Privacy Policy

Introduction

At brritto ("we," "us," "our," or "the Company"), your privacy is our highest priority. We are committed to protecting your personal information and using it responsibly. This Privacy Policy explains how we collect, use, store, share, and protect your information when you use the brritto mobile application (the "App").

By accessing or using our Services, you agree to the terms and conditions of this Privacy Policy. If you do not agree with this policy, please do not use our Services.

brritto is operated by Innospace Infotech Ltd., a company incorporated under the laws of Bangladesh.

Disclaimer & Source of Information

brritto is an independent educational platform developed by Innospace Infotech Limited. It is not affiliated with, endorsed by, or authorized by any government authority. All government-related exam information provided in this app (such as SSC, HSC, BCS etc.) is collected from publicly accessible official websites for educational purposes, including:

https://bpsc.gov.bd/
https://ntrca.gov.bd/
https://erecruitment.bb.org.bd/
https://www.dhakaeducationboard.gov.bd/
https://rajshahieducationboard.gov.bd/
https://sylhetboard.gov.bd/
https://comillaboard.portal.gov.bd/
https://dinajpureducationboard.gov.bd/

For authentic and updated notices, users are advised to visit these official sources directly.

1. Definitions

"We," "Us," "Our," "Company" – Refers to brritto and Innospace Infotech Ltd.
"You," "Your," "User" – Refers to any individual who accesses or uses our Services.
"Personal Information" – Information that identifies you personally, such as your name, email address, phone number, and other contact details.
"Services" – Includes the brritto mobile application, website, and all related features and functionalities.
"Third Parties" – Any external entity, website, company, or individual not directly operated by brritto.

2. Information We Collect

We collect information to provide you with a better learning experience and to improve our Services. The information we collect falls into two categories:

2.1 Information You Provide to Us

When you create an account or use our Services, you provide us with certain information:

Account Registration Information:

Phone Number – To identify you in our system.
Full Name – To create your account and identify you in our system.
District – To provide region-specific content and recommendations.
Gender – To understand our user demographics.
Email Address (Optional) – To send important updates and communication.
Institute Name – To tailor educational content to your institution.
Your Class – To provide class-specific courses, materials, and recommendations.

Additional Information:

Profile Photo – To personalize your account (uploaded via camera or photo selection).
Course Enrollment Data – Information about courses you activate or access.
User-Generated Content – Questions, comments, feedback, and other content you submit.
Communication Data – Messages you send to our support team or through the App.

Guardian Information (Optional):

Guardian Name – To identify a responsible adult who can support the student in account-related or safety-related matters.
Guardian’s Phone Number – To contact a guardian only when required for safety, account-related issues, or support requests.
Relation with Guardian – To ensure that the contact person is an appropriate and authorized adult for the user.

Why We Collect This Information: Each piece of information collected during sign-up is necessary to provide you with a personalized, effective, and secure learning experience. Your name and class information help us recommend appropriate courses, your district helps us understand regional educational needs, and your email allows us to keep you informed about your account and courses.

To support students who may be under 18, brritto allows users to optionally provide Guardian Information. This information helps us communicate with a responsible adult when necessary (for example, account recovery, safety-related concerns, or support-related matters).

2.2 Information Collected Automatically

When you use our Services, we automatically collect certain information:

Device Information – Device type, model, operating system, and version.
Unique Device Identifiers – Mobile device ID, advertising ID.
IP Address – Your internet protocol address for security and analytics.
App Usage Data – Features you use, pages visited, time spent, and interaction patterns.
Log Data – Technical logs including crashes, errors, and performance data.

Why We Collect This Information: We collect device type, model, and operating system details to ensure the app works properly on your device, optimize performance, and troubleshoot technical issues. We use mobile device IDs and advertising IDs to maintain app security, prevent fraudulent activity, manage login sessions, and improve app functionality and analytics. We collect your IP address for security verification, fraud prevention, regional service optimization, and to support accurate analytics. We track how you use the app (such as pages visited and time spent) to understand user behavior, improve features, enhance the learning experience, and fix usability issues. Crash logs, error reports, and performance data help us diagnose problems, improve app stability, and deliver a smoother, more reliable user experience. Crash logs follow Firebase Crashlytics’ default retention policy.

2.3 Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience:

Analytics Cookies – We use Firebase Analytics to understand how users interact with our Services.
Performance Cookies – To monitor app performance and identify technical issues.
Functional Cookies – To remember your preferences and settings.

Firebase and Device Identifiers: Our App uses Firebase Analytics, which collects device identifiers to provide analytics insights. This helps us understand user behavior, improve features, and fix bugs.

WebView and External Links: Our App may use WebView to display external content. When you navigate to external websites through WebView, those sites may use their own cookies and tracking technologies. We do not control these third-party cookies.

3. Permissions We Request

brritto requests specific permissions to provide essential features. We only request permissions when necessary and explain why we need them:

3.1 Camera Permission

Why We Need It:

Profile Photo Capture – Used only to take a new photo for your profile picture.

How long we keep it: It follows the default account-deletion policy. When your account is deleted, the photo is removed with it.

QR Code Scanning – Used exclusively to scan brritto-authorized QR codes that come with physical books purchased from the brritto Shop website or local distributors of brritto-integrated books. Scanning these codes enrolls the user in the corresponding digital courses within the app. The QR scanner cannot scan or process any external QR codes.

What We DON'T Do:

We do Not collect, store, browse, or access any other photos, videos, or media from your device.
We do not scan your device for images.
Camera access is only active when you explicitly use these features.
Images are only captured when you press the capture button.

User Control: You can deny camera permission and still use most app features. You can also revoke permission anytime through device settings.

3.2 Photo Gallery/Storage Permission

Why We Need It:

Profile Photo Selection – To select an existing photo from your gallery for your profile picture.

How long we keep it: It follows the default account-deletion policy. When your account is deleted, the photo is removed with it.

What We DON'T Do:

We do NOT scan, browse, or collect your entire photo gallery.
We do NOT gain broad storage access.
We ONLY access the specific photo you select.
We do NOT access any other images or media stored on your device.

How It Works: When you choose to upload a profile photo from your gallery, you'll see your device's photo picker. We only receive the single photo you select—nothing else.

3.3 No Background Installations or Device Integrity Violations

We respect the security and integrity of your device. The brritto App does not perform silent or background installations of other applications, software, or APKs.

What We Guarantee:

We do NOT download or install other apps without your explicit permission and knowledge.
We do NOT modify your device's system settings to allow silent installations.
We do NOT execute any code that attempts to bypass Android's or iOS's standard installation permission prompts.

Any updates or additional features will always be processed through the official App Store/Google Play Store or require your direct interaction and consent.

4. How We Use Your Information

We use your information for the following purposes:

4.1 To Provide and Improve Services

Process your registration and create your account.
Provide personalized course recommendations based on your class and preferences.
Deliver educational content, materials, and resources.
Enable course activation and access through QR code scanning or direct enrollment.
Facilitate QR code-based course enrollment from physical book purchases.
Process and fulfill orders for physical books through brritto Shop.

4.2 Communication

Send important notifications about your account and courses.
Provide customer support and respond to your inquiries.
Send updates about new courses, features, and educational content.
Notify you about policy changes.

4.3 Analytics and Improvement

Understand how users interact with our Services.
Identify and fix technical issues.
Improve app performance and user experience.
Develop new features based on user needs.

4.4 Security and Compliance

Prevent fraud, unauthorized access, and security breaches.
Comply with legal obligations and respond to legal requests.
Enforce our Terms of Service and other policies.

5. Data Sharing and Third Parties

We do not sell or rent your personal information to third parties. We may share your information only in the following limited circumstances:

5.1 Service Providers

We work with trusted third-party service providers who help us operate our Services:

Cloud Storage Providers – To securely store your data.
Analytics Services – Firebase Analytics for app performance and usage insights.
OTP Delivery – SSLCommerz is used to send and verify OTP messages.

These providers are contractually obligated to protect your information and use it only for the purposes we specify.

5.2 Legal Requirements

We may disclose your information if required by law, court order, or government request, or if we believe disclosure is necessary to:

Comply with legal obligations.
Protect our rights, property, or safety.
Prevent fraud or security threats.
Investigate violations of our Terms of Service.

5.3 Business Transfers

If brritto is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information becomes subject to a different privacy policy.

5.4 With Your Consent

We may share your information for other purposes with your explicit consent.

6. External Links and Third-Party Services

Our Services may contain links to external websites or third-party services, including:

Social Media Platforms – For sharing content or logging in.
Educational Resources – Third-party educational content.

Important: We do not control these external sites, and this Privacy Policy does not apply to them. Third-party websites have their own privacy policies, and we encourage you to review them. We are not responsible for the privacy practices or content of external sites.

7. Course Access and Enrollment

7.1 How to Access Digital Courses

You can access digital courses through the brritto App in two ways:

Method 1: QR Code from Physical Books

Purchase a physical book from brritto Shop.
Each book includes a unique or public QR code.
Open the brritto App and use the in-app QR scanner.
Scan the QR code to automatically enroll in the corresponding digital course.

Method 2: Direct Enrollment

Browse available courses in the App.
Click "Get Started" on any course to begin accessing the content.

Note: Course access and enrollment terms may be updated from time to time. We will notify users of any changes to course access policies.

7.2 Google Play Billing

If we introduce paid digital content or subscriptions in-app in the future, we will comply with Google Play's billing requirements and update this policy accordingly.

8. Account Deletion and Data Retention

8.1 Your Right to Delete Your Account

You have the right to delete your brritto account at any time. We provide a 60-day grace period to ensure you don't lose your learning progress if you change your mind.

How to Request Account Deletion:

Option 1: In-App Deletion

Open the brritto App
Go to Settings → Account Settings
Select "Delete My Account"
Confirm your request

Option 2: Email/Web Request

If you cannot access the app, you may request deletion remotely:

Web Request: Submit a deletion request via our website at https://info.brritto.com/contact-us or via this google form: https://docs.google.com/forms/d/e/1FAIpQLScBtXqdgZH04gN2ugaHi9BgVpNs0btJo1J9fl60vSpp3kO04Q/viewform.
Email Request: Send an email to support@brritto.com with the subject line "Account Deletion Request" and include your registered email address or phone number.

8.2 60-Day Grace Period

When you request account deletion, we don't immediately and permanently remove your data. Instead, we provide a 60-day grace period to protect your learning progress:

What Happens Immediately After Deletion Request:

Your account is marked as "Pending Deletion".
A 60-day countdown begins.
You will not receive marketing communications during this period.
Your account will not be publicly visible or accessible.

If You Log In Within 60 Days:

Your deletion request is automatically cancelled
Your account is fully restored to active status
All your data is preserved, including:

Course access and enrollments (both QR-scanned and directly enrolled courses)
Course progress and completion status
Progress charts and learning analytics
Leaderboard positions and rankings
Progress bars and milestones
Test results and exam history
Live exam participation records
Doubts, feedback, and questions submitted
Notifications and preferences
Profile information and settings

If You Do NOT Log In Within 60 Days:

After 60 days without login, your account undergoes permanent deletion.
All your data is permanently and irreversibly removed from:

Main databases.
User analytics systems.
Backups (according to our backup purge policy).
All associated records and digital traces.

After Permanent Deletion:

You can sign up again with the same phone number.
However, you will be treated as a completely new user.
No prior data, progress, courses, or activity will be restored.
You will need to re-enroll in courses and start from the beginning.

8.3 Immediate/Fast-Track Deletion

If you require immediate permanent deletion without the 60-day grace period (for example, due to legal or personal reasons), you can request fast-track deletion:

Email support@brritto.com with the subject line "Immediate Account Deletion Request".
Provide a brief reason for the urgent request.
Our team will process your request within 7 business days.
Once approved, your data will be permanently deleted without the grace period.

8.4 Data Retention for Legal and Security Purposes

Even after permanent deletion, we may retain certain limited information as required by law:

Transaction records (for accounting and tax compliance).
Records necessary to resolve disputes or enforce our Terms of Service.
Information required by legal obligations or court orders.
Data needed to prevent fraud and maintain security.

This retained information is minimal, anonymized where possible, and kept only as long as legally required.

8.5 General Data Retention Policy

For active accounts, we retain your information only as long as necessary to:

Provide our Services to you.
Comply with legal obligations.
Resolve disputes and enforce agreements.
Maintain security and prevent fraud.

When your information is no longer needed for these purposes, we securely delete or anonymize it.

9. Children's Privacy

9.1 Target Audience: Our Services are educational in nature and intended for students (e.g., Secondary School to University). We recognize that our users may include individuals under the age of 18.

9.2 Parental Consent: Requirement For Users Under 18: We do not knowingly collect personal information from children under 18 without parental consent. If you are under 18, you must have your parent or guardian review this Privacy Policy and consent to your use of the App. By creating an account, you represent that you have obtained such consent.

9.3 Information Collection: from Minors We collect only the information necessary to provide the educational service (such as Name, Class, and Institute). We do not use personal information from users under 18 for third-party behavioral advertising or targeted marketing.

9.4 Parental Rights: If you are a parent or guardian and believe your child under 18 has provided us with personal information without your consent, please contact us at support@brritto.com. Parents have the right to review their child’s data or request its deletion at any time.

10. Data Security

We take data security seriously and implement industry-standard security measures to protect your information:

Encryption – We use secure encryption (HTTPS/TLS) to protect data in transit.
Secure Servers – Your data is stored on secure, access-controlled servers.
Authentication – OTP protection and secure login mechanisms.
Regular Audits – We regularly review and update our security practices.
Employee Training – Our team is trained on data protection and privacy.

However, please note: No method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials.

11. Your Rights and Choices

You have the following rights regarding your information:

11.1 Access and Correction

View and update your account information at any time through the App settings.
Request a copy of your personal data by contacting support@brritto.com.

11.2 Data Deletion

Delete your account through the in-app option or by contacting us.
Request deletion of specific information.

11.3 Communication Preferences

Opt out of marketing emails by clicking "Unsubscribe" in any promotional email.
Manage notification preferences in App settings.
Note: You cannot opt out of essential service communications (e.g., account security alerts).

11.4 Cookie Management

Control cookie preferences through your device settings.
Disable analytics tracking (may affect app functionality).

11.5 Permission Management

Revoke camera or photo permissions through device settings.
Note: Revoking certain permissions may limit app functionality.

12. Refund and Cancellation Policy

As of the current version, the brritto App does not process direct financial transactions for digital goods within the application. Therefore:

In-App Refunds: There are no payment charges processed via Google Play Billing or Apple App Store to refund.
Physical Bundles: If your digital access is tied to a physical product purchased externally, refund requests regarding that physical product are subject to the specific return policy of the original point of sale/retailer.
Policy Updates: We reserve the right to modify the access model (e.g., introducing premium features or subscriptions) in future updates. Any such changes will be communicated clearly, and paid transactions will be subject to the respective app store's standard refund policies.

13. International Data Transfers

brritto operates primarily in Bangladesh. Your information is stored on servers located in Singapore. By using our Services, you acknowledge and consent to the transfer and storage of your data in Singapore.

If we transfer data to other countries, we ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy and applicable laws in Bangladesh and the destination country.

14. Intellectual Property

14.1 Proprietary Information

All content, materials, trademarks, service marks, domain names, and trade secrets provided through our Services are owned by brritto/Innospace Infotech Ltd. ("Proprietary Information"). You may NOT:

Copy, download, reproduce, alter, or distribute our Proprietary Information without written consent.
Remove copyright, trademark, or other proprietary notices.
Use our content for commercial purposes.

14.2 Your Usage Rights

While you may store downloaded educational materials for personal use, brritto retains all intellectual property rights. Your use of our Services is solely for personal, non-commercial educational purposes.

14.3 Third-Party Content

Some content may be provided by third parties with their permission. All rights to such content remain with those third parties.

15. User Conduct and Prohibited Content

You agree NOT to:

Provide false, misleading, or deceptive information.
Share content that is illegal, harmful, threatening, abusive, defamatory, vulgar, obscene, or offensive.
Distribute malware, viruses, or harmful code.
Violate others' privacy or intellectual property rights.
Attempt to gain unauthorized access to our systems.
Use our Services for any unlawful purpose.

Violation of these rules may result in account suspension or termination and legal action if necessary.

16. Feedback and User-Generated Content

When you provide feedback, suggestions, or other communications to us:

Your feedback is considered non-confidential.
We may use your feedback without restriction or compensation.
You represent that your feedback does not contain confidential information from third parties.
We are not obligated to maintain confidentiality regarding feedback.

We are not liable for content posted by other users. Exercise caution when using our Services.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, Services, or legal requirements. When we make changes:

Notification: We will notify you of significant changes by:

Posting an updated policy with a new "Last Updated" date.
Sending an email notification (if you've provided an email address).
Displaying an in-app notification.

Your Acceptance: Your continued use of our Services after the updated policy is posted constitutes your acceptance of the changes.
Review Regularly: We encourage you to review this Privacy Policy periodically.

Effective Date: Changes become effective immediately upon posting unless otherwise stated.

18. Legal Compliance

This Privacy Policy constitutes an electronic record under the ICT Act 2006 (Bangladesh) and related rules and regulations, as amended from time to time.

18.1 Dispute Resolution

Disputes arising from this Privacy Policy will be resolved through:

Stage 1 - Mediation:

An impartial mediator will be selected by mutual agreement.
The mediator's decision is non-binding, but both parties will make good faith efforts to comply.

Stage 2 - Arbitration:

If mediation fails, disputes will be resolved through binding arbitration.
Arbitration will be conducted in Dhaka, Bangladesh.
Proceedings will be in English.
The arbitrator's decision is final and binding.

Jurisdiction: If alternative dispute resolution fails, cases will be brought before the courts of Dhaka, Bangladesh.

19. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal information:

Email: support@brritto.com

Mailing Address:
brritto - Innospace Infotech Ltd.
House- 2A, 1st floor, Rd 95, Dhaka 1212
Dhaka, Bangladesh

Customer Support: Available through the App's Help/Support section

We aim to respond to all inquiries within 7 business days.

20. Acknowledgment and Consent

By using brritto's Services, you acknowledge that:

You have read and understood this Privacy Policy.
You consent to the collection, use, and sharing of your information as described.
You agree to comply with the terms outlined herein.
Failure to comply may result in account suspension or legal action.

For Users Under 18: By using our Services, you confirm that your parent or guardian has reviewed and consented to this Privacy Policy.

Thank you for trusting brritto with your educational journey. Your privacy matters to us.

This Privacy Policy was last updated on December 8, 2025