Privacy Policy

1. Who we are

2. Information we collect

2.1 Information you provide to us directly

Via the contact form on sprktechnologies.in

• Full name
• Email address
• Mobile number
• The message / inquiry you send us

This information is used by our sales and counselling teams to respond to you about our courses and services.

Via student.sprktechnologies.in (once enrolled as a student)

• Name, email address, mobile number, and other admission details
• Login credentials (username and password — passwords are stored in hashed form and are not readable by us)
• Assignment submissions and files you upload
• Leave applications
• Attendance records, fee receipts, course progress, and syllabus access logs
• Messages exchanged with faculty or administration through the portal

Via portal.sprktechnologies.in (for SPRK staff — owners, administrators, HR, sales and faculty)

• Name, email, role / designation, and login credentials
• Work-related activity and records within the portal

Via status.sprktechnologies.in (for corporate training clients and batch participants)

• Participant name, email, and employer / organization details
• Batch progress, attendance, and completion status

2.2 Documents collected at admission (KYC)

At the time of admission, we collect supporting documents for identity verification, eligibility confirmation, and regulatory record-keeping. Depending on the program and applicable law, these may include:

• Aadhaar card
• PAN card
• 10th and 12th marksheets and certificates
• Graduation or diploma certificates
• Passport-size photographs
• Address proof
• Government-issued identification
• Caste, income, or domicile certificates
• Bank details or cancelled cheque
• Parent or lawful guardian ID where applicable

How we collect them. You provide physical copies at the time of admission. Our administrative staff then digitize these copies (through scanning or photography) and upload them to our admin portal at portal.sprktechnologies.in for secure record-keeping.

Where they are stored. Digitized copies are stored both on our Hostinger-hosted infrastructure (linked to our admin portal) and on our organizational Google Drive (Google Workspace) as part of our document management process. Physical copies, where retained, are kept in secure storage at our office for administrative, accreditation, and audit purposes for the period permitted by law.

Who can access them. Access to admission documents on portal.sprktechnologies.in is restricted to authorized SPRK administrative staff only. Faculty, sales staff, and other personnel do not have access to these documents through the portal. Access is logged and reviewed periodically.

Aadhaar-specific handling. Where Aadhaar is submitted, we handle it in accordance with the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016 and relevant UIDAI guidelines:

• We use Aadhaar strictly for one-time identity verification at admission, and not for any other purpose
• We request students and parents to submit a masked Aadhaar copy (with the first 8 digits hidden; only the last 4 digits visible), available through the UIDAI mAadhaar app or the resident portal at uidai.gov.in.
• We do not share Aadhaar information with any third party for marketing, profiling, or any purpose unrelated to identity verification.
• We do not use Aadhaar numbers as a login identifier or as a primary key in our databases.

If you prefer not to submit Aadhaar, you may provide an alternate government-issued photo ID (Passport, Voter ID, Driving Licence, or PAN together with address proof).

Purposes. Admission documents are used to:

• Verify your identity and eligibility for the program
• Maintain student records required for accreditation, audits, and regulatory compliance
• Process fee transactions, scholarships, and bank-related operations
• Issue certificates, transcripts, and verification letters during and after the course
• Respond to lawful requests from educational, tax, or regulatory authorities

2.3 Information collected automatically

When you visit any of our sites, we (and our service providers) automatically collect limited technical data, such as:

• IP address
• Browser type and version
• Device type and operating system
• Referring URL and exit URL
• Pages visited, time spent, and general interaction behaviour
• Cookie identifiers (see Section 7)

2.4 Bot and abuse protection

When you submit forms or log in, we use hCaptcha to verify that you are a human and not an automated bot. hCaptcha may process your IP address, limited browser data, and interaction signals as part of this verification.

See hCaptcha’s privacy policy at hcaptcha.com/privacy.

3. How we use your information

We use the information we collect for the following purposes:

• To respond to contact-form inquiries and allow our sales / counselling team to reach you about our courses
• To register, enroll, and manage students and their academic journey with us
• To process assignments, attendance, leaves, fees, and course completion records
• To operate internal staff workflows through our admin portal
• To deliver corporate training programs and share progress reports with partner organizations
• To maintain the security, integrity, and performance of our Services
• To analyze usage patterns and improve our websites and services
• To send operational communications (for example, course updates, fee reminders, portal notices)
• To comply with legal, tax, and regulatory obligations

We do not use your personal data for automated decision-making that produces significant legal effects on you, and we do not engage in behavioural advertising directed at you.

4. Legal basis and consent

Under the DPDP Act, 2023, we process personal data primarily on the basis of your consent, which you provide when you submit a form, enroll as a student, or use our portals. In certain situations, we may also process personal data for legitimate uses permitted by the Act — for example, employment-related processing for staff, or processing required to comply with law.

You may withdraw your consent at any time by writing to hr@sprktechnologies.in. Please note that withdrawing consent may limit our ability to continue providing certain Services (for example, you cannot use the student portal without processing of student data).

5. Children and minors

Where a student is a minor under Indian law (i.e., below 18 years of age), we collect and process their personal data only with the verifiable consent of a parent or lawful guardian, as required under Section 9 of the DPDP Act, 2023.

Specifically:

• At the time of enrollment, we obtain parental or guardian consent through our admission process (documented consent at admission or a verified electronic confirmation).
• We do not undertake tracking, behavioural monitoring, or targeted advertising directed at minors.
• We do not process a child’s personal data in any manner that is likely to cause any detrimental effect on their well-being.

A parent or guardian may, at any time, contact us at hr@sprktechnologies.in to review, correct, or request deletion of their child’s personal data, or to withdraw consent.

6. Sharing and disclosure

We do not sell your personal data, and we do not share it with third parties for their own marketing purposes.

We share your information only with the following categories of recipients, and only to the extent necessary:

6.1 Service providers (Data Processors)

These providers help us operate the Services. They are contractually required to protect your data and to use it only for the purposes we specify:

• Hostinger International Ltd. — web hosting and server infrastructure, including storage of admission documents linked to our admin portal
• Google LLC (Google Workspace / Google Drive) — organizational document storage and collaboration, including storage of digitized admission documents
• Google LLC (Google Analytics) — website usage analytics
• Intuition Machines, Inc. (hCaptcha) — bot and abuse prevention on forms and logins

6.2 Legal and regulatory disclosures

We may disclose personal data where we are required to do so by law, court order, or a valid request from a government or law-enforcement authority, or where disclosure is necessary to protect our legal rights, safety, or property.

6.3 Business transfers

If SPRK is involved in a merger, acquisition, restructuring, or sale of assets, personal data may be transferred to the successor entity, subject to the same protections described in this Policy.

7. Cookies and analytics

We use cookies and similar technologies to:

• Keep you signed in to our student and staff portals
• Remember your preferences
• Measure site traffic and usage behaviour through Google Analytics

Google Analytics may set cookies that collect information such as your IP address (truncated where applicable), device details, and interactions on our sites.

You can learn more at policies.google.com/privacy and opt out using the Google Analytics Opt-out Browser Add-on at tools.google.com/dlpage/gaoptout.

You can also control cookies through your browser settings. Please note that blocking essential cookies may affect portal functionality (for example, you may not be able to stay logged in to the student or staff portal).

8. International users and data transfer

Our Services are primarily directed at users in India, but we may receive inquiries or enrollments from users outside India.

Our servers and operations are located in India, and our service providers may store or process data in other jurisdictions (for example, Google Analytics may process data in data centres outside India).

By using the Services, you consent to your information being transferred to, stored, and processed in India and in the locations of our service providers, subject to appropriate safeguards.

9. Data retention

We retain personal data only for as long as necessary to fulfill the purposes set out in this Policy. Indicative retention periods are:

• Contact form inquiries: up to 24 months from the date of last contact, unless you go on to enroll as a student.
• Student records: for the duration of your enrollment and for up to 7 years after course completion, or longer where required by law or for legitimate record-keeping (for example, issuing duplicate certificates or verification letters).
• Admission documents (KYC): digital and physical copies are retained for the duration of your enrollment and for up to 7 years after course completion, for audit, accreditation, and regulatory purposes. After this period, physical copies are securely shredded and digital copies are permanently deleted from our portal and Google Drive, unless a longer retention is required by law.
• Staff portal data: for the duration of employment or engagement, and thereafter as required under applicable labour and tax laws.
• Analytics data: typically retained by Google Analytics for up to 14 months.

After the retention period, data is deleted or anonymized so it can no longer be associated with you.

10. Data security

We implement reasonable technical and organizational security measures to protect your personal data, including:

• Encryption of data in transit using HTTPS / TLS across all our sites and portals
• Storage of passwords in hashed form (we cannot see or recover your raw password)
• Role-based access controls on our portals, so that staff only see the data they need for their role — in particular, admission documents (KYC) are accessible only to authorized administrative staff
• hCaptcha-based protection against automated attacks and abuse
• Secure storage of any retained physical documents in access-controlled premises at our office
• Regular review of our security practices

No system can be guaranteed 100% secure. In the event of a personal data breach that affects your information, we will notify the Data Protection Board of India and affected individuals in accordance with our obligations under the DPDP Act.

11. Your rights

Subject to the DPDP Act and other applicable laws, you have the following rights in relation to your personal data:

• Right to access: request a summary of the personal data we hold about you and the processing activities we carry out.
• Right to correction and erasure: request that we correct inaccurate or incomplete data, or delete data that is no longer necessary for the purposes for which it was collected.
• Right to grievance redressal: raise concerns about our handling of your personal data (see Section 13).
• Right to nominate: nominate another individual to exercise your rights in the event of your death or incapacity.
• Right to withdraw consent: as described in Section 4.

To exercise these rights, please email hr@sprktechnologies.in from the email address associated with your account or form submission. We may ask you to verify your identity before acting on a request.

If you are a parent or lawful guardian of a minor student, you may exercise these rights on behalf of your child.

12. Third-party links

Our sites may contain links to external websites (for example, partner organizations or payment gateways if added in future). We are not responsible for the privacy practices or content of those sites. We encourage you to review their privacy policies before providing any personal data.

13. Grievance officer

In accordance with the Digital Personal Data Protection Act, 2023 and the Information Technology Act, 2000 (and the Intermediary Guidelines), you may contact our designated officer for any privacy-related grievance or query:

We will acknowledge your grievance within a reasonable time and aim to resolve it within 30 days of receipt.

14. Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by updating the “Last updated” date at the top of this page, and where appropriate by placing a prominent notice on our website or by emailing registered users. Your continued use of the Services after the change constitutes your acceptance of the updated Policy.

15. Contact us

For any questions about this Privacy Policy or about how we handle your personal information: