PRIVACY & DATA PROTECTION POLICY

Entity: Mahira Edge | Data Fiduciary: Mahira Edge

Registered Seat: Thane, Maharashtra, India | Effective Date: November 23, 2025

  1. CLEAR & AFFIRMATIVE CONSENT

In accordance with the DPDP Act 2023, Mahira Edge does not use “pre-ticked” boxes or implied consent. By enrolling in our Data Science, SAP, or Cloud Computing programs, you provide express, itemized, and informed consent for the processing of your personal data as outlined in this notice.

  1. ITEMIZED DATA COLLECTION (WHAT WE COLLECT)

We collect only the minimum data necessary to provide our IT education services:

  • Personal Identifiers: Name, Email, Mobile Number, and Billing Address.
  • Technical Data: IP addresses, browser types, and Learning Management System (LMS) engagement metrics.
  • Course-Specific Data: Temporary credentials for AWS/SAP/Azure labs, project datasets, and recorded session interactions.
  • Career Data: Professional background and LinkedIn profiles (shared with hiring partners only with additional specific consent).
  1. SPECIFIED PURPOSE OF PROCESSING

Your data is processed strictly for the following purposes:

  • Academic Delivery: Facilitating access to SAP sandboxes, Cloud environments, and live technical workshops.
  • Certification: Authenticating identity for the issuance of Mahira Edge certificates.
  • Operational Communication: Sending critical updates regarding schedule changes, technical maintenance, or payment receipts.
  • Legal Compliance: Maintenance of records for GST audits and other statutory requirements under Indian law.
  1. DATA PRINCIPAL RIGHTS (YOUR RIGHTS)

Under the DPDP Act 2023, you have the following enforceable rights:

  • Right to Access: Obtain a summary of your data and processing activities.
  • Right to Correction & Erasure: Update inaccurate data or request deletion once the educational purpose is fulfilled.
  • Right to Withdraw Consent: You may revoke consent at any time.
    • Legal Note: Withdrawal of consent for essential data (e.g., email) will result in immediate termination of LMS access without a refund, as the service cannot be performed without such data.
  1. DATA RETENTION & AUTO-DELETION (2025 RULE)
  • Retention Period: Data is stored for the duration of your course access plus the statutory period required for tax audits.
  • Auto-Deletion: Per the 2025 Privacy Rules, if a student account is inactive for 3 consecutive years, Mahira Edge will auto-erase the personal data.
  • Warning Notice: A mandatory 48-hour prior notification will be sent to your registered email before permanent data erasure.
  1. TECHNICAL & ORGANIZATIONAL SAFEGUARDS

We implement robust security to prevent data breaches:

  • Encryption: AES-256 encryption for data at rest and TLS for data in transit.
  • Access Control: Multi-factor authentication (MFA) for staff accessing student databases.
  • 72-Hour Breach Protocol: In the event of a personal data breach, Mahira Edge will notify the Data Protection Board of India and affected individuals within 72 hours of discovery.
  1. GRIEVANCE REDRESSAL MECHANISM

In compliance with Section 10 of the DPDP Act, we have appointed a Grievance Officer based in Thane:

  • Officer Name: [Insert Name]
  • Designation: Grievance & Data Protection Officer
  • Email: privacy@mahiraedge.com
  • Resolution Timeline: Grievances will be acknowledged within 24 hours and resolved within 15 days.
  1. GOVERNING LAW & JURISDICTION

This Privacy Policy is governed by the laws of the Republic of India. Any dispute arising from data privacy shall be subject to the exclusive jurisdiction of the Courts in Thane, Maharashtra.