Legal & Compliance

This Compliance Check Policy outlines the legal, regulatory, and ethical standards that GotIt must adhere to when operating as an online tutoring platform. It ensures that all platform policies including the Terms & Conditions, Privacy Policy, Tutor Agreement, User Agreement and Dispute Resolution Framework are in full compliance with local and international laws. This policy applies to: • The Company – Raise the Bar LLP & GotIt • Tutors & Learners using the platform • Third-party vendors handling data, payments, or services

Our policies comply with: • General Data Protection Regulation (GDPR) - EU Data protection, user rights, breach notification • Indian Information Technology Act, 2000 (IT Act) & IT Rules, 2021 - India Data security, intermediary rules, cyber law compliance • Children's Online Privacy Protection Act (COPPA) - USA Protection of minors' data • Payment Card Industry Data Security Standard (PCI-DSS) - Global Secure payment processing • Intellectual Property Laws - Global Protection of digital content • Consumer Protection Laws (Consumer Protection Act, 2019) - India Fair service terms, refund policies

GDPR & IT Act Compliance: • Obtain explicit user consent for data collection • Provide a clear Privacy Policy explaining data usage • Allow users to access, modify, or delete their data • Encrypt sensitive data in transit and at rest Data Breach Protocol: • Notify users within 72 hours of any data breach (GDPR requirement) • Conduct cybersecurity audits every 6 months Children's Privacy: • No collection of data from users under 13 without parental consent • Tutors cannot contact minors directly outside the platform

User Rights & Responsibilities: • Clearly outlined acceptable and prohibited behavior • Transparent dispute resolution mechanism Payment Terms & Refund Policy: • Fair refund & cancellation policies under consumer protection laws • Compliance with PCI-DSS for secure transactions Tutor Agreement & Employment Laws: • Clear payment structure, commission, and responsibilities • Confidentiality & Non-Compete Clauses • Strict policies against harassment under POSH • Anonymous reporting system for misconduct

Dispute Resolution Framework: • Mediation or arbitration before legal proceedings • Clearly defined governing law & jurisdiction Compliance with Law Enforcement: • Respond to legal requests while protecting user privacy • Maintain data logs for 12 months (as required by IT Rules, 2021) Non-Compliance Consequences: • Account suspension for policy violations • Permanent ban for tutors breaching contracts • Legal action for serious data violations