Data Protection Policy
How we protect your personal data under India's Digital Personal Data Protection Act 2023
Our Commitment to Data Protection
At ImpactMojo, we are committed to protecting the personal data of our users in accordance with India's Digital Personal Data Protection Act 2023 (DPDP Act) and other applicable data protection laws. This policy explains how we collect, use, store, and protect your personal data.
Your Data, Your Rights: You have the right to access, correct, and request deletion of your personal data at any time. We process your data only for legitimate purposes with your consent.
Data Fiduciary Information
Under the DPDP Act 2023, ImpactMojo acts as a "Data Fiduciary" - the entity that determines the purpose and means of processing your personal data.
Data Fiduciary Details
- Name: ImpactMojo
- Website: www.impactmojo.in
- Email: hello@impactmojo.in
- Registered Address: Delhi, India
For any data protection queries or to exercise your rights, please contact us at the email address above with "Data Protection Request" in the subject line.
Your Rights Under DPDP Act 2023
As a Data Principal (the individual whose data is being processed), you have the following rights:
Right to Access
Request a summary of your personal data being processed and the processing activities
Right to Correction
Request correction of inaccurate or incomplete personal data
Right to Erasure
Request deletion of your personal data when no longer necessary
Right to Withdraw Consent
Withdraw your consent for data processing at any time
Right to Grievance Redressal
Lodge complaints about data processing practices
Right to Nominate
Nominate another person to exercise your rights in case of death or incapacity
Personal Data We Collect
We collect only the personal data necessary to provide our educational services:
| Data Category | Examples | Purpose | Type |
|---|---|---|---|
| Identity Data | Name, email address | Account creation, communication | Required |
| Contact Data | Phone number, organization | Workshop coordination, support | Optional |
| Professional Data | Job title, sector, experience | Personalized learning paths | Optional |
| Learning Data | Course progress, quiz scores | Track progress, issue certificates | Required |
| Payment Data | Transaction ID, payment method | Process contributions/purchases | Required |
| Usage Data | Pages visited, time spent | Improve platform experience | Analytics |
| Device Data | Browser type, IP address | Security, troubleshooting | Analytics |
Sensitive Data: We do not collect sensitive personal data such as financial details (beyond transaction IDs), health information, biometric data, caste, religious beliefs, or political affiliations.
Lawful Basis for Processing
Under the DPDP Act 2023, we process your personal data based on:
1. Consent
For most processing activities, we rely on your explicit consent. You provide consent when you:
- Create an account on our platform
- Subscribe to our newsletter
- Register for workshops or events
- Submit forms on our website
2. Legitimate Uses
Some processing is permitted under "legitimate uses" as defined by the DPDP Act:
- Fulfilling our contractual obligations (providing courses you've enrolled in)
- Complying with legal requirements
- Responding to medical emergencies or threats to life
- Employment-related processing for our team members
Data Security Measures
We implement appropriate technical and organizational measures to protect your personal data:
Data Retention
We retain your personal data only as long as necessary for the purposes for which it was collected:
| Data Type | Retention Period | Reason |
|---|---|---|
| Account Data | Until account deletion + 30 days | Service provision and recovery period |
| Learning Progress | 5 years after last activity | Certificate verification, resume learning |
| Transaction Records | 8 years | Tax and legal compliance requirements |
| Newsletter Subscriptions | Until unsubscribed + 30 days | Communication preferences |
| Support Communications | 3 years | Service quality and dispute resolution |
| Analytics Data | 26 months | Platform improvement (anonymized after) |
After the retention period, data is either securely deleted or anonymized so it can no longer identify you.
Data Sharing
We do not sell your personal data. We may share your data only in these limited circumstances:
Service Providers
We work with trusted third-party service providers who process data on our behalf:
- Hosting: Netlify (website hosting)
- Analytics: Google Analytics (anonymized usage data)
- Forms: Formspree (form submissions)
- Payments: UPI/Payment gateways (transaction processing)
- Accessibility: UserWay (accessibility features)
These providers are contractually bound to protect your data and use it only for specified purposes.
Legal Requirements
We may disclose your data if required by law, court order, or government authority.
Cross-Border Transfers
Some of our service providers may process data outside India. We ensure appropriate safeguards are in place as required by the DPDP Act.
Children's Data
Our platform is designed for development professionals and is not intended for children under 18 years of age. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child without appropriate parental consent, we will take steps to delete that information.
Parent/Guardian Notice: If you believe your child has provided us with personal data, please contact us immediately at hello@impactmojo.in.
Exercise Your Rights
To exercise any of your data protection rights, please submit a request using the form below or email us directly.
Response Time: We will acknowledge your request within 7 days and complete it within 30 days, as required by the DPDP Act. Complex requests may take longer, but we will keep you informed.
Data Breach Notification
In the event of a personal data breach that is likely to cause significant harm to Data Principals, we will:
- Notify the Data Protection Board of India as required by law
- Inform affected individuals about the breach and its potential impact
- Take immediate steps to contain and remediate the breach
- Implement measures to prevent similar incidents in the future
Changes to This Policy
We may update this Data Protection Policy from time to time to reflect changes in our practices or legal requirements. When we make significant changes, we will:
- Update the "Last Updated" date at the top of this page
- Notify registered users via email for material changes
- Post a notice on our website
We encourage you to review this policy periodically.
Contact Us
For any questions about this Data Protection Policy or our data practices, please contact us:
- Email: hello@impactmojo.in
- Subject Line: "Data Protection Inquiry"
- Website: www.impactmojo.in
You also have the right to lodge a complaint with the Data Protection Board of India if you believe your data protection rights have been violated.