MCBEE Skills Foundation ← Back to site
Legal

Privacy Policy

Last updated: [Date]

Important: This policy has been drafted in compliance with the Digital Personal Data Protection Act, 2023 (DPDP Act) and IT Rules 2011. It must be reviewed by qualified legal counsel before the site goes live. It is not legal advice.

Contents

  1. Who we are
  2. What personal data we collect
  3. Why we collect it
  4. Legal basis for processing
  5. Who we share your data with
  6. Cookies and tracking
  7. How long we keep your data
  8. Your rights as a Data Principal
  9. Security
  10. Children's data
  11. Changes to this policy
  12. Contact

MCBEE Skills Foundation ("we", "us", "the Foundation") is a Section 8 not-for-profit company registered under the Companies Act, 2013. This Privacy Policy is published in compliance with the Digital Personal Data Protection Act, 2023 ("DPDP Act") and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011.

1 Who we are (Data Fiduciary)

For the purposes of the DPDP Act, we are the Data Fiduciary for personal data collected through this website.

MCBEE Skills Foundation

Registered office: [Registered office address — to be added]

CIN: [to be added]  ·  PAN: [to be added]

Email: info@mcbeeskills.com

Phone: [to be added]

2 What personal data we collect

When you apply for our Track One youth programme:

  • Full name, date of birth, gender
  • Phone number and email address
  • City
  • Education details and year of completion
  • Your written application content
  • IP address and device information at the time of submission

When you submit a partner enquiry:

  • Name, company name, and designation
  • Phone number and email address
  • Information you choose to share in your message

When you opt in to updates (partners and enquirers only):

  • Email address, and name (optional) — collected via the Partner With Us form only

Automatically collected when you visit our website:

  • IP address, browser type, device type, operating system
  • Pages visited, time spent, referring URL
  • Cookies and similar tracking technologies (see §6)

We do not knowingly collect sensitive personal data such as financial account numbers, biometric data, or health information through this website.

3 Why we collect it (purposes of processing)

We process your personal data only for the following specified purposes:

  • To evaluate, process, and respond to your programme application
  • To evaluate, process, and respond to your partnership enquiry
  • To communicate with you about your application, enquiry, or our work — only with your consent
  • To send you updates about the Foundation, if you have specifically subscribed
  • To comply with our legal, regulatory, and audit obligations
  • To improve our website and our communications
  • To prevent fraud, abuse, and security incidents

We do not process your personal data for any purpose other than those explicitly listed above.

4 Legal basis for processing

We process personal data on the basis of:

  • Your consent, given through the consent checkbox on our forms, for all primary processing purposes
  • Legitimate uses as permitted under Section 7 of the DPDP Act, in limited cases — such as complying with a court order or legal obligation

You may withdraw your consent at any time (see §8 below). Withdrawal does not affect the lawfulness of processing that occurred before withdrawal.

5 Who we share your data with

We do not sell, rent, or trade your personal data with any third party.

We share your personal data only with:

  • Our authorised staff, board members, and volunteers, on a need-to-know basis, for the purposes stated in §3
  • Our service providers who help us operate (hosting, email service, database, form processing) — each bound by data processing agreements
  • Our auditors, lawyers, and regulators where legally required
  • Government authorities where required by law — e.g., a court order, statutory notice, or law enforcement request

If we ever transfer personal data outside India, we will do so in compliance with Section 16 of the DPDP Act.

6 Cookies and tracking technologies

Our website uses minimal cookies and similar technologies:

  • Essential cookies — required for the site to function (e.g., remembering your form progress)
  • Analytics — we use Plausible Analytics, a privacy-friendly analytics tool that does not use cookies, does not collect personal data, and does not require a consent banner

You can disable non-essential cookies through your browser settings without affecting your ability to use the site.

7 How long we keep your data

Data typeRetention period
Programme applications3 years from submission; or programme duration + 5 years if you become a student
Partner enquiries5 years from last interaction
Newsletter subscribersUntil you unsubscribe; deleted within 30 days of unsubscribe
Website analyticsAnonymised after 13 months
Payment records (if applicable)7 years (statutory — Income Tax Act)

After these periods, your personal data is permanently deleted, unless we are required by law to retain it for longer.

8 Your rights as a Data Principal

Under the DPDP Act, 2023, you have the following rights:

Right to informationKnow what personal data we hold and how it is being processed.
Right to correction & erasureAsk us to correct inaccurate data or delete data we no longer need.
Right of grievance redressalRaise a complaint about how we process your data. See our Grievance Policy.
Right to nominateNominate someone to exercise these rights on your behalf in the event of death or incapacity.
Right to withdraw consentWithdraw your consent for processing at any time. Withdrawal is prospective only.

To exercise any of these rights, write to info@mcbeeskills.com. We will respond within 30 days.

If you are not satisfied with our response, you may approach the Data Protection Board of India once it is constituted under the DPDP Act.

9 Security

We take reasonable security measures to protect your personal data, including:

  • Encrypted transmission (SSL/TLS) on the website
  • Access controls on our internal systems
  • Secure database hosting with reputable providers
  • Periodic security reviews

However, no system is 100% secure. If a personal data breach occurs that is likely to result in harm to data principals, we will notify the Data Protection Board and affected individuals as required under the DPDP Act.

10 Children's data

Our website is not directed at children under 18. Our Track One programme is open only to applicants aged 18 and above. We do not knowingly collect personal data from anyone under 18. If we become aware that a child under 18 has submitted data, we will delete it promptly.

11 Changes to this policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page will reflect any changes. We will notify registered users of material changes via email.

12 Contact

For any questions about this Privacy Policy, or to exercise any of your rights:

Privacy Contact

Email: info@mcbeeskills.com

Postal: [Registered office address — to be added]

Grievance Officer

Name: [to be appointed]

Email: info@mcbeeskills.com

Phone: [to be added]

We will acknowledge your communication within 7 working days and substantively respond within 30 days.

MCBEE Skills Foundation

A Section 8 (Not-for-profit) Company · Delhi NCR

Powered by MCBEE

Programme
  • The Curriculum
  • Apply
  • Track Two
  • One Year After
Get Involved
  • Hire a Graduate
  • Volunteer
  • Support / Donate
  • Press / Media
About & Legal
  • Privacy Policy
  • Terms of Use
  • Donor Policy
  • Grievance

© 2026 MCBEE Skills Foundation. All rights reserved.

Registered Office: Delhi NCR