Privacy Policy

Privacy Policy
For end user

This document is an electronic record in terms of the Information Technology Act, 2000 and the European Union’s Regulation (EU) 2016/679 (the General Data Protection Regulation) (hereinafter referred to as ‘GDPR’), as applicable. This electronic record is generated by a computer system and does not require any physical or digital signatures.

Bay Education Partners LLP, a limited liability partnership firm, duly formed and incorporated under the provisions of the Limited Liability Partnership Act, 2008 allotted LLP Identification Number AAC0788, having its registered office at Flat 2102, The Imperial, B. B. Nakashe Marg, Tardeo, Mumbai 400034 and operating under its trade name ‘The Red Pen’, (hereinafter referred to as ‘TRP’) is the owner of the website with domain name https://theredpen.in/ (hereinafter referred to as the ‘Website’).

TRP is concerned about the privacy of the Users (defined hereinafter) who access the Website and provide, share, transfer or otherwise transmit data on the Website. This Privacy Policy is for the purpose of acquainting the Users with the manner in which TRP collects, processes, uses, shares, discloses and protects the Users’ information collected through the Website; acquainting the Users of their rights and acquiring User’s consent to process the User’s Personally Identifiable Information.

Please read the following terms of TRP’s Privacy Policy:

1. DEFINITIONS:

1.1. Cookie shall mean a small text file that is stored on the User’s computer or any device through which the website is accessed that will enable TRP to recognize the User when the User visits the Website again. A cookie also enables TRP to store the User’s preferences and settings; enhance the User’s experience; perform research and analytics; track usage and activity on the Website; and assist with security and administrative functions.

1.2. Force Majeure Event shall mean any event that is beyond the reasonable control of TRP and shall include, without limitation, acts of God; flood; sabotage; fire; explosion; civil commotion; strikes or industrial action of any kind; riots; insurrection; war; acts of government; computer hacking; unauthorized access to computer data and storage device; computer crashes; breach of security and encryption; etc.

1.3. Personally Identifiable Information shall mean the data or information that is personal to a User and allows persons other than the User to identify the User personally from such information i.e. information that personally identifies or can be used to identify, contact or locate the person, to whom such information belongs and includes without limitation, name, email address, contact number and location details, which will be collected by way of a ‘Get in Touch’ form.

1.4. Pixel Tag/ Web Beacon/ Clear GIF shall mean a tiny graphic with a unique identifier, embedded invisibly on a webpage, and is used to count or track activities on a particular webpage or ad impressions or clicks, as well as to access cookies stored on Users’ computers or other devices.

1.5. Privacy Policy shall mean this Privacy Policy.

1.6. User shall mean any person who for his/ her own behalf or on behalf of a minor person, accesses the Website for the purpose of browsing, viewing and submitting queries on the Website and shall include any person who submits, shares, transfers or otherwise transmits any information on the Website.

2. GENERAL TERMS:

2.1. By accessing and using the Website, the User expressly agrees and consents to the terms of the Privacy Policy.

2.2. The User hereby acknowledges and agrees that the Privacy Policy is subject to changes without express and specific intimation and the Users shall be required to review the Privacy Policy regularly. The continued use of the Website expresses the User’s consent to the
updated Privacy Policy.

2.3. The Users are hereby informed that in accordance with Rule 5 of the Information Technology (Intermediary Guidelines) Rules, 2011, in case of any non-compliance with the Privacy Policy, TRP reserves it’s right to immediately terminate access or usage rights of the Users. 2.4. In the event the User does not agree with the terms of the Privacy Policy, the User is requested to cease from proceeding further and using the Website.

2.5. Unless stated otherwise, the Privacy Policy applies to all information that TRP obtains in respect of the User.

3. CONTROLLER:

TRP determines the purpose and means of processing of information including the User’s Personally identifiable Information and is the controller with respect to the information collected through the Website in terms of Article 4 (7) of GDPR. TRP shall be responsible for processing of all information collected through the Website.

4. PURPOSE OF COLLECTING AND PROCESSING OF INFORMATION

TRP collects and processes the Users information for the purposes of facilitating the User’s use of the Website, responding to the queries submitted by the User through the ‘Get in Touch’ form available on the Website and improving TRP’s services towards its Users.

5. CONSENT TO PROCESS INFORMATION:

5.1. The User hereby expressly consents and permits TRP and/ or its representatives to process User’s information including the Personally Identifiable Information collected by TRP in accordance with the terms of this Privacy Policy.

5.2. The User shall have a right to withdraw its consent at any time under Article 7 (3) of GDPR. However, the withdrawal of consent shall not affect the lawfulness of the processing of User’s information based on consent prior to its withdrawal.

5.3. The use of the Website in respect of a minor person i.e. a person/ student under the age of 18 (Eighteen) years should be solely through a parent or a guardian of the minor person. By accessing the Website and submitting the Get in Touch form, the parent or the guardian of the minor person i.e. the User on behalf of the minor person hereby expressly consents to the processing of the minor person’s information collected by TRP in accordance with the terms of this Privacy Policy.

6. COLLECTION OF INFORMATION:

6.1. TRP will collect and store certain information including the Personally Identifiable Information provided by the Users from time to time by submitting the ‘Get in Touch’ form and/ or by accessing the Website. TRP only collects such Personally Identifiable Information from the Users, which it considers necessary for facilitating the use of the Website, to respond to the User’s query and for the purpose of improving TRP’s services towards its Users. The User shall be solely responsible for the authenticity of the information provided by the User

6.2. TRP may use certain analysis tools to obtain certain general information based on the User’s activities such as the User’s browsing trends, the User’s preferred webpages, time period of Website viewing, etc., to help TRP improve the Website by making it more user friendly. TRP may also use certain analysis tools to collect other general information such as visitor count, most visited webpages, etc.

6.3. TRP may also collect certain information that the User’s browser transmits to TRP’s server and which is necessary for technical purposes including without limitation, IP address, access status, browser details, browser version, operating system and its interface, etc. Such information is necessary to facilitate use and display of the Website and to ensure the Website’s stability and security.

6.4. Upon request by the User in the manner set out in Clause 12 of this Privacy Policy, TRP will erase the User’s Personally Identifiable Information from TRP’s database (Right to erasure under Article 17 of the GDPR).

6.5. TRP deletes information that is collected for the purposes of the Website after processing and storing of such information is no longer required, or limits processing of information to the extent required for existing purposes.

7. SOCIAL PLUGINS:

7.1. The Website contains social plugins that direct the Users to TRP’s profiles/ pages on social media platforms like Facebook, Instagram, Twitter, Linkedin and YouTube. The social plug- ins will be activated only once the User clicks on the respective icons/ widgets appearing on the Website.
7.2. By clicking the social plug-ins the Users consent to collection of User’s Information by the respective media platform icons/ widgets. The User must note that once the social plug-in are activated, the respective platforms may collect and track information. These social plug- ins will also collect certain technical information from the User and transmit to the respective social media platform.
7.3. TRP has no control over the manner and extent of collection, tracking and processing of information on the social media platforms and TRP encourages Users to review the privacy policies/ data protection policies of the respective social media platforms. TRP disclaims all liability in respect of such collection, tracking and processing of information.

8. ACING ADMISSIONS:

8.1. TRP may direct the User to the Acing Admission’s website with the domain name, www.acingadmissions.in upon clicking the visit website link available on the Website. By clicking the visit website link, the User expressly consents to TRP directing User to Acing Admission’s website.

8.2. TRP has no control over the manner and extent of collection, tracking and processing of information on the Acing Admission’s website and TRP encourages Users to review the privacy policy/ data protection policy of Acing Admission’s website. TRP disclaims all liability in respect of such collection, tracking and processing of information.

9. TRACKING OF INFORMATION:

9.1. TRP may use Cookies, Pixel Tags, Web Beacons, flash cookies and similar files or technologies to collect, track and store information based on the User’s use of the Website. TRP uses Pixel Tags to measure the popularity of webpages. TRP may use Web Beacons in e-mail messages to determine whether the message has been opened and for other
analytics.

9.2. Most browsers are set to automatically allow Cookies. The User must note that it may be possible to disable some (but not all) Cookies through the browser settings on the User’s electronic device, but doing so may interfere with certain functionality on the Website. Major browsers provide the Users with various options when it comes to Cookies. The Users can usually set their browsers to block all third-party Cookies (which are those set by third-party companies collecting information on Websites operated by other companies), block all Cookies (including first-party Cookies such as the ones TRP uses to collect search activity information about its Users), or block specific Cookies. To modify the Cookie settings on the

Website, please visit the browser’s help settings. Flash cookies operate differently than browser Cookies and cannot be removed or blocked via web browser settings. 9.3. By using the Website, the User’s are set to accept Cookies and consent to TRP’s use of Cookies in the manner described in this section.

9.4. TRP shall have no control over the usage of any third party cookies placed on the Website.

10. USAGE, SHARING AND DISCLOSURE OF INFORMATION

10.1. TRP shall use the information collected from the User to respond to the User’s queries; to contact Users for other related purposes; for improving the use of the Website and for any other purpose with the consent of the User. TRP shall share the User’s information including the Personally Identifiable Information, collected through the Website with its representative for the purposes of facilitating the use of the Website and for secure processing of the information.
10.2. TRP will share some or all of the User’s Personally Identifiable Information with another business entity in the event such business entity merges with TRP, acquires TRP or enters into any other corporate restructuring and will intimate the User of such transfer. Such business entity shall be required to comply with this Privacy Policy with respect to the User’s Personally Identifiable Information.

10.3. TRP shall disclose the Personally Identifiable Information without requiring any prior consent from the Users where such disclosure is required to be made to a government agency mandated under the law to obtain such Personally Identifiable Information. TRP shall be required to make such disclosures to the government agency in all such cases for the prevention, detection, and investigation of fraud including cyber related crimes.

10.4. TRP shall be compelled to disclose the Personally Identifiable information of the Users to a third party in all such cases where TRP is acting in compliance of an order passed under law, directing TRP to disclose such Personally identifiable Information.

11. RIGHTS OF THE DATA SUBJECT:

11.1. Right to Information: In accordance with Article 12, 13 and 14 of GDPR, the User shall have the right to information in respect of the processing of Personally Identifiable Information. To

exercise this right, the User shall be required to provide TRP with an exercise notice in accordance with Clause 12.1 of this Privacy Policy. Upon receipt of the exercise notice, TRP undertakes to provide information sought by the User in a concise, transparent, intelligible and easily accessible form subject to authentication of the User’s identity in accordance with Clause 12.2 of this Privacy Policy. The information shall be provided in a written form.

11.2. Right of Access: In accordance with Article 15 of GDPR, the User shall have a right to access the User’s information that is being processed by TRP and/ or its representatives. To exercise this right, the User shall be required to provide TRP with an exercise notice in accordance with Clause 12.1 of this Privacy Policy. Upon receipt of the exercise notice, TRP undertakes to provide the User with the access to the User’s information subject to authentication of the User’s identity in accordance with Clause 12.2 of this Privacy Policy.

11.3. Right to Rectification: In accordance with Article 16 of GDPR, the User shall have the right to rectification of inaccurate information pertaining to the User. To exercise this right, the User shall be required to provide TRP with an exercise notice in accordance with Clause 12.1 of this Privacy Policy. Upon receipt of the exercise notice, TRP undertakes to complete any incomplete information or rectify any inaccurate information and provide a statement to the User of such rectification of information subject to authentication of the User’s identity in accordance with Clause 12.2 of this Privacy Policy.

11.4. Right to Erasure: In accordance with Article 17 of GDPR, the the User shall have a right to erase the User’s Personally Identifiable Information. To exercise this right, the User shall be required to provide TRP with an exercise notice in accordance with Clause 12.1 of this Privacy Policy. Upon receipt of the exercise notice, TRP undertakes to erase the User’s Personally Identifiable Information in reasonable period subject to authentication of the User’s identity in accordance with Clause 12.2 of this Privacy Policy.

11.5. Right to Restriction of Processing: In accordance with Article 18 of GDPR, the User shall have a right to restriction of processing of Personally Identifiable Information (i) which has been contested to be inaccurate by the User; (ii) processing of which information is unlawful; (iii) where Personally Identifiable Information is no more required to be processed by the controller but is required by the User for legal purposes; and (iv) where User has objected to the processing of Personally Identifiable Information in terms of Article 21 (1) of GDPR. To exercise this right, the User shall be required to provide TRP with an exercise notice in accordance with Clause 12.1 of this Privacy Policy. Upon receipt of the exercise notice, TRP

undertakes to limit/ restrict processing of Personally Identifiable Information subject to authentication of the User’s identity in accordance with Clause 12.2 of this Privacy Policy.

11.6. Right to Data Portability: In accordance with Article 20 of GDPR, the User shall have a right to data portability i.e. the User shall have a right to have its Personally Identifiable Information transmitted directly from TRP to another controller subject to technical feasibility. To exercise this right, the User shall be required to provide TRP with an exercise notice in accordance with Clause 12.1 of this Privacy Policy. Upon receipt of the exercise notice, TRP may take steps to transmit User’s Personally Identifiable Information to another controller subject to authentication of the User’s identity in accordance with Clause 12.2 of this Privacy Policy and feasibility to transfer the information.

11.7. Right to Object: In accordance with Article 21 (1) of GDPR, the User shall have the right to object to lawful processing of Personally Identifiable Information including profiling of information for reasons arising out of the User’s particular situation. To exercise this right, the User shall be required to provide TRP with an exercise notice in accordance with Clause 12.1 of this Privacy Policy. Upon receipt of the exercise notice and subject to authentication of the User’s identity in accordance with Clause 12.2 of this Privacy Policy, TRP will no longer process its Personally Identifiable Information unless TRP can establish compelling and legitimate grounds for processing that outweighs User’s interests, rights and freedoms, or if the processing aids the enforcing, exercising or defending of legal claims.

12. NOTICE TO EXERCISE RIGHTS:

12.1. To exercise the rights as stated in Clause 11.1 to 11.7 above, the User shall be required to provide TRP with an exercise notice by way of an email addressed to TRP’s Data Protection Officer stating the particulars of the right that the User wants to exercise and the reason for such exercise.

12.2. The User will be required to verify and authenticate its identity by providing TRP with a valid government identity proof to establish the genuineness of the User’s request to exercise the right/s.
13. SECURITY PRECAUTIONS

13.1. The protection and security of the User’s Personally Identifiable Information is one of TRP’s foremost concerns. The Privacy Policy discloses TRP’s practice with respect to the information collected from the User on the Website.

13.2. TRP has implemented appropriate physical, electronic, and managerial procedures to safeguard and help prevent unauthorized access to the information of the User and to maintain data security. These safeguards take into account the sensitivity of the information that TRP collects, processes and stores and the current state of technology. TRP’s security measures are reviewed regularly and updated in terms with technological advances.

13.3. TRP follows generally accepted industry standards to protect the information submitted to it. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while TRP strives to use commercially acceptable means to protect the information of the Users, TRP cannot guarantee its absolute security and thereby usage in a manner that is inconsistent with the Privacy Policy.

13.4. TRP assumes no liability or responsibility for disclosure of the User’s information due to errors in transmission, unauthorized third-party access, or other causes beyond TRP’s control. The User plays an important role in keeping its information secure.

13.5. Notwithstanding anything contained in the Privacy Policy or elsewhere, TRP shall not be held responsible for any loss, damage or misuse of the User’s personal information, if such loss, damage or misuse is attributable to a Force Majeure Event.

14. MAINTENANCE OF RECORDS:

TRP and it representatives duly maintain a record of processing activities in respect of the User’s information.

15. COMMUNICATION OF BREACH TO DATA SUBJECT:

In the event of any breach of User’s Personally Identifiable Information which is likely to result in a high risk to the User’s rights and freedom, TRP shall communicate the breach of Personally Identifiable Information to the User without any delay in accordance with Article 34 of GDPR.

16. COMPLAINTS:

In accordance with Article 77 of GDPR, the Users have the right to complain to a relevant data protection supervisory authority in the Member State of the European Union where the User resides, has place of work or place where the alleged infringement of GDPR took place if the User believes that the processing of the User’s Personally Identifiable Information by TRP infringes any provision of GDPR.

17. GRIEVANCE AND DATA PROTECTION OFFICER:

In accordance with Information Technology Act 2000 and Article 37 of the European Union’s Regulation (EU) 2016/679 (the General Data Protection Regulation), the name and contact details of the Grievance and Data Protection Officer who can be contacted with respect to any complaints or concerns including those pertaining to breach of these Terms, and other polices or questions are published as under:

Grievance and Data Protection officer name: Dr. Kimberly Wright Dixit
E-mail address: grievances@theredpen.in[10 AM to 6 PM from Monday to Friday except Public Holidays]

18. CHANGES TO THE PRIVACY POLICY

18.1. TRP reserves the right to amend the Privacy Policy from time to time to reflect changes in the applicable law, TRP’s data collection, processing and usage practices, the features of the Website or advances in technology.

18.2. The User is requested to check this page periodically for changes. Use of information collected by TRP is subject to the Privacy Policy in effect at the time such information is used. If TRP makes any material changes to the Privacy Policy, TRP will post the changes on the Website. The User is requested to review the changes carefully.

18.3. The User’s continued use of the Website following the posting of changes to the Privacy Policy will constitute the User’s consent and acceptance of those changes.

19. GOVERNING LAW AND DISPUTES:

19.1. The law governing this Privacy Policy shall be the substantive laws of the Republic of India, without giving effect to the conflicts of law principles of any jurisdiction.

19.2. Any dispute arising out of or in connection with the Privacy Policy, including any question regarding its existence, validity or termination, shall be referred to and finally resolved by arbitration in accordance with the Arbitration Rules of the Mumbai Centre for International Arbitration (‘MCIA Rules’), which rules are deemed to be incorporated by reference in this Clause 19.2. The seat of the arbitration shall be Mumbai, India. The Tribunal shall consist of one arbitrator, selected from the panel of arbitrators with technical experience in the field of information technology by TRP. The language of the arbitration shall be English. The law governing this arbitration agreement shall be the Arbitration and Conciliation Act, 1996 (as amended and re-enacted at the relevant time).
19.3. The provisions of GDPR will be applicable to the extent of processing of Personally Identifiable Information of the Users who are citizens of European Union.