§ Privacy Policy

How we handle your draft, your data, and your trust.

A short, plain-English account of what we collect, what we do with it, and how long it stays on our servers.

Effective 01 May 2026 Version v3.2 Operator Research Experts, Mohali, IN Contact privacy@researchexperts.in
In short
  • We see your draft only as long as we need to deliver the report or the rewrite — typically 7 to 30 days from completion, then it is purged.
  • Your document is never added to Turnitin, Drillbit, iThenticate, or any plagiarism repository. Submission-only access, no archival.
  • We do not sell, rent, or share your data with marketers. Payment data is handled by Razorpay/Stripe and never touches our servers.
  • Cookies on this site are limited to session, preference, and basic analytics. No advertising trackers, no remarketing pixels.
  • You can request access, correction, or deletion of your data at any time by emailing privacy@researchexperts.in.

§ 01 Who we are

This Privacy Policy is issued by Research Experts, an academic-services firm registered in Mohali, Punjab, India, operating the website researchexperts.in and the associated client dashboard. References to "we," "our," and "us" mean Research Experts and its authorised employees, contractors, and subject experts engaged on a non-disclosure basis.

This policy applies to every visitor of the website, every person who submits a document for plagiarism check, AI report, Drillbit/iThenticate report, manual paraphrasing, AI-content reduction, proofreading, formatting, or any other service we offer — and to anyone we contact in connection with that work.

§ 02 What we collect

We collect the minimum data required to deliver the service, raise an invoice, and stay in touch about the order. The categories below cover everything that touches our systems.

Identity dataName, email, phone number, country, institution name (where supplied). Used to address you, deliver the report, and confirm the work.
Document dataThe thesis, paper, chapter, or text you upload — and the resulting reports, rewrites, or annotated versions.
Order dataService selected, page count, deadline, instructions, internal notes from the desk, status timestamps.
Payment dataAmount, currency, transaction ID. Card and UPI details are entered on the gateway's page (Razorpay / Stripe / PayPal) — they never reach us.
Technical dataIP address, browser, device, referring URL, pages viewed. Stored in standard server logs for 90 days for security and abuse-prevention.
CommunicationsEmails, WhatsApp messages, and dashboard chat — kept with the order so the next person on the desk has full context.

We do not collect special-category data (health, religion, sexuality, biometrics) and ask you not to send it to us. If your draft contains such material as part of its academic subject matter, the standard document-data terms below apply.

§ 03 How we use it

Each piece of data has a specific purpose. We do not repurpose data for unrelated uses.

  • To deliver the service. Running the plagiarism check, generating the report, performing the manual paraphrasing or AI reduction, and returning the deliverable to you.
  • To communicate. Order confirmations, deadline reminders, clarifications from the desk, the delivery email, and post-delivery support.
  • To handle payment and accounting. Issuing invoices, GST records, processing refunds, complying with Indian tax law.
  • To improve the service. Aggregated, anonymised statistics — average turnaround, similarity-band distributions, service-mix — never tied to your name or document.
  • To prevent fraud and misuse. Detecting repeated chargebacks, fake-document attempts, and abuse of the platform.
What we do not do

We never use your draft to train a machine-learning model, never include it in a product showcase or marketing material, and never share it with a third party except as listed in §6 below.

§ 04 Lawful basis

We rely on the following lawful bases under the Indian Digital Personal Data Protection Act, 2023 and the EU GDPR (where applicable):

  • Contract. Most processing is necessary to perform the service you have asked us to provide.
  • Legitimate interest. Server logs, fraud prevention, internal QA, and aggregated analytics — balanced against your privacy expectations and limited to what is strictly necessary.
  • Legal obligation. Tax, GST, invoicing, and statutory record-keeping required by Indian law.
  • Consent. Optional newsletters, testimonials with your name attached, and any non-essential cookie. Consent is revocable at any time without affecting service delivery.

§ 05 How long we keep it

Retention is short by design. The longer your data sits on our servers, the larger the risk surface — so we delete on a schedule.

Uploaded documentUp to 30 days from delivery. After that, the file is permanently deleted from working servers; encrypted backups roll out within 7 additional days.
Delivered report / rewriteUp to 30 days from delivery in the dashboard. You can re-download or request fresh copies during this window.
Order metadata & invoice7 financial years, as required by Indian tax law. Stored separately from document content.
Communications2 years from order completion. Useful for repeat clients; you can request earlier deletion.
Server logs90 days, then auto-rotated.
Marketing listUntil you unsubscribe, or 24 months of inactivity — whichever is sooner.

If you ask us in writing to delete your document immediately after delivery, we will do so within 48 hours and confirm the deletion by email. Order metadata required for tax compliance is kept separately and is not subject to deletion requests.

§ 06 Who we share with

Your document is handled by the smallest possible circle: the desk that takes the order, the subject expert who works on it, and the QA reviewer. Outside that circle, the following processors may receive limited data — and only the data they need.

Razorpay / Stripe / PayPalPayment processing. Receives amount and order ID; not the document.
Drillbit, Turnitin, iThenticateFor similarity-report orders, the document is submitted to the chosen tool's checker. Submission-only — no archival, no inclusion in their repository.
Cloud hosting (AWS Mumbai)Encrypted storage of the working files. Data does not leave the Asia-Pacific region.
Email delivery (Postmark)Transactional email — order confirmations, delivery notices.
Indian tax authoritiesGST returns and statutory filings — only invoice metadata, never document content.

Every processor is bound by a written agreement requiring the same confidentiality, security, and retention standards we hold ourselves to. We do not sell or rent personal data to anyone, ever.

§ 07 Security

We follow industry-standard practices proportionate to the sensitivity of an unpublished thesis or research paper.

  • HTTPS everywhere (TLS 1.3); HSTS preload on the marketing site and dashboard.
  • Documents encrypted at rest (AES-256) on AWS S3, Mumbai region.
  • Two-factor authentication on every staff account; access logged and reviewed monthly.
  • Subject experts download files through a watermarked viewer where feasible; downloaded copies are deleted from local devices within 7 days of order closure.
  • Quarterly internal audit of access logs, retention compliance, and inactive accounts.
  • Annual external review of infrastructure and code.

No system is unbreachable. If we ever discover a breach involving your data, we will notify you and the relevant Indian Data Protection Board within 72 hours of becoming aware, with the information required by §8 of the DPDP Act.

§ 08 Cookies

We use a small number of cookies. None of them are used to build an advertising profile of you.

Strictly necessarySession, login, CSRF protection, language preference. The site does not work without these.
PreferenceRemembers your last-used service in the calculator, your dashboard view density. Set on first interaction.
AnalyticsFirst-party Plausible analytics. No cross-site tracking, no fingerprinting, no IP storage.

You can clear cookies in your browser at any time. Doing so will sign you out of the dashboard and reset your preferences but will not affect your orders.

§ 09 Your rights

Under the DPDP Act and applicable foreign laws (GDPR for EU residents, CCPA for California residents), you have the following rights with respect to data we hold about you.

  • Access. Receive a copy of the personal data we hold about you, in a portable format, within 30 days of request.
  • Correction. Ask us to correct inaccurate or incomplete data.
  • Erasure. Ask us to delete your data, subject to retention required by law (invoices, GST records).
  • Restriction. Ask us to pause certain types of processing while a complaint is being resolved.
  • Withdraw consent. Where we process on consent (newsletters, testimonials), you can withdraw at any time.
  • Grievance. If you are unhappy with our handling, you may write to the Data Protection Officer (below) and, failing satisfaction, to the Data Protection Board of India.

To exercise any of these rights, email privacy@researchexperts.in from the address on file. We may ask one verifying question to confirm identity before we act.

§ 10 Children

Our services are intended for university-level students, research scholars, faculty, and working professionals — people who are 18 or older. We do not knowingly accept submissions from minors. If we learn that a person under 18 has submitted a document or registered for the dashboard without verifiable parental consent, we will close the account and delete the data.

§ 11 International transfers

Our infrastructure is hosted in the AWS Mumbai region (ap-south-1) and your document does not leave India in the ordinary course. Email transit may pass through servers outside India; we use providers that contractually commit to GDPR-equivalent safeguards. If you require strict data-residency for a sensitive draft, tell us at submission and we will confirm the handling in writing.

§ 12 Changes to this policy

We update this policy as the service and the law evolve. The "Effective" date and version number at the top of the page change with every update. Material changes — anything that broadens what we collect or who we share it with — are notified to active dashboard users by email at least 14 days before they take effect, with a link to the previous version.

The current version is always at researchexperts.in/privacy-policy. Continued use of the service after the effective date constitutes acceptance of the updated policy.

§ 13 Contact & grievance officer

For privacy questions, data-subject requests, or formal grievances under §10 of the DPDP Act, write to:

Data Protection Officerprivacy@researchexperts.in · usually responds within 1 working day; statutory deadline is 30 days.
PostalResearch Experts · Sector 70 · Mohali · Punjab 160071 · India
Phone (general)+91 896-857-2273 · Mon–Sat · 09:00–21:00 IST

If our response does not satisfy you, you may approach the Data Protection Board of India under §27 of the DPDP Act, 2023.

Questions about this document?

Mail the desk and we'll respond within one working day. For urgent queries on an active order, the order-thread reply is faster than this address.

help@researchexperts.in +91 896-857-2273 Mon–Sat · 09:00–21:00 IST
Also in legal Privacy Policy Refund Policy Terms & Conditions