Privacy Policy

1) Who we are & scope

Arise Society ("we", "us", "our") is a not‑for‑profit society registered under the Societies Registration Act, 1860, operating initiatives such as YUVA SETU and Jalaun Community Library in and around Orai, District Jalaun, Uttar Pradesh, India.
This Privacy Policy applies to our websites, forms, newsletters, donations, events, libraries, training centres, and any other online/offline services that link to or reference this Policy (collectively, the “Services”).
This Policy is designed to align with India’s Digital Personal Data Protection Act, 2023 (DPDP Act) and, where relevant, with the Information Technology Act, 2000 and SPDI Rules, 2011 (as updated). If you are outside India, additional local rights may apply.

2) Key definitions

Personal Data: Any data about an individual who is identifiable by or in relation to such data.
Data Principal: You, the individual to whom Personal Data relates (or your lawful guardian for minors).
Data Fiduciary: Arise Society, which determines purpose and means of processing your Personal Data.
Data Processor: A third party that processes data on our behalf (e.g., payment gateways, email service providers).

3) What data we collect

We collect data in the following categories when you use our Services:
A. Provided by you

Identity & contact: name, photo, postal address, email, phone/WhatsApp, guardian details (for minors)
Registration & academic: age, class/education level, interests, course selections, attendance, assignments, certificates
Donations & payments: transaction amount, mode, last four digits, billing address; we do not store full card/bank details (handled by gateways)
Communications: messages, forms, feedback, emails, support tickets
Media: photos/videos you submit or allow us to capture (with consent; see §10 in T&C)

B. Collected automatically

Device & usage: IP address, browser type, pages viewed, timestamps, referral links
Cookies & similar tech: preferences, session IDs, analytics events (see Cookies, §8)

C. From third parties (as permitted by law)

Payment gateways (status, confirmations)
Messaging/email providers (delivery status)
Training/placement partners (attendance, internship/job status)

Sensitive data: We do not intentionally collect sensitive personal data (e.g., health, biometric, financial credentials) unless required for a specific program and taken with explicit consent and extra safeguards.

4) Why we use your data (Purposes) & legal basis

We process Personal Data for purposes including:

Service delivery: enrollments, event/workshop management, library membership, certificates
Donations & receipts: issuing acknowledgements, 80G receipts (if applicable), compliance reporting
Communications: confirmations, reminders, important updates, changes to schedules/policies
Learning & impact: tracking participation, assessments, placements; anonymized reporting to donors/CSR partners
Safety & security: access control at centres, book/equipment tracking, CCTV at premises for safety (see §9)
Legal compliance: responding to lawful requests, accounting and audit, dispute resolution
Improvement & analytics: website functionality, troubleshooting, aggregated statistics

Legal bases (DPDP principles): Consent, Purpose limitation, Lawful use, Notice, and Legitimate uses (e.g., security, prevention of fraud). Where consent is the basis, you may withdraw consent at any time (see §11).

5) Children & minors

Our Services often support learners under 18. For minors, parent/guardian consent is required for registrations, media, and certain communications.
We do not knowingly collect data from children under 13 without verifiable guardian consent. If you believe a child provided data without consent, contact us (see §13) to remove it.

6) How we share data

We may share Personal Data with:

Service providers/Data Processors: payment gateways, email/SMS/WhatsApp providers, cloud hosting, analytics, form tools
Program partners: training institutes, internship/apprenticeship hosts, placement partners (limited to what is necessary)
Legal authorities: when required by law, court order, or to protect rights, safety, or property
Donors/CSR partners: impact stories and metrics may be shared in anonymized or aggregated form. Identifiable media is used only with consent or blurring.

We do not sell Personal Data.

7) Data retention

We keep Personal Data only as long as necessary for the purposes described, including legal, accounting, or reporting requirements. Typical retention periods:

Enrollment & attendance: program duration + up to 3 years
Donations: up to 8 years (statutory)
Communications & support: up to 2 years
CCTV footage: typically 30–90 days unless required longer for investigations We may retain anonymized data for research and reporting.

8) Cookies & analytics

We use cookies and similar technologies to operate the Sites, remember preferences, and measure usage. You can manage cookies via your browser settings and our cookie banner. Blocking some cookies may affect site functionality.

Analytics: We may use privacy‑respecting analytics platforms to understand traffic patterns. IP addresses may be truncated/pseudonymized where feasible.

9) Security measures

We use administrative, technical, and physical safeguards appropriate to the risk, including role‑based access, encryption in transit (HTTPS), secure payment gateways, and staff training. No method is 100% secure; please use strong passwords and report suspected incidents promptly.

10) Photography, video & CCTV

Events & centres: We may capture photos/videos for documentation and social impact storytelling. We display notices at venues; you may opt out by informing the coordinator, and we will take reasonable steps to accommodate.
CCTV: Installed at certain centres for safety and asset protection. Footage is restricted to authorized personnel and retained per §7.

11) Your rights & choices (Data Principal rights)

Subject to law, you may have the right to:

Access: know what Personal Data we hold about you
Correction/Updation: fix inaccuracies or update contact details
Deletion: request deletion where legally permissible
Consent withdrawal: opt out of specific processing that relies on consent (e.g., marketing communications)
Grievance redressal: file a complaint (see §13)

To exercise your rights, email arisesocietyorai@gmail.com with proof of identity and details of your request. For minors, the request must come from the lawful guardian.

12) Communications preferences

Transactional (enrolment, reminders, receipts): essential; you may not opt out of strictly necessary messages linked to a service you use.
Non‑essential/updates: you can unsubscribe via links in emails or reply STOP for SMS/WhatsApp where supported, or email us to adjust preferences.

13) Complaints, contact & grievance officer

Per DPDP and IT Rules, our Grievance Officer/Data Protection Contact is:

Name: Anubhav Niranjan
Email: arisesocietyorai@gmail.com
Phone: +91‑92783870002
Address: Arise Society, Anubhav Niranjan, 255, Tulsi Nagar, Orai, District Jalaun, Uttar Pradesh, India – 285001
We aim to acknowledge complaints within 72 hours and respond within a reasonable timeframe.
If unresolved, you may escalate under applicable law (e.g., DPDP Board when notified by Government).

14) International data transfers

Our processors may store data outside India (e.g., cloud/email providers). By using the Services, you consent to such transfers, subject to contractual safeguards and lawful mechanisms.

15) Third‑party links & services

Our Sites may link to external sites (e.g., payment gateways, social media). We do not control their privacy practices. Review their policies before sharing data.

16) Changes to this Policy

We may update this Policy to reflect operational, legal, or regulatory changes. The latest version will be posted with a new “Last updated” date. Significant changes may be communicated via email or on‑site notices.

17) Consent

By accessing or using our Services, you consent to the collection, use, and sharing of your Personal Data as described in this Policy. Where required, we will obtain explicit consent (e.g., minors, sensitive data, media).

18) Contact us

Arise Society
255, Tulsi Nagar,
Orai, District Jalaun, Uttar Pradesh, India – 285001
Email: arisesocietyorai@gmail.com | Phone: +91‑9278387002

Privacy Policy

Personal Data: Any data about an individual who is identifiable by or in relation to such data.

Data Principal: You, the individual to whom Personal Data relates (or your lawful guardian for minors).

Data Fiduciary: Arise Society, which determines purpose and means of processing your Personal Data.

Data Processor: A third party that processes data on our behalf (e.g., payment gateways, email service providers).

3) What data we collect We collect data in the following categories when you use our Services: A. Provided by you

Identity & contact: name, photo, postal address, email, phone/WhatsApp, guardian details (for minors)

Registration & academic: age, class/education level, interests, course selections, attendance, assignments, certificates

Donations & payments: transaction amount, mode, last four digits, billing address; we do not store full card/bank details (handled by gateways)

Communications: messages, forms, feedback, emails, support tickets

Media: photos/videos you submit or allow us to capture (with consent; see §10 in T&C)

B. Collected automatically

Device & usage: IP address, browser type, pages viewed, timestamps, referral links

Cookies & similar tech: preferences, session IDs, analytics events (see Cookies, §8)

C. From third parties (as permitted by law)

Payment gateways (status, confirmations)

Messaging/email providers (delivery status)

Training/placement partners (attendance, internship/job status)

Service delivery: enrollments, event/workshop management, library membership, certificates

Donations & receipts: issuing acknowledgements, 80G receipts (if applicable), compliance reporting

Communications: confirmations, reminders, important updates, changes to schedules/policies

Learning & impact: tracking participation, assessments, placements; anonymized reporting to donors/CSR partners

Safety & security: access control at centres, book/equipment tracking, CCTV at premises for safety (see §9)

Legal compliance: responding to lawful requests, accounting and audit, dispute resolution

Improvement & analytics: website functionality, troubleshooting, aggregated statistics

Legal bases (DPDP principles): Consent, Purpose limitation, Lawful use, Notice, and Legitimate uses (e.g., security, prevention of fraud). Where consent is the basis, you may withdraw consent at any time (see §11). 5) Children & minors

Our Services often support learners under 18. For minors, parent/guardian consent is required for registrations, media, and certain communications.

We do not knowingly collect data from children under 13 without verifiable guardian consent. If you believe a child provided data without consent, contact us (see §13) to remove it.

6) How we share data We may share Personal Data with:

Service providers/Data Processors: payment gateways, email/SMS/WhatsApp providers, cloud hosting, analytics, form tools

Program partners: training institutes, internship/apprenticeship hosts, placement partners (limited to what is necessary)

Legal authorities: when required by law, court order, or to protect rights, safety, or property

Donors/CSR partners: impact stories and metrics may be shared in anonymized or aggregated form. Identifiable media is used only with consent or blurring.

We do not sell Personal Data. 7) Data retention We keep Personal Data only as long as necessary for the purposes described, including legal, accounting, or reporting requirements. Typical retention periods:

Enrollment & attendance: program duration + up to 3 years

Donations: up to 8 years (statutory)

Communications & support: up to 2 years

CCTV footage: typically 30–90 days unless required longer for investigations We may retain anonymized data for research and reporting.

8) Cookies & analytics We use cookies and similar technologies to operate the Sites, remember preferences, and measure usage. You can manage cookies via your browser settings and our cookie banner. Blocking some cookies may affect site functionality.

Analytics: We may use privacy‑respecting analytics platforms to understand traffic patterns. IP addresses may be truncated/pseudonymized where feasible.

Events & centres: We may capture photos/videos for documentation and social impact storytelling. We display notices at venues; you may opt out by informing the coordinator, and we will take reasonable steps to accommodate.

CCTV: Installed at certain centres for safety and asset protection. Footage is restricted to authorized personnel and retained per §7.

11) Your rights & choices (Data Principal rights) Subject to law, you may have the right to:

Access: know what Personal Data we hold about you

Correction/Updation: fix inaccuracies or update contact details

Deletion: request deletion where legally permissible

Consent withdrawal: opt out of specific processing that relies on consent (e.g., marketing communications)

Grievance redressal: file a complaint (see §13)

To exercise your rights, email arisesocietyorai@gmail.com with proof of identity and details of your request. For minors, the request must come from the lawful guardian. 12) Communications preferences

Transactional (enrolment, reminders, receipts): essential; you may not opt out of strictly necessary messages linked to a service you use.

Non‑essential/updates: you can unsubscribe via links in emails or reply STOP for SMS/WhatsApp where supported, or email us to adjust preferences.

3) What data we collect

We collect data in the following categories when you use our Services:
A. Provided by you

Legal bases (DPDP principles): Consent, Purpose limitation, Lawful use, Notice, and Legitimate uses (e.g., security, prevention of fraud). Where consent is the basis, you may withdraw consent at any time (see §11).

5) Children & minors

6) How we share data

We may share Personal Data with:

We do not sell Personal Data.

7) Data retention

We keep Personal Data only as long as necessary for the purposes described, including legal, accounting, or reporting requirements. Typical retention periods:

8) Cookies & analytics

We use cookies and similar technologies to operate the Sites, remember preferences, and measure usage. You can manage cookies via your browser settings and our cookie banner. Blocking some cookies may affect site functionality.

11) Your rights & choices (Data Principal rights)

Subject to law, you may have the right to:

To exercise your rights, email arisesocietyorai@gmail.com with proof of identity and details of your request. For minors, the request must come from the lawful guardian.

12) Communications preferences