INTRODUCTION

 

Harappa Learning Private Limited is a company registered in India with its registered office at N-154 Panchsheel Park New Delhi, South Delhi – 110017, India (referred to herein as “Harappa”“we”“our” or “us”). Harappa is a web and mobile based platform which offers curated and specially designed and scripted courses aimed at strengthening foundational skills and building competencies geared towards achieving professional success through its website, https://harappa.education/ (or any successor site) and its related sub-domains, sites, mobile applications and tools accessed through a mobile device, mobile application, computer or any other device (“Website”). The words “you” or “your” or “User” as used herein, refer to all individuals and/or entities browsing, accessing, or using the Website or services for any reason.

This Privacy Policy (“Privacy Policy/Policy”) details out what User information is being collected, stored, and processed, purpose of such collection and how the same shall be used by Harappa. By clicking on [“I agree”] you agree that you have read the Privacy Policy and consent to be bound by this Policy. By signing up you further represent that you are 18 years of age or older than the legal age prescribed in your country of residence for the purpose of entering into a valid and binding contract. This Privacy Policy is incorporated into and subject to the provisions of the Terms of Use and the terms not defined here, have the meanings ascribed to them in the Terms of Use.

IF YOU DO NOT AGREE TO THIS PRIVACY POLICY, PLEASE DO NOT USE OR ACCESS THE WEBSITE AND/OR OUR SERVICES.

 

PURPOSE & SCOPE

This Privacy Policy describes the information, including any information that relates to a natural person, which, either directly or indirectly, in combination with other information available or likely to be available with a body corporate, is capable of identifying such person (“Personal Information”), that we collect from you and what may happen to that information. This Privacy Policy DOES NOT apply to information that you provide to, or that is collected by, any third-party, such as social networks that you use which are not in connection with our services. This Policy also describes how Harappa ensures security of the Personal Information you provide.

We collect, process, and store your Personal Information, to provide a safe, efficient, and customized experience to our Users accessing the Website. You can browse through the Website without giving any Personal Information about yourself or by creating an account to avail of our services on the Website. These services shall include but not be limited to providing the Users with online pathways, participate in public forums, sign-up for email, calls and SMS, WhatsApp updates, purchase our services. To register and create an account (“Account”), you may be required to provide us with your contact and identity information and other Personal Information as indicated on the Website and complete the registration process. Where possible, we indicate which fields are mandatorily required and which fields are optional. You always have the option to not provide Personal Information by choosing not to use a particular service or feature on the Website unless we require it so. Your Account and Personal Information is protected by a password for your privacy and security. You need to prevent unauthorized access to your Account and Personal Information by selecting and protecting your password appropriately and limiting access to your mobile phone and browser by signing off after you have finished accessing your Account. We advise you to not share login credentials/Account information with anyone to avoid unauthorized access.

This policy control applies to all systems, people and processes that constitute the organization’s information systems, including board members, directors, employees and other third parties who have access to Personal Data available within Harappa.

The company is also committed to ensure that its employees conduct themselves in line with this, and other related, policies. Where third parties process data on behalf of Harappa, the Company endeavours to obtain assurances from such third parties that your Personal Data will be safeguarded consistently. This Privacy Policy applies to all our services unless specified otherwise.

 

  1. LEGAL BASIS OF PROCESSING PERSONAL INFORMATION 

We process your Personal Information on the following legitimate basis as also mandated under applicable data protection, data security or privacy laws including but not limited to the Indian Information Technology Act, 2000, Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (“Data Protection Law”):

1.1 Consent: Processing based on your consent.

1.2 Legitimate interests: Processing, where permitted under Data Protection Law, in furtherance of our legitimate interests to provide and personalise our services to you including our interests to conduct legitimate business activities (such as improving our products and services), to communicate with you, to secure our systems, among other legitimate interests like processing of payment, fraud detection, for the establishment, exercise, or defence of legal claims;.

1.3 Compliance with legal obligations: We may process your Personal Information if necessary for us to comply with any legal obligations arising under any applicable law to which we may be subject.

 

  1. TYPE OF INFORMATION WE COLLECT

Following type of Personal Information may be collected by Harappa subject to your interactions with us and the  services chosen by you and the applicable laws when you browse or use our Website and when you register as a user to subscribe to our services:

  • Title / Gender
  • Name & Surname
  • Profile Picture
  • Contact information like mobile number, postal address and email address
  • Educational qualifications
  • a username you will use to access the Website;
  • all information including user feedback gathered during any correspondence or interaction between you and us via emails, chats, telephone calls, SMSs, WhatsApp messages, posts on public forums etc. collectively referred as User Generated Content/ UGC.
  • any detail relating to the above clauses as provided to us for providing service; and any other information required under lawful contract or otherwise.

2.1 Sensitive Personal Information

We collect and process Personal Information categorized as Sensitive Personal Data or Information (“SPDI”)which is the User’s password related information.

Special Category of Personal Data includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade unions memberships, information about your health and genetic and biometric data.

Should we specifically require SPDI in connection with one or more of the uses described in this policy, we will request your explicit consent to use the data in accordance with applicable laws, this Policy and/or in the ways described at the point where you were asked to disclose the SPDI.

Other legal basis for our processing of special category data may include, as permitted by Data Protection Law, for scientific research, for employment, social security or social protection law, for reasons of substantial public interest, or as necessary for the establishment, exercise or defence of legal claims. If you voluntarily share with us or post/upload any “special” or “sensitive” Personal Data to this website for any other reason, you consent that we may use such data in accordance with applicable law and this policy. You can contact our DPO at dpo@harappa.education for more information about our processing of your Personal Information.

2.2 Information Automatically Collected/ Acquired Information

2.2.1. Location Information and IP Address: When you access the Website, your IP address is recorded by us. This method ensures smooth operations and protection against attacks and requires the User’s IP address to be saved for the duration of the session. We may be able to determine from an IP address a User’s Internet Service Provider and the geographic location of his or her point of connectivity.

2.2.2. Device Information: We collect information about the apps, browsers, and devices you use to access our website, which helps us provide features like automatic service updates. The information we collect includes unique identifiers, browser type and settings, device type and settings, operating system, mobile network information including carrier name and phone number, and application version number.

2.2.3. Behavioural Information: We may automatically track, collect, and aggregate certain information about you based upon your behaviour on our Website or while accessing our services. We may use such information to do internal research on our Users’ demographics, interests, and behaviour to better understand, protect and serve our Users. This information is compiled and analysed on an aggregated basis.

2.2.4. Cookies: The Website may use cookies and tracking technology depending on the features offered. We urge you to consult our cookie policy, available on our Website, to understand the cookies processed by us. Usage of a cookie is in no way linked to any personally identifiable information on our website. Some of our business partners may use cookies on our website. However, we have no access to or control over these cookies. Aggregate cookie and tracking information may be shared with third parties. By accepting this Privacy Policy as well as the cookie policy, you confirm your consent to Harappa’s use of cookies and other such technologies. If you do not wish to accept cookies from our Website, you may configure your web browser so that it does not accept cookies; however, you may lose certain functions available on our Website.

You agree, if you send us personal correspondence, such as emails, calls, SMSs (including WhatsApp messages) or letters, or if other users or third parties send us correspondence about your activities or postings on the Website in connection with our Services, we may collect and/or store such information.

2.3 Third-Party Tools:

We may use certain third-party web analytics services on the Website such as Google Analytics or tools offered by Facebook and/or LinkedIn. The third party service providers that administer these services use technologies such as cookies, web server logs and web beacons to help us for various functions such as analyse how visitors use the Website, tracking User behaviour for marketing purposes, for provision of embedded services etc. The information collected through these means (including IP address) is disclosed to these service providers, who use the information to evaluate use of the Website. These analytic services may use the data collected to contextualize and personalize the marketing materials of their own advertising network. Please note that third parties (including, for example, advertising networks and providers of external services) may also use cookies, over which we have no control.

If you do not wish to have data relating to your visits to our websites collected through Google Analytics, you may opt-out by installing the Google Analytics opt-out browser add-on.

2.4 User Generated Content:

Content added, created, uploaded, submitted, distributed, posted by Users including but not limited to feedback, queries, chats, discussions are collectively referred to as, “User Content”. User is the sole owner and responsible for the authenticity and correctness of all the User Content.

We may use your User Content, in a number of different ways in connection with our services and Harappa’s business as we may determine at our sole discretion. By submitting User Content through the Website, you hereby do and shall grant Harappa a worldwide, non-exclusive, royalty-free, fully paid, sub-licensable (through multiple tiers) and transferable license to use, copy, reproduce, distribute, prepare derivative works of, display, perform, and otherwise fully utilise the User Content in connection with our services and Harappa’s (and its successors and assigns’) business, including without limitation for promoting and redistributing part or all of the Website (and derivative works thereof), publicly displaying it, reformatting it, incorporating it into marketing materials, advertisements and other works, creating derivative works from it, promoting it, distributing it, and allowing other users to do the same in connection with their own websites, media platforms, and applications (“Third Party Media”),

For clarity, the foregoing license grant to Harappa does not affect your other ownership or license rights in your User Content(s), including the right to grant additional licenses to the material in your User Content(s), unless otherwise agreed in writing with Harappa.

When you delete your User Content, they will be removed from the Website. However, you understand that any removed User Content may persist in backup copies for a reasonable period of time (but following removal will not be shared with others) or may remain with users who have previously accessed or downloaded your User Content or may be retained by Harappa for such period as stipulated under law. If you have questions or concerns about the legal basis upon which we collect and use your Personal Information, you can contact us at dpo@harappa.education.

 

3. HOW WE USE YOUR PERSONAL INFORMATION

 We only have access to and/or collect Personal Information that you give us via selected mode of communication e-mails, push notifications, WhatsApp, SMS or any other mode of communication as made available by Harappa and opted by you or that is collected while accessing our website, using our services or via e-mail or other direct contact from you. We will use your Personal Information only for lawful purpose and for providing the services opted by you. We will not sell or rent this information to anyone nor share your information with any third party outside our organization, unless otherwise provided under the applicable law and specified in this Privacy Policy and/or other than as necessary to fulfil your request.

3.1 Provide, maintain and Customize our Services:

We may use your Personal Information and other information we obtain from your current and past activities on the Website to: inform you about your transaction status, customize your experience, resolve disputes, troubleshoot problems, measure your interest in the services provided by us, inform you about our products, services, and updates, fraud detection and prevent other criminal activity; enforce the Terms of Use, provide technical support, and as otherwise described to you at the time of collection. At times, we may look across multiple Users to identify problems or resolve disputes, and in particular we may examine your Personal Information to identify Users using multiple User IDs or aliases. We may compare and review your Personal Information for errors, omissions and for accuracy. Unless you ask us not to, we may contact you via email, calls, SMSs, WhatsApp Messages etc in the future to tell you about special offers, new products or services, or changes to this Privacy Policy.

3.2. Improve our Services :

Information collected form your feedback, reviews, ratings you provide, poll questions and surveys including phone interviews you take may be aggregated and analysed by us in order to improve and enhance our services, our Website etc. Participation in these surveys is purely optional. Identity of the survey participants is anonymous unless otherwise stated in the survey.

3.3. Participation in Online pathways, Public Forums and Signing Up for Updates

We use the Personal Information as provided by you for processing purposes, including but not limited to that of following attendance, progress, utilisation and completion of your online subscription. We may also share details regarding your performance in a given online pathway with the instructor/instructors or other designated individuals who assisted you in such content. This will help us modify, alter, and operate the online pathway conveniently. We may also collect student generated content in the form of various assignments, peer-grading feedback, responses related to the pathway data in the form of exams, surveys etc. We may collect or/and store such information as provided by you.

Harappa may offer public forums. We may require your Personal Information if you wish to participate and share your thoughts on these forums. Please keep in mind that such posts as shared by you will be available on our website and/or any related application or platform. We may collect and/or store such information as provided by you on these forums. We may also provide you with updates by either posting such updates on the Website or through letters, emails, calls, SMS, WhatsApp etc.

3.4. Communicate with You

We may use your Personal Information to contact you and deliver information to you which may be targeted to your interests, such as targeted administrative notices, services offerings, and other such communications relevant to your use of the Website including other such reasons as detailed out under this clause via selected mode of communication (e-mails, push notifications, WhatsApp, SMS or any other mode of communication as made available by Harappa and opted by you). We may let you know about upcoming changes or improvements to our services. By accepting the Terms of Use and Privacy Policy, you expressly agree to receive this information. If you do not wish to receive these communications, we encourage you to opt out of the receipt of certain communications by writing to dpo@harappa.education or support@harappa.education.

3.5. Advertisements:

We may also aggregate (gather up data across all Accounts) information and disclose such information in a non-personally identifiable manner to advertisers and other third parties for other marketing and promotional purposes. We don’t share Personal Information that personally identifies you with advertisers, such as your name or contact information, unless you ask us to.

3.6. Services Offered on the Website by Third Parties:               

Website may provide links to third-party sites. Please note that when you click on one of these links, you are entering another application/website over which Harappa has no control and will bear no responsibility. The information provided by you for such purposes is simultaneously collected by the Website and the relevant third party. Such information provided by you is only processed for the purposes of the legitimate interests pursued by the third party. This information is utilized by the third party in accordance with its privacy policy and the terms of the offer. Because we do not control the privacy practices of these third parties, you should evaluate their practices before deciding to use their services. You agree that we shall not be liable for any breach of your privacy of Personal Information or loss incurred by your use of these applications/websites.

. When a YouTube video is played, the app communicates directly with the content provider (YouTube) and not with Harappa. Users of the app should be aware of the Google Privacy Policy available at https://policies.google.com/privacy, which states how YouTube treats user data. Harappa does not have any record of the videos watched or any other user related YouTube API data.

3.7 Aggregated Data

“Aggregated Data” means records that have been stripped of Personal Data and has been manipulated or combined to provide generalised, anonymous information. Your identity and personal information are not available in Aggregated Data. We combine your Personal Data on an anonymous basis with other information to generate Aggregated Data for internal and commercial use and for sharing with affiliates, subsidiaries and business partners for planning and marketing purposes.

3.8 Data protection principles

Where third parties process data on behalf of Harappa we endeavour to obtain assurances from such third parties that your Personal Data will be safeguarded consistently. We understand that it will be accountable for the processing, management and regulation, and storage and retention of all Personal Data held in the form of manual records and on computers.

All Personal Data obtained and held by the Company will:

  • be processed fairly, lawfully and in a transparent manner
  • be collected for specific, explicit, and legitimate purposes
  • be adequate, relevant and limited to what is necessary for the purposes of processing
  • be kept accurate and up to date. Every reasonable effort will be made to ensure that inaccurate data is rectified or erased without delay
  • not be kept for longer than is necessary for its given purpose
  • be processed in a manner that ensures appropriate security of Personal Data including protection against unauthorised or unlawful processing, accidental loss, destruction or damage by using appropriate technical or organisation measures
  • comply with the relevant laws and procedures for international transferring of Personal Data applicable to us.

 3.9. Posting to Public Forums:

Please remember that if you post any of your Personal Information in public forums of the Website, such information may be collected and used by others over whom we have no control. You are to please note that these posts may be made available in the public domain.

 

  1. INTERNATIONAL DATA TRANSFER 

Our website is primarily operated and managed on servers located and operated within India. However, your Personal Information may also be stored in third party data servers located in other countries where HARAPPA provides its products and services.

HARAPPA engages sub-contractors, service providers and other third parties for facilitating its  products, service offerings and to offer support services to you, and your Personal Information may be transferred to servers of such sub-contractors, service providers and other third parties. Depending upon the location of our service providers, your information, including Personal Information, may be transferred to and maintained on computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those from your jurisdiction. Where required under applicable law we will seek your express consent for such transfers. In all other cases, by consenting to this policy, you also provide consent to HARAPPA to transfer your Personal Information to HARAPPA affiliated companies, service providers or any third-party entity in locations around the world. We take steps to ensure that a degree of data protection which is similar to this policy is afforded to such Personal Information transferred. HARAPPA will always ensure transfer of your personal information internationally,  will be in accordance with the lawful contract and all applicable legal requirements.

Where Harappa transfers your personal information internationally, we will comply with applicable legal requirements and where required we will enter into a data transfer agreement with the recipient of the personal information, which in the case of European Personal Data may include the Standard Contractual Clauses. In other cases, and where applicable, we shall enter into separate Data Processing Agreements with the third parties / service providers / contractors and such other recipients of Personal Data. Further as the Company takes steps to ensure that transfers of Personal Data to any public authority cannot be massive, disproportionate, and indiscriminate in a manner that would go beyond what is necessary in a democratic society. In the event of conflicts between these and public authority requirements, the company will find a practical solution that fulfils the purpose of this Policy.

 

  1. PROCESSING AND STORAGE

Your Personal information is processed and stored on Harappa’s internal servers. Your Personal information is either stored manually or electronically. Any data stored electronically will be stored in secure servers, and any data stored manually will be stored in our premises.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your Personal information, we cannot guarantee the security of data transmitted to our Website and any transmission is at your own risk.

 

  1. WITH WHOM YOUR PERSONAL INFORMATION IS SHARED 

6.1 We do not rent, sell, or share your Personal Information with other people (save with your consent) or non-affiliated companies except to provide our products or services, or under the following circumstances:

  • We will share your Personal Information with our employees and directors who need it to deliver the services, complete your request or carry out your instructions.
  • To provide Personal Information to trusted partners who work on behalf of or with us under confidentiality agreements. These entities may use your Personal Information to assist us in providing our services to you and help us communicate with you about offers from us and our marketing partners.
  • To respond to summons, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims.
  • To share Personal Information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of Terms of Use, or as otherwise required by law.
  • From time to time, to reveal general statistical information about our website and visitors, such as number of visitors, number and type of products and services purchased, etc.
  • We may combine your Personal Data on an anonymous basis with other information to generate Aggregated Data for internal and commercial use and for sharing with affiliates, subsidiaries and business partners for planning and marketing purposes.
  • With Companies in the same group as Harappa.

In addition to the circumstances described above, HARAPPA may disclose User’s Personal Information if required to do so:

  • by law, required by any enforcement authority for investigation, by court order or in reference to any legal process.
  • to conduct our business.
  • for regulatory, internal compliance and audit exercise(s)
  • to secure our systems; or
  • to enforce or protect our rights or properties of HARAPPA or any or all its affiliates, associates, employees, directors, or officers or when we have reason to believe that disclosing Personal Information of User(s) is necessary to identify, contact or bring legal action against someone who may be causing interference with our rights or properties, whether intentionally or otherwise, or when anyone else could be harmed by such activities.

Any disclosure and storage by any enforcement authority for investigation, by court order or in reference to any legal process may take place without your knowledge. In that case, we shall not be liable to you or any third party for any damages however arising from such disclosure and storage.

 

  1. HOW LONG DO WE KEEP YOUR DATA?

We may retain Personal Information for as long as it is necessary. It may be archived as long as we believe that the purpose for which it was used still exists or as necessary for our legitimate business interests or for complying with legal obligations or for a period as mentioned in the applicable laws.

There will be some residual information in anonymised form that shall remain with us within our logs, database, and other records. Such residual information may or may not include Personal Information. Please also note that we shall retain your Personal Information if we require the same for complying with a legal obligation.

Organization and Responsibilities

Harappa will maintain records of data processing as required by the laws.

The ‘Data Protection Officer’ (DPO) has the specific responsibility of overseeing data protection and ensuring that we comply with the data protection principles and relevant legislation. The DPO will ensure that the Data Processing Register is kept up to date and demonstrates how the data protection principles are adhered to by our activities. Individual members of staff have a duty to contribute to ensure that the measures outlined in the Register are accurately reflected in our practice.

Our compliance with relevant policies and regulatory requirements in respect of data protection as part of our Data Management Strategy will be periodically monitored internally by a designated governance group. All employees, volunteers, consultants, partners, or other parties who will be handling Personal Data on behalf of Harappa will be appropriately trained and supervised where necessary.

The collection, storage, use and sharing of Personal Data will be regularly reviewed by the Data Protection Officer, the Governance Group, and any relevant business area. We will adhere to relevant codes of conduct where they have been identified and discussed as appropriate.

Where there is likely to be a high risk to individuals rights and freedoms due to a processing activity, we will first undertake a Data Protection Impact Assessment (DPIA) and consult with the relevant supervisory authority prior to processing, if necessary.

 

  1. DATA SECURITY 

We endeavour to safeguard your Personal Information under our control by adhering to strict security measures and best practises to prevent loss, misuse or unauthorized access of data. Harappa is ISO 27001:2013 (ISMS) Certified and GDPR Compliant.

All the Personal Information is collected, stored, and processed as per the Data Protection Laws. Personal Information of the Users residing outside India is collected stored and processed as per the data protection laws in their respective jurisdictions such as EU General Data Protection Regulation 2016/679 (the “GDPR”) to the extent possible in consonance with the Indian Data Protection Laws as mentioned above.

Harappa will ensure that appropriate technical and organizational measures are in place, supported by privacy impact and risk assessments, to ensure a high level of security for Personal Data, and secure environment for information held both manually and electronically.

Harappa implements appropriate security measures designed to prevent unlawful or unauthorized processing of personal information and accidental loss of or damage to personal information. Harappa maintains written security management policies and procedures designed to prevent, detect, contain, and correct violations of measures taken to protect the confidentiality, integrity, availability, or security of your Personal Information. These policies and procedures assign specific data security responsibilities and accountabilities to specific individuals, include a risk management program that includes periodic risk assessment and provide an adequate framework of controls that safeguard your personal information.

In addition, as part of its organizational security measures, employees at Harappa must:

  • ensure that all files or written information of a confidential nature are stored in a secure manner and are only accessed by people who have a need and a right to access them
  • ensure that all files or written information of a confidential nature are not left where they can be read by unauthorised people
  • check regularly on the accuracy of data being entered into computers
  • always use the passwords provided to access the computer system cautiously and such access should not be circulated, unless absolutely necessary
  • use computer screen blanking to ensure that Personal Data is not left on screen when not in use.

Personal Data should not be kept or transported on laptops, USB sticks, or similar devices, unless authorised by [insert details]. Where Personal Data is recorded on any such device it should be protected by:

  • ensuring that data is recorded on such devices only where absolutely necessary
  • using an encrypted system — a folder should be created to store the files that need extra protection and all files created or moved to this folder should be automatically encrypted
  • ensuring that laptops or USB drives are not left lying around where they can be stolen.

Failure to follow the Company’s rules on data security may be dealt with via the Company’s disciplinary procedure. Appropriate sanctions include dismissal with or without notice dependent on the severity of the failure.

We also take steps to ensure that our service providers, contractors and other third parties maintain similar level of data protection measures when processing your Personal Data. While we strive to secure your Personal Data, please note that 100% security of Personal Data cannot be guaranteed and that Harappa shall not be liable for any misuse or loss of Personal Data carried out by third party cloud service provider.

 

  1. CHILDREN’S PRIVACY

Harappa does not engage in the collection, processing, storage, use, dissemination, and transfer of Personal Information of children. We do not knowingly collect personal information online from children under legal age (18 years in India), depending on the jurisdiction/ country concerned. If a child/ minor has provided us with the Personal Information online such processing shall be lawful only if and to the extent that consent is given or authorised by the holder of parental responsibility over the child. In the event HARAPPA becomes aware that the User is a minor or below the legal age to consent in the jurisdiction concerned, HARAPPA reserves its right to terminate all services to such User/ Account without any prior notice.

In case such a collection becomes necessary for the performance of our contractual obligations, or when required under the concerned law, we shall notify you in a time-bound and appropriate manner, informing the purposes and reasons for such collection and seek your explicit consent, and where applicable, parental authorization, prior to the processing of such data.

We will take appropriate steps to delete any Personal Data of children’s that has been collected on our website without verified parental consent upon learning of the existence of such Personal Data, subject to conditions stipulated in the laws of applicable jurisdiction.

 

  1. RIGHTS AVAILABLE TO THE USER

 Some jurisdictions have provided individuals with certain rights in relation to the processing of their Personal Data. This is the case where you or the any of our subsidiaries or affiliates with which you interact is located in the European Union, though these rights may be available in other jurisdictions as well. These rights are not available to everyone, and they do not necessarily apply in all contexts. Depending on applicable law, you may have the right to:

  • You have a right to access and rectify the record of your Personal Information maintained by the Harappa if it is inaccurate.
  • You have a right for erasure /deletion of your data. On receipt of deletion request, Harappa shall delete all information pertaining to you/ your account barring the invoice which will be retained by Harappa for accounting and audit purpose. User further acknowledges that post deletion Harappa will not be able to share any User detail including the ‘Course Completion Certificate’ neither will it be able to continue providing the desired services.
  • You have the right to withdraw your consent in relation to any SPDI you may have provided to Harappa.
  • You have the right to object, at any time to processing if you have concerns that Harappa is using your data for direct marketing purposes.
  • You have a right to restrict processing. If the processing is unlawful and you oppose the erasure of the Personal Information and request the restriction of their use instead.
  • When technically feasible, Harappa will, at your request, provide your Personal Information to you or transmit it directly to another controller.
  • You may also request additional information about the purpose of the processing; the categories of Personal Information concerned; who else outside the Harappa might have received the data from Harappa; what the source of information was; and how long it will be stored.

If access cannot be provided within a reasonable time frame, Harappa will provide you the additional information at the earliest possible.

In the event you wish to exercise any of the above-mentioned rights, you may send your written request dpo@harappa.education

Please note that certain conditions in relation to processing of your rights, will vary as many countries have varying data privacy rights. Our response and further processing of request to exercise these rights will depend upon the law applicable in relation to the rights exercised by you. We may refuse requests that are unreasonably repetitive, require disproportionate technical effort, risk the privacy of others, may compromise and ongoing investigation, or are impractical. It is our policy to never discriminate against you for exercising any of these rights.

You may have the right to complain to a data protection authority about our processing of your Personal Data. For more information, please contact your local data protection authority.

 

  1. Use of this website and our Terms of Service

This website is the property of the Harappa. Our Terms of Use and this Privacy Policy collectively govern the use of the Platform and the Programs offered by Harappa. This Privacy Policy shall form a part of the Terms by way of reference. By using this website and the information offered herein, you indicate your acceptance of these Terms of Use.

 

  1. Data Controller/ Company Details

The “Data Controller” (i.e., Harappa) means the entity that will make the decisions about how your data is used and that is responsible for deciding how it holds personal information about you.

Since Harappa is made up of different legal entities, the entity that will be the controller for your data is dependent on the situation where your Personal Data is collected.

 

  1. Breach notification

Where a data breach is likely to result in a risk to the rights and freedoms of individuals, it will be reported to the relevant supervisory authority within 72 hours of the Company becoming aware of it and may be reported in more than one instalment. Individuals will be informed directly in the event that the breach is likely to result in a high risk to the rights and freedoms of that individual. If the breach is sufficient to warrant notification to the public, the Company will do so without undue delay.

 

  1. Conflicts of Law

This Policy is intended to comply with the laws and regulations in the place of establishment and of the countries in which company operates. In the event of any conflict between this Policy and applicable laws and regulations, the latter shall prevail.

 

  1. CHANGES TO THE PRIVACY POLICY

We reserve the right to update, change or modify this Privacy Policy at any time. The amendment to this Privacy Policy shall come to effect from the time of such update, change or modification. We, therefore, encourage you to check and read this Privacy Policy from time to time to familiarize yourself with such updates.

 

  1. THE OPT-OUT PRACTICE

If you are no longer interested in receiving email announcements and other marketing information from us, or you want us to remove any personal information that we have collected about you, you can opt-out anytime by sending an e-mail about your request to dpo@harappa.education Or support@harappa.education

 

  1. GRIEVANCE OFFICER AND CUSTOMER SUPPORT

 In the event you have any complaints about the Website, its contents or anything related thereto or if you wish to make a complaint regarding any violation of the provisions of the Privacy Policy, you may send a written complaint to the Grievance Officers (identified below), who shall redress the complaint within one (1) month from the date of receipt of the complaint. In case you want to exercise any of your rights under the Privacy Policy you may send a written request to our DPO. In case you have any questions regarding the services or the Website or in relation to these Terms of Use or the Privacy Policy you can contact us at support@harappa.education.

 

Grievance Officer: Mr. Gaurav Minhas

Email Id: help@harappa.education

 

DPO: Ms. Mamta Swaroop

Email Id: dpo@harappa.education