Privacy Policy

Anshumat Foundation > Privacy Policy

Effective Date: 27/12/2024
Last Updated: 27/12/2024

1. Preamble

1.1 Anshumat Foundation (“Anshumat”, “we”, “our”, or “us”) is a registered not-for-profit company incorporated under Section 8 of the Companies Act, 2013, bearing CIN: U88900WB2024NPL275378, License No.: 162880, and DARPAN Registration No.: WB/2025/0487412, with its registered office at Bonsol, Durgapur-Faridpur, Paschim Bardhaman, West Bengal – 713363, India.

1.2 Our vision is to Educate, Employ, and Empower. We deliver initiatives in education, skill development, mentorship, employment, financial literacy, and community empowerment.

1.3 This Privacy Policy (“Policy”) sets out the practices followed by Anshumat Foundation regarding the collection, use, processing, storage, disclosure, and protection of personal data and sensitive personal data entrusted to us.

1.4 This Policy is framed in compliance with the Information Technology Act, 2000, the Digital Personal Data Protection Act, 2023 (DPDPA), the Income Tax Act, 1961, the Companies Act, 2013, and other applicable Indian laws, as well as international frameworks such as the General Data Protection Regulation (GDPR) where applicable.

2. Definitions

For the purposes of this Policy:

2.1 “Personal Data” means any information relating to an identified or identifiable natural person, including name, contact details, Aadhaar, PAN, bank details, salary, tax filings, investment information, or other identifiers.

2.2 “Sensitive Personal Data” includes government-issued IDs, financial records, salary slips, tax details, investment portfolios, caste/income-related data, and other categories defined under law.

2.3 “Data Principal” / “User” / “You” refers to the individual whose personal data is collected or processed.

2.4 “Data Fiduciary” refers to Anshumat Foundation, which determines the purpose and means of processing.

2.5 “Processing” means any operation performed on data, such as collection, recording, storage, analysis, use, disclosure, or deletion.

2.6 “Third Parties” means service providers, vendors, payment gateways, auditors, or partner institutions engaged to facilitate services.

2.7 “Services” means all programs, initiatives, campaigns, digital platforms, mentorship/job portals, financial empowerment tools, donation portals, training modules, and offline activities of Anshumat.

2.8 “Donor” means any individual or entity contributing funds, goods, or services to the Foundation.

2.9 “Sponsorship” means financial or in-kind support extended by corporations, institutions, or individuals for specific programs or initiatives.

2.10 “Volunteer” means any individual offering time, skills, or services without monetary compensation.

2.11 “Beneficiary” means any individual, group, or community receiving support, services, or opportunities from the Foundation.

2.12 “License” means the limited, non-exclusive, non-transferable right granted by Anshumat to use its content or services for personal and non-commercial purposes.

2.13 “Child/Minor” means any person under 18 years in India or such higher threshold where required (e.g., 16 years under GDPR).

2.14 “Applicable Law” includes the IT Act, 2000; DPDPA 2023; Companies Act, 2013; Income Tax Act, 1961 (including Section 80G); and international data protection regulations.

3. Information We Collect

3.1 Personal Information such as name, date of birth, gender, nationality, email, phone number, and postal address.

3.2 Educational/Professional Information such as resumes, qualifications, employment details, mentorship records, and job applications.

3.3 Financial Information such as salary details (CTC breakdown, payslips, allowances, deductions), tax details (PAN, filings, exemptions), investment details (preferences, portfolio data), and bank/payment details (processed only through secure gateways).

3.4 Program Participation Data such as beneficiary assessments, mentor-student matching, training feedback, and survey responses.

3.5 Technical Data such as device identifiers, IP addresses, browser types, geolocation (where consented), cookies, SDKs, logs, crash/error reports, and referral URLs.

3.6 Sensitive Data such as Aadhaar, PAN, caste/income details, or other demographic information where required by law, funding compliance, or program eligibility.

4. Legal Basis for Processing

4.1 Processing is carried out under the following lawful bases:

  • Consent: explicit and informed approval provided by the user.
  • Contractual necessity: required to provide program services or financial tools.
  • Legal obligation: compliance with statutory or regulatory requirements.
  • Legitimate interest: research, safeguarding, improving services, or preventing fraud.

5. Use of Information

5.1 Personal and financial data may be used to:

  • Deliver educational, mentorship, employment, and empowerment programs.
  • Provide salary benchmarking, tax literacy, and financial planning tools.
  • Process donations, stipends, scholarships, and tax receipts.
  • Send newsletters, program updates, and surveys.
  • Conduct impact studies, research, and compliance reporting.
  • Maintain safety, prevent misuse, and secure systems.

6. Log Files and Analytics

6.1 We maintain log files including IP addresses, browser types, ISPs, referring/exit pages, and usage patterns.

6.2 We use analytics tools (e.g., Google Analytics, plausible.io) for aggregated and anonymized insights.

6.3 Security services (e.g., Cloudflare) may use cookies strictly for protection against malicious activity.

6.4 We do not use cookies for targeted advertising without user consent.

7. Sharing of Information

7.1 We do not sell or rent personal information.

7.2 Data may be shared with:

  • Service providers such as IT vendors, cloud hosts, or payment gateways.
  • Program partners such as corporates, recruiters, NGOs, and government entities.
  • Regulators or law enforcement where disclosure is legally mandated.
  • Third parties with explicit user consent, e.g., recruiters receiving CVs.

8. Confidentiality

8.1 All data is treated as confidential and disclosed only to authorized staff or partners bound by confidentiality obligations.

8.2 Unauthorized disclosure may result in disciplinary or legal action.

9. Data Retention

9.1 Financial data is retained for statutory periods under the Income Tax Act or donor compliance obligations.

9.2 Program data is retained for the duration of engagement or as required for reporting.

9.3 Technical logs are retained for security and analytics for limited timeframes.

9.4 Data no longer needed will be securely deleted or anonymized.

10. Children’s Privacy

10.1 We do not knowingly collect salary, tax, or investment data from persons under 18 years.

10.2 Parental/guardian consent is required for minors in programs.

10.3 Another part of our priority is adding protection for children while using the internet. We encourage parents and guardians to observe, participate in, and/or monitor and guide their online activity.

10.4 Parents/guardians may request correction or deletion of a minor’s data.

11. Security Measures

11.1 We adopt technical and organizational safeguards including SSL/TLS encryption, PCI-DSS compliant gateways, secure servers, firewalls, and access control.

11.2 We conduct audits and monitoring to prevent unauthorized access or misuse.

12. External Links

12.1 Our websites or apps may contain links to third-party platforms.

12.2 We are not responsible for their practices. Users should review third-party policies before use.

13. Automated Decision-Making

13.1 Anshumat Foundation does not use automated decision-making or profiling that produces legal or significant effects.

14. User Responsibilities

14.1 Users must safeguard their accounts by using strong passwords, logging out after sessions, and not sharing login credentials.

14.2 Anshumat is not responsible for breaches arising from user negligence.

15. Research, Surveys, and Impact Assessments

15.1 We may use anonymized or aggregated data for research, advocacy, and program evaluation.

15.2 Participation in surveys is voluntary, and identifiable data will not be disclosed without consent.

16. Your Rights

16.1 Under DPDPA, GDPR, and other laws, you have the right to:

  • Access your personal data.
  • Rectify inaccuracies.
  • Request erasure (“right to be forgotten”).
  • Restrict or object to processing.
  • Request data portability.
  • Withdraw consent at any time.

16.2 Requests should be sent to legal@anshumat.org and will be addressed within 7 working days.

17. International Data Transfers

17.1 Data may be transferred outside India only to jurisdictions with adequate safeguards in line with DPDPA and GDPR.

18. Copyright Policy

18.1 All materials, publications, logos, apps, and digital assets are protected under the Copyright Act, 1957.

18.2 Unauthorized reproduction, modification, or distribution is prohibited.

18.3 Limited personal or educational use is permitted with attribution.

18.4 Violations may lead to legal proceedings.

19. Changes to Policy

19.1 This Policy may be updated periodically.

19.2 Updates will be posted with a revised Effective Date, and material changes will be highlighted where feasible.

20. Contact and Grievance Redressal

Grievance Officer / Data Protection Officer (DPO):
📧 Email: legal@anshumat.org
📍 Address: Bonsol, Durgapur-Faridpur, Paschim Bardhaman, West Bengal – 713363, India
📑 CIN: U88900WB2024NPL275378
📑 DARPAN Registration: WB/2025/0487412
📑 Section 8 License No.: 162880
⏰ Response Timeline: 7 working days (as per DPDPA 2023)

21. Acceptance of Terms

By using our websites, apps, portals, donation services, and financial empowerment tools, you acknowledge that you have read, understood, and agreed to this Privacy Policy.