This Privacy Policy is published in compliance with the provisions of the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the Digital Personal Data Protection Act, 2023 (DPDP Act).

This Policy governs the collection, storage, processing, use, disclosure, and protection of personal data of users (“Users”, “You”, “Your”) who access or use our website, platform, courses, and services (“Platform”, “Services”, “We”, “Us”, “Our”).

By accessing or using our Platform, you expressly consent to the collection and processing of your personal data in accordance with this Privacy Policy.

1. Categories of Information Collected

We may collect the following categories of information:

A. Personal Data

• Full name
• Email address
• Mobile number

B. Sensitive Personal Data or Information (SPDI)

(as defined under the IT Rules, 2011)

Payment-related information (processed through secure third-party payment gateways)

Note: We do not store sensitive payment credentials such as card numbers, CVV, or banking passwords.

C. Technical & Device Information

• IP address
• Browser type and version
• Device identifiers
• Operating system
• Login timestamps

D. Usage & Platform Activity Data

• Course enrollments
• Progress and completion status
• Login frequency
• Interaction with course content, assessments, and resources

2. Purpose of Data Collection & Processing

Personal data is collected and processed strictly for lawful purposes, including but not limited to:

• Providing access to courses, learning material, and services.
• Creating and managing user accounts.
• Processing payments and issuing confirmations.
• Sending transactional, service-related, and support communications.
• Improving platform functionality, content quality, and user experience.
• Maintaining system security and preventing fraud or misuse.
• Issuing certificates or confirmations where applicable.
• Complying with statutory, regulatory, and legal obligations.

Data is processed only to the extent necessary and proportionate to fulfill the stated purposes.

3. Lawful Basis of Processing (DPDP Act, 2023)

We process personal data based on the following lawful grounds:

• Consent provided explicitly or implicitly by the User.
• Performance of a contract or service requested by the User.
• Compliance with legal obligations under applicable Indian laws.
• Legitimate uses as permitted under the DPDP Act, 2023.

Users may withdraw consent where applicable, subject to legal and operational limitations.

4. Data Storage & Retention

• Personal data is retained only for as long as required to fulfill the purposes stated in this Policy or to comply with applicable laws.
• Upon completion of the purpose or withdrawal of consent (where permissible), data shall be deleted or anonymized unless retention is required by law.
• Certain data may be retained for audit, taxation, dispute resolution, or regulatory compliance purposes.

5. Reasonable Security Practices

In accordance with Section 43A of the IT Act and the IT Rules, 2011, we implement reasonable security practices, including:

• Secure server infrastructure
• Access controls and authentication mechanisms
• Encryption where applicable
• Periodic security reviews and monitoring

However, Users acknowledge that no digital system can guarantee absolute security, and transmission of data over the internet is subject to inherent risks.

6. Disclosure & Third-Party Sharing

We do not sell, rent, or commercially exploit personal data.

Personal data may be disclosed only to:

• Payment gateway providers
• Communication and email service providers
• Cloud hosting and analytics providers
• Government agencies, courts, or regulatory authorities when required under law.

All third-party processors are contractually obligated to implement appropriate data protection safeguards.

7. Cookies & Tracking Technologies

We may use cookies or similar technologies to:

• Enhance platform usability.
• Analyze traffic and usage trends.
• Improve performance and content delivery.

Users may disable cookies through browser settings; however, certain features of the Platform may not function optimally as a result.

8. User Rights (DPDP Act, 2023)

Users, as Data Principals, have the right to:

• Access information about personal data processed.
• Request correction or updating of inaccurate data.
• Request deletion of personal data, subject to legal obligations.
• Withdraw consent for data processing (where applicable).
• Raise grievances regarding data handling.

Requests shall be addressed within a reasonable timeframe in accordance with applicable laws.

9. Grievance Redressal Mechanism

In compliance with the IT Act and DPDP Act, we have designated a Grievance Officer.

Users may raise concerns or complaints regarding data protection or privacy through official communication channels provided on the website.

All grievances shall be acknowledged and resolved within the statutory timelines.

10. Cross-Border Data Transfer

Where required, personal data may be processed or stored outside India, subject to compliance with applicable laws and safeguards as prescribed under Indian data protection regulations.

11. Changes to Privacy Policy

We reserve the right to amend or update this Privacy Policy at any time to reflect changes in legal, regulatory, or operational requirements.

Continued use of the Platform after such updates shall constitute acceptance of the revised Policy.

12. Contact & Acceptance

By accessing or using our Platform, you acknowledge that you have read, understood, and agreed to this Privacy Policy.