REFUND POLICY

LimitX — Refund & Cancellation Policy Last updated: 1 April 2026

LimitX — Refund & Cancellation Policy Last updated: 1 April 2026

Our Commitment

At LimitX, we believe your personal data belongs to you. We collect only what we need, protect it rigorously, and never sell it to anyone — ever. This Privacy Policy explains clearly what we collect, why we collect it, and what rights you have.

This policy applies to the LimitX app, website, and all related services operated by Timely Technologies Private Limited.

1. What Information We Collect

Information You Give Us

Mobile number - for Account creation, OTP verification, identity

Full name - for Personalisation, receipts, account records

Email address (optional) - for Receipts, important notifications

Bank account number - To process your payment transfers (encrypted)

UPI ID - To process UPI transfers (encrypted)

PAN number - for Tutor verification only, when you enter it

Tutor/course selections - To personalise your experience


Information We Collect Automatically:

Device ID - for Push notification delivery

App usage patterns - for Anonymous analytics to improve the app

Crash reports - for App stability and bug fixing

IP address - for Security monitoring, fraud prevention

Transaction history - Service delivery, receipts, dispute resolution


Information We Do NOT Collect

-> Your full card number, CVV, or card expiry — these are handled entirely by our payment processor in their own secure environment

-> Location data — we do not request or store your GPS location

-> Contacts — we do not access your phone contacts

-> Camera or microphone data — we do not request camera or microphone access in the current version of the app

2. How We Use Your Information

We use your information for the following purposes only:

To operate the service: Processing payments, verifying your identity, generating receipts, and maintaining your transaction history.We reserve the right to suspend or terminate accounts where eligibility requirements are not met.

To keep you informed: Sending OTPs, payment confirmation SMS, and push notifications about your transactions. We do not send promotional messages unless you explicitly opt in.

To keep the platform safe: Detecting fraud, preventing unauthorised access, and monitoring unusual transaction patterns.

To improve the product: Anonymised, aggregated usage analytics help us understand which features work well and where we can improve.

To comply with the law: We retain certain records as required by applicable Indian financial regulations.

3. Who We Share Your Data With

We share your data with as few third parties as possible, and only when necessary:

Party What Is Shared Why

Payment processor - Transaction details, mobile number - To execute your payment

SMS provider - Mobile number - To deliver OTPs

Notification service - Device ID - To send push notifications

Crash reporting tool - Anonymised crash logs - To fix app bugs

Analytics tool - Anonymised usage data - To improve the app

Law enforcement / courts - As legally required - Compliance with Indian law

We never:

->Sell your data to advertisers

-> Share your data for marketing purposes with third parties

-> Share your bank account or UPI details with tutors or any other party outside the payment process

4. How We Protect Your Data

Encryption: Bank account numbers and UPI IDs are encrypted using AES-256 before storage. All data in transit uses TLS 1.3.

Secure storage: Authentication tokens are stored in your device's secure enclave — iOS Keychain on iPhone, Android Keystore on Android. Not in regular app storage.

Access controls: Only authorised personnel at Timely Technologies can access user data, and only for legitimate operational purposes.

Servers: All data is stored on servers physically located in India.

Session security: The app automatically logs you out after 15 minutes of inactivity. You can enable biometric lock for additional protection.

No perfect guarantee: No system is 100% immune. We invest heavily in security, but we cannot guarantee immunity from all possible attacks. In the event of a breach that affects your data, we will notify you promptly and take immediate remedial action.

5. Data Retention

Account information - Until account deletion request

Transaction records - 8 years (as required by applicable financial regulations)

OTP records - 24 hours

Analytics data - 24 months, anonymised

Support queries - 3 years

Crash logs - 12 months

When you delete your account, all personal data is deleted or anonymised within 30 days, except where we are required by law to retain it.

6. Your Rights Under Indian Law (DPDP Act 2023)

As an Indian citizen you have the following rights regarding your personal data:

Right to Access Request a copy of all personal data we hold about you.

Right to Correction Request correction of any inaccurate or outdated personal data.

Right to Erasure Request deletion of your personal data. Transaction records required by law will be retained but all other data will be deleted.

Right to Withdraw Consent Withdraw consent for analytics or marketing communications at any time from Profile → Settings within the app.

Right to Grievance Redressal If you believe your data rights have been violated, you may raise a complaint with us. We will respond within 30 days.

Right to Nomination You may nominate another person to exercise your data rights in the event of death or incapacity, as provided for under the DPDP Act 2023.

To exercise any of these rights, email us at privacy@limitx.in with the subject line: Data Rights Request — [your registered mobile number]

7. Children's Privacy

LimitX is not intended for users under 18 years of age. We do not knowingly collect personal data from minors. If you believe a minor has created an account, contact us at privacy@limitx.in and we will delete the account promptly.

8. Cookies and Tracking

The LimitX mobile app does not use browser cookies. The LimitX website uses essential cookies for functionality and optional analytics cookies. You may decline analytics cookies without affecting your ability to use the website.

We do not use advertising cookies. We do not serve targeted advertisements.

9. Changes to This Policy

We will notify you of material changes to this Privacy Policy at least 30 days before they take effect, via the app or SMS to your registered number. Continued use after the effective date constitutes acceptance.

10. Contact — Data Privacy

Data Privacy Contact: Email: privacy@limitx.in Subject line: Privacy Query — [your registered mobile number]

Company: Timely Technologies Private Limited [Registered Address]

We will respond to all data privacy queries within 7 working days.