Unlimited Quiz

Search

Popular Searches

Privacy Policy

Your privacy is important to us. This policy explains how we collect, use, and protect your personal information.

Effective: February 18, 2025 Updated: February 18, 2025

Introduction

This Privacy Policy describes the practices of Celestiq Insights (OPC) Pvt Ltd ("Company", "we", "us", or "our") regarding the collection, use, disclosure, and protection of personal data when you use the Unlimited Quiz platform ("Service") accessible at unlimitedquiz.com.

By accessing or using our Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with the practices described herein, please do not use our Service.

This policy complies with the Digital Personal Data Protection Act, 2023 (DPDPA) of India, the General Data Protection Regulation (GDPR) of the European Union, and the California Consumer Privacy Act (CCPA) of the United States.

Celestiq Insights (OPC) Pvt Ltd
Data Controller
Bangalore, Karnataka, India
Location
support@unlimitedquiz.com
Email
EdTech
Sector

Information We Collect

We collect the following categories of personal data when you interact with our Service:

Section 01

Account Information

When you create an account, we collect information necessary to provide you with our Service.

Email Registration: Full Name, Email Address, and Password. Your password is secured using hybrid encryption (Scrypt + RSA) and is never stored in plain text.

Google Sign-In: If you choose to sign in with Google, we receive your Name, Email Address, Google Account ID, and Profile Picture URL from Google's OAuth service. We do not receive or store your Google password.

Session Data: Upon successful authentication, we create a secure session to maintain your login state.

Section 02

Usage Data

We automatically collect certain information about how you interact with our Service to improve user experience and platform performance.

Quiz Interactions: Quiz completion data, scores, and performance metrics to provide you with results and track your progress.

Navigation Data: Pages visited, features used, and general interaction patterns collected through Google Analytics (GA4).

Locale Preference: Your selected country/language preference to serve content relevant to your region.

Section 03

Technical Data

Certain technical information is collected automatically for security and service delivery purposes.

IP Address: Used exclusively for rate limiting (to prevent abuse of signup and login endpoints) and approximate geolocation for locale detection. We do not store IP addresses for profiling or tracking purposes.

Device & Browser Information: Collected by Google Analytics (GA4), including browser type, operating system, screen resolution, and referring URLs. This data is processed by Google under their own privacy policy.

Cookies & Tracking Technologies

We use cookies to provide essential functionality and improve your experience. Below is a complete list of cookies used by our Service:

auth_session Essential

Maintains your login state after authentication. Required for the Service to function for logged-in users.

Session / 30 days
user_choice Functional

Stores your selected country/locale preference so we can serve content in your preferred language and region.

1 year
geo_country Functional

Stores your auto-detected country based on your approximate location to suggest the most relevant locale.

1 year
google_oauth_state Essential

Temporary security token used during Google Sign-In to prevent cross-site request forgery (CSRF) attacks.

Deleted after login
google_code_verifier Essential

Temporary PKCE code verifier used during Google Sign-In for secure authorization code exchange.

Deleted after login
_ga, _ga_* Analytics

Set by Google Analytics (GA4) to measure how you interact with our Service. Subject to Google Consent Mode v2 — analytics cookies are only activated upon your consent where required by law.

Up to 2 years

We do not use any advertising cookies or tracking pixels. Google Analytics operates under Google Consent Mode v2, meaning analytics data collection respects your consent preferences in jurisdictions where consent is legally required.

How We Use Your Information

We process your personal data only for the following specific purposes:

01

Service Delivery

To create and manage your account, authenticate your identity, deliver quizzes, track your progress, and provide personalised quiz results.

02

Service Improvement

To analyse aggregated, anonymised usage patterns through Google Analytics to understand how users interact with our platform and improve functionality, content, and user experience.

03

Security & Abuse Prevention

To implement rate limiting on authentication endpoints using IP addresses, preventing brute-force attacks, bot spam, and other forms of abuse.

04

Communication

To respond to your support inquiries, account deletion requests, and other communications you initiate via our support email.

05

Legal Compliance

To comply with applicable laws, regulations, legal processes, or enforceable governmental requests.

Legal Basis for Processing

Under GDPR and DPDPA 2023, we process your data based on the following legal grounds:

Consent: You provide explicit consent when creating an account and agreeing to this Privacy Policy. For analytics cookies, consent is obtained through Google Consent Mode v2 where legally required.

Contractual Necessity: Processing is necessary to deliver the Service you have requested (e.g., account creation, quiz delivery, score tracking).

Legitimate Interest: We have a legitimate interest in preventing abuse and fraud through rate limiting, and in understanding aggregate platform usage for improvement.

Legal Obligation: We process data as required to comply with applicable laws and regulations.

Third-Party Services

We use a limited number of trusted third-party service providers to operate our platform. We do not sell, rent, or trade your personal data to any third party.

Google (OAuth & Analytics)

We use Google OAuth 2.0 for optional sign-in functionality and Google Analytics 4 (GA4) with Consent Mode v2 for anonymised usage analytics. Google processes data under their own Privacy Policy.

https://policies.google.com/privacy

Cloudflare (Hosting & Database)

Our Service is hosted on Cloudflare's global network. User data is stored in Cloudflare D1 databases with automatic location detection, meaning your data is served from the nearest available region for optimal performance. Cloudflare processes data under their own Privacy Policy.

https://www.cloudflare.com/privacypolicy/

We do not sell your personal information. We do not share your personal data with third parties for their own marketing purposes. We do not engage in cross-context behavioural advertising.

Data Storage & International Transfers

Your data is stored in Cloudflare D1 databases, which use automatic location detection to serve data from the nearest available region. This means your data may be stored and processed in different jurisdictions depending on your geographic location.

Where data is transferred across borders, such transfers are protected by Cloudflare's data processing agreements and standard contractual clauses that ensure an adequate level of protection in compliance with GDPR and DPDPA 2023.

We do not maintain our own physical servers. All infrastructure is provided by Cloudflare, a globally recognised provider with comprehensive security certifications.

Your Data Rights

Depending on your jurisdiction, you have the following rights regarding your personal data:

Right to Correction

You have the right to request correction of any inaccurate or incomplete personal data.

Right to Deletion

You have the right to request complete deletion of your account and all associated personal data. Upon receiving your request, we will permanently delete all your information without retaining any data intentionally.

Right to Object

You have the right to object to the processing of your personal data for specific purposes, including analytics.

Right to Withdraw Consent

Where processing is based on consent, you may withdraw your consent at any time. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal.

To exercise any of these rights, please contact us at support@unlimitedquiz.com. We will respond to your request within 30 days, as required by applicable law.
California Residents (CCPA): You have the right to know what personal information we collect, to request deletion, and to opt out of the sale of personal information. We do not sell personal information. You will not receive discriminatory treatment for exercising your CCPA rights.
Indian Residents (DPDPA 2023): As a Data Principal, you have the right to access, correct, and erase your personal data. You may also nominate another person to exercise your rights in case of death or incapacity. For grievances, contact our Grievance Officer at the email address provided below.

Children's Privacy

Our Service provides educational and informational content suitable for users of all ages. The content served on our platform adheres to Google AdSense content guidelines.

We do not knowingly collect personal data from children under the age of 13 without verifiable parental consent. If we become aware that we have collected personal data from a child under 13 without appropriate consent, we will take immediate steps to delete that information.

If you are a parent or guardian and believe your child has provided us with personal data, please contact us at support@unlimitedquiz.com and we will promptly remove the information.

Data Retention

We retain your personal data only for as long as necessary to provide the Service and fulfil the purposes described in this Privacy Policy.

When you request account deletion, we will permanently delete all your personal data, including your name, email, authentication credentials, quiz history, and any associated records. We do not intentionally retain any personal information after a deletion request has been processed.

Anonymised, aggregated analytics data (which cannot be used to identify you) may be retained for service improvement purposes.

Security Measures

We implement reasonable and appropriate technical and organisational measures to protect your personal data:

Password Encryption: Passwords are secured using hybrid encryption (Scrypt for hashing + RSA for key management) and are never stored in plain text.

HTTPS Encryption: All data transmitted between your browser and our servers is encrypted using TLS/SSL (HTTPS).

Rate Limiting: Authentication endpoints are protected by IP-based rate limiting to prevent brute-force attacks and automated abuse.

Secure OAuth: Google Sign-In uses PKCE (Proof Key for Code Exchange) with state parameters to prevent CSRF and authorization code interception attacks.

Data Minimisation: We collect only the data that is strictly necessary for the operation of our Service.

While we employ industry-standard security measures, no method of electronic storage or transmission over the internet is 100% secure. We cannot guarantee absolute security, but we are committed to protecting your data to the best of our ability.

Third-Party Links & Social Media

Our Service may contain links to third-party websites and social media platforms. These external sites operate under their own privacy policies and terms of service.

We are not responsible for the privacy practices, content, or data collection methods of any third-party websites or social media platforms. We encourage you to review the privacy policies of any external sites you visit.

Any information you provide to or interactions you have on third-party platforms are governed solely by those platforms' policies, and we bear no liability for their practices.

Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time. When we make material changes, we will update the "Last Updated" date at the top of this page.

We encourage you to review this Privacy Policy periodically. Your continued use of the Service after any changes constitutes your acceptance of the updated Privacy Policy.

For significant material changes that substantially affect how we process your data, we will make reasonable efforts to notify you through the Service or via the email address associated with your account.

Grievance Officer & Contact

In accordance with the Digital Personal Data Protection Act, 2023 (DPDPA) and Information Technology Act, 2000, the Grievance Officer for Unlimited Quiz is reachable at:

Celestiq Insights (OPC) Pvt Ltd

Bangalore, Karnataka, India

support@unlimitedquiz.com

We will acknowledge your grievance within 24 hours and resolve it within 30 days from the date of receipt, as per applicable laws.

© 2026 Unlimited Quiz. All rights reserved.

Welcome Back

Please enter a valid email
Password is required
Forgot Password?
OR Google Sign In
Name is required
Please enter a valid email
Password must be at least 8 characters
Passwords do not match
OR Google Sign Up

Complete these steps to secure your account.

1
First Pet

What was the name of your first pet?

0/25
2
City of Birth

What city were you born in?

0/25
3
Mother's Maiden Name

What is your mother's maiden name?

0/25
  • Only letters, numbers, and spaces allowed.
  • Answers are case-insensitive.

Enter your email and answer your security questions to reset your password.

Security Questions

Create Your Custom Quiz

Give your quiz a unique, descriptive name
Select Categories (Mix & Match) *
Select at least one category.