Privacy Policy
Introduction
Skillari Education Pvt. Ltd. ("Skillari," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, store, and protect your personal information when you access or use our Platform — including our website, mobile applications, and all related services.
This policy applies to all users of the Platform, including students, instructors, enterprise clients, and visitors. By using the Platform, you acknowledge that you have read and understood this Privacy Policy.
Key principle: We collect only what we need, use it only for stated purposes, and keep it only as long as necessary. We never sell your personal data to third parties for marketing purposes.
Information We Collect
We collect different categories of information depending on how you interact with the Platform:
2.1 Personal Data
Information you directly provide to us when you create an account, enroll in courses, or contact support:
| Data Type | Examples | When Collected |
|---|---|---|
| Identity | Full name, profile photo | Account registration |
| Contact | Email address, phone number | Registration, support requests |
| Professional | Job title, company name, industry | Profile setup (optional) |
| Education | Learning goals, course preferences | Onboarding, course selection |
| Address | Billing address, shipping address | Purchase, certificate delivery |
| Credentials | Password (hashed), login method | Account creation |
2.2 Usage Data
Information collected automatically when you use the Platform:
- Device information (browser type, operating system, device type, screen resolution)
- Log data (IP address, access times, pages viewed, referring URLs)
- Learning analytics (video watch time, quiz scores, completion rates, time spent per module)
- Interaction data (clicks, scroll depth, feature usage patterns)
- Performance data (page load times, error logs, crash reports)
2.3 Payment Data
When you make a purchase, payment information is processed by our authorized payment partners. We do not store full credit card numbers on our servers.
- What we store: Transaction ID, payment method type, amount paid, billing address, GSTIN (for Indian business customers).
- What our payment partner stores: Full card details, UPI handles, bank account information — governed by PCI-DSS compliance.
Note: Our payment processing partners (Razorpay, Stripe) operate under their own privacy policies and are PCI-DSS Level 1 certified. We receive only the transaction confirmation and necessary billing details.
How We Collect Information
| Method | Description |
|---|---|
| Direct input | When you fill forms, create your profile, write reviews, or send messages |
| Automatic collection | Through cookies, log files, analytics tools, and device sensors |
| Third parties | From social login providers (Google, Apple, LinkedIn) when you sign in via SSO |
| Payment partners | Transaction confirmations from Razorpay, Stripe, or other processors |
| Enterprise integrations | From your organization's admin when enrolled through a team or enterprise plan |
When you use social sign-in (Google, Apple, LinkedIn), we receive only the basic profile information you permit — typically your name and email address. We do not post to your social media accounts or access your contacts.
How We Use Your Information
We use your personal data for the following purposes, relying on legitimate interests, contractual necessity, or your consent as appropriate:
- Platform operations: Creating and managing your account, processing enrollments, issuing certificates, and providing customer support.
- Learning delivery: Tracking your progress, personalizing course recommendations, and adapting content to improve your learning experience.
- Communication: Sending course updates, assignment reminders, system notifications, and responding to your inquiries.
- Payments: Processing transactions, generating invoices, issuing refunds, and complying with GST/tax regulations.
- Improvement: Analyzing usage patterns to improve course content, Platform features, and user experience.
- Security: Detecting and preventing fraud, unauthorized access, abuse, and security incidents.
- Marketing: Sending promotional emails about new courses and offers (only with your consent, and you can unsubscribe at any time).
- Legal compliance: Fulfilling legal obligations, responding to lawful requests from authorities, and enforcing our Terms & Conditions.
Personalization: We use learning analytics to recommend courses based on your progress and interests. You can disable personalized recommendations in your account settings without affecting core Platform functionality.
Information Sharing & Disclosure
We do not sell your personal data. We may share your information in the following limited circumstances:
| Shared With | Purpose | Data Shared |
|---|---|---|
| Instructors | Course management | Student name, progress, assignment submissions (no email or payment data) |
| Payment processors | Transaction processing | Order amount, billing details (Razorpay, Stripe) |
| Analytics providers | Platform analytics | Anonymized usage data (Google Analytics) |
| Cloud infrastructure | Hosting & storage | Encrypted data stored on AWS servers (India region) |
| Email services | Transaction emails | Email address, name (SendGrid/Mailgun) |
| Enterprise admins | Team management | Enrollment status, completion data (per enterprise agreement) |
| Certificate verification | Third-party verification | Certificate ID, holder name, course name, completion date |
| Legal authorities | Legal compliance | As required by law or court order (limited to what is necessary) |
In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the acquiring entity. We will notify you via email and/or a prominent Platform notice before such a transfer takes effect.
Cookies & Tracking Technologies
We use cookies and similar technologies to operate and improve the Platform. Here is a breakdown:
| Category | Purpose | Duration | Consent Required |
|---|---|---|---|
| Essential | Login session, CSRF protection, load balancing | Session – 1 year | No |
| Functional | Language preference, dark mode, video quality settings | Up to 1 year | No |
| Analytics | Page views, traffic sources, user behavior analysis | Up to 2 years | Yes |
| Marketing | Retargeting ads, conversion tracking, affiliate attribution | Up to 1 year | Yes |
You can manage your cookie preferences through the cookie consent banner displayed on your first visit, or through your browser settings. Disabling certain cookies may affect Platform functionality.
Important: We do not use cookies for cross-site tracking or sell advertising data. Marketing cookies are used solely to measure the effectiveness of our own campaigns and show relevant Skillari ads to users who have visited our Platform.
Data Storage & Security
We implement industry-standard security measures to protect your personal data:
- Encryption: All data in transit is encrypted via TLS 1.3. Data at rest is encrypted using AES-256.
- Infrastructure: Hosted on AWS with data centers in the India (Mumbai) region. Database backups are encrypted and stored in separate availability zones.
- Access control: Role-based access with principle of least privilege. All internal access is logged and audited.
- Vulnerability management: Regular penetration testing, dependency scanning, and bug bounty programs.
- Incident response: Documented incident response plan with breach notification procedures compliant with applicable laws.
While we strive to protect your data, no system is completely secure. We will notify affected users within 72 hours of becoming aware of a data breach that poses a risk to your rights and freedoms, as required by applicable law.
Your Rights
Depending on your location, you may have the following rights regarding your personal data. We honor these rights regardless of your jurisdiction:
8.1 Access & Portability
You have the right to request a copy of the personal data we hold about you, in a structured, machine-readable format (JSON or CSV). You can also download your learning data directly from your account settings at any time.
8.2 Correction & Deletion
You can update most of your personal information directly in your account settings. For data you cannot edit (such as transaction records), you may request corrections by contacting us. You may also request deletion of your personal data, subject to certain exceptions:
- Data required for legal compliance or to resolve disputes cannot be deleted immediately.
- Anonymized data used for analytics is not considered personal data and is not subject to deletion.
- Course completion records linked to issued certificates are retained for verification purposes.
8.3 Objection & Restriction
You may object to or request restriction of processing of your personal data in the following circumstances:
- Direct marketing: You can unsubscribe from marketing emails at any time using the link in each email or through your account settings.
- Profiling: You can disable personalized course recommendations in your settings.
- Legitimate interest: You may object to processing based on our legitimate interests. We will stop processing unless we have compelling grounds.
- Data portability on exit: When you delete your account, we provide a final data export before deletion is completed.
How to exercise your rights: Submit a request through your account settings under "Privacy & Data" or email us at privacy@skillari.com. We respond to all requests within 30 days. If you are in the EU or India, you also have the right to lodge a complaint with your local supervisory authority.
Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes described in this policy:
| Data Category | Retention Period | Reason |
|---|---|---|
| Account data | Duration of account + 30 days after deletion request | Account operation, grace period for recovery |
| Learning progress | Duration of account | Course continuity |
| Transaction records | 7 years | Tax and legal compliance (GST Act, India) |
| Certificate data | 5 years after issuance | Verification purposes |
| Support tickets | 2 years after resolution | Quality assurance, follow-up |
| Marketing consent records | 5 years from last consent | Compliance documentation |
| Server logs | 90 days | Security and debugging |
| Anonymized analytics | Indefinite | Product improvement (not personal data) |
Children's Privacy
The Platform is not intended for children under 13 years of age (or under 16 in the European Economic Area). We do not knowingly collect personal data from children.
If we discover that a child under the applicable age has provided us with personal data, we will take steps to delete that information as quickly as possible. If you are a parent or guardian and believe your child has an account on our Platform, please contact us immediately at privacy@skillari.com.
For users aged 13–17: Users in this age range may use the Platform only with the consent and supervision of a parent or legal guardian. The parent or guardian assumes responsibility for the minor's use of the Platform.
International Data Transfers
Our primary data storage is located in India (AWS Mumbai region). However, some of our service providers may process data in other jurisdictions:
- Analytics: Google Analytics may process anonymized data in the United States under Standard Contractual Clauses (SCCs).
- Email delivery: SendGrid/Mailgun may process email addresses in the United States under Data Processing Agreements (DPAs).
- Payment processing: Razorpay processes data in India; Stripe may process data in the US or EU depending on the payment method.
When data is transferred outside of India or the EEA, we ensure appropriate safeguards are in place, including:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Data Processing Agreements with GDPR-compliant clauses
- Ensuring recipients maintain adequate security standards
Third-Party Links
The Platform may contain links to third-party websites, services, or resources (including course materials that link to external tools or documentation). These third-party sites are governed by their own privacy policies, which we encourage you to review.
We are not responsible for the privacy practices, data collection, or content of third-party sites. The inclusion of any link does not imply our endorsement of the linked site or its operators.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes:
- We will update the "Last updated" date at the top of this page.
- For material changes that affect your rights, we will send an email notification to your registered address at least 15 days before the changes take effect.
- We will post a prominent notice on the Platform for significant updates.
Continued use of the Platform after changes take effect constitutes your acceptance of the revised Privacy Policy. We encourage you to review this page periodically.
Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
| Data protection queries | privacy@skillari.com |
| General support | support@skillari.com |
| Legal inquiries | legal@skillari.com |
| Postal address | Skillari Education Pvt. Ltd. Data Protection Officer 4th Floor, Meridian Tower, SP Infocity, GST Road, Chennai, Tamil Nadu 600096, India |
| Grievance officer | Ms. Priya Sharma Designated Data Protection Officer dpo@skillari.com Response time: Within 30 days |
Regulatory authorities: If you are unsatisfied with our response to your data rights request, you may lodge a complaint with the Data Protection Board of India (under the Digital Personal Data Protection Act, 2023) or your relevant supervisory authority in the EEA.