Privacy Policy
Last Updated: December 2024
Introduction
D.A.D.A. Foundation ("we," "us," "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information in compliance with the Information Technology Act, 2000, IT Rules 2011, and Digital Personal Data Protection Act, 2023.
Information We Collect
Personal Data Categories:
- Identity Data: Name, date of birth, gender, photographs
- Contact Data: Address, email, phone number
- Professional Data: Organization, designation, qualifications
- Financial Data: Bank details (for donations/payments)
- Technical Data: IP address, browser type, device information
Sensitive Personal Data (with explicit consent):
- Biometric information (for access control)
- Health information (for training programs)
Purpose of Processing
We process your data for:
- Program applications and management
- Training enrollment and certification
- Partnership and collaboration management
- Donation processing and tax receipts
- Communication and newsletters
- Legal compliance and reporting
Legal Basis (DPDPA 2023)
We process data based on:
- Your consent (withdrawable at any time)
- Legitimate purposes disclosed at collection
- Legal obligations under applicable laws
- Performance of contracts
Data Sharing
We may share data with:
- Government agencies (as required by law)
- Partner organizations (with consent)
- Service providers (under data processing agreements)
- Auditors and legal advisors (for compliance)
Data Retention
- Application data: 3 years from last interaction
- Training records: 7 years (certification validity)
- Financial records: 8 years (statutory requirement)
- Communication preferences: Until consent withdrawal
Your Rights (Data Principal Rights)
Under DPDPA 2023, you have rights to:
- Access information about your data
- Correct inaccurate or incomplete data
- Erase your personal data
- Withdraw consent at any time
- Nominate a representative
- Grievance redressal
Data Security
We implement:
- Encryption (AES-256 at rest, TLS 1.3 in transit)
- Access controls and authentication
- Regular security audits
- Employee training on data protection
Grievance Officer (DPDPA Section 12)
As per DPDPA 2023, we have designated a Grievance Officer to handle your data-related concerns.
Name
Data Protection Officer
Designation
Compliance Officer
info@dada-foundation.com
Phone
+91 92262 19319 (Toll-Free)
Address
D.A.D.A. Foundation, Shirdi MIDC, Taluka Shirdi, District Ahmednagar, Maharashtra 423109, India
Response Time
Acknowledgment within 24 hours | Resolution within 30 days
Data Breach Notification (DPDPA Section 11)
In the event of a personal data breach that may cause harm to you, we will:
- Notify you within 72 hours of becoming aware of the breach
- Provide a description of the nature of the breach
- Outline the likely consequences of the breach
- Describe the measures taken or proposed to address the breach
Report Breach: If you suspect a data breach, immediately contact info@dada-foundation.com or call +91 92262 19319
How to Exercise Your Rights (DPDPA Section 12)
You can exercise your Data Principal Rights by:
Email Request
Send a written request to:
info@dada-foundation.com
Postal Request
Send to:
Data Protection Officer
D.A.D.A. Foundation
Shirdi MIDC, Maharashtra 423109
Phone Request
Call our helpline:
+91 92262 19319
Processing Time: We will respond to your request within 30 days. For complex requests, this may be extended by an additional 30 days with prior notice.
General Data Protection Queries
info@dada-foundation.com
Phone
+91 92262 19319
Office Hours
Mon-Fri: 9AM - 6PM IST