-02-20

This Privacy Policy explains what personal data DarsKhana collects, how we use it, who we share it with, how long we keep it, and the choices and rights available to users.

1. Data we collect

  • Account data: name, email, login identifiers, timezone, and role (student/tutor/admin).
  • Profile and verification data: tutor qualifications, vetting/DBS evidence, and compliance records where required.
  • Booking and classroom data: lesson schedules, attendance timestamps, participation metadata, session notes, and support/dispute context.
  • Payment and billing data: payment method tokens/references, transaction metadata, invoices, and refund records.
  • Communications: messages and support contacts needed to operate and secure the service.
  • Technical/security data: IP address, browser/device metadata, login and security-event logs.

2. How we use personal data

  • To create and manage accounts and access controls.
  • To schedule, deliver, and support tutoring sessions.
  • To process billing, payments, payouts, and refunds.
  • To provide customer support and resolve disputes.
  • To prevent abuse, enforce platform rules, and protect users.
  • To meet legal, regulatory, and safeguarding obligations.
  • To improve reliability, product quality, and service analytics.

3. Lawful bases and legal compliance

Where applicable under data protection law, processing is based on one or more of: contract necessity, legitimate interests, legal obligations, and consent (where required). If consent is used, users may withdraw it where legally available.

4. Data sharing

  • Between relevant platform users (e.g., student and tutor) only as needed for booking and lesson delivery.
  • With trusted service providers (e.g., hosting, communications, payment processing) under contractual controls.
  • With legal/regulatory authorities where required by law, lawful request, or safeguarding risk escalation.
  • With professional advisers in relation to legal, audit, or compliance matters where necessary.

5. Payments and card data

Payment processing is handled through integrated payment providers such as Stripe. DarsKhana does not store full raw card numbers or CVV. We store only the minimum payment metadata needed for billing operations, reconciliation, support, and audit.

6. Retention

We retain personal data only as long as needed for service delivery, legal obligations, fraud prevention, dispute handling, and safeguarding. Retention periods may vary by data type and operational/legal requirements.

7. Security measures

  • Access controls and least-privilege role separation.
  • Security logging and monitoring of key account/payment events.
  • Operational safeguards for incident management and account protection.
  • Provider-side controls for payment infrastructure and credential handling.

8. Children and safeguarding context

Where services involve minors, parents/guardians and tutors are expected to follow the Safeguarding & Recording Policy. We may process safeguarding-related records where required to protect users or investigate incidents.

9. Your rights

Depending on your jurisdiction, rights may include access, correction, deletion, objection/restriction, portability, and complaint rights to a relevant data protection authority. We verify identity before actioning rights requests.

10. International transfers

Where data is processed across countries, we use reasonable legal and contractual safeguards appropriate to the transfer context.

11. Policy updates

We may update this policy from time to time. Updates are posted on this page with an updated version date.

12. Contact and data requests

For privacy, data rights, or security concerns, contact Admin@darskhana.com or use our Contact page.

Related policies: Terms | Security | Cancellation & Refunds | Payments | Safeguarding