Privacy Policy
This Privacy Policy explains how Engineering Notes (bipinlamsal11.com.np) collects, uses, stores, and protects your personal data when you use our services.
Effective Date: 26 January 2026
1. Definitions
“Service”, “Website” and “Platform” refer to bipinlamsal11.com.np. “Personal Data” means any information relating to an identified or identifiable natural person (e.g., name, email, payment reference). “Controller” refers to Engineering Notes, which determines how and why personal data is processed.
2. Information We Collect
We collect data you provide directly (name, email, contact number), payment-related information (payment reference, payment method), account identifiers (username, hashed password), and usage/technical data (IP address, device/browser type, timestamps, session logs). We may also collect anonymous analytics data for performance and product improvement.
3. Lawful Basis for Processing
We process personal data to perform the contract (fulfill subscriptions and access), to comply with legal obligations, and for our legitimate interests (fraud prevention, security, service improvement). Where required by applicable law, we will obtain your consent for specific processing activities (e.g., marketing emails).
4. Payments & Financial Data
We do not store full payment card details on our servers. Payment processing is handled by third-party payment processors (e.g., eSewa, banks) who collect and store payment card details in accordance with their own terms. We retain payment references and transaction metadata to validate purchases, support receipts, and handle disputes. Note: we maintain a strict NO-REFUND policy; payment metadata is used to identify purchases and enforce service terms.
5. Anti-Fraud, Account Sharing & Monitoring
To protect users and our business, we monitor sessions and login activity to detect simultaneous logins or credential sharing. If suspicious activity is detected (e.g., concurrent sessions from different locations), we may suspend access while we investigate. Information used in investigations may include IP addresses, device fingerprints, timestamps, and account activity logs.
6. Cookies & Similar Technologies
We use cookies and similar technologies for session management, fraud prevention, analytics, and basic personalization. You can disable cookies via your browser, but doing so may prevent you from using essential features (login, payments). Third-party analytics providers may also use cookies as described in their privacy documents.
7. Third Parties & Data Sharing
We do not sell personal data. We share data only with trusted service providers when necessary to operate the Service (payment processors, email/SMS providers, analytics, hosting providers). We may disclose data when required by law (court order, regulatory request) or to protect safety, rights, or property.
8. International Transfers
Some processors or service providers may transfer or store data outside Nepal. When we transfer data internationally, we use appropriate safeguards required by applicable law (e.g., data processing agreements, secure processors).
9. Data Retention
We retain personal data only as long as necessary for the purposes described (e.g., to provide access, for accounting and tax obligations, fraud prevention, legal requirements). Typical retention windows: account data — retained while account is active + up to 3 years after closure for legal/audit; payment transaction logs — retained for 7 years for accounting and tax compliance (or the jurisdictional minimum).
10. Your Rights
Depending on your jurisdiction, you may have rights to: access, correct, update, or delete your personal data; object to or restrict processing; request data portability; withdraw consent where processing is based on consent. To exercise rights, contact us at the support email below. We will verify requests to protect your account and respond within a reasonable timeframe.
11. Security Measures
We implement reasonable technical and organizational safeguards (encryption in transit, secure hosting, principle of least privilege, regular backups, and vulnerability monitoring). However, no system is completely secure; we cannot guarantee absolute security. In the event of a data breach, we will follow applicable law for notification and remediation.
12. Children’s Privacy
Our Service is not intended for children under 16. We do not knowingly collect personal data from children without parental consent. If you believe we have collected data of a child in violation of this policy, contact us and we will take steps to remove that data.
13. Data Breach Notification
If we become aware of a data breach affecting personal data, we will assess the impact and notify affected users and regulators as required by law. We will provide recommended next steps and mitigation guidance to affected individuals.
14. Links to Other Sites
Our site may contain links to third-party websites. We are not responsible for their privacy practices – please review their policies directly before providing personal information.
15. Contact & Data Protection Officer
For privacy inquiries, to exercise your rights, or to request data deletion, contact: email. If you have a designated Data Protection Officer (DPO), list the DPO contact here.
16. Changes to this Policy
We may update this policy to reflect legal or operational changes. Substantial changes will be posted with an updated effective date. Your continued use of our Service after publication constitutes acceptance of the revised policy.
17. Governing Law
This policy and any dispute related to it are governed by the laws of Nepal. Disputes will be resolved in the courts of Kathmandu unless otherwise agreed in writing.
🔄 Last reviewed: 26 January 2026