Donate now
Get a Call Back
MENUPrivacy Policy
1. Introduction
IAC Patrons Foundation (hereon referred to as “IAC”) respects your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you interact with our website, donate, apply for programs or careers, or participate in training or research.
We are committed to:
- Complying with India’s Information Technology Act, 2000 (IT Act), Digital Personal Data Protection Act, 2023 (DPDP Act), SPDI Rules, and relevant regulations for online donations, research, and employment processes.
- Protecting personal data of international users (including GDPR compliance where applicable).
- Maintaining transparency, security, accountability, and user control over data.
2. Scope
This policy applies to all:
- Website visitors, registered users, donors, trainees, job applicants, and research participants.
- Data collected via forms (donation, enquiry, career, training), cookies, analytics, chatbots, newsletters, and surveys.
- Third-party integrations (payment gateways, CRM systems, analytics tools, cloud storage).
3. Personal Data We Collect
3.1 Directly Provided by You:
- Name, email, phone, postal address
- PAN or other tax identifiers for donation receipts
- Education, professional experience for training, or career applications
- Health, neurodivergence, or medical data for programs, care, or research
Such information, where applicable, shall be treated as Sensitive Personal Data and protected with enhanced safeguards.
3.2 Automatically Collected:
- IP address, browser type, device information, navigation behavior
- Cookies and tracking identifiers (covered in our Cookie Policy)
3.3 From Third Parties:
- Payment processors, research collaborators, training platforms
- Research collaborators and training platforms
- Marketing or analytics partners (anonymized or aggregated)
4. How We Use Personal Data
We use your data to:
- Process donations and issue receipts, including tax-compliant 80G certificates
- Administer programs, training, and certification
- Communicate program updates, newsletters, and event invitations
- Process career applications and conduct verification
- Conduct research and program evaluation
- Comply with legal, tax, and regulatory obligations
- Analyze website performance and improve services
5. Legal Basis for Processing
Personal data is processed on the following lawful bases:
- Consent: For newsletters, cookies, surveys, and research participation
- Contractual/Transactional Necessity: For donation processing, training enrollment, and employment processing
- Legal Compliance: To meet statutory requirements (IT Act, Income Tax, SPDI Rules)
- Legitimate Interest: For internal reporting, website optimization, analytics
6. Sharing Your Data
We do not sell or trade personal information. We share data only with:
- Payment Gateways & Banks: Secure processing of donations
- Analytics & Marketing Platforms: Aggregated or anonymized data only
- Government Authorities: For tax, audit, and regulatory compliance
- Internal Staff: Restricted role-based access
- Third-Party Partners: Only for training, research, or program delivery under contractual confidentiality
7. Data Retention
| Data Type | Retention Period | Reason |
| Donation Records | 7 years | Tax compliance & audit |
| Career Applications | 3 years | HR compliance & reporting |
| Research/Training Data | Minimum 5 years | Regulatory & reporting requirements |
| Analytics | Anonymized & aggregated | Functional analysis & website optimization |
Data is securely deleted or anonymized after the applicable retention period unless retention is required by law.
8. Your Rights
You can exercise the following rights, subject to applicable law:
- Access, correct, or update your personal information
- Request deletion of your data where legally permissible
- Withdraw consent at any time (for marketing, cookies, or research participation)
- Opt out of communications or analytics tracking
- Request data portability where applicable
- Lodge complaints with supervisory authorities (India or EU/UK, as applicable)
Requests can be made to: info@indiaautismcenter.org
9. Security of Data
- Personal data is stored securely using encryption (in transit and at rest)
- Access restricted to authorized staff with role-based permissions
- Regular audits, vulnerability assessments, and backups are implemented
- Disaster recovery protocols are in place
- Enhanced safeguards for Sensitive Personal Data
10. International Data Transfers
Transfers of personal data outside India occur only when necessary and in accordance with applicable law, including:
- Transfers outside India occur only when necessary and with GDPR-compliant safeguards (e.g., Standard Contractual Clauses)
- Transfers permitted under the DPDP Act, unless restricted by the Government of India
- International users retain GDPR rights (access, correction, erasure, restriction, objection, portability
11. Cookies and Tracking
- Functional cookies required for forms, logins, and site navigation
- Marketing and analytics cookies require explicit consent
- Users may manage cookie preferences through browser settings or cookie consent tools
Please refer to the Cookie Policy for further details.
12. Children’s Privacy
- We do not knowingly collect personal data from children under the age of 13 without verifiable parental or legal guardian consent.
- Parents or guardians may request access, correction, or deletion of a child’s data by contacting us.
13. Grievance Redressal
In accordance with the Digital Personal Data Protection Act, 2023, grievances related to personal data may be addressed to:
Grievance Officer
IAC Patrons Foundation
Email: info@indiaautismcenter.org
We shall endeavor to resolve grievances within the timelines prescribed under applicable law.