PRIVACY & DATA PROTECTION POLICY

1. INTRODUCTION & SCOPE

Chaibasa Engineering College (“the Institute,” “we,” “us,” or “our”) is committed to protecting the privacy and personal data of all prospective students, parents, guardians, and visitors who interact with us through our website, social media platforms, advertising campaigns, or any other digital or offline medium.

This Privacy & Data Protection Policy explains how we collect, use, store, protect, and dispose of your personal data in connection with admission counselling, seat allocation, and dissemination of academic information. This policy applies to all data collected through:

• Facebook & Instagram Lead Ad Campaigns (Meta Platforms)
• Google Ads, Google Search, and Google Display Network Campaigns
• Our official website and landing pages
• WhatsApp, telephonic enquiries, and walk-in registrations
• Education fairs, outreach events, and offline registration forms

2. DATA WE COLLECT

We collect only the personal data necessary to fulfil the purpose of admission counselling and providing information about academic programmes, seat availability, fee structures, and scholarship opportunities. The data we may collect includes:

• Identity Information: Full name, date of birth, gender
• Contact Information: Mobile number, email address, residential address, city, state, PIN code
• Academic Information: Qualifying examination details, marks or percentages, board/university name, stream or branch preference
• Demographic Information: Category (General/SC/ST/OBC), parent or guardian name
• Campaign Source Data: The advertising platform through which you submitted your enquiry (e.g., Facebook, Instagram, Google)

3. Purpose of Data Collection

Your personal data is collected and processed strictly for the following purposes:

• Providing information about admission processes, eligibility criteria, available programmes, and seat availability
• Conducting admission counselling sessions via phone, WhatsApp, email, or in-person meetings
• Sending updates about application deadlines, document submission requirements, and merit list announcements
• Responding to your specific queries about the Institute, its departments, fees, hostel facilities, placements, and scholarships
• Internal analysis and improvement of our outreach and counselling processes

4. CONSENT & LAWFUL BASIS FOR PROCESSING

By submitting your information through any of our lead forms (on Facebook, Instagram, Google, our website, or offline forms), you provide your free, specific, informed, and unambiguous consent for the Institute to collect, store, and process your personal data for the purposes described in Section 3 of this policy.

Under the Digital Personal Data Protection Act, 2023:

• We act as the Data Fiduciary responsible for the processing of your personal data
• You, as the individual providing data, are the Data Principal and hold the right to manage, review, and withdraw your consent at any time
• Consent is obtained through clearly identifiable actions such as form submission, and is accompanied by or preceded by this notice describing the data collected and its purpose

5. NO SHARING WITH THIRD PARTIES

We are firmly committed to preserving the confidentiality of your data. Your personal information will NOT be sold, rented, traded, licensed, or shared with any third party, vendor, marketing agency, data broker, or external organisation for any purpose including but not limited to:

• Third-party marketing, telemarketing, or promotional activities
• Data resale or monetisation in any form
• Sharing with other educational institutions, coaching centres, or recruitment agencies
• Any advertising or retargeting by external entities

The only exceptions where data may be disclosed are:

• When required by an order of a court of law or a lawful directive from a competent government authority
• When necessary to comply with statutory or regulatory obligations under Indian law
• With your explicit, written consent for a specific, clearly identified purpose

6. RIGHT TO OPT OUT & DATA ERASURE

We respect your right to control your personal data. If at any point you no longer wish to receive admission-related communication from us or wish to have your data removed from our records, you may exercise the following rights:

• Right to Withdraw Consent: You may withdraw your consent at any time by contacting us via the channels mentioned in Section 11. Upon withdrawal, we will cease all further processing of your data.
• Right to Erasure: Upon receiving your opt-out or removal request, your data will be permanently deleted from our contact sheets, CRM systems, and any internal databases within 30 business days.
• Right to Correction: You may request corrections to any inaccurate or incomplete data we hold about you.
• Right to Access: You may request a summary of the personal data we hold about you and the purposes for which it is being processed.
• Right to Grievance Redressal: You may raise a complaint with the Institute’s Data Protection Officer or the Data Protection Board of India if you believe your data rights have been violated.

7. DATA SECURITY & PROTECTION MEASURES

The Institute implements appropriate technical and organisational security measures to protect your personal data from unauthorised access, alteration, disclosure, or destruction. These measures include:

• Access to collected data is restricted to authorised admission team personnel only, on a need-to-know basis
• Lead data downloaded from Meta (Facebook/Instagram) and Google platforms is stored in password-protected and access-controlled systems
• Staff members handling personal data are trained on data privacy obligations and are bound by confidentiality undertakings
• Periodic reviews and audits of data handling practices to ensure ongoing compliance
• Data is retained only for the duration necessary to fulfil the stated purpose, after which it is securely deleted

8. Data Retention & Disposal

We retain your personal data only for as long as it is necessary to fulfil the purpose for which it was collected. Our retention guidelines are:

• Active Leads: Data of prospective students who are actively engaged in the admission process is retained for the duration of the current admission cycle.
• Inactive Leads: If no engagement occurs within 12 months of initial collection, the data is flagged for deletion.
• Opted-Out Individuals: Data is permanently erased within 30 business days of receiving the opt-out request.
• Enrolled Students: Data of students who have enrolled transitions to the Institute’s student records system and is governed by the Institute’s academic data retention policies.

Upon expiry of the retention period, all personal data is securely erased from digital systems using industry-standard data sanitisation practices.

9. Use of Cookies & Tracking Technologies

Our website and landing pages may use cookies and similar tracking technologies, including:

• Meta Pixel (Facebook Pixel): To measure the effectiveness of our Facebook and Instagram advertising campaigns and to understand how visitors interact with our website after viewing our ads. The Meta Pixel may collect data about your browsing activity on our site for the purpose of ad measurement and optimisation.
• Google Analytics & Google Ads Conversion Tracking: To measure the performance of our Google advertising campaigns and to understand website traffic patterns.

These technologies help us improve our outreach effectiveness but do not grant us access to any personal data beyond what you voluntarily submit through our forms. You may opt out of cookie-based tracking by adjusting your browser settings or using available opt-out tools provided by Meta and Google.

10. PROTECTION OF MINORS’ DATA

We recognise that some prospective students may be below the age of 18 at the time of enquiry. In such cases:

• We encourage parents or lawful guardians to submit the lead form on behalf of the minor
• We do not knowingly engage in targeted advertising directed at children under 18 without parental awareness
• The Institute does not engage in behavioural monitoring or tracking of minors for advertising purposes

11. DATA BREACH NOTIFICATION

In the unlikely event of a personal data breach that compromises the confidentiality, integrity, or availability of your personal data, the Institute shall:

• Notify the Data Protection Board of India without unreasonable delay, and within 72 hours of becoming aware of the breach as mandated by the DPDP Rules, 2025
• Notify affected Data Principals (individuals) promptly, providing details of the nature of the breach and recommended protective actions
• Take immediate remedial measures to contain the breach, minimise its impact, and prevent recurrence

12. CHANGES TO THIS POLICY

The Institute reserves the right to update or modify this Privacy & Data Protection Policy at any time to reflect changes in legal requirements, institutional practices, or platform policies. Any significant changes will be posted on our official website with a revised “Last Updated” date. We encourage you to review this policy periodically.

13. CONTACT US – DATA PRIVACY ENQUIRIES

If you have any questions, concerns, or requests regarding this policy or the handling of your personal data, please contact us:

You may also file a grievance with the Data Protection Board of India if you believe your data rights have been violated under the DPDPA, 2023.

Download website policy