Privacy Policy
DESH APNAYEN Sahayog FOUNDATION
TERMS OF USE AGREEMENT
Governing the Use of the Desh Apnayen Mobile Application
SECTION 1 — PREAMBLE AND INTRODUCTION
1.1 About Desh Apnayen Sahayog Foundation
Desh Apnayen Sahayog Foundation (hereinafter referred to as “the Foundation”, “we”, “us”, “DASF” or “our”) is a registered non-governmental organisation incorporated under the Companies Act, 2013, dedicated to the mission of nurturing aware, active, responsible, and civically engaged citizens of India. The Foundation works extensively with educational institutions across the country, delivering structured, curriculum-integrated civic education and citizenship development programmes to students, teachers, and school communities.
1.2 The Application
The Foundation has developed a dedicated mobile application (hereinafter referred to as “the Application” or “the App”) to serve as a comprehensive digital platform supporting the delivery of its civic education programmes. The Application enables schools, teachers, engagement officers, volunteers and Foundation administrators to access course materials, track programme delivery, manage institutional data, facilitate communication, and perform other functions directly connected to the Foundation’s educational mission.
1.3 Acceptance of Terms
These Terms of Use (hereinafter referred to as “these Terms” or “this Agreement”) constitute a legally binding agreement between you (the “User”) and the Foundation, governing your access to and use of the Application. By downloading, installing, registering on, accessing, or using the Application in any manner, you acknowledge that you have read, understood, and agree to be bound by these Terms in their entirety.
IF YOU DO NOT AGREE TO THESE TERMS, YOU MUST IMMEDIATELY CEASE USE OF THE APPLICATION AND UNINSTALL IT FROM YOUR DEVICE. YOUR CONTINUED USE OF THE APPLICATION FOLLOWING THE EFFECTIVE DATE OR FOLLOWING ANY NOTIFICATION OF AMENDMENT TO THESE TERMS SHALL CONSTITUTE YOUR UNCONDITIONAL ACCEPTANCE OF THE TERMS AS AMENDED.
1.4 User Categories
The Application is designed to serve multiple categories of users, each of whom is granted role-specific access. These categories are: (a) Schools and School Administrators; (b) Teachers; (c) Engagement Officers and Volunteers (collectively, the “Field Team”); and (d) Foundation’s Central Team, comprising the Super Administrator, Content Manager, Content Head, Communications Team, and Monitoring & Evaluation (M&E) personnel. The rights, obligations, and restrictions set out in these Terms apply to all User categories unless expressly stated otherwise.
1.5 Not a Platform for Minor Users
The Application is not intended for direct access or use by students or children. Students do not hold accounts on the Application and are not authorised to register or log in. Certain limited student data — specifically student names and roll numbers — may be entered into the Application by authorised Teachers solely for programme management and assessment tracking purposes. The Foundation treats such information with the utmost care and in accordance with applicable data protection laws.
SECTION 2 — DEFINITIONS AND INTERPRETATION
2.1 Definitions
In these Terms, unless the context otherwise requires, the following expressions shall have the meanings assigned to them below:
“Application” or “App” means the Desh Apnayen mobile application developed and operated by the Foundation, including all versions, updates, upgrades, and associated services provided through it.
“Account” means the unique, password-protected profile created by or for an authorised User to access the Application.
“Block Resource Coordinator” or “BRC” means a government education functionary operating at the block level within India’s public education system, engaged by or in collaboration with the Foundation as a resource partner for the purpose of facilitating and supporting the Foundation’s civic education programme delivery.
“Central Team” means the Foundation’s internal staff comprising the Super Administrator, Content Manager, Content Head, and M&E personnel, each of whom operates the Application with elevated administrative permissions corresponding to their respective roles.
“Cluster Resource Coordinator” or “CRC” means a government education functionary operating at the cluster level within India’s public education system, engaged by or in collaboration with the Foundation as a resource partner for programme support and coordination at the cluster level.
“Cluster Resource Person” or “CRP” means a government education functionary providing academic and resource support at the cluster level within India’s public education system, engaged by or in collaboration with the Foundation for the purpose of supporting the delivery of the Foundation’s civic education programmes.
“Content” means all text, images, videos, audio files, documents, assessments, quizzes, course materials, reports, notifications, and any other information or material available on or through the Application.
“Data Fiduciary” has the meaning assigned to it under the Digital Personal Data Protection Act, 2023, and refers to any person or entity that determines the purpose and means of processing personal data. The Foundation acts as a Data Fiduciary in relation to all personal data processed through the Application.
“Data Principal” has the meaning assigned to it under the Digital Personal Data Protection Act, 2023, and refers to the individual to whom the personal data relates.
“DPDPA 2023” means the Digital Personal Data Protection Act, 2023, enacted by the Parliament of India.
“Engagement Officer” and “Volunteer” mean field personnel engaged by or working in collaboration with the Foundation who are authorised to use the Application in the course of programme delivery, outreach, and coordination.
“Foundation” means Desh Apnayen Sahayog Foundation, a registered non-governmental organisation.
“Intellectual Property” means all copyright, patents, trademarks, service marks, trade names, logos, designs, course content, materials, databases, and all other proprietary rights, whether registered or unregistered, owned by or licensed to the Foundation.
“Personal Data” has the meaning assigned to it under DPDPA 2023 and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and includes any information that directly or indirectly identifies an individual.
“Privacy Policy” means the Foundation’s Privacy Policy accessible through the Application, which governs the collection, use, storage, and disclosure of Personal Data, and which forms an integral part of these Terms.
“School” or “Associated School” means an educational institution that has entered into a formal agreement or memorandum of understanding with the Foundation for the delivery of its civic education programmes, and which has been granted access to the Application.
“School Administrator” means the authorised representative of an Associated School who holds an Account on the Application and manages the school’s participation in the Foundation’s programmes.
“Student Data” means the limited data pertaining to students — specifically student names and roll numbers — entered into the Application by authorised Teachers solely for programme management purposes. Students are not registered users of the Application.
“Super Administrator” means the Foundation’s designated personnel with the highest level of administrative access to the Application, responsible for overall platform management.
“Teacher” means an educator at an Associated School who has been authorised by the School Administrator and the Foundation to hold an Account on the Application for the purpose of accessing and delivering the Foundation’s civic education programmes.
“Third-Party Services” means external services, platforms, application programming interfaces, analytics tools, and other resources operated by third parties that are integrated into or accessible through the Application.
“User” means any person who accesses or uses the Application in any capacity, including School Administrators, Teachers, Engagement Officers, Volunteers, CRC, BRC, CRP and Central Team personnel.
“User-Generated Content” means any data, text, images, or other content uploaded, submitted, or created by a User through the Application’s communication, feedback, or content submission features.
2.2 Interpretation
In these Terms: (a) references to the singular include the plural and vice versa; (b) references to any statute or statutory provision include all amendments, modifications, and re-enactments thereof; (c) headings are for convenience only and shall not affect interpretation; (d) the words “including” and “includes” shall be construed as meaning “including without limitation” and shall not be read as limiting the generality of any preceding words; (e) references to “writing” include electronic communications where applicable; and (f) a reference to a “party” means either the User or the Foundation as the context requires.
SECTION 3 — ELIGIBILITY AND REGISTRATION
3.1 General Eligibility
Access to the Application is restricted to authorised individuals acting within the categories described in Section 2.1(u) above. Eligibility to use the Application is not open to the general public. The Application shall only be made available to Users who have been specifically authorised by the Foundation or by an Associated School in accordance with the procedures established by the Foundation.
3.2 School Eligibility and On-boarding
A School is eligible to use the Application only upon execution of a formal agreement or memorandum of understanding with the Foundation governing the delivery of civic education programmes.
The School Administrator shall be the primary point of contact between the School and the Foundation for all matters pertaining to the Application.
By registering on the Application, the School Administrator represents and warrants that: (i) they are duly authorised to act on behalf of the School; (ii) the information provided during registration is accurate, complete, and current; and (iii) the School shall ensure that all Teachers added by or on behalf of the School comply with these Terms.
3.3 Teacher Eligibility and Registration
Teachers may access the Application only after having been authorised by both the Associated School and the Foundation.
A Teacher’s Account may be created by the Foundation’s Central Team upon receipt of an authorisation credential issued by the Foundation.
Teachers must be eighteen (18) years of age or above and must be employees or authorised educators of an Associated School at the time of registration.
3.4 Engagement Officers and Volunteers
Engagement Officers and Volunteers are field personnel authorised directly by the Foundation. Their Accounts shall be created by the Foundation’s Central Team.
Engagement Officers and Volunteers must be eighteen (18) years of age or above.
3.5 Cluster Resource Persons (CRP), Cluster Resource Coordinators (CRC), and Block Resource Coordinators (BRC)
CRPs, CRCs, and BRCs are government education functionaries who may be authorised to access the Application by the Foundation, in their capacity as resource partners or collaborating personnel in the Foundation’s programme delivery.
Accounts for CRPs, CRCs, and BRCs shall be created by the Foundation’s Central Team upon receipt of the relevant authorisation and identification details.
CRPs, CRCs, and BRCs must be eighteen (18) years of age or above. By accepting registration, each such User represents that they are acting in their official capacity and that their use of the Application is consistent with their institutional obligations.
The access rights of CRPs, CRCs, and BRCs shall be determined by the Foundation and limited to the features and data necessary for their specific function in the programme.
3.6 Central Team
Accounts for the Foundation’s Central Team, including Super Administrators, Content Managers, Content Heads, Communications Team members, and M&E personnel, shall be created and administered exclusively by the Super Administrator. Access levels and permissions for each Central Team role shall be determined by the Foundation’s internal policies.
3.7 No Direct Registration by Students
Students — whether minor or adult — are expressly prohibited from registering on or accessing the Application. Any attempt by a student to register on the Application shall be treated as an unauthorised use. Teachers and School Administrators are responsible for ensuring that students do not gain access to their Accounts or to the Application.
3.8 Account Security and Responsibility
Each User is solely responsible for maintaining the confidentiality of their Account credentials, including username and password.
You must immediately notify the Foundation at contact@deshapnayen.org if you suspect any unauthorized use of your Account.
The Foundation shall not be liable for any loss, damage, or unauthorised access arising from your failure to protect your Account credentials.
You agree not to create more than one Account or to share your Account credentials with any other person.
3.9 Accuracy of Information
All information provided by Users during registration and use of the Application must be accurate, complete, and kept up to date. The Foundation reserves the right to suspend or terminate any Account where inaccurate, false, or misleading information has been provided, and may take such other action as it deems appropriate.
SECTION 4 — USER ROLES, ACCESS LEVELS, AND PERMISSIONS
4.1 Role-Based Access
The Application operates on a role-based access control model. Each User category has defined access to features and data commensurate with their role. The Foundation reserves the right to modify, restrict, or expand access levels at any time, subject to reasonable notice to affected Users where practicable.
4.2 School Administrator
School Administrators may: access the school administration dashboard; register and manage Teacher Accounts affiliated with their School; view programme delivery reports and analytics pertaining to their School; communicate with the Foundation’s Central Team and Teachers; access educational resources provided by the Foundation; and perform other administrative functions as made available by the Foundation from time to time.
4.3 Teacher
Teachers may: access civic education course content and learning materials; record and track class-level programme delivery; input limited student data (names and roll numbers) for assessment and tracking purposes; communicate with the School Administrator and the Foundation’s Field Team; submit feedback and evaluation reports; access training resources and resource libraries; and perform other functions assigned to the Teacher role.
4.4 4.5 Cluster Resource Persons (CRP), Cluster Resource Coordinators (CRC), and Block Resource Coordinators (BRC)
CRPs, CRCs, and BRCs may access the Application within the scope of their designated role, which may include: viewing programme delivery data relevant to their cluster or block jurisdiction; accessing training and resource materials; coordinating with Teachers and Field Team members within their area; submitting area-level field reports and observations; and performing other functions specifically assigned to their role by the Foundation. Access to School-level or Teacher-level data shall be granted only to the extent necessary for the CRP’s, CRC’s, or BRC’s function in the programme.
4.5 Engagement Officers and Volunteers (Field Team)
Engagement Officers and Volunteers may: access programme schedules, materials, and coordination tools relevant to their assigned schools or areas; schedule school visits, submit field reports and data; communicate with associated Teachers, School Administrators, and the Central Team; and perform other functions assigned to the Field Team role by the Foundation.
4.6 Central Team
Central Team personnel have access corresponding to their specific sub-roles: (a) Super Administrators have the highest level of platform access, including user management, configuration, and all data; (b) Content Managers and Content Heads have access to content management and publication tools; (c) Communications Team personnel have access to notification, announcement, and messaging tools; (d) M&E personnel have access to analytics, programme evaluation data, and reporting tools.
4.7 Foundation’s Right to Modify Access
The Foundation reserves the right, at its sole discretion and at any time, to modify, restrict, or revoke any User’s access level, whether in response to a change in the User’s role, a breach of these Terms, a change in the Foundation’s operational requirements, or for any other reason the Foundation deems appropriate.
4.8 Future Feature — Attendance and Location Verification
The Foundation intends, at a future date, to implement an attendance verification feature within the Application. Under this feature, Users — Engagement Officers, Central Team Personnel — may be required to verify their attendance by capturing a photograph of themselves through the Application’s camera at the time of login or check-in, and by allowing the Application to verify their GPS location against their registered office, school, or field activity location.
By continuing to use the Application and accepting these Terms, you are hereby informed of and consent to this future feature. When implemented, the attendance feature will: (a) capture your photograph at the time of check-in for identity verification purposes; (b) access and record your real-time GPS location for the purpose of verifying that you are physically present at your registered or assigned location; (c) retain attendance records — including photographs and location data — for programme management, reporting, and accountability purposes. The Foundation will notify all Users prior to the activation of this feature and will update these Terms and the Privacy Policy accordingly. The photograph captured for attendance verification may constitute biometric-adjacent data; the Foundation will obtain specific consent from each User before enabling this feature on their Account.
SECTION 5 — ACCEPTABLE USE POLICY
5.1 Permitted Use
You may use the Application solely for the purposes described in these Terms and for activities directly connected to your authorised role in the Foundation’s civic education programme. Specifically, permitted uses include: accessing educational content and course materials for delivery of the Foundation’s programmes; recording and managing programme delivery data; communicating with other authorised Users for programme-related purposes; submitting reports, assessments, and feedback as required by your role; and accessing resources and tools provided by the Foundation for legitimate programme purposes.
5.2 Prohibited Activities
You must not, and you agree not to, engage in any of the following activities in connection with your use of the Application:
Use the Application for any purpose other than the Foundation’s civic education programme or your specific role-based functions.
Upload, post, share, or transmit any content that is unlawful, defamatory, obscene, pornographic, abusive, threatening, hateful, discriminatory, or otherwise objectionable.
Engage in, facilitate, or promote any form of bullying, harassment, intimidation, or humiliation of any other User or any student.
Disclose, share, or misuse Student Data in any manner inconsistent with these Terms, the Privacy Policy, or applicable law, including sharing student names or roll numbers with unauthorised persons or for purposes unconnected to the Foundation’s programme.
Upload any content featuring an identifiable minor student without having first obtained the express prior written consent of the student’s parent or guardian, as required by Section 6.6 of these Terms.
Impersonate any person or entity, or falsely represent your affiliation with any person, institution, or organisation.
Attempt to gain unauthorised access to any part of the Application, any other User’s Account, or the Foundation’s servers or infrastructure.
Use any automated tool, bot, script, crawler, or other mechanism to access, scrape, copy, or extract data from the Application.
Interfere with, disrupt, or circumvent the security or integrity of the Application, its servers, networks, or any connected systems.
Reproduce, distribute, modify, create derivative works of, or commercially exploit any Content or Intellectual Property of the Foundation without its express written consent.
Use the Application to advertise, solicit business, or conduct any commercial activity unrelated to the Foundation’s programmes.
Upload or transmit any malware, viruses, Trojan horses, or any other harmful or malicious code.
Misrepresent programme delivery data or falsify reports, assessments, or feedback submitted through the Application.
Share your Account credentials or access the Application using another User’s credentials.
Allow or facilitate access to the Application by any unauthorised person, including students.
Violate any applicable law, regulation, or order of any competent authority in connection with your use of the Application.
Take any action that may bring the Foundation’s reputation, mission, or programmes into disrepute.
5.3 Zero Tolerance Policy
The Foundation maintains a zero-tolerance policy towards any use of the Application that endangers, exploits, harasses, or is otherwise harmful to any individual, particularly children. Any User found to have engaged in such conduct shall have their Account immediately suspended or terminated and may be reported to appropriate law enforcement authorities.
5.4 Foundation’s Right to Remove Content
The Foundation reserves the right, at its sole discretion and without prior notice, to remove, disable, or restrict access to any User-Generated Content that it considers to be in violation of these Terms or applicable law, or that it deems harmful, inappropriate, or inconsistent with the Foundation’s mission and values.
SECTION 6 — INTELLECTUAL PROPERTY RIGHTS
6.1 Ownership
The Application, and all Content, course materials, civic education curricula, assessments, training resources, databases, software, designs, logos, trademarks, and other materials available on or through the Application, are the exclusive intellectual property of Desh Apnayen Sahayog Foundation or its licensors, as the case may be. Nothing in these Terms shall be construed as transferring any ownership in or to the Foundation’s Intellectual Property to any User.
6.2 Limited Licence to Users
Subject to these Terms, the Foundation grants each authorised User a limited, non-exclusive, non-transferable, non-sublicensable, revocable licence to access and use the Application and its Content solely for the purposes of delivering the Foundation’s civic education programme in your authorised capacity. This licence does not permit: (a) reproduction or distribution of Content outside the Application; (b) modification of Content; (c) commercial exploitation of Content; (d) use of Content for any purpose unrelated to the Foundation’s programmes; or (e) removal or alteration of any proprietary notices on Content.
6.3 User-Generated Content
Where any User submits, uploads, or creates any content, report, feedback, or other material through the Application (collectively, “User-Generated Content”), the User hereby grants the Foundation a non-exclusive, royalty-free, perpetual, worldwide licence to use, reproduce, process, adapt, and display such User-Generated Content solely for the purposes of operating and improving the Application and the Foundation’s programmes.
The User represents and warrants that they have all necessary rights to submit User-Generated Content and that such content does not infringe any third-party intellectual property rights.
The Foundation does not claim ownership of User-Generated Content but reserves the right to remove any content that violates these Terms.
6.4 By sharing, uploading, or submitting any feedback, testimonials, field notes, photographs, audio recordings, video recordings, or other content through the Application, you (as a Teacher, Engagement Officer, Volunteer, CRP, CRC, BRC, or other authorised User) expressly grant the Foundation your consent and a non-exclusive, royalty-free, perpetual licence to use, reproduce, adapt, edit, and publish such content for any of the following purposes:
Preparation and submission of government reports, programme evaluation reports, and official documentation.
Publication in the Foundation’s newsletters, impact stories, annual reports, and official publications, whether in print or digital form.
Posts and articles on the Foundation’s official blog, website, and digital platforms.
Posts, reels, stories, and other content on the Foundation’s official social media handles and channels, including but not limited to Instagram, Facebook, LinkedIn, X (formerly Twitter), and YouTube.
Communication with donors, funding agencies, institutional partners, and other programme stakeholders.
The Foundation shall use such content responsibly and in a manner consistent with its educational mission and public interest objectives. You may, at any time, withdraw your consent to future use of specific content by notifying the Grievance Officer in writing, provided that such withdrawal shall not affect the validity of any use made prior to receipt of such notice. The Foundation is not obliged to credit individual contributors, but shall endeavour to do so where appropriate and practicable.
6.5 Consent to Use of Photographs and Videos Featuring Adult Users
As a condition of your registration and use of the Application, and in furtherance of the Foundation’s communications and outreach activities, you hereby grant the Foundation your express consent to use portions of photographs and video recordings in which you are visible — including, for example, images or footage of you teaching, participating in programme activities, speaking at events, or conducting field work — for the following purposes and across the following channels, without any obligation of additional payment or compensation:
Posts, stories, and content on the Foundation’s official social media handles and channels, including Instagram, Facebook, LinkedIn, X (formerly Twitter), and YouTube.
The Foundation’s official website and digital blog.
WhatsApp groups and messaging platforms operated or managed by the Foundation for internal or stakeholder communications.
Printed and digital brochures, flyers, and programme promotional materials.
Annual reports, impact reports, and publications submitted to funding agencies, government bodies, and programme partners.
The Foundation shall use such photographs and video recordings in a manner that is respectful, dignified, and consistent with its educational mission. If at any time you object to the continued use of a specific photograph or video in which you are visible, you may notify the Grievance Officer in writing, and the Foundation shall cease future use of such specific material, subject to reasonable operational timelines, without prejudice to uses already made.
6.6 Student Content — Consent Obligation and User Representation
Given the nature of the Foundation’s programme, Users may from time to time capture, possess, or seek to share photographs, videos, audio recordings, or other content featuring students (who are, in many cases, minor children). The following obligations and representations apply to all such student content:
Obligation to Obtain Prior Consent: Before uploading, sharing, or submitting through the Application any content — including photographs, videos, or audio recordings — in which an identifiable student or minor child is featured, the User (whether a Teacher, Engagement Officer, CRP, CRC, BRC, or other User) is required to have obtained the prior, express, and informed consent of the student’s parent or legal guardian. In the case of adult students (aged eighteen years or above), consent must be obtained from the student directly. This obligation is absolute and admits of no exception.
Deemed Representation upon Upload: By uploading, submitting, or sharing any content featuring an identifiable student or minor child through the Application, you unconditionally represent and warrant to the Foundation that: (i) you have obtained the necessary prior consent from the student’s parent, legal guardian, or (in the case of an adult student) the student themselves; (ii) such consent was freely given, specific, informed, and unambiguous; (iii) the content does not violate the dignity, privacy, or safety of the student; and (iv) you have complied with all applicable laws, including the Protection of Children from Sexual Offences Act, 2012, the Juvenile Justice (Care and Protection of Children) Act, 2015, and DPDPA 2023.
Foundation’s Use of Student Content: Where student content is uploaded by an authorised User in compliance with this Section, the Foundation may use such content for the purposes described in Section 6.4 (institutional publications and communications). The Foundation shall ensure that any use of content featuring minor students is respectful, appropriate, non-commercial, and consistent with the Foundation’s educational mission and applicable child protection laws.
Indemnification: You agree to fully indemnify, defend, and hold harmless the Foundation and its trustees, officers, employees, and volunteers from and against all claims, liabilities, damages, costs, and expenses (including legal fees) arising out of or connected with your breach of this Section 6.6, including any failure to obtain the required parental or guardian consent before uploading student content.
Foundation’s Right to Remove: The Foundation reserves the right to remove any student content that it has reasonable grounds to believe was uploaded without the required consent, or that it considers inappropriate, unsafe, or contrary to applicable law, at any time and without prior notice to the User.
Feedback
Any feedback, suggestions, or ideas submitted by Users to the Foundation regarding the Application may be used by the Foundation freely and without any obligation, compensation, or acknowledgement to the User.
6.5 Prohibition on Unauthorised Use
Any reproduction, distribution, transmission, publication, or commercial exploitation of the Foundation’s Intellectual Property without its express written authorisation is strictly prohibited and may constitute an infringement of copyright, trademark, or other applicable law, for which the Foundation may seek all available legal remedies.
SECTION 7 — CONTENT AND COURSE MATERIALS
7.1 Nature of Content
The Application provides educational content, civic education course materials, training resources, assessments, and other informational materials to support the Foundation’s programmes. Such content is provided for educational and programme delivery purposes only and does not constitute professional, legal, or other specialised advice.
7.2 No Warranty of Accuracy
While the Foundation endeavours to ensure that all Content on the Application is accurate and current, it makes no warranty or representation as to the completeness, accuracy, currency, or suitability of any Content for any particular purpose. Users are encouraged to verify information independently where necessary.
7.3 No Guarantee of Educational Outcomes
The Foundation makes no warranty or guarantee regarding specific educational outcomes, civic knowledge levels, or student performance that may result from use of the Application or delivery of the Foundation’s programmes.
7.4 Foundation’s Right to Modify Content
The Foundation reserves the right, at any time and without prior notice, to add, modify, update, remove, or restrict access to any Content on the Application, including course materials, resources, and features. Such modifications may be made to improve quality, ensure legal compliance, align with updated programme objectives, or for any other reason at the Foundation’s discretion.
SECTION 8 — COMMUNICATION FEATURES
8.1 Permissible Communications
The Application’s messaging, notification, and announcement features must be used exclusively for programme-related communications — that is, communications directly pertaining to the delivery and coordination of the Foundation’s civic education programmes. Any use of communication features for personal, commercial, or unrelated purposes is prohibited.
8.2 Standards of Communication
All communications conducted through the Application must be respectful, professional, and appropriate for an educational environment. Users must not use the Application’s communication tools to make any communication that is defamatory, abusive, threatening, discriminatory, sexually explicit, or otherwise inappropriate, particularly given that the Application operates within a school and education ecosystem.
8.3 Monitoring
The Foundation reserves the right, but does not undertake an obligation, to monitor communications conducted through the Application for the purposes of ensuring compliance with these Terms, maintaining the integrity of the platform, ensuring child safety, and complying with applicable law. Users are hereby put on notice that communications on the Application are not private as between Users and the Foundation to the extent required for these purposes.
8.4 Push Notifications
By using the Application, you consent to receiving push notifications related to your role, programme activities, updates, and announcements from the Foundation. You may manage notification preferences through your device settings, subject to the understanding that disabling certain notifications may affect your ability to receive time-sensitive programme-related information.
SECTION 9 — THIRD-PARTY SERVICES AND LINKS
9.1 Use of Third-Party Services
The Application integrates with or utilises Third-Party Services including, without limitation: Amazon Web Services (AWS) for cloud hosting and data storage; Google Firebase for backend services and analytics; Google Maps API for location-related features; Google Translate API for language assistance features; and Google Analytics for usage analytics (where enabled). The Foundation may add, modify, or discontinue any Third-Party Service integrations at any time.
9.2 Third-Party Terms
Your use of any Third-Party Services through the Application is also governed by the terms of use and privacy policies of the respective third-party providers. The Foundation has no control over Third-Party Services and is not responsible for their availability, accuracy, content, or data practices. Users are encouraged to review the terms and privacy policies of Third-Party Services.
9.3 Links to External Websites
The Application may contain links to external websites or resources for informational purposes. The Foundation does not endorse, control, or take responsibility for the content, accuracy, privacy practices, or availability of any externally linked websites. Access to external links is at your own risk.
9.4 Disclaimer of Liability
The Foundation expressly disclaims all liability for any loss, damage, or inconvenience arising from your use of Third-Party Services or your access of external links through the Application.
SECTION 10 — FEES AND PAYMENTS
10.1 Current Fee Structure
As of the Effective Date, access to and use of the Application by authorised Schools Teachers, Engagement Officers, Volunteers, and Foundation personnel is provided free of charge as part of the Foundation’s non-profit educational mission. The Foundation does not collect any fees, donations, or payment information through the Application.
10.2 No Financial Transactions
The Application does not currently process any financial transactions, and no payment gateway or financial data collection mechanism is integrated into the Application. Users should not attempt to submit any financial or payment information through the Application.
SECTION 11 — TERM, SUSPENSION, AND TERMINATION
11.1 Duration
This Agreement shall remain in effect for as long as you hold an active Account on the Application, unless earlier terminated in accordance with this Section.
11.2 Termination by User
You may terminate your Account and this Agreement at any time by requesting account deletion through the Application’s settings or by contacting the Foundation at contact@deshapnayen.org. Upon such request, the Foundation shall deactivate your Account within a reasonable period.
11.3 Suspension or Termination by Foundation
The Foundation may, at its sole discretion and without prior notice (or with such notice as is practicable), suspend, restrict, or permanently terminate your Account and access to the Application in the following circumstances:
Breach or suspected breach of any provision of these Terms.
Provision of false, inaccurate, or misleading information during registration or use.
Conduct that the Foundation reasonably believes is harmful, inappropriate, or contrary to applicable law.
Discontinuation or termination of the Associated School’s agreement with the Foundation (in the case of School-affiliated Users).
Cessation of your employment with or authorised engagement with the Foundation or the Associated School.
Any order of a competent court, regulatory authority, or law enforcement agency.
Operational, technical, or legal reasons at the Foundation’s discretion.
11.4 Effect of Termination
Upon termination, your right to access the Application and all Content shall immediately cease.
Termination does not affect any accrued rights or obligations, or any provisions of these Terms that by their nature are intended to survive termination (including, without limitation, intellectual property provisions, disclaimers, limitation of liability, and governing law).
Personal data associated with a terminated Account shall be handled in accordance with the Privacy Policy.
11.5 School’s Responsibility on Termination
Upon the termination or cessation of a School’s agreement with the Foundation, the School Administrator is responsible for notifying all associated Teachers and for ensuring the orderly cessation of their use of the Application. The Foundation will disable all Accounts associated with such a School upon receiving confirmation of the School’s termination.
SECTION 12 — DISCLAIMERS AND LIMITATION OF LIABILITY
12.1 Disclaimer of Warranties
THE APPLICATION AND ALL CONTENT, FEATURES, AND SERVICES PROVIDED THROUGH IT ARE MADE AVAILABLE ON AN “AS IS” AND “AS AVAILABLE” BASIS WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, TO THE FULLEST EXTENT PERMISSIBLE UNDER APPLICABLE INDIAN LAW. THE FOUNDATION EXPRESSLY DISCLAIMS ALL WARRANTIES, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, ACCURACY, OR UNINTERRUPTED OR ERROR-FREE OPERATION.
The Foundation does not warrant that: (a) the Application will be available at all times or at any particular time; (b) the Application will be free from errors, bugs, viruses, or other harmful components; (c) any defects in the Application will be corrected; or (d) the results obtained from use of the Application will meet your requirements or expectations.
12.2 Limitation of Liability
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE INDIAN LAW, IN NO EVENT SHALL THE FOUNDATION, ITS TRUSTEES, OFFICERS, EMPLOYEES, VOLUNTEERS, AGENTS, OR AFFILIATES BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, EXEMPLARY, OR PUNITIVE DAMAGES, OR DAMAGES FOR LOSS OF PROFITS, REVENUE, DATA, GOODWILL, OR OTHER INTANGIBLE LOSSES, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES, ARISING OUT OF OR IN CONNECTION WITH: (a) YOUR USE OF OR INABILITY TO USE THE APPLICATION; (b) ANY CONDUCT OR CONTENT OF ANY USER ON THE APPLICATION; (c) ANY CONTENT OBTAINED FROM THE APPLICATION; OR (d) UNAUTHORISED ACCESS TO, USE OF, OR ALTERATION OF YOUR DATA.
The Foundation’s total aggregate liability to any User for any and all claims arising out of or in connection with these Terms or the Application shall not exceed the sum of Indian Rupees One Thousand (INR 1,000/-) or the amount paid by such User to the Foundation in the twelve (12) months preceding the event giving rise to the claim (whichever is greater), to the extent permitted under applicable law.
12.3 Indemnification
You agree to defend, indemnify, and hold harmless the Foundation and its trustees, officers, employees, volunteers, agents, and affiliates from and against any claims, liabilities, damages, losses, costs, and expenses (including reasonable legal fees) arising out of or in connection with: (a) your use of the Application in violation of these Terms; (b) your violation of any applicable law or regulation; (c) your infringement of any third-party rights; or (d) any false or misleading information provided by you.
12.4 Force Majeure
The Foundation shall not be liable for any delay or failure in performance of the Application or any of its obligations under these Terms resulting from circumstances beyond its reasonable control, including without limitation: acts of God, natural disasters, fire, flood, pandemics, epidemics, governmental action or regulation, internet or telecommunications failures, power outages, civil unrest, or acts of third parties.
SECTION 13 — GRIEVANCE REDRESSAL MECHANISM
13.1 Appointment of Grievance Officer
In accordance with Rule 3(2) of the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, and applicable provisions of the Information Technology Act, 2000, the Foundation has appointed a designated Grievance Officer to address User grievances and concerns relating to the Application.
13.2 Grievance Officer Contact Details
Any User who has a grievance relating to Content available on the Application, violation of these Terms, data privacy concerns, or any other matter relating to the Application may file a written grievance with the Grievance Officer by email to the above address.
The grievance should clearly set out: (i) the User’s name, contact information, and Account details; (ii) a detailed description of the grievance; (iii) the specific relief sought; and (iv) any supporting documentation.
Upon receipt of a grievance, the Grievance Officer shall acknowledge receipt within forty-eight (48) hours.
The Foundation shall endeavour to resolve all grievances within thirty (30) days of receipt. In cases of complexity, the Grievance Officer may extend this period by a further fifteen (15) days, with intimation to the complainant.
13.4 Escalation
If you are not satisfied with the resolution provided by the Grievance Officer, you may escalate the matter to the Foundation’s leadership through ritvi.shetty@deshapnayen.org. If the matter relates to Personal Data, you may also approach the Data Protection Board of India once constituted under DPDPA 2023, or any other competent authority under applicable law.
SECTION 14 — MODIFICATIONS TO TERMS
14.1 Right to Amend
The Foundation reserves the right to amend, modify, or replace these Terms at any time, in its sole discretion, including to reflect changes in applicable law, the Application’s features, the Foundation’s policies, or for any other reason.
14.2 Notice of Amendments
Where practicable, the Foundation shall provide notice of material changes to these Terms by displaying a notification within the Application, sending a notification to registered Users, or by any other means the Foundation deems appropriate. Non-material or minor amendments may be made without specific notification.
14.3 Acceptance of Amended Terms
The amended Terms shall become effective from the date indicated in the notification or on the Application. Your continued use of the Application after the effective date of any amendment shall constitute your acceptance of the amended Terms. If you do not agree to the amended Terms, you must immediately cease use of the Application.
14.4 Review
Users are encouraged to review these Terms periodically to remain informed of any changes. The date of the latest revision shall be indicated at the beginning of this document.
SECTION 15 — GOVERNING LAW AND DISPUTE RESOLUTION
15.1 Governing Law
These Terms and all matters arising out of or in connection with them, including any dispute or claim (whether contractual or non-contractual), shall be governed by and construed in accordance with the laws of India.
15.2 Jurisdiction
Subject to the dispute resolution provisions below, the parties hereby submit to the exclusive jurisdiction of the competent courts and tribunals situated at Mumbai, Maharashtra, India, in respect of all disputes, claims, and proceedings arising out of or in connection with these Terms or the Application.
15.3 Dispute Resolution — Negotiation
In the event of any dispute, controversy, or claim arising out of or relating to these Terms or the Application, the parties shall first endeavour to resolve the dispute through good-faith negotiation. The aggrieved party shall notify the Foundation in writing of the nature of the dispute, and the parties shall attempt to resolve it within thirty (30) days of such notification.
15.4 Mediation
If a dispute is not resolved through negotiation within the period specified above, either party may refer the dispute to mediation conducted by a mutually agreed mediator or under the auspices of an independent mediation centre in Mumbai, Maharashtra. The parties shall bear their respective costs of mediation.
15.5 Arbitration
If mediation fails to resolve the dispute within sixty (60) days of referral to mediation (or such extended period as agreed), either party may refer the dispute to arbitration in accordance with the provisions of the Arbitration and Conciliation Act, 1996 (as amended). The arbitration shall be conducted by a sole arbitrator mutually appointed by the parties or, failing agreement, appointed by the High Court of Judicature at Bombay. The seat of arbitration shall be Mumbai, Maharashtra. The language of the arbitration shall be English. The award of the arbitrator shall be final and binding on the parties.
15.6 Emergency Relief
Nothing in this Section shall prevent either party from seeking interim or emergency relief, including injunctive relief, from a court of competent jurisdiction to protect its rights pending the resolution of any dispute.
15.7 No Class Actions
To the maximum extent permitted by applicable law, all disputes shall be resolved on an individual basis, and no User shall have the right to bring or participate in any class action, representative action, or consolidated proceeding against the Foundation.
SECTION 16 — MISCELLANEOUS
16.1 Entire Agreement
These Terms, read together with the Privacy Policy and any other policies or guidelines published by the Foundation on the Application, constitute the entire agreement between you and the Foundation with respect to the Application and supersede all prior agreements, representations, and understandings, whether written or oral.
16.2 Severability
If any provision of these Terms is found to be unlawful, void, or unenforceable by any court or competent authority, such provision shall be severed from these Terms without affecting the validity and enforceability of the remaining provisions, which shall continue in full force and effect.
16.3 Waiver
No failure or delay by the Foundation in exercising any right, power, or remedy under these Terms shall operate as a waiver thereof. No single or partial exercise of any right, power, or remedy shall preclude any further or other exercise thereof or the exercise of any other right, power, or remedy.
16.4 Assignment
You may not assign, transfer, or delegate any of your rights or obligations under these Terms to any other person. The Foundation may assign or transfer these Terms or any of its rights or obligations hereunder without restriction.
16.5 Relationship of Parties
Nothing in these Terms shall create or be deemed to create a partnership, joint venture, employment, or agency relationship between you and the Foundation.
16.6 Contact Information
DESH APNAYEN Sahayog FOUNDATION
PRIVACY POLICY
Governing the Collection, Use, and Protection of Personal Data on the Desh Apnayen Mobile Application
SECTION 1 — INTRODUCTION AND COMMITMENT TO PRIVACY
1.1 Our Commitment
Desh Apnayen Sahayog Foundation (hereinafter referred to as “the Foundation”, “we”, “us”, or “our”) is deeply committed to protecting the privacy and personal data of all individuals who interact with the Desh Apnayen mobile application (the “Application”). As an organisation devoted to the educational development and civic empowerment of India’s future generations, we recognise that trust is the foundation of all our relationships — with schools, teachers, field personnel, and, ultimately, with the students and communities we serve.
1.2 Importance of Privacy in an Educational Context
The Application is used within an educational ecosystem that involves professional educators, institutional administrators, and field volunteers, and it processes limited information about students (names and roll numbers) solely for programme management purposes. We are acutely conscious of our obligations in this context and treat all personal data with the care and sensitivity it deserves. Privacy is not a compliance obligation for us — it is an expression of our values.
1.3 Applicable Laws
This Privacy Policy is drafted in compliance with and to give effect to the following applicable laws and regulations:
The Digital Personal Data Protection Act, 2023 (DPDPA 2023)
The Information Technology Act, 2000 (IT Act)
The Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (SPDI Rules)
The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021
The Protection of Children from Sexual Offences Act, 2012 (POCSO), insofar as applicable to data protection contexts
All other applicable laws and regulations of India
We note that the Rules under DPDPA 2023 are in the process of being finalised by the Government of India. This Privacy Policy is designed to be compliant with the Act as enacted and shall be updated to incorporate the Rules as and when notified.
1.4 Consent to This Policy
By using the Application, you acknowledge that you have read, understood, and agreed to the collection, use, storage, and disclosure of your personal data as described in this Privacy Policy. If you do not agree, please cease use of the Application immediately.
SECTION 2 — DEFINITIONS
In this Privacy Policy, the following terms shall have the meanings set out below, including any meanings assigned to them under DPDPA 2023 or the IT Rules 2011:
“Consent” means a free, specific, informed, unconditional, and unambiguous indication of the Data Principal’s agreement to the processing of their Personal Data by means of a clear affirmative action.
“Data Fiduciary” means any person or entity who alone or in conjunction with others determines the purpose and means of processing Personal Data. The Foundation is the Data Fiduciary in respect of all Personal Data processed through the Application.
“Data Principal” means the individual to whom Personal Data relates.
“Data Processor” means any person who processes Personal Data on behalf of a Data Fiduciary.
“Data Protection Board” means the Data Protection Board of India established under DPDPA 2023.
“DPDPA 2023” means the Digital Personal Data Protection Act, 2023.
“Personal Data” means any data about an individual who is identifiable by or in relation to such data, as defined under DPDPA 2023.
“Processing” means any operation or set of operations performed on Personal Data, including collection, recording, organisation, structuring, storage, adaptation, retrieval, consultation, use, disclosure, transmission, dissemination, erasure, or destruction.
“Sensitive Personal Data or Information” (SPDI) has the meaning assigned under the IT (SPDI) Rules 2011 and includes passwords, financial information, health conditions, biometric data, and similar categories.
“Student Data” means the limited Personal Data of students entered into the Application by authorised Teachers — comprising student names and roll numbers — solely for the purpose of programme management and progress tracking. Students are not registered users of the Application.
“Third-Party Processor” means any third-party entity engaged by the Foundation to process Personal Data on its behalf, including cloud service providers and analytics service providers.
SECTION 3 — WHO THIS PRIVACY POLICY APPLIES TO
3.1 Registered Users
This Privacy Policy applies to all registered Users of the Application, namely: School Administrators; Teachers; Engagement Officers and Volunteers (Field Team); and Central Team personnel (Super Administrators, Content Managers, Content Heads, Communications Team, and M&E personnel).
3.2 Student Data
While students are not registered users of the Application and do not hold Accounts, limited Student Data — specifically student names and roll numbers — may be entered into the Application by authorised Teachers for programme management purposes. This Privacy Policy applies equally to such Student Data, and the Foundation is committed to ensuring that such data is handled with appropriate care, minimal processing, and strong security measures.
3.3 Prospective Users
This Privacy Policy also applies to any information collected from individuals who access the Application for evaluation or onboarding purposes before completing registration.
SECTION 4 — WHAT PERSONAL DATA WE COLLECT
4.1 Data Collected from School Administrators
When a School Administrator registers on and uses the Application, we may collect the following categories of Personal Data:
Full name and official designation
Official email address and mobile number
Name, address, and institutional details of the Associated School
Device information, including device ID, device model/type, IP address, and operating system (in the future)
Location data (latitude and longitude, where location services are enabled)
Usage and behavioural data — how you interact with the Application, including features accessed, pages viewed, and time spent
Communications and messages sent through the Application
Photographs, documents, and files uploaded through the Application camera, gallery feature and microphone
Feedback and survey responses submitted through the Application
4.2 Data Collected from Teachers
When a Teacher registers on and uses the Application, we may collect the following categories of Personal Data:
Full name, official designation, and subject or class taught
Official email address and mobile number
Institutional affiliation (Associated School)
Device information: device ID, device model/type, IP address, and operating system (future)
Location data (latitude and longitude)
Usage and behavioural data
Programme delivery data, including records of civic education sessions conducted, attendance, and class-level progress
Student Data entered by the Teacher — student names and roll numbers — for programme tracking purposes
Photographs, documents, and files uploaded through the Application camera, gallery feature and microphone
Communications and messages
Feedback, assessment records, and survey responses
Attendance verification photograph and GPS location data (upon activation of the future attendance feature)
4.3 Data Collected from Engagement Officers
We may collect the following Personal Data from Field Team personnel:
Full name and contact information (email and mobile number)
Organisation or school/area assigned
Device information: device ID, device model/type, IP address, and operating system (future)
Location data (latitude and longitude) for field visit tracking and coordination
Field visit records, activity reports, and programme data submitted through the Application
Photographs, files, and documents uploaded
Communications and messages
Feedback and survey responses
Attendance verification photograph and GPS location data (upon activation of the future attendance feature)
4.4 Data Collected from Volunteers
We may collect the following Personal Data from Field Team personnel:
Full name and contact information (email and mobile number)
Organisation or school/area assigned
Device information: device ID, device model/type, IP address, and operating system (future)
Location data (latitude and longitude) for field visit tracking and coordination
Field visit records, activity reports, and programme data submitted through the Application
Photographs, files, and documents uploaded
Communications and messages
Feedback and survey responses
4.5 Data Collected from CRPs, CRCs, and BRCs
When Cluster Resource Persons, Cluster Resource Coordinators, or Block Resource Coordinators access and use the Application, we may collect:
Full name, designation, and government department or institution
Official email address and mobile number
Cluster or block jurisdiction assigned
Device information: device ID, device model/type, IP address, and operating system (future)
Location data (latitude and longitude)
Area-level field reports and programme coordination data submitted through the Application
Photographs, documents, and files uploaded
Communications and messages
4.5 Data Collected from Central Team Personnel
For Foundation’s Central Team members, we collect:
Full name, designation, and contact details
Device information and IP address
Usage data and system access logs
Attendance verification photograph and GPS location data (upon activation of the future attendance feature)
Communications and system-generated data relating to platform management
4.6 Student Data
The only student-related data processed through the Application is the limited Student Data entered by authorised Teachers, namely: student names and roll numbers assigned by the school, for the sole purpose of managing programme delivery and tracking civic education progress at the class level. The Foundation does not collect any other personal information about students through the Application, and students do not interact directly with the Application.
4.7 Automatically Collected Technical Data
Regardless of User category, the Application automatically collects the following technical data when you use it:
Internet Protocol (IP) address
Device unique identifier (Device ID)
Device model and type (e.g., smartphone brand and model)
Geographic location data — latitude and longitude — when location services are enabled on your device
Operating system type and version (future collection)
Application version and crash logs
Date, time, and duration of Application sessions
Features and modules accessed within the Application
4.8 What We Do Not Collect
The Foundation does not collect: (a) financial information, payment card details, or banking information; (b) biometric data; (c) health or medical information; (d) government-issued identity numbers (such as Aadhaar numbers or PAN) unless specifically required for a documented legal purpose with explicit consent; or (e) any personal data of students beyond names and roll numbers.
SECTION 5 — HOW WE COLLECT PERSONAL DATA
5.1 Directly from Users
We collect Personal Data directly from you when you: register for and create an Account on the Application; complete your profile; input data pertaining to programme delivery, student progress, or field activities; upload photographs, documents, or files; communicate through the Application’s messaging features; complete feedback forms, surveys, or assessments; or contact us for support or assistance.
5.2 Through the Application Automatically
The Application automatically collects technical data — including device information, IP address, location data, and usage data — when you use it, through software development kits (SDKs) and analytics integrations (including Google Firebase). This data is collected to enable the Application to function correctly, to ensure security, and to help us understand how the Application is being used.
5.3 Device Permissions
The Application requests access to the following device features, for the purposes described:
Camera (including for Live Photo Capture): To enable Users to capture and upload photographs relevant to programme activities, field visits, and educational documentation, including real-time or live photo capture. Upon activation of the future attendance verification feature, the camera will also be used to capture a photograph of the User at the time of login check-in.
Gallery / Photos: To enable Users to access and upload photographs and images stored on their device relevant to programme activities and documentation.
Microphone: To enable Users to record audio in connection with programme activities, including audio documentation, recordings of sessions, and any audio-based features of the Application that may be introduced. You will be prompted to grant microphone access when a feature requiring it is first activated.
GPS / Location (precise location): To record the geographic location of field activities, school visits, programme delivery events, and — upon activation of the future attendance verification feature — to verify the User’s physical presence at their registered office or assigned location.
File Folder / Storage: To enable Users to access and upload documents and files relevant to the Foundation’s programme.
You may manage these permissions through your device’s settings at any time. Disabling certain permissions may limit the functionality of some features of the Application.
5.4 Through Third-Party Services
Certain data may be collected or processed through Third-Party Services integrated into the Application, including Google Firebase (usage analytics and backend services) and Google Analytics (where enabled). Such data collection by Third-Party Services is subject to their own privacy policies.
SECTION 6 — LEGAL BASIS AND PURPOSE OF PROCESSING
6.1 Legal Basis
Under DPDPA 2023 and applicable Indian law, we process Personal Data on the following legal bases:
Consent: Where you have voluntarily provided your Personal Data upon registration, or have given explicit consent to specific processing activities, including the use of location data and camera access.
Contractual Necessity: Where processing is necessary for the performance of the Foundation’s agreement with Associated Schools and their personnel, or for the provision of access to and features of the Application.
Legitimate Interests of the Foundation: Where processing is necessary for the Foundation’s legitimate purposes, including ensuring the security of the Application, monitoring programme delivery, and improving our civic education programmes, provided that such interests are not overridden by the rights and interests of the Data Principal.
Legal Obligation: Where processing is required to comply with any applicable law, regulation, court order, or direction of a competent governmental authority.
6.2 Purposes of Processing
We collect and process Personal Data for the following specific purposes:
Account Creation and Management: To register, verify, authenticate, and manage User Accounts on the Application.
Programme Delivery and Management: To facilitate and track the delivery of the Foundation’s civic education programmes at the school, class, and individual level.
Content Delivery: To provide Users with access to relevant course content, educational materials, assessments, and resources based on their role.
Student Progress Tracking: To record class-level programme delivery data and student participation (using Student Data) for the purpose of programme management and impact assessment.
Communication: To facilitate communication between the Foundation, School Administrators, Teachers, and Field Team members through the Application’s communication features.
Notifications: To send relevant push notifications, alerts, reminders, and announcements to Users.
Feedback and Programme Improvement: To collect feedback, survey responses, and evaluations from Users to continuously improve the Foundation’s programmes and the Application.
Reporting and Analytics: To generate programme reports, institutional analytics, and impact assessments for the Foundation’s internal use and for reporting to programme stakeholders.
Security and Integrity: To detect, prevent, and respond to fraud, unauthorised access, security incidents, and misuse of the Application.
Legal and Regulatory Compliance: To comply with applicable laws, regulations, court orders, and directives of competent authorities.
Application Improvement: To analyse usage patterns and technical performance data for the purpose of enhancing the Application’s features and user experience.
SECTION 7 — PROCESSING OF STUDENT DATA (MINOR-RELATED DATA)
7.1 Scope and Nature of Student Data
The Application processes limited data pertaining to students of Associated Schools — specifically student names and roll numbers — solely for the purpose of enabling Teachers to track civic education programme delivery at the class level. Students do not access or use the Application directly. The Application is not designed or intended for use by children below 18 years of age.
7.2 Our Commitment to Student Data Protection
Despite the limited nature of the Student Data processed, the Foundation recognises that student names are Personal Data and that many students involved in the Foundation’s programmes are minors. The Foundation is unconditionally committed to the responsible handling of all student-related information. We apply the following principles to Student Data processing:
Minimum Necessity: We collect only the minimum student data required for programme management — student names and roll numbers. No other student personal information is collected through the Application.
Purpose Limitation: Student Data is processed exclusively for the purpose of tracking civic education programme delivery and class-level participation. It is not used for any other purpose whatsoever.
No Profiling: The Foundation does not create individual profiles of students, analyse student behaviour, or use student information for any form of behavioural tracking or profiling.
No Commercial Use: Student Data is never used for advertising, marketing, commercial profiling, or any purpose unrelated to the Foundation’s civic education programme.
No Third-Party Disclosure: Student Data is never shared with any third party other than the Foundation’s authorised personnel and the Associated School, on a strict need-to-know basis.
Access Control: Access to Student Data within the Application is strictly limited to the Teacher who entered the data and authorised Foundation personnel with a legitimate need. School Administrators may access aggregate data pertaining to their school.
7.3 Student Content — Parental Consent Requirement
Where authorised Users (such as Teachers, Engagement Officers, CRPs, CRCs, or BRCs) upload any photographs, videos, audio recordings, or other content featuring identifiable minor students through the Application, the following rules apply:
Prior Parental Consent is Mandatory: Before uploading any content featuring an identifiable minor student, the User must have obtained the prior, express, informed, and written consent of the student’s parent or legal guardian. In the case of students who are adults (eighteen years or above), consent must be obtained from the student directly. The Foundation does not collect or store such consent forms directly but requires Users to maintain records of such consents.
Deemed Representation: By uploading any content featuring an identifiable student through the Application, the User unconditionally represents and warrants to the Foundation that: (i) all required parental or guardian consents have been duly obtained; (ii) such consent was freely given and specifically covered the use and upload of the particular content; (iii) the content does not compromise the safety, dignity, or privacy of the student; and (iv) the upload complies with all applicable laws including POCSO 2012, the Juvenile Justice Act 2015, and DPDPA 2023. The Foundation relies on this representation as a condition of the User’s access to the Application.
Foundation’s Use of Student Content: Where student content is uploaded by a User in compliance with this Section, the Foundation may use such content for the institutional communication purposes described in Section 6.4 of the Terms of Use (government reports, newsletters, impact stories, website, and social media). Any such use shall be respectful, appropriate, non-commercial, and consistent with the Foundation’s educational mission and applicable child protection laws.
Foundation’s Right to Remove: The Foundation may remove any student content that it has reasonable grounds to believe was uploaded without required consent, or that it considers inappropriate, unsafe, or contrary to applicable law, at any time and without prior notice.
Indemnification: The User shall be solely responsible for, and shall indemnify the Foundation against, all claims, liabilities, and costs arising from the upload of student content without the required parental or guardian consent.
7.3 School’s Responsibility
Associated Schools are responsible for ensuring that any Student Data provided to or entered into the Application by their Teachers has been collected by the School in accordance with applicable law and with the informed consent or knowledge of the student’s parent or guardian, as required. By using the Application to enter Student Data, Schools and Teachers represent and warrant that: (a) the school has appropriate authorisation to share such data with the Foundation for programme purposes; and (b) parents or guardians of minor students have been informed of the school’s participation in the Foundation’s programme and the limited data-sharing associated therewith. The Foundation shall not be responsible for any unauthorised or unlawful entry of Student Data by School personnel.
7.4 Rights of Schools and Parents regarding Student Data
An Associated School may request the Foundation to: (a) access and review the Student Data associated with the school; (b) correct or update any inaccurate Student Data; or (c) delete Student Data pertaining to students who have left the school or whose data is no longer required. Such requests may be made to the Grievance Officer at the contact details specified in Section 16. The Foundation shall process such requests in accordance with Section 12 (User Rights).
7.5 Security of Student Data
Student Data is subject to the same security measures as all other Personal Data on the Application, as detailed in Section 11. Access to Student Data is restricted through role-based access controls to ensure that only authorised personnel can view it.
SECTION 8 — CONSENT MECHANISM
8.1 Consent at Registration
When you first download and open the Application, you will be presented with a pop-up notification requesting your consent to this Privacy Policy and to the Terms of Use. You will be required to actively indicate your consent (by tapping an acknowledgement button) before you can proceed to register or use the Application. Consent that is not freely given, or that is coerced or bundled as a condition of access to features unrelated to data processing, shall not be treated as valid consent.
8.2 Consent to Specific Device Permissions
The Application will separately request your consent to access device features such as the camera, photo gallery, location, and file storage. These requests will be presented through your device’s standard permission management system. You may grant or deny these permissions individually, and you may change your permission settings at any time through your device’s settings.
8.3 Right to Withdraw Consent
You have the right to withdraw your consent to the processing of your Personal Data at any time, to the extent that processing is based on consent. Withdrawal of consent may be effected by: (a) adjusting device permissions through your device settings; (b) contacting the Grievance Officer with a request to withdraw consent; or (c) requesting Account deletion. Please note that withdrawal of consent does not affect the lawfulness of processing carried out prior to the withdrawal, and that in some cases, withdrawal of consent may mean that certain features of the Application are no longer available to you.
8.4 Record of Consent
The Foundation shall maintain records of consent provided by Users in accordance with applicable law and for as long as necessary to demonstrate compliance.
SECTION 9 — DATA SHARING AND DISCLOSURE
9.1 Within the Foundation
Personal Data may be shared internally within the Foundation on a strict need-to-know basis. Access is governed by role-based access controls, and no employee or volunteer is permitted to access Personal Data beyond what is necessary for the performance of their specific functions.
9.2 With Associated Schools
The Foundation may share with an Associated School relevant data pertaining to that school’s participation in the Foundation’s programmes — including programme delivery reports and aggregate class-level data. The Foundation shall not share individual User Personal Data with a School unless required by law or consented to by the User.
9.3 With Third-Party Processors
The Foundation engages the following categories of Third-Party Processors for operational purposes, with whom Personal Data may be shared to the extent necessary for the specified services:
Amazon Web Services (AWS) — India Region: Cloud infrastructure, data storage, and server hosting. All primary data is stored on AWS servers located within India.
Google Firebase: Backend application services, real-time database, authentication, and usage analytics.
Google Maps API: Location-related features and mapping.
Google Translate API: In-application language translation assistance.
Google Analytics: Application usage analytics and performance monitoring (where enabled).
All Third-Party Processors engaged by the Foundation are bound by appropriate data processing agreements or terms of service that impose obligations of confidentiality and data security. The Foundation shall take reasonable steps to ensure that Third-Party Processors process Personal Data in a manner consistent with this Privacy Policy and applicable law.
9.4 Disclosure Required by Law
The Foundation may disclose Personal Data to law enforcement agencies, courts, government authorities, or regulatory bodies where such disclosure is required by any applicable law, court order, warrant, or legal process. The Foundation will, where legally permissible, endeavour to notify the affected User of such a disclosure.
9.5 In Anonymised or Aggregated Form
The Foundation may share anonymised or aggregated data — from which no individual can be identified — with educational researchers, accreditation bodies, programme evaluators, donors, and other stakeholders for the purposes of reporting on the Foundation’s impact and the effectiveness of its civic education programmes.
9.6 What We Will Never Do
The Foundation will never: (a) sell your Personal Data to any third party; (b) share Student Data with any commercial entity for advertising, profiling, or commercial purposes; (c) share Personal Data for purposes other than those described in this Privacy Policy without your prior consent; or (d) disclose your Personal Data to any entity in a manner inconsistent with applicable law.
SECTION 10 — DATA RETENTION
10.1 Standard Retention Period
The Foundation retains Personal Data of all Users (including School Administrators, Teachers, Engagement Officers, Volunteers, and Central Team personnel) for a period of three (3) years from the date of last activity on the Account or from the date of Account deactivation, whichever is later. Upon the expiry of this retention period, Personal Data will be automatically deleted from the Foundation’s systems.
10.2 Student Data Retention
Student Data (names and roll numbers) entered into the Application by Teachers shall be retained for the duration of the relevant programme cycle and for a period of three (3) years thereafter, after which it will be automatically deleted. If an Associated School’s agreement with the Foundation is terminated, Student Data associated with that school will be deleted within a reasonable period following the termination, subject to any legal retention obligations.
10.3 Retention for Legal Compliance
Notwithstanding the above, the Foundation may retain certain Personal Data for longer periods where required by applicable law, for the purpose of resolving disputes, enforcing its rights, or complying with legal obligations. In such cases, the data shall be retained only to the extent and for the duration required by the specific legal requirement.
10.4 Deletion Process
Upon the expiry of the applicable retention period, Personal Data will be securely deleted or anonymised in accordance with industry best practices and applicable law. The Foundation will maintain records of data deletion activities.
SECTION 11 — DATA SECURITY
11.1 Technical Security Measures
The Foundation implements appropriate technical security measures to protect Personal Data against unauthorised access, disclosure, alteration, and destruction. These measures include, without limitation:
Encryption of data in transit using industry-standard Transport Layer Security (TLS) protocols.
Encryption of data at rest on AWS infrastructure in accordance with AWS security standards.
Secure authentication mechanisms for all User Accounts, including password hashing.
Role-based access controls ensuring that Users can only access data commensurate with their authorised role.
Firewalls, intrusion detection systems, and network security measures on the Foundation’s cloud infrastructure.
Regular security testing and vulnerability assessments of the Application.
11.2 Organisational Security Measures
The Foundation implements the following organisational measures to protect Personal Data:
Access to Personal Data is granted only to Foundation personnel and volunteers who have a legitimate need to process such data in the course of their duties.
Foundation personnel with access to Personal Data are required to maintain its confidentiality and are made aware of their obligations under applicable data protection laws.
The Foundation maintains internal policies and procedures governing the handling, access, and security of Personal Data.
Third-Party Processors are vetted and contractually obligated to maintain appropriate security standards.
11.3 Data Breach Response
In the event of a Personal Data breach that is reasonably likely to result in risk to the rights and freedoms of affected individuals, the Foundation shall:
Take immediate steps to contain the breach and mitigate its impact.
Report the breach to the Data Protection Board of India in accordance with the timelines and procedure prescribed under DPDPA 2023 and applicable rules.
Notify affected Data Principals in a timely manner, informing them of the nature of the breach, the data affected, and the steps taken or proposed to be taken by the Foundation.
11.4 Limitation on Guarantee
Notwithstanding the security measures described above, no system is completely secure, and the Foundation cannot guarantee the absolute security of Personal Data transmitted to or stored on the Application. Users are responsible for maintaining the security of their own devices and Account credentials.
SECTION 12 — USER RIGHTS UNDER DPDPA 2023 AND APPLICABLE LAW
12.1 Overview
Under DPDPA 2023 and applicable Indian law, you, as a Data Principal, have the following rights in respect of your Personal Data. These rights are subject to the exceptions and limitations prescribed under applicable law.
12.2 Right to Access
You have the right to obtain confirmation from the Foundation as to whether your Personal Data is being processed, and to access a summary of the Personal Data held about you, together with information about the processing activities.
12.3 Right to Correction and Updation
You have the right to request the Foundation to correct inaccurate or misleading Personal Data, to complete incomplete Personal Data, and to update your Personal Data.
12.4 Right to Erasure (Right to be Forgotten)
You have the right to request the Foundation to erase your Personal Data where such data is no longer necessary for the purposes for which it was collected, or where you have withdrawn your consent, subject to the Foundation’s legal obligations and legitimate grounds for retention.
12.5 Right to Grievance Redressal
You have the right to register a grievance with the Foundation’s Grievance Officer in relation to any act or omission of the Foundation in respect of your Personal Data. You also have the right to approach the Data Protection Board of India if you are dissatisfied with the resolution of your grievance by the Foundation.
12.6 Right to Nominate
In accordance with DPDPA 2023, you have the right to nominate another individual who shall, in the event of your incapacity or death, exercise your rights in respect of your Personal Data.
12.7 How to Exercise Your Rights
You may exercise any of the above rights by contacting the Grievance Officer at the contact details specified in Section 16. Your request should: (a) clearly identify you and your Account; (b) specify the right you wish to exercise; (c) describe the specific action you are requesting; and (d) provide any supporting information.
The Foundation shall respond to your request within a reasonable period and in any event within the timeframe prescribed under applicable law. The Foundation may seek additional information from you to verify your identity before processing your request.
12.8 Grounds for Refusal
The Foundation may decline to action a request to exercise your rights where: (a) the request is manifestly unfounded or excessive; (b) compliance would infringe applicable law or the rights of another person; (c) the data is required for the establishment, exercise, or defence of legal claims; or (d) any other ground prescribed under applicable law exists. The Foundation will provide reasons for any refusal.
SECTION 13 — COOKIES AND TRACKING TECHNOLOGIES
13.1 Use of Tracking Technologies
The Application uses certain tracking technologies, including software development kits (SDKs) provided by Third-Party Services such as Google Firebase, to collect technical and usage data for the purposes of analytics, performance monitoring, and Application functionality. Unlike browser-based applications, mobile applications do not use traditional HTTP cookies; instead, they use device identifiers and SDK-based tracking.
13.2 Types of Tracking Data Collected
Device Identifiers: Unique identifiers associated with your device (Device ID) to recognise your device across sessions.
Usage Analytics: Data on how you interact with the Application — features accessed, session duration, errors encountered — collected through Firebase Analytics and/or Google Analytics.
Location Data: Latitude and longitude data collected through the device’s GPS with your permission.
13.3 Purpose of Tracking
Tracking data is used exclusively to: understand how the Application is being used; diagnose and resolve technical issues; improve Application features and user experience; monitor programme delivery metrics; and ensure the security and integrity of the Application.
13.4 Managing Tracking Preferences
You may limit certain tracking activities by: revoking location permissions through your device settings; revoking other relevant device permissions; or opting out of analytics tracking through the Application’s settings (where such an option is provided). Please note that disabling certain tracking features may affect the functionality and performance of the Application.
SECTION 14 — THIRD-PARTY DATA PROCESSORS
14.1 Our Processors
The Foundation engages the following categories of Third-Party Data Processors in connection with the Application:
Cloud Infrastructure and Hosting: Amazon Web Services (AWS) — India Region — provides the cloud infrastructure on which the Application’s backend and data are hosted and stored. Primary data storage is in India.
Application Backend and Analytics: Google Firebase provides backend services, real-time database functionality, user authentication, and usage analytics through its Firebase SDK.
Usage Analytics: Google Analytics provides web and application usage analytics (to be enabled in the future). Google Analytics is a service of Google LLC.
Mapping Services: Google Maps API provides location-based mapping and geographic features within the Application.
Language Services: Google Translate API provides automated language translation features.
14.2 Safeguards for Third-Party Processors
The Foundation takes reasonable steps to ensure that Third-Party Processors: (a) process Personal Data only for the specific purposes for which they have been engaged; (b) implement appropriate technical and organisational security measures; (c) do not sub-process Personal Data without authorisation; and (d) comply with applicable data protection laws.
14.3 Third-Party Privacy Policies
Each Third-Party Processor operates under its own privacy policy and terms of service. Users are encouraged to review the privacy policies of these service providers. The Foundation is not responsible for the privacy practices of Third-Party Processors beyond the contractual obligations imposed on them.
SECTION 15 — CROSS-BORDER DATA TRANSFERS
15.1 Primary Data Storage
The Foundation’s primary data storage is hosted on Amazon Web Services (AWS) servers located within India. Data stored on AWS is therefore subject to Indian law and jurisdiction.
15.2 Transfers through Third-Party Services
Google Firebase, Google Analytics, and Google Maps API use distributed global infrastructure. Their precise server locations may vary and may involve processing outside India. The Foundation engages these services on the basis of their published privacy policies and applicable contractual safeguards.
15.3 Safeguards
In cases where Personal Data is processed by Third-Party Services on servers outside India, the Foundation relies on the applicable safeguards provided by those services — including standard contractual clauses and compliance certifications — to protect the transferred data in accordance with applicable law.
15.4 Compliance with DPDPA 2023
The Foundation shall comply with any provisions governing cross-border transfer of Personal Data as notified by the Government of India under DPDPA 2023. We are committed to updating our data transfer practices in accordance with any Rules notified in this regard.
15.5 User Acknowledgement
By using the Application, you acknowledge that your Personal Data may be processed outside India through Third-Party Services as described above, subject to the safeguards described in this Section.
SECTION 16 — GRIEVANCE OFFICER AND DATA PROTECTION CONTACT
16.1 Appointment
In accordance with Rule 5(9) of the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, and in furtherance of the Foundation’s obligations under the Information Technology Act, 2000 and DPDPA 2023, the Foundation has designated a Grievance Officer to handle privacy complaints, data protection requests, and related grievances from Users.
16.2 Contact Details of Grievance Officer
16.3 Privacy Complaint Process
Any User who has a complaint, concern, or query regarding the Foundation’s handling of their Personal Data may contact the Grievance Officer at the above details.
The Grievance Officer shall acknowledge receipt of the complaint within forty-eight (48) hours.
The Foundation shall endeavour to resolve all privacy-related complaints within thirty (30) days of receipt.
If you are not satisfied with the resolution provided, you may approach the Data Protection Board of India (once constituted) or any other competent authority under applicable law.
SECTION 17 — CHANGES TO THIS PRIVACY POLICY
17.1 Right to Amend
The Foundation reserves the right to update, modify, or replace this Privacy Policy at any time to reflect changes in applicable law (including, in particular, Rules to be notified under DPDPA 2023), the Foundation’s data practices, the Application’s features, or for any other reason.
17.2 Notification
Where material changes are made to this Privacy Policy, the Foundation will notify Users by displaying a prominent notice within the Application, or by any other means it considers appropriate. The date of the last revision shall be updated accordingly at the top of this Policy.
17.3 Acceptance of Amended Policy
Your continued use of the Application after the effective date of any amended Privacy Policy shall constitute your acceptance of the amended Policy. If you do not agree to the changes, you must cease use of the Application and may request deletion of your Account.
SECTION 18 — CONTACT US
For any questions, concerns, or queries relating to this Privacy Policy or the Foundation’s data protection practices, please contact us at: