1. Information We Collect

We collect various types of personal information in order to provide our services and digital products. A standard privacy policy outlines what information is collected, where it is collected from and why. We collect information in the following categories:

1.1 Information you provide to us

We collect information that you voluntarily provide when interacting with the AHTE VERSE platform:

• Account and contact data: When you sign up for our newsletter, download an eBook, register for an account, or contact us via forms, we collect information such as:
  • Full name (first name, last name, or display name)
  • Email address (required for account creation and communications)
  • Telephone number (optional, for account verification and support)
  • Mailing address (for billing and shipping purposes where applicable)
  • Username and password (encrypted and stored securely)
  • Profile information (if you choose to create a profile)
  • Preferences and settings (language, notification preferences, etc.)
• Payment data: When you purchase an eBook or other digital product, we collect comprehensive transaction‑related information including:
  • Order details (products purchased, quantities, prices, discounts applied)
  • Billing address (required for payment processing and tax compliance)
  • Payment method information (credit card type, last four digits, expiry date)
  • Transaction IDs and payment confirmation numbers
  • Purchase history and order timestamps

  We do not store full credit/debit card numbers on our servers. Payment information is processed securely by trusted third‑party payment processors compliant with the Payment Card Industry Data Security Standard (PCI‑DSS). All payment data is encrypted in transit and at rest.

• Communications: We record and store the complete content of all communications you send to us, including:
  • Support requests and customer service inquiries
  • Product reviews and ratings
  • Survey responses and feedback forms
  • Email correspondence
  • Social media interactions (when you contact us through social platforms)
  • Comments and messages submitted through our platform

  This information helps us provide better customer support and improve our services.

• Content and submissions: If you submit content to our platform (such as reviews, comments, or user-generated content), we collect and store that information along with metadata associated with your submission.

1.2 Information we collect automatically

When you access or interact with the AHTE VERSE platform, we automatically collect certain technical and usage information:

• Device and usage data: We collect comprehensive technical information including:
  • Device information (device type, model, operating system, version)
  • Browser information (browser type, version, language settings)
  • IP Address: We actively track and record your IP address for multiple purposes:
    • Geolocation data derived from IP address (country, region, city)
    • Network information (connection type, ISP details)
    • Security monitoring and fraud prevention
    • Analytics and user behavior tracking
    • Compliance with legal and regulatory requirements
    • Sharing with government authorities when required by law

    IP address tracking is mandatory for platform security, fraud prevention, and legal compliance. By using our platform, you consent to IP address tracking and storage.

  • Pages viewed, time spent on each page, click patterns
  • Navigation paths through our platform
  • Search queries and filters used
  • Download history and file access logs
  • Error logs and crash reports
  • Session duration and frequency of visits
  • Referral sources (how you arrived at our platform)
  • Screen resolution and display settings
  • Time zone and locale information

  This data is essential for platform security, fraud prevention, performance optimization, and improving user experience. We use this information to detect suspicious activities, prevent unauthorized access, and maintain the integrity of our platform.

• Cookies and similar technologies: We employ various tracking technologies to enhance your experience and ensure platform security:
  • Cookies: Small text files stored on your device that track preferences, browsing behaviour, authentication status, and other data
  • Web beacons: Tiny invisible images embedded in emails and web pages to track engagement
  • Pixel tags: Code snippets that help us measure the effectiveness of our marketing campaigns
  • Local storage: Browser storage mechanisms to remember your preferences and settings
  • Session storage: Temporary storage for maintaining your session state

  We use both first‑party cookies (set by AHTE VERSE) and third‑party cookies (set by our partners) for purposes including:

  • Remembering your login credentials and preferences
  • Enabling secure authentication and session management
  • Analyzing website traffic and user behavior patterns
  • Personalizing content and recommendations
  • Delivering targeted advertisements and remarketing campaigns
  • Measuring marketing campaign effectiveness
  • Preventing fraud and ensuring platform security

  You can manage your cookie preferences via the cookie banner on our platform or by adjusting your browser settings (see Section 6 below). However, disabling certain cookies may limit platform functionality.

• Security and monitoring data: To maintain platform security and protect all users, we collect:
  • Login attempts and authentication logs
  • Failed login attempts and suspicious activity patterns
  • IP addresses associated with account access
  • Device fingerprints and unique identifiers
  • Security event logs and audit trails
  • Fraud detection signals and risk scores

  This security data collection is mandatory and essential for protecting the AHTE VERSE platform, preventing unauthorized access, detecting fraud, and ensuring the safety of all platform members.

1.3 Information from third parties

We may receive information about you from third-party sources, which we combine with information we collect directly:

• Analytics and advertising partners: We use and receive comprehensive analytics and advertising data from the following third-party services:
  • Google Analytics: We use Google Analytics to track and analyze user behavior on our platform. Google Analytics collects:
    • Page views, session duration, and user interactions
    • Demographics and interests data
    • Traffic sources and referral information
    • User flow and navigation patterns
    • Conversion tracking and goal completions
    • IP addresses (which may be anonymized by Google in some regions)
    • Device and browser information

    Google Analytics uses cookies and other tracking technologies. Data collected by Google Analytics is subject to Google’s Privacy Policy. We use this data to understand user behavior, optimize our platform, and improve user experience.

  • Meta Pixel (Facebook Pixel): We use Meta Pixel (formerly Facebook Pixel) to track conversions, optimize ads, and build audiences for remarketing. Meta Pixel collects:
    • Page views and user interactions
    • Purchase events and conversion data
    • Custom events and user actions
    • IP addresses and device information
    • Cookie identifiers for cross-device tracking

    Meta Pixel enables us to show you relevant advertisements on Facebook, Instagram, and other Meta platforms. Data collected by Meta Pixel is subject to Meta’s Data Policy. This data is used for advertising, remarketing, and audience building purposes.

  • Google Tag Manager: We use Google Tag Manager to manage and deploy tracking tags, including:
    • Google Analytics tags
    • Meta Pixel tags
    • Other marketing and analytics tags
    • Custom event tracking

    Google Tag Manager helps us efficiently manage our tracking technologies and collect data for analytics, marketing, and advertising purposes. Data collected through tags managed by Google Tag Manager is subject to the respective privacy policies of the tag providers.

  • Other analytics platforms (traffic sources, user engagement metrics)

  By using our platform, you consent to data collection by Google Analytics, Meta Pixel, Google Tag Manager, and other analytics services. This data helps us understand how users interact with our platform, optimize user experience, improve our services, and deliver targeted advertising.

• Payment processors: Our payment partners (such as Stripe, PayPal, Razorpay) provide us with:
  • Transaction confirmation and status updates
  • Payment method verification
  • Fraud risk assessments
  • Chargeback and dispute information

  They do not share full payment card details with us, as these are processed securely on their platforms.

• Marketing platforms: When you engage with our content on social media or via email marketing platforms, we may receive:
  • Your social media username or profile information
  • Engagement data (likes, shares, comments, clicks)
  • Campaign performance metrics
  • Email open rates and click-through data

  This information is collected in accordance with the privacy policies of those third-party platforms.

• Government and regulatory sources: In certain circumstances, we may receive information from government agencies or regulatory authorities as part of legal compliance, security investigations, or fraud prevention efforts. This may include verification of identity, business registration details, or other information required for compliance purposes.
• Public sources: We may collect information from publicly available sources such as business directories, social media profiles (when publicly accessible), or other public records to verify information you provide or for business intelligence purposes.

While we strive to collect only necessary information, we acknowledge that comprehensive data collection is essential for platform security, fraud prevention, legal compliance, and providing you with the best possible experience on the AHTE VERSE platform.

1.4 Data Minimization and Purpose Limitation

We are committed to the principles of data minimization and purpose limitation:

• Data Minimization: We collect only the personal data that is necessary for the specific purposes for which it is processed. We do not collect excessive or unnecessary data.
• Purpose Limitation: We use personal data only for the purposes for which it was collected, as described in this Privacy Policy. If we need to use data for a new purpose, we will inform you and, where required by law, obtain your consent.
• Storage Limitation: We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, unless a longer retention period is required by law (see Section 4 for detailed retention periods).
• Accuracy: We take reasonable steps to ensure that personal data is accurate, complete, and up-to-date. You can help us maintain accuracy by updating your account information regularly.

These principles guide our data collection and processing practices, ensuring we respect your privacy while providing necessary services.

2. How We Use Your Information

We use your personal information for multiple purposes, as detailed below. By being part of the AHTE VERSE platform, you acknowledge and consent to these uses:

2.1 Service Provision and Contract Fulfilment

We process your data to provide core platform services:

• Create, maintain, and manage your account and profile
• Process and fulfill your orders for digital products
• Process payments and manage billing
• Deliver digital products via download links
• Send order confirmations, receipts, and transaction notifications
• Provide technical support and customer service
• Manage your purchase history and account preferences
• Enable platform features and functionality

2.2 Platform Security and Fraud Prevention

2.3 Communication

We use your contact information to communicate with you:

• Send administrative messages (account updates, policy changes, security alerts)
• Respond to your enquiries and support requests
• Provide customer support and technical assistance
• Send service-related notifications (order updates, download links, account activity)
• Deliver marketing communications (newsletters, promotional offers, product updates) when you have opted in
• Send transactional emails (purchase confirmations, password resets, account verification)

2.4 Marketing and Remarketing

2.5 Personalization and Platform Improvement

We analyze your data to enhance your experience:

• Personalize content recommendations based on your interests and purchase history
• Customize your platform experience (language, currency, regional preferences)
• Improve our services based on usage patterns and feedback
• Develop new features and content based on user needs
• Conduct research and analytics to understand trends and user behavior
• Optimize platform performance and user interface

2.6 Legal Compliance and Government Cooperation

We also use data to:

• Comply with applicable laws, regulations, and legal obligations
• Enforce our Terms of Service and other agreements
• Detect and prevent fraud, abuse, and illegal activities
• Protect the rights, property, and safety of AHTE VERSE, our users, and third parties
• Respond to legal claims and disputes
• Maintain records for tax and accounting purposes

2.7 Other Legitimate Business Purposes

We may use your data for other purposes that are:

• Compatible with the purposes described above
• Necessary for our legitimate business interests
• Required for platform operations and maintenance
• Related to business analytics and intelligence

We will provide prior notice and, where required by law, obtain your consent before using your data for new purposes.

2.8 Automated Decision-Making and Profiling

We may use automated processing, including profiling, for the following purposes:

• Product Recommendations: We use algorithms to analyze your browsing behavior, purchase history, and preferences to recommend products that may interest you
• Personalized Content: We customize your platform experience based on your interactions and preferences
• Fraud Detection: We use automated systems to detect and prevent fraudulent activities, unauthorized access, and suspicious transactions
• Marketing Segmentation: We categorize users into groups based on demographics, interests, and behavior for targeted marketing campaigns
• Risk Assessment: We may use automated systems to assess transaction risks and payment fraud

Your Rights Regarding Automated Processing

You have the right to:

• Not be subject to automated decision-making that produces legal or similarly significant effects (unless necessary for contract performance, authorized by law, or based on your explicit consent)
• Request human intervention in automated decision-making processes
• Express your point of view regarding automated decisions
• Contest automated decisions that affect you

Profiling for Marketing

We use profiling to:

• Analyze your preferences and behavior to deliver personalized advertisements
• Segment users for targeted marketing campaigns
• Measure the effectiveness of marketing efforts

You can object to profiling for marketing purposes at any time by contacting us or adjusting your preferences in your account settings.

Transparency

We will inform you when automated decision-making is used and provide meaningful information about the logic involved, as well as the significance and consequences of such processing.

2.9 Legal Basis for Processing

We rely on different legal bases for processing depending on your jurisdiction:

• DPDP Act (India): We ensure data processing is lawful, fair, and transparent, limited to the purpose for which it was collected, collects only what is necessary, and is protected with reasonable safeguards. We process data based on consent, contract performance, legal obligations, and legitimate interests.
• GDPR (EU/UK): We process data on the basis of consent, performance of a contract, legitimate interests, compliance with legal obligations, protection of vital interests, or public task.
• CCPA/CPRA (California): We process data for business purposes, commercial purposes (with appropriate disclosures), and as required by law.

3. How We Share Your Information

• Service providers: We engage vendors to host the Site, provide cloud storage, facilitate email communications, manage customer relationships, process payments, operate marketing tools and perform analytics. These providers may access personal data only to carry out services on our behalf and are bound by contractual obligations to protect it.
• Analytics and Advertising Partners: We share data with analytics and advertising partners including:
  • Google (Google Analytics, Google Tag Manager, Google Ads): We share user behavior data, IP addresses, device information, and interaction data with Google for analytics, advertising, and platform optimization purposes. This data is subject to Google’s Privacy Policy.
  • Meta (Facebook Pixel): We share conversion data, user interactions, IP addresses, and device information with Meta for advertising, remarketing, and audience building on Facebook and Instagram. This data is subject to Meta’s Data Policy.
  • Other analytics and advertising partners as described in this Policy

  By using our platform, you consent to data sharing with Google, Meta, and other analytics and advertising partners for the purposes described above.

• Payment processors: When you purchase an eBook or service, we share your payment details with third‑party payment processors to complete the transaction.
• Analytics and advertising partners: We share aggregated or anonymised usage statistics with partners for analytics and advertising purposes.
• Government and regulatory authorities: We will disclose personal data to government agencies, law enforcement, regulatory bodies, and judicial authorities when:
  • Required by law, court order, subpoena, or legal process
  • Requested by government agencies for security, fraud prevention, or criminal investigations
  • Necessary to comply with tax, regulatory, or reporting obligations
  • Required to protect national security, public safety, or prevent illegal activities
  • Requested by regulatory authorities for compliance audits or investigations

  We are committed to full cooperation with government authorities and will provide all requested data in accordance with applicable laws. This may include sharing comprehensive account information, transaction records, IP addresses, device information, communication logs, and any other data we maintain about you.

• Business transfers: If AHTE VERSE is involved in a merger, acquisition or sale of assets, personal data may be transferred as part of that transaction. We will notify you of any such change in ownership.

Any third‑party service provider that processes personal data on our behalf must implement appropriate safeguards consistent with the DPDP Act and applicable laws.

4. Data Retention

We retain your personal information for different periods depending on the type of data and the purpose for which it was collected:

4.1 Retention Periods

• Account Information: We retain your account data (name, email, profile information) for as long as your account is active, plus an additional period of 7 years after account closure for legal, tax, and security purposes.
• Transaction Records: We retain purchase history, payment information, and transaction records for a minimum of 7 years (or longer if required by local tax and accounting regulations) to comply with financial reporting and tax obligations.
• Security and Audit Logs: We retain security logs, authentication records, IP addresses, and audit trails for a minimum of 2 years (and potentially longer for ongoing investigations or legal requirements) to maintain platform security and assist in fraud prevention.
• Marketing Data: We retain marketing preferences, engagement data, and communication history for as long as you remain subscribed to marketing communications, plus 2 years after unsubscribing for analytics and record-keeping purposes.
• Customer Support Records: We retain support tickets, communications, and related records for 5 years after the last interaction to assist with future inquiries and maintain service quality.
• Legal and Compliance Records: We retain data required for legal compliance, government reporting, or ongoing legal proceedings for the duration required by applicable laws, which may extend beyond the periods mentioned above.
• Cookies and Tracking Data: Cookie data is typically retained for up to 2 years, though some cookies may persist longer based on their purpose and your browser settings.

4.2 Extended Retention

We may retain your data for longer periods when:

• Required by law, regulation, or court order
• Necessary for ongoing legal proceedings or investigations
• Required for tax, accounting, or financial reporting purposes
• Necessary to protect our legal rights or defend against legal claims
• Required for security purposes or fraud prevention
• Data has been anonymized and is used for statistical or research purposes

4.3 Data Deletion

When we no longer need your personal data for the purposes outlined in this Policy, we will:

• Securely delete personal information from our active systems
• Remove data from backup systems within a reasonable timeframe (typically within 90 days)
• Anonymize data that we retain for statistical or analytical purposes
• Ensure that third-party service providers delete your data in accordance with our agreements

However, please note that:

• Some data may remain in archived backups for disaster recovery purposes
• Anonymized or aggregated data may be retained indefinitely for analytics
• We may be legally required to retain certain data even after you request deletion
• Data shared with government authorities may be retained by those authorities according to their policies

5. Your Rights

5.1 Rights under the DPDP Act (India)

Under India’s Digital Personal Data Protection Act, 2023, individuals (called Data Principals) have the following rights:

• Right to Access:
  • You may request a copy of all personal data we hold about you
  • You may request information about the sources from which we collected your data
  • You may request details about how we use and share your data
  • We will provide this information in a clear and understandable format
  • We may charge a reasonable fee for providing access, as permitted by law
• Right to Correction and Erasure:
  • You may request correction of inaccurate, incomplete, or outdated personal data
  • You may request deletion of personal data that is no longer necessary for the purposes for which it was collected
  • We will correct or delete data within a reasonable timeframe, subject to legal requirements
  • Note: We may be required to retain certain data for legal, tax, or security purposes even after you request deletion
• Right to Grievance Redressal:
  • You may file complaints or grievances regarding our data handling practices
  • We will acknowledge your grievance and respond within the timeframe required by law (typically 30 days)
  • If you are unsatisfied with our response, you may escalate to the Data Protection Board of India
• Right to Nomination:
  • You may appoint a nominee to exercise your data rights in the event of your death or incapacity
  • The nominee must provide appropriate documentation to exercise these rights
• Right to Consent and Transparency:
  • We obtain explicit, informed consent before processing your data for purposes beyond what is necessary for service provision
  • You have the right to withdraw consent at any time
  • Withdrawal of consent will not affect processing already performed or data processing required for legal compliance
  • We provide clear information about how your data is used through this Privacy Policy
• Right to Data Portability:
  • You may request your data in a structured, commonly used, and machine-readable format
  • This allows you to transfer your data to another service provider
• Protection of Children’s Data:
  • Special protections apply when processing the personal data of children under 18
  • We do not knowingly collect personal data from children without verifiable parental consent
  • If we discover we have collected data from a child without consent, we will delete it immediately

5.5 Children’s Privacy – Detailed Procedures

We take the protection of children’s privacy seriously and have implemented specific procedures:

Age Verification

We use the following methods to verify age and parental consent:

• Age declaration during account registration
• Requirement of parental email for users under 18
• Parental consent forms for certain activities
• Verification of parental identity when required

Parental Consent Requirements

For children under 18 (or the age of majority in their jurisdiction), we require:

• Verifiable parental consent before collecting personal data
• Parental approval for account creation and purchases
• Parental notification of data collection and use
• Parental access to review and delete their child’s data

Data Collection from Children

If we discover we have collected data from a child without proper parental consent, we will:

• Immediately stop collecting data from that child
• Delete all data collected from the child (unless retention is required by law)
• Notify parents if we have their contact information
• Take steps to prevent future unauthorized collection

Parental Rights

Parents have the right to:

• Review their child’s personal data
• Request deletion of their child’s data
• Refuse further collection or use of their child’s data
• Revoke previously given consent
• Request correction of inaccurate data

Limited Data Collection

For children, we limit data collection to:

• What is necessary to provide requested services
• Information required for account management
• Data necessary for legal compliance

We do not use children’s data for marketing or advertising purposes without explicit parental consent.

Contact for Children’s Privacy

Parents who wish to exercise their rights regarding their child’s data should contact us at support@ahteverse.net with “Children’s Privacy Request” in the subject line. We will verify parental identity before processing requests.

Limitations on Rights: Please note that certain rights may be limited when:

• Data is required for legal compliance or government reporting
• Data is necessary for ongoing legal proceedings
• Data is required for security or fraud prevention purposes
• Data has been shared with government authorities as required by law
• Exercising the right would adversely affect the rights of others

5.2 Rights under other privacy laws

If you are located in the European Economic Area (EEA) or the United Kingdom, you have rights under the GDPR, including the right to access your data, rectification, erasure, restriction of processing, data portability and objection to processing. If you are a resident of California, you have certain rights under the CCPA/CPRA, such as the right to know what information is collected, used and shared; the right to request deletion; and the right to opt out of the sale or sharing of personal information.

To exercise any of the rights described above, please contact us using the details in Section 12. We may need to verify your identity before responding to your request. If you appoint a nominee or authorised representative (as permitted under the DPDP Act or other laws), we will require evidence of their authority.

5.3 Right to Object to Processing

You have the right to object to processing of your personal data in certain circumstances:

• Marketing Communications: You can object to processing for direct marketing purposes at any time. You can opt out by:
  • Clicking the unsubscribe link in marketing emails
  • Updating your preferences in your account settings
  • Contacting us at support@ahteverse.net
• Profiling and Automated Decision-Making: You can object to processing for profiling or automated decision-making that produces legal or similarly significant effects
• Legitimate Interests: You can object to processing based on legitimate interests, unless we demonstrate compelling legitimate grounds that override your interests, rights, and freedoms

Important Note: You cannot object to processing that is:

• Necessary for contract performance (e.g., processing payments, delivering products)
• Required for legal compliance (e.g., tax reporting, security monitoring)
• Essential for platform security and fraud prevention

To exercise your right to object, please contact us at support@ahteverse.net with “Objection to Processing” in the subject line.

5.4 Right to Restriction of Processing

You have the right to request restriction of processing of your personal data in the following circumstances:

• You contest the accuracy of your personal data (we will restrict processing while we verify accuracy)
• Processing is unlawful and you prefer restriction to deletion
• We no longer need the data, but you require it for legal claims
• You have objected to processing, and we are considering whether our legitimate interests override yours

When processing is restricted, we will:

• Store your data but not process it further (except with your consent, for legal claims, or to protect rights of others)
• Notify you before lifting the restriction
• Continue to use the data for the limited purposes permitted during restriction

To request restriction of processing, please contact us at support@ahteverse.net with “Restriction Request” in the subject line.

6. Cookies and Tracking Technologies

We use cookies, web beacons, pixel tags, and similar tracking technologies to enhance your experience on the AHTE VERSE platform, ensure platform security, deliver personalized content, and enable marketing and remarketing activities. These technologies help us recognize your browser, remember your preferences, understand how you interact with our platform, and deliver relevant advertisements.

6.1 What Are Cookies and Tracking Technologies?

• Cookies: Small text files stored on your device that contain information about your preferences, authentication status, and browsing behavior
• Web Beacons: Tiny invisible images (also called pixel tags or clear GIFs) embedded in emails and web pages that track when content is opened or viewed
• Pixel Tags: Code snippets that allow us to measure the effectiveness of our marketing campaigns and track user interactions
• Local Storage: Browser storage mechanisms (localStorage, sessionStorage) that store data on your device
• Device Fingerprinting: Techniques that identify your device based on browser and device characteristics

6.2 Types of Cookies We Use

• Essential Cookies:
  • Necessary for the platform to function properly
  • Enable core features like login, authentication, shopping cart, and secure transactions
  • Maintain your session and security preferences
  • These cookies cannot be disabled without affecting platform functionality
  • Examples: session cookies, authentication tokens, security cookies
• Functional Cookies:
  • Remember your preferences (language, currency, region, display settings)
  • Provide enhanced features and personalization
  • Remember your login information (if you choose “Remember Me”)
  • Enable features like saved searches, wishlists, and recently viewed items
• Analytics Cookies:
  • Google Analytics Cookies: We use Google Analytics cookies (such as _ga, _gid, _gat, _gac_*, etc.) that:
    • Track user behavior, page views, session duration, and interactions
    • Collect IP addresses and device information for analytics
    • Measure traffic sources, referral information, and user flow
    • Analyze demographics and interests data
    • Identify technical issues and optimize user experience

    These cookies are managed through Google Tag Manager and data is shared with Google in accordance with Google’s Privacy Policy.

  • Google Tag Manager: Cookies and tracking tags managed through Google Tag Manager facilitate data collection for various analytics purposes
  • Collect comprehensive information about how you use our platform (pages visited, time spent, links clicked, navigation paths)
  • Help us understand user behavior and improve platform performance
  • Measure the effectiveness of our content and features
  • Custom analytics tools and other analytics services
• Advertising and Marketing Cookies:
  • Meta Pixel (Facebook Pixel) Cookies: We use Meta Pixel cookies (such as _fbp, _fbc, fr) that:
    • Track conversions, purchases, and custom events
    • Enable remarketing on Facebook and Instagram platforms
    • Build custom audiences for targeted advertising
    • Track user interactions and engagement with our platform
    • Collect IP addresses and device information for cross-platform tracking
    • Measure advertising effectiveness and return on ad spend

    Meta Pixel enables us to show you relevant advertisements on Facebook, Instagram, and other Meta platforms. Data collected by Meta Pixel is shared with Meta in accordance with Meta’s Data Policy.

  • Google Ads Cookies: Cookies used for Google Ads advertising, remarketing, and conversion tracking
  • Track your browsing behavior to deliver personalized advertisements
  • Enable remarketing campaigns on third-party websites and social media
  • Measure the effectiveness of advertising campaigns
  • Build user profiles for targeted advertising and audience segmentation
  • Enable cross-platform tracking and audience building
• Security Cookies:
  • Detect and prevent fraud and unauthorized access
  • Monitor suspicious activities and security threats
  • Maintain platform security and integrity
  • These are essential for platform security

6.3 Cookie Duration

• Session Cookies: Temporary cookies that expire when you close your browser
• Persistent Cookies: Remain on your device for a set period (ranging from days to years) or until you delete them
• Different cookies have different retention periods based on their purpose

6.4 Third‑Party Cookies and Tracking

Third parties may set cookies and tracking technologies on our platform for various purposes:

• Analytics Providers:
  • Google Analytics: Tracks user behavior, demographics, and platform interactions. Collects IP addresses, device information, and usage data. Data is shared with Google and subject to Google’s Privacy Policy.
  • Google Tag Manager: Manages and deploys tracking tags including Google Analytics and Meta Pixel. Facilitates data collection across multiple platforms.
  • Adobe Analytics and other analytics services
• Advertising Networks:
  • Meta Pixel (Facebook Pixel): Tracks conversions, user interactions, and enables remarketing on Facebook and Instagram. Collects IP addresses, device information, and cookie data. Data is shared with Meta and subject to Meta’s Data Policy.
  • Google Ads and other advertising platforms for remarketing and targeted advertising
• Social Media Platforms: Social media buttons and widgets that may set cookies
• Payment Processors: Cookies related to payment processing and fraud prevention

These third‑party cookies are subject to the respective privacy policies of those providers. We do not control these third-party cookies, but we work with reputable partners who are committed to privacy protection.

6.5 Your Cookie Choices and Controls

You have several options for managing cookies:

• Cookie Consent Banner: When you first visit our platform, a cookie banner allows you to:
  • Accept all cookies
  • Reject non-essential cookies
  • Customize your cookie preferences

  We do not set non‑essential cookies until you provide consent. However, essential and security cookies are necessary for platform operation.

• Browser Settings: You can modify your browser settings to:
  • Block all cookies or specific types of cookies
  • Delete existing cookies
  • Receive alerts when cookies are being set
  • Manage cookie preferences on a site-by-site basis

  Note: Blocking cookies may significantly impact platform functionality and your user experience.

• Opt-Out Tools: You can opt out of certain tracking and advertising cookies through:
  • Google Analytics: Install the Google Analytics Opt-out Browser Add-on available at https://tools.google.com/dlpage/gaoptout
  • Meta/Facebook: Manage your ad preferences in your Facebook account settings at https://www.facebook.com/adpreferences
  • Google Ads: Opt out of personalized ads through Google’s Ad Settings at https://adssettings.google.com
  • Digital Advertising Alliance (DAA) opt-out page at https://optout.aboutads.info
  • Network Advertising Initiative (NAI) opt-out page at https://optout.networkadvertising.org
  • Your browser’s privacy settings and cookie controls

  Note: Opting out of tracking may limit platform functionality and personalization. Essential cookies for platform security and functionality cannot be disabled.

• Do Not Track: While some browsers offer a “Do Not Track” feature, our platform does not currently respond to DNT signals. We rely on our cookie consent mechanisms to honor your preferences.

6.6 Impact of Disabling Cookies

If you disable or block cookies, you may experience:

• Inability to log in or maintain your session
• Loss of saved preferences and settings
• Reduced functionality of platform features
• Inability to complete purchases
• Less personalized experience

7. Security Measures

We implement comprehensive technical and organisational measures to protect your personal information from unauthorised access, disclosure, alteration, and destruction. Our security framework includes multiple layers of protection:

7.1 Technical Security Measures

• Encryption:
  • Data in transit: All data transmitted between your device and our servers is encrypted using industry-standard TLS/SSL protocols (HTTPS)
  • Data at rest: Sensitive data stored in our databases is encrypted using AES-256 encryption
  • Password storage: All passwords are hashed using bcrypt with salt, ensuring they cannot be decrypted even if our database is compromised
  • Payment data: Payment information is encrypted and tokenized, with full PCI-DSS compliance
• Network Security:
  • Firewalls and intrusion detection systems to prevent unauthorized access
  • DDoS protection and mitigation services
  • Secure network architecture with network segmentation
  • Regular security audits and penetration testing
• Server Security:
  • Secure, hardened servers with minimal attack surface
  • Regular security patches and updates
  • Malware scanning and threat detection
  • Secure backup systems with encrypted storage
• Application Security:
  • Secure coding practices and regular code reviews
  • Input validation and sanitization to prevent injection attacks
  • Session management and secure authentication mechanisms
  • Rate limiting and abuse prevention

7.2 Organisational Security Measures

• Access Controls:
  • Role-based access controls limiting employee access to only necessary data
  • Multi-factor authentication for administrative access
  • Regular access reviews and revocation of unnecessary permissions
  • Principle of least privilege for all system access
• Employee Training:
  • Regular security awareness training for all staff
  • Data protection and privacy training
  • Incident response procedures
• Monitoring and Incident Response:
  • 24/7 security monitoring and threat detection
  • Automated alerts for suspicious activities
  • Incident response procedures and breach notification protocols
  • Regular security assessments and audits
• Vendor Management:
  • Security assessments of third-party service providers
  • Contractual obligations for data protection
  • Regular vendor security reviews

7.3 Compliance and Standards

• PCI-DSS compliance for payment processing
• Adherence to industry best practices and security frameworks
• Regular compliance audits and assessments
• Certification maintenance for security standards

7.4 Security Limitations

While we implement comprehensive security measures, it is important to understand that:

• No method of transmission over the internet or electronic storage is 100% secure
• We cannot guarantee absolute security against all threats
• Security threats evolve continuously, requiring ongoing vigilance
• You play an important role in protecting your account (use strong passwords, enable two-factor authentication, log out after use, be cautious of phishing attempts)

7.5 Data Breach Response and Notification

In the event of a data breach that may affect your personal information, we have comprehensive procedures in place:

Breach Detection and Response

• Immediate investigation and containment of the breach
• Assessment of the scope, nature, and impact of the breach
• Identification of affected individuals and data
• Evaluation of the risk to individuals’ rights and freedoms
• Implementation of remedial actions to prevent further breaches
• Documentation of the breach and response measures

Notification Timelines

We will notify relevant parties within the following timeframes:

• Regulatory Authorities:
  • Within 72 hours of becoming aware of the breach (as required by GDPR for EU/UK users)
  • Within the timeframe required by the Data Protection Board of India (under DPDP Act)
  • Within any other timeframes required by applicable laws in your jurisdiction
• Affected Users:
  • Without undue delay after becoming aware of the breach
  • Within 72 hours for high-risk breaches (GDPR requirement)
  • As soon as reasonably practicable, considering the circumstances

Breach Notification Content

When we notify you of a data breach, we will provide:

• Description of the nature of the breach
• Categories and approximate number of affected individuals
• Categories and approximate number of affected data records
• Likely consequences of the breach
• Measures taken or proposed to address the breach and mitigate its effects
• Contact information for our Data Protection Officer or support team
• Recommendations for steps you can take to protect yourself

Notification Methods

We will notify you of data breaches through:

• Email to the address associated with your account
• Prominent notice on our platform
• Other methods as appropriate for the severity and nature of the breach

Exceptions to Notification

We may not notify you of a breach if:

• The breach is unlikely to result in a risk to your rights and freedoms
• We have implemented appropriate technical and organizational measures that render the data unintelligible (e.g., encryption)
• Notification would involve disproportionate effort (in which case we will use public communication or similar measures)
• Notification is prohibited by law enforcement or security authorities

Your Responsibilities

In the event of a data breach notification, we recommend that you:

• Review the information provided carefully
• Change your account password immediately
• Monitor your accounts for suspicious activity
• Review your credit reports and financial statements
• Follow any specific recommendations we provide
• Report any suspicious activity to relevant authorities

8. International Data Transfers

AHTE VERSE is based in India but may process and store personal data on servers located in other countries. When we transfer personal information across borders, we implement measures to ensure an adequate level of protection in compliance with the DPDP Act and other applicable laws.

The DPDP Act allows data transfers to foreign countries subject to government‑directed restrictions and requirements. For users in the EEA/UK, we rely on appropriate safeguards such as Standard Contractual Clauses or equivalent legal mechanisms to ensure your data is protected.

9. Third‑Party Links

Our Site may contain links to external websites, plug‑ins and applications not operated by AHTE VERSE. Clicking on those links or enabling such connections may allow third parties to collect or share data about you. We do not control these third‑party websites and are not responsible for their privacy practices. We encourage you to read the privacy policies of every website you visit.

10. Do Not Track Signals

Some browsers and mobile operating systems offer a “Do Not Track” (DNT) feature that signals your preference not to have data about your online browsing activities monitored and collected. Our Site does not currently respond to DNT signals. Instead, we rely on cookie consent mechanisms described above to honour your preferences.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements or other factors. When we make changes, we will revise the “Last updated” date at the top of the Policy. Significant changes will be communicated by posting a prominent notice on our Site or by contacting you directly. We encourage you to review this Policy periodically to stay informed about how we protect your information.

If we need to collect additional data or use your personal information for new purposes, we will inform you and seek your consent as required by law.

12. Grievances, Questions and Contact Details

13. Additional Terms for EU/EEA/UK Users

If you are located in the European Economic Area, the United Kingdom or another jurisdiction that grants you specific privacy rights, this section applies:

• Data controller: AHTE VERSE is the controller of your personal data.
• Legal bases: Our legal bases for processing include performance of a contract (to deliver digital products and services); consent (for marketing and non‑essential cookies); legitimate interests (to analyse and improve our business); and compliance with legal obligations.
• Data transfers: We transfer personal data outside the EEA/UK only where adequate safeguards (such as Standard Contractual Clauses) are in place.
• Right to lodge a complaint: If you believe our processing of your personal data infringes your rights, you may lodge a complaint with your local data‑protection authority.

14. California Residents’ Privacy Rights

If you are a resident of California, the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) provide you with the right to:

• Know: Request disclosure of the categories and specific pieces of personal information we collect, the categories of sources, the business or commercial purpose for collecting or selling personal information, and the categories of third parties with whom we share that information.
• Delete: Request deletion of your personal information, subject to certain exceptions (e.g., where the information is required to complete a transaction or comply with a legal obligation).
• Opt out: Opt out of the sale or sharing of personal information. We do not sell your personal information.
• Correct: Request correction of inaccurate personal information we maintain about you.
• Limit use of sensitive personal information: You may direct us to limit use and disclosure of your sensitive personal information.

California residents may exercise these rights by contacting us at support@ahteverse.net. We will not discriminate against you for exercising any of your CCPA/CPRA rights.

15. Other Disclosures and Notices

• Third‑party requirements: Some third‑party services we use (e.g., Google Analytics, payment processors, email platforms) require us to disclose that we use their services and share data with them. We include such disclosures in this Policy.
• Other policies: This Privacy Policy works together with our Terms of Service and any additional notices or consent banners on our Site. When purchasing eBooks, please review the refund and licence terms applicable to that product.
• Intellectual property: Our Site may display trademarks, logos and copyrighted material belonging to us or third parties. Nothing in this Policy grants you any licence to use such intellectual property.