Privacy Policy – SkillEdu VARSITY (SEVA)
Logo
Legal — SkillEdu VARSITY

Privacy Policy

This Policy describes how SkillEdu VARSITY collects, uses, discloses, stores, and protects the personal information of individuals who access or use the Platform, including Users located in India and in other countries worldwide.

Effective Date: 15th July 2026
Last Updated: 15 July 2026

This Policy is designed to comply with the applicable requirements of the Digital Personal Data Protection Act, 2023 ("DPDP Act") and the Information Technology Act, 2000 along with the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 ("SPDI Rules") of India, as well as, where applicable to Users located outside India, the General Data Protection Regulation (EU) 2016/679 ("GDPR"), the UK GDPR, and the California Consumer Privacy Act as amended by the California Privacy Rights Act ("CCPA/CPRA"), and other applicable data protection laws. By accessing or using the Platform, creating an account, enrolling in a course, or otherwise providing us with your personal information, you acknowledge that you have read and understood this Policy. If you do not agree with this Policy, please do not use the Platform.

1

Definitions

  • "Personal Data" / "Personal Information" means any data or information that relates to an identified or identifiable natural person, whether directly or indirectly.
  • "Sensitive Personal Data" means Personal Data revealing categories such as financial information, health data, biometric data, government-issued identity numbers, or any other category so classified under applicable law.
  • "Processing" means any operation performed on Personal Data, including collection, recording, storage, use, disclosure, or deletion.
  • "Data Fiduciary" means SkillEdu VARSITY, which determines the purpose and means of processing your Personal Data (referred to as "Data Controller" under GDPR).
  • "Data Principal" means the individual to whom the Personal Data relates (referred to as "Data Subject" under GDPR).
2

Information We Collect

2.1 Information You Provide Directly

  • Account and registration details: full name, email address, mobile number, date of birth, gender, postal/billing address, and password.
  • Educational and professional details: qualifications, institution/employer, work experience, resume/CV, and skill assessment responses.
  • Payment and billing information: billing name, address, and transaction details. Card, UPI, net-banking, and wallet details are collected and processed by our PCI-DSS compliant third-party payment gateway partners; we do not store full card numbers on our servers.
  • Identity verification documents, where required for certification, proctored examinations, or placement services (e.g., government ID for exam proctoring).
  • Content you submit: assignments, quiz responses, project submissions, discussion forum posts, reviews, ratings, and support/help-desk communications.
  • Communications: information you provide when you contact us by email, chat, phone, or through contact/feedback forms.

2.2 Information Collected Automatically

  • Device and usage data: IP address, browser type and version, device identifiers, operating system, referring URLs, pages viewed, time spent, and click-stream data.
  • Learning analytics: course progress, video watch-time, quiz/assessment scores, login frequency, and engagement patterns, used to personalise learning and issue certificates.
  • Cookies and similar tracking technologies, as described in Section 8 below.
  • Approximate location data derived from your IP address (for currency, language, and content localisation).

2.3 Information from Third Parties

  • If you register or log in using a third-party account (e.g., Google or Facebook Single Sign-On), we receive basic profile information as permitted by your privacy settings on that platform.
  • Information from corporate/institutional partners where the Platform is provided to you through your employer, college, or training partner.
  • Information from payment processors, verification agencies, and analytics or advertising partners.
3

How We Use Your Information

  • To create and administer your account and provide access to courses, assessments, and certifications.
  • To process payments, subscriptions, refunds, and invoicing.
  • To personalise content, course recommendations, and learning paths.
  • To communicate with you regarding course updates, transactional notices, support requests, and (where you have consented) promotional or marketing communications.
  • To conduct proctored examinations and prevent fraud, impersonation, or academic dishonesty.
  • To generate and issue certificates, transcripts, and, where applicable, share verified achievement data with placement or hiring partners with your consent.
  • To monitor, analyse, and improve Platform performance, security, and user experience.
  • To comply with applicable legal, regulatory, tax, and accounting obligations.
  • To detect, investigate, and prevent fraud, unauthorised access, and misuse of the Platform.
4

Legal Basis for Processing (International Users)

Where the GDPR or an equivalent international data protection law applies to your Personal Data, we rely on one or more of the following legal bases:

  • Performance of a contract, to provide the courses and services you have enrolled in or purchased.
  • Consent, for optional activities such as marketing communications, non-essential cookies, or sharing data with placement partners.
  • Legitimate interests, such as improving the Platform, ensuring security, and preventing fraud, provided such interests do not override your fundamental rights.
  • Compliance with a legal obligation, such as tax, accounting, and law-enforcement requests.

Under the DPDP Act, 2023 applicable to Users in India, we process your Personal Data primarily on the basis of your explicit consent obtained through clear notice at the point of collection, or under "legitimate uses" permitted by the DPDP Act (e.g., where you have voluntarily provided data for a specified purpose, or for compliance with law).

5

Sharing and Disclosure of Information

We do not sell your Personal Data. We may share your information with the following categories of recipients, subject to appropriate confidentiality and data-protection safeguards:

  • Service providers and processors: hosting and cloud infrastructure providers, payment gateways, email/SMS communication providers, proctoring and identity-verification vendors, analytics providers, and customer-support tools, who process data solely on our instructions.
  • Instructors and content partners, limited to information reasonably necessary to deliver courses, evaluate submissions, and respond to queries.
  • Corporate, institutional, or hiring partners, only where you have opted in to placement assistance, credential sharing, or a corporate training programme.
  • Professional advisors, including auditors, lawyers, and insurers, where necessary for their services.
  • Regulators, courts, and law-enforcement authorities, where required by applicable law, legal process, or to protect the rights, property, or safety of SkillEdu VARSITY, our Users, or the public.
  • Business transferees, in connection with a merger, acquisition, restructuring, or sale of assets, subject to this Policy or a substantially similar policy governing the transferred data.
6

International Data Transfers

SkillEdu VARSITY may store and process Personal Data on servers located in India and in other countries where our service providers operate, including for cloud hosting, payment processing, and customer support.

  • For Users in India, cross-border transfers are made in accordance with the DPDP Act, 2023, which permits transfers to jurisdictions other than those specifically restricted by the Central Government.
  • For Users in the European Economic Area (EEA) or United Kingdom, transfers outside the EEA/UK are made only where the destination country benefits from an adequacy decision, or subject to appropriate safeguards such as the European Commission's Standard Contractual Clauses (SCCs) or the UK International Data Transfer Addendum.
  • We take reasonable contractual, technical, and organisational measures to ensure that any recipient of your data provides an adequate level of protection consistent with this Policy.
7

Data Retention

We retain Personal Data only for as long as is necessary to fulfil the purposes described in this Policy, including to provide the services, comply with legal, tax, and accounting requirements, resolve disputes, and enforce our agreements. Indicative retention periods are set out below; actual periods may vary based on legal requirements or the specific circumstances of processing.

Data TypeRetention Period
Account & profile dataDuration of account, plus up to 3 years thereafter (to allow certificate verification and re-enrolment)
Payment & transaction recordsUp to 8 years, as required under applicable Indian tax and financial record-keeping laws (or the equivalent local requirement)
Communication & support recordsUp to 3 years from the date of last interaction
Proctoring / examination recordingsUntil integrity disputes, if any, are resolved; then securely deleted
Technical / server logsUp to 12 months

Upon expiry of the applicable retention period, or upon a valid deletion request, we securely delete or anonymise the relevant Personal Data, except where continued retention is required by law or for the establishment, exercise, or defence of legal claims.

8

Cookies and Tracking Technologies

We use cookies, web beacons, SDKs, and similar technologies to operate the Platform, remember your preferences, authenticate sessions, measure performance, and, where you consent, deliver relevant advertising.

  • Strictly necessary cookies, required for login, security, and core Platform functionality (cannot be disabled).
  • Analytics and performance cookies, used to understand how Users interact with the Platform (e.g., Google Analytics).
  • Functional cookies, used to remember preferences such as language or video quality.
  • Advertising/targeting cookies, used to deliver relevant marketing, subject to your consent where legally required (e.g., under EU/UK cookie-consent rules).

You can manage or withdraw cookie consent at any time through our cookie-consent banner/preference centre or your browser settings. Disabling certain cookies may affect Platform functionality.

Our Website does not currently respond to "Do Not Track" browser signals. You may still control tracking through the cookie-consent banner and your browser's cookie settings.

9

Data Security

We implement reasonable security practices and procedures commensurate with the sensitivity of the information, in line with the SPDI Rules, 2011, and industry standards, including:

  • Encryption of data in transit (TLS/SSL) and, where appropriate, at rest.
  • Access controls and role-based permissions limiting internal access to Personal Data on a need-to-know basis.
  • Firewalls, intrusion detection, and regular security assessments/penetration testing.
  • PCI-DSS compliant payment processing through certified third-party gateways.
  • Contractual data-protection obligations imposed on vendors and service providers.

No method of transmission or storage is completely secure. While we strive to protect your Personal Data, we cannot guarantee its absolute security. In the event of a data breach likely to cause harm, we will notify affected Users and, where required, the relevant regulatory authority (such as the India Data Protection Board or a supervisory authority under GDPR) in accordance with applicable law and within the prescribed timelines.

10

Your Rights

10.1 Rights of Users in India (DPDP Act, 2023)

  • Right to access information about your Personal Data and the processing activities carried out.
  • Right to correction and updating of inaccurate or incomplete Personal Data.
  • Right to erasure of Personal Data that is no longer necessary for the purpose it was collected, subject to legal retention requirements.
  • Right to grievance redressal through our Grievance Officer (see Section 13).
  • Right to nominate another individual to exercise your rights on your behalf in the event of death or incapacity.
  • Right to withdraw consent at any time, without affecting the lawfulness of processing carried out prior to withdrawal.

10.2 Rights of Users in the EEA/UK (GDPR)

  • Right of access, rectification, erasure ("right to be forgotten"), and restriction of processing.
  • Right to data portability, to receive your data in a structured, commonly used, machine-readable format.
  • Right to object to processing based on legitimate interests or for direct marketing.
  • Right to withdraw consent at any time.
  • Right to lodge a complaint with your local supervisory authority.

10.3 Rights of Users in California (CCPA/CPRA)

  • Right to know what Personal Information is collected, used, disclosed, or sold.
  • Right to request deletion of Personal Information, subject to certain exceptions.
  • Right to correct inaccurate Personal Information.
  • Right to opt out of the sale or sharing of Personal Information (SkillEdu VARSITY does not sell Personal Information).
  • Right to non-discrimination for exercising any of the above rights.

To exercise any of these rights, please submit a request through your account settings or by contacting us using the details in Section 15. We may need to verify your identity before processing your request and will endeavour to respond within 30 days, or such shorter period as required by applicable law. If you are not satisfied with our response to a grievance raised under the DPDP Act, you may escalate the matter to the Data Protection Board of India.

11

Children's Privacy

The Platform is intended for use by individuals who are at least 18 years of age, or who have reached the age of majority in their jurisdiction. Where courses are specifically designed for minors (e.g., school-level or K-12 skill programmes), we will obtain verifiable parental or guardian consent before collecting Personal Data from a child, in accordance with the DPDP Act, 2023, and, where applicable, other laws such as COPPA or GDPR provisions on children's data. We do not knowingly collect Personal Data from children without such consent, and we will delete any such information promptly upon becoming aware of it.

12

Third-Party Links and Services

The Platform may contain links to third-party websites, payment processors, or embedded content (such as videos or plugins) that are not operated by us. This Policy does not apply to such third-party sites or services, and we encourage you to review their respective privacy policies before providing any Personal Data to them.

13

Grievance Officer / Data Protection Contact

In accordance with the Information Technology Act, 2000, the SPDI Rules, 2011, and the DPDP Act, 2023, we have appointed a Grievance Officer to address any complaints or concerns regarding the processing of your Personal Data:

Name: [Grievance Officer Name]
Designation: Grievance Officer / Data Protection Officer
Email: [email protected]
Address: [Registered Office Address], India

We will endeavour to acknowledge grievances promptly and resolve them within the timelines prescribed under applicable law.

14

Changes to this Privacy Policy

We may update this Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. We will post the revised Policy on this page with an updated "Last Updated" date, and, where the changes are material, we will provide additional notice (such as an email or in-app notification) and, where required by law, seek your renewed consent before the changes take effect.

15

Jurisdiction-Specific Notices

15.1 India (DPDP Act Notice)
SkillEdu VARSITY acts as a Data Fiduciary under the Digital Personal Data Protection Act, 2023. We process your Personal Data for lawful purposes on the basis of your consent or as otherwise permitted under the Act. You may contact our Grievance Officer (Section 13) with any concerns or to exercise your rights; if you are not satisfied with our response, you may approach the Data Protection Board of India.

15.2 European Economic Area / United Kingdom (GDPR Notice)
For Users in the EEA or UK, SkillEdu VARSITY acts as a Data Controller. Where required under Article 27 GDPR / UK GDPR because we do not have an establishment in the EEA or UK, our appointed representative can be contacted at: [Insert EU/UK Representative Name and Contact Details]. You have the right to lodge a complaint with your local data protection supervisory authority at any time.

15.3 California (CCPA/CPRA Notice)
California residents may exercise the rights described in Section 10.3 by contacting us using the details in Section 15. We do not sell or share Personal Information for cross-context behavioural advertising in the manner defined under the CCPA/CPRA. As noted in Section 8, our Website does not currently respond to "Do Not Track" signals, but you may control tracking through the cookie-consent banner and browser settings.

16

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

SkillEdu VARSITY (www.skilleduvarsity.com)
skilleduvarsity@gmail.com
Warangal, Telangana, India

This Privacy Policy should be read together with our Terms of Service, Cookie Policy, and Refund Policy, each available on the Platform.