Last updated: 22nd September 2025

1. Who we are
   This Privacy Policy explains how Sukriti Professional Academy (“SPA”, “we”, “us”, “our”) collects, uses, discloses, and safeguards personal information when visitors interact with our website sukritiedu.com, our digital services, and our offline academic operations for Interior Design courses and certifications (“Services”). This Policy applies to prospective students, enrolled students, parents/guardians (where applicable), alumni, website visitors, and other stakeholders.
   
2. What data we collect
   We collect only what is necessary for admissions, academic delivery, support, and regulatory compliance:

• Identity and contact: name, email, phone, address, date of birth, parent/guardian name (if minor), government ID where required for verification/admissions.
• Academic and professional: education history, portfolio, resume, qualifications, exam scores, project work, internship details.
• Enrollment and financial: application data, fee/payment information (processed via secure payment gateways), invoices, scholarships/EMI arrangements.
• Communications: inquiries, call/WhatsApp/chat transcripts, emails, counseling notes, feedback, grievances.
• Learning data: attendance, assessments, grades, submissions, faculty feedback, LMS usage.
• Marketing preferences: newsletter opt-ins, campaign responses, event registrations.
• Technical data: device, browser type, IP address, cookie data, pages viewed, time on site, referral sources; collected via cookies and similar technologies.
• Media consent (optional): photos/videos/testimonials for placements, alumni features, and marketing (with consent).

3. How we collect data

• Directly from individuals via application forms, inquiry/contact forms, counseling calls, WhatsApp, email, events, workshops, campus visits, admissions, and classroom/LMS activities.
• Automatically via our website/LMS using cookies and analytics tools to improve performance and user experience.
• From third parties (e.g., payment providers, verification partners) as needed for admissions or fee processing.

4. Why we process data (lawful bases)
   We process personal data for:

• Admissions and enrollment: evaluate applications, eligibility, counseling, seat allocation.
• Academic delivery: course administration, attendance, assessments, certifications, LMS access.
• Student services: placement assistance, internships, portfolio development, alumni services.
• Communication: counseling, program updates, schedule changes, policy notices, service notifications.
• Legal and regulatory: record-keeping, tax and accounting, responding to lawful requests.
• Safety and integrity: fraud prevention, misuse detection, safeguarding campus and systems.
• Marketing (with consent/legitimate interest): newsletters, event invites, program updates, success stories. Individuals can opt out anytime.

5. Cookies and tracking technologies
   We use essential, performance, and analytics cookies to:

• Enable core site and LMS functions.
• Understand visitor behavior for improving content and navigation.
• Measure campaign performance and conversion.
  Cookie preferences can be managed via browser settings. Disabling certain cookies may impact functionality.

6. Payment processing
   We do not store full card or UPI details on our servers. Payments are processed by PCI-DSS compliant gateways. We retain transaction references, amounts, and invoice details for compliance and support.
   
7. Sharing and disclosures
   We do not sell personal data. We may share data with:

• Service providers: LMS platforms, cloud hosting, email/SMS tools, analytics, payment gateways, background verification, placement platforms—under confidentiality and data protection agreements.
• Industry partners/employers: to facilitate internships, placements, portfolios (with consent where required).
• Government/regulatory/authorized entities: where legally required.
• Professional advisors: auditors, legal counsel, accounting services for compliance.
• Transfers: In case of restructuring/merger, data may transfer under equivalent protection and with notice.

8. International transfers
   If data is transferred outside India (e.g., cloud services), we ensure appropriate safeguards (contractual clauses, reputable providers, and security standards).
   
9. Data retention
   We retain data only as long as necessary for the purposes outlined or as required by law:

• Admissions/academic records: per regulatory and accreditation requirements.
• Financial records: as per applicable tax/accounting laws.
• Marketing and communications: until consent is withdrawn or the purpose ends.
  Data is securely deleted or anonymized after retention periods.

10. Your rights
    Subject to applicable law, individuals may:

• Access and obtain a copy of their personal data.
• Request correction/updating of inaccurate or incomplete data.
• Request deletion, restriction, or object to certain processing (where legally applicable).
• Withdraw consent for marketing at any time without affecting prior lawful processing.
• Opt out of non-essential cookies via browser settings.
  To exercise rights, use the contact details in Section 15. We may need to verify identity before acting on requests.

11. Children’s privacy
    Our programs primarily target learners aged 17+. For applicants under the age of majority, we obtain parent/guardian details and necessary consents for processing academic and contact data. We do not knowingly collect data from children without appropriate consent. If you believe a minor’s data was provided without consent, contact us for prompt action.
    
12. Security measures
    We implement administrative, technical, and physical safeguards to protect data, including access controls, encryption in transit, secure authentication, least-privilege access, and staff confidentiality obligations. No system is 100% secure; we respond to incidents with appropriate remediation and notifications as required by law.
    
13. Marketing communications
    We send program updates, events, and newsletters based on consent or legitimate interest. You can unsubscribe at any time via the email footer link or by contacting us. Opting out does not affect essential service communications (e.g., academic notices, billing).
    
14. Third-party links
    Our website may contain links to third-party sites (e.g., partners, employers, tools). We are not responsible for their privacy practices. Review their privacy policies before providing personal information.
    
15. Contact and grievances
    All communication regarding privacy and data protection shall be directed to:

• Email: info@sukritiedu.com
• Phone/WhatsApp: 8745966777
• Website: https://sukritiedu.com
• Address: 3rd Floor, NDIIT Building, Kalkaji, New Delhi, 110019
  Working hours: Mon–Sat, 9:00 AM – 6:00 PM IST

Grievance Officer (India):

• Name: Dr. Babita Shrivastava
• Email: info@sukritiedu.com
• Phone: 8745966777
• Address: 3rd Floor, NDIIT Building, Kalkaji, New Delhi, 110019

16. Changes to this Policy
    We may update this Policy to reflect changes in our practices or legal requirements. The “Last updated” date will be revised. Material changes will be communicated via website notice or email where appropriate. Continued use of our Services after updates constitutes acceptance of the revised Policy.
    
17. Jurisdiction and applicable law
    This Policy is governed by the laws of India. Disputes shall be subject to the jurisdiction of courts at [City, e.g., New Delhi], India, unless otherwise required by applicable law.
    
18. Addenda (if applicable)

• EU/UK data subject addendum (GDPR): If we offer services to individuals in the EU/UK, additional disclosures and rights under GDPR/UK GDPR may apply.
• California privacy disclosures (CCPA/CPRA): If we collect data from California residents, additional rights and notices may apply.
• FERPA/COPPA (only if applicable): For programs targeting minors or handling education records falling under these laws, additional obligations may apply.