The entity behind BEASTCHEMIST.
BEASTCHEMIST is a sole proprietorship founded and operated by Mohit Ryan, based in India. When we say "we," "us," or "BEASTCHEMIST" in this policy, we mean this entity. When we say "you," we mean anyone visiting beastchemist.com or signing in as a student, member, or admin.
We are the data fiduciary under the Digital Personal Data Protection Act, 2023 — meaning we determine how and why your data is processed, and we are responsible for protecting it.
Only what you give us — and only what we need.
From Google when you sign in
When you sign in with Google, we receive: your email address, your name as set on Google, your Google profile picture URL, and a unique Google account identifier. We do not receive your Google password or access any other part of your Google account.
From you during onboarding
The first time you sign in, we ask you to fill a short form. You provide:
- Your full name (you can edit what Google pre-fills)
- Your phone number with country code
- Optionally, your Telegram username
- Your current class — 11, 12, or Dropper
- Your target exam — JEE Main, JEE Advanced, NEET, Olympiad, or Other
- How you heard about BEASTCHEMIST — YouTube, friends, teachers, Instagram, or other
Automatic technical data
When you use the site, our hosting providers automatically log standard technical information — IP address, browser type, device type, pages visited, and timestamps. This is used for security, abuse prevention, and basic analytics. We do not combine this with your account profile for advertising purposes.
If you make a purchase (coming soon)
If you buy paid content, our payment processor (Razorpay) handles the transaction. We receive a payment confirmation — order ID, amount, payment status — but we never see or store your card number, UPI PIN, or net banking credentials. Razorpay processes these directly under their own privacy policy.
Purpose-bound. Nothing else.
We use your information only for these specific purposes:
- To give you access to content you have purchased or content marked free for signed-in users
- To personalize what we show you — e.g. surfacing material relevant to your class and target exam
- To communicate important account information, content launches, and exam-related updates (via the phone number / email you provided)
- To improve the platform — understanding which content is most useful, which features are unused, where students drop off
- To prevent abuse — detect fraudulent signups, content scraping, payment fraud
- To comply with law — respond to legal requests, tax records, dispute resolution
We do not use your data for behavioural advertising, build psychological profiles to manipulate you, or sell it to anyone. Ever.
No selling. No marketing partnerships. Period.
We do not sell, rent, trade, or share your personal data with third parties for marketing purposes. The only entities that touch your data are the service providers we use to actually run the platform:
- Google (LLC, USA) — provides the sign-in service that authenticates you
- Supabase (US-incorporated, with our database physically located in Mumbai, India) — hosts your account data and our content metadata
- Netlify (USA) — hosts the website and serves pages to your browser
- Razorpay (India) — processes payments when you buy paid content
Each of these providers is contractually bound to use your data only to provide the service we contracted them for. We do not authorize them to use your data for their own marketing.
We may share information with law enforcement, regulators, or courts if legally required — for example, in response to a valid summons or court order — but only the minimum necessary to comply.
As long as needed. No longer.
We retain your account data for as long as your account is active. If you delete your account, we delete your profile, onboarding data, and access records within 30 days, except for:
- Purchase records and tax invoices — retained for 8 years as required under Indian tax law
- Records under active legal dispute — retained until the dispute is resolved
- Anonymized analytics — kept indefinitely but cannot be linked back to you
You're in control of your data.
Under the Digital Personal Data Protection Act, 2023, you have the right to:
- Access the personal data we hold about you
- Correct any inaccurate or outdated information
- Delete your data and close your account (subject to legal retention requirements above)
- Withdraw consent for any optional data processing
- Nominate another person to exercise these rights on your behalf in case of incapacity or death
- File a grievance with us, and escalate to the Data Protection Board of India if unsatisfied
To exercise any of these rights, email our grievance officer (details in section 11). We will respond within 30 days.
Most of our audience is preparing for entrance exams.
BEASTCHEMIST serves students preparing for JEE, NEET, and Olympiad exams. Many of you are under 18. We know this, and we take it seriously.
By signing in and using BEASTCHEMIST, you confirm that either (a) you are 18 or older, or (b) you have your parent or legal guardian's permission to create an account, accept these terms, and provide your information to us. By proceeding, you authorize the named parent or guardian as having reviewed and agreed to this Privacy Policy and our Terms of Service on your behalf.
We do not knowingly collect data from anyone under 13. If you believe a child under 13 has created an account, please email us and we will remove it.
We do not show targeted advertising to anyone. We do not sell minors' data. We do not engage in behavioural profiling of minors.
How we protect your data.
We implement reasonable security practices as required under the Information Technology Act, 2000 and the Rules thereunder, including:
- Encryption in transit — all connections to beastchemist.com use HTTPS (TLS 1.2+)
- Encryption at rest — our database provider encrypts all stored data using industry-standard algorithms
- Access controls — direct admin access to the database is restricted to the Founder. Our Grievance Officer assists with data-rights requests but does not have independent system access
- Row-level security — even within our database, students can only see their own records, never anyone else's
- Authentication via Google — we never store your password; sign-in is delegated to Google's infrastructure
- Payment isolation — we never see your card details; Razorpay handles payment data under PCI-DSS compliance
No system is perfectly secure. If we ever become aware of a data breach affecting your information, we will notify you and the Data Protection Board within the timelines required by law.
Minimal. Functional only.
We use cookies and similar browser storage only for functional purposes:
- Sign-in session — to keep you logged in across page reloads
- Preferences — to remember settings you've chosen
We do not use third-party advertising cookies, behavioural tracking pixels, or fingerprinting. If we add analytics in the future, we will update this policy and ask for your consent where required.
If we update it, you'll know.
We may update this policy as the platform evolves, as laws change, or as we add new features (like payments). When we make a material change, we will:
- Update the "Last updated" date at the top of this page
- Email signed-in users at the address on file at least 7 days before the change takes effect
- Display a notice on the site for at least 30 days after the change
If you don't agree with a change, you can close your account before it takes effect. Continued use after the effective date means you accept the updated policy.
Reach us directly.
If you have questions, concerns, or want to exercise any of the rights described above, contact our Grievance Officer:
Guransh Kaur — Grievance Officer, BEASTCHEMIST
Email: teambeastchemist@gmail.com
Response time: within 30 days of a verified request, as required under DPDP Act 2023
If you are unsatisfied with our response, you may escalate your complaint to the Data Protection Board of India under Section 27 of the Digital Personal Data Protection Act, 2023.