Privacy Policy

Effective Date: 4-6-2025

Privacy Policy for Dattu sir Academy Summary:

This document outlines a comprehensive Privacy Policy for Dattu sir Academy, designed to comply with India’s Digital Personal Data Protection Act, 2023 (DPDPA 2023), the Information Technology Act, 2000, and the SPDI Rules 2011.

Key points include:

  • Scope: The policy covers the collection, use, processing, sharing, and protection of Personal Data of users accessing the website dattusiracademy.com and its services.
  • Definitions: It defines key terms such as “Personal Data,” “Digital Personal Data,” “Processing,” “Data Fiduciary,” “Data Principal,” “Child” (under 18), and “Consent,” aligning with DPDPA 2023 terminology.
  • Data Collection: It details the types of information collected, including information provided directly by users (account registration, payment info, communications), information collected automatically (log files, usage data, cookies), and information of children (with parental consent).
  • Use of Information: Personal Data is collected and processed for specific, legitimate purposes such as providing services, processing transactions, communication, personalization, marketing (with consent), security, and legal compliance.
  • Lawful Basis for Processing: Primarily relies on explicit consent from the Data Principal, with limited reliance on “deemed consent” in specific legal scenarios.
  • Cookies and Tracking: Discusses the use of cookies and similar technologies, requiring user consent for non-essential cookies.
  • Data Sharing: Describes limited circumstances where data may be shared (with service providers, instructors, for legal reasons, etc.), emphasizing contractual obligations and no sale of Personal Data.
  • Data Security: Outlines technical and organizational measures to protect Personal Data, including encryption, access controls, and a data breach response plan.
  • Data Retention: Data is retained only as long as necessary for specified purposes or legal requirements, with provisions for erasure or anonymization.
  • Data Principal Rights: Details the rights of users under DPDPA 2023, including access, correction, erasure, withdrawal of consent, grievance redressal, and nomination.
  • Children’s Data: Emphasizes the need for verifiable parental/guardian consent for collecting and processing children’s data, with limitations on processing.
  • International Data Transfers: Addresses compliance with DPDPA 2023 for cross-border data transfers.
  • Grievance Redressal: Establishes a Grievance Officer and process for handling user complaints and queries.
  • Governing Law: States that the policy is governed by Indian law and jurisdiction.