Indian Nationals
Foreign Nationals
Indian NationalsForeign Nationals
Indian Institute of Technology (hereinafter "IIT-KGP," "us," "we," or "our" or “the Institute”) is committed to security and management of personal data, to function effectively and successfully for the benefit of our stakeholders, customers and for the community. In doing so, it is essential that people’s privacy is protected through the lawful and appropriate means for handling personal data. Therefore, we have implemented this privacy policy (hereinafter referred to as ‘‘policy’’).
This policy aims to protect personal data of the various stakeholders connected to our institution. This policy is aimed at providing individuals notice of the basic principles by which we processes the personal data of individuals (“Personal Data”) who visit, use, deal with and/or transact through the website and includes a guest user and browser (hereinafter ‘you’, ‘user’).
The purpose of this policy is to describe how IIT KGP collects, uses, and shares information about you through our online interfaces (e.g., websites and mobile applications) owned and controlled by us, including but not limited to https://online.iitkgp.ac.in/ (hereinafter the "website"). This policy is also designed to provide information on how IIT KGP ensures data security, conducts data transfers and processes requests from data subjects.
We may collect the following types of personal information based on your interaction with our services:
A. Personal Identification Data
· First Name, Last name
· Job title & Company
· Signature
· Photographs
B. Identification Data
· Aadhaar number and PAN
C. Financial Data
· Bank Account information
· Payment gateway account details
· E-wallet account details
D. Personal Characteristics
· Age
· Gender
· Date of Birth
· Marital Status
· Nationality
E. Contact Data
· Postal address
· Email address
· Phone number
F. Educational Background
· Educational qualification(s)
· Post-qualification experience documents (e.g. Offer Letter, Experience Letter)
G. Electronic Identification Data
· Login credentials (If you are a registered user)
· Visitors IP Data
· Date and time of website visit
· Pages visited and navigation on the website
· Browser being used
· County of accessing website
· Language of the browser being used
· Words searched for
· Pixel tags
H. Inquiries
· Personal Data stated in the form – for example: Name, address, phone number, country
· Subject of Inquiry
· Personal details (Name on the card, billing address)
· Payment details (card numbers, card type)
· Recordings of calls with students and users showing interest in our Program.
· Information about your interactions with customer service and maintenance interactions with us.
I. User-Generated Data
· Projects and Assignments submitted
· Peer feedback and grading
· Program performance data
· Response to quizzes, standalone quizzes, exams, and surveys
· Web Cam Recordings (during assessments related to online courses)
· Posts made to public forums through our platform
· Any other information necessary to ensure conformity with test/ assessment rules, area of interests
J. Marketing Data
· Your preferences in receiving marketing information from us
· Your communication preferences
K. Behavioural Data
· Data inferred or assumed information relating to your behaviour and interests based on your online activity on our sites
The data collected by the institution is derived directly from the data provided by the user or by use of our sites.
Data Collected when You:
· Register/apply for various seminars, webinars or any other outreach initiatives made available by us.
· Request a quote for the various products and services offered by us
· View our services or visit our website pages on the internet
· Browse our website
· When you appear for assignments, exams or any other assessments in relation to online courses Data Collected from third parties
We receive Personal Data such as access or login details, profile picture or any other text / image in relation to your Personal Data which may be available with such third parties.
We also receive information about your visits to this platform and to other websites using pixel tags.
Third parties from whom we receive your Personal Data include, our service providers, other networks connected to our service, our advertising partners, our marketing and advertising affiliates, our educational partners, scholarship providers, analytics providers, recruiters and such other third-party sources.
Cookies are text files placed on your computer to collect standard Internet log information and visitor behaviour information. When you visit our websites, we may collect information from you automatically through cookies or similar technology.
Furthermore, we may allow third-party advertising companies (such as Facebook, Google, Twitter, Quora and Bing) to place cookies on our website. These cookies enable such companies to track your activity across various sites where they display Ads and record your activities, so they can show Ads that they consider relevant to you as you browse the Internet. These cookies store information about the content you are browsing, together with an identifier linked to your device or IP address.
IIT KGP uses cookies in a range of ways to improve your experience on our website, including:
To recognise our website user and to enhance user experience when interacting with our website
We moreover use cookies to help us to analyse the use and performance of our website and services
We also use cookies to improve the delivery and value of various services and products offered by us.
What types of cookies do we use?
There are a few different types of cookies, however, our website uses:
Persistent Cookies. We use persistent Cookies to improve your experience of using the Sites. This includes recording your acceptance of our Cookie Policy to remove the cookie message which first appears when you use the Sites.
Session Cookies. Session Cookies are temporary and deleted from your machine when your web browser closes. We use session Cookies to help us track internet usage as described above.
Analytical/Performance Cookies. Analytical cookies allow us to recognise and count the number of visitors and see how many visitors move around our website while they are using it. This helps us improve the way our website works, for example, by ensuring the users find what they are looking for.
Functionality Cookies. Functionality Cookies recognise when you return to the website. This enables the company to create greater content for you and remember your likes and dislikes and other preferences.
Targeting Cookies. Targeting Cookies records the visit to our website, the pages navigated to and the links clicked upon. It helps to formulate information relevant to the user’s area of interests.
Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. Disabling some cookies form the website, may have a negative impact and may result in some non-availability of some features.
If you want to remove previously stored Cookies, you can manually delete the Cookies at any time. However, this will not prevent the Sites from placing further Cookies on your device unless and until you adjust your Internet browser setting as described above.
You can however obtain up-to-date information about blocking and deleting cookies via these links:
· https://support.google.com/chrome/answer/95647 (Chrome)
· https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences (Firefox)
· https://www.opera.com/help/tutorials/security/cookies/ (Opera)
· https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage- cookies (Internet Explorer)
· https://support.apple.com/kb/PH21411 (Safari)
These opt-out mechanisms rely on cookies to remember your choices. If you delete your cookies, use another computer or device, or change browsers, you will need to repeat this process. In addition, opting out of interest-based ads will not opt you out of all ads, but rather only those ads that are personalised to your interests.
Where third parties process data on behalf of the institution, we endeavour to obtain assurances from such third parties that your Personal Data will be safeguarded consistently. We understand that it will be accountable for the processing, management and regulation, and storage and retention of all Personal Data held in the form of manual records and on computers.
All Personal Data obtained and held by the institution will; a) be processed fairly, lawfully and in a transparent manner; b) be collected for specific, explicit, and legitimate purposes, c) be adequate, relevant and limited to what is necessary for the purposes of processing, d) be kept accurate and up to date. Every reasonable effort will be made to ensure that inaccurate data is rectified or erased without delay; e) not be kept for longer than is necessary for its given purpose; f) be processed in a manner that ensures appropriate security of Personal Data including protection against unauthorised or unlawful processing, accidental loss, destruction or damage by using appropriate technical or organisation measures; g) comply with the relevant laws and procedures for international transferring of Personal Data applicable to us.
We may obtain your consent to collect and use certain types of Personal Data when we are required to do so by law.
Once consent is obtained from the individual to use his or her information for those purposes, the institution has the individual's implied consent to collect or receive any supplementary information that is necessary to fulfil the same purposes. Express consent will also be obtained if, or when, a new use is identified. Consent may also be implied where a user is given notice and a reasonable opportunity to opt- out of his or her personal information being used for mail-outs, the marketing of new services or products, and the client, customer, member does not opt-out. Subject to certain exceptions (e.g., the personal information is necessary to provide the service or product, or the withdrawal of consent would frustrate the performance of a legal obligation), individuals can withhold or withdraw their consent to use their personal information in certain ways. Further, by using this website/ acknowledging this privacy policy / by voluntarily providing us with your Personal Data, you consent to collection, storage, and processing of your Personal Data in accordance with this privacy policy and our Terms of Service. If you refuse or withdraw your consent, or if you choose not to provide us with any required Personal Data, we may not be able to provide you the services that can be offered on our Platform.
We collect your Personal Data for the following purposes
· To fulfil or meet the reason you provided the information;
· We use your information for managing and processing purposes, including, but not limited to, tracking attendance, progress and completion of a Program. As part of our management and processing of the Program, we will use certain Personal Data to administer exams, projects, and other assessments for the Program. For example, as part of an exam, IIT KGP may use certain information collected from you in order to verify your identity or to monitor your performance during the exam to confirm that you are abiding by the applicable testing rules or requirements.
· To send you updates about the Programs, other IIT-KGP events, platform maintenance or new services provided by IIT-KGP, among other things, through itself or through third parties, via WhatsApp, email, SMS, phone call or any other medium;
· To enhance the quality of our content and product offerings;
· Compliance with security and other mandatory policies and building access;
· Providing information to relevant external authorities for tax and other purposes as legally required;
· Conducting surveys to assess your satisfaction, including but not limited to its processes or policies;
· Setting up and maintaining accounts and subscriptions with third parties that provide information and research services, communication services, and technological services;
· Making decisions about your continued engagement;
· To monitor use of our information and communication systems to ensure compliance with our IT and document management policies;
· To ensure network and information security, including preventing unauthorised access to our computer and electronic communications systems and preventing malicious software distribution;
· Business management and planning, including accounting, auditing and insuring;
· Planning or reviewing options in relation to the operation or management;
· Keeping registers required by law or regulation;
· Communicating with you, for example to respond to inquiries;
· Enhancing the safety and security of the services and preventing fraud, or protecting our or our customers’, or your rights or property;
· Enforcing applicable terms and conditions and other applicable policies;
We send marketing communications only where you have requested information from us or have expressly consented to receive such communications. We may use your personal and usage data to understand your preferences and tailor relevant services and offers. We may also engage third-party partners to display advertisements on our behalf across digital platforms. These partners may collect data regarding your interactions with our platform to deliver targeted advertisements. You may opt out of electronic marketing communications at any time through the opt-out option provided in each communication, and your preference will be duly honoured.
IIT-KGP is a global institution and may share or provide access to the personal information collected with other entities.
Personal Data may be shared with the following categories of third parties: government and regulatory authorities to comply with applicable laws and audits; suppliers, business associates, subcontractors, and service providers for operational, technological, and communication needs; professional advisers, consultants, and recruitment or verification agencies for background checks, payroll administration, and related services; legal advisers and external auditors for legal and compliance purposes; service providers supporting business continuity and contingency planning; and entities enabling participation in digital wallets, payment services, or rewards programs.
We provide access to or share your information with operations third party service providers who perform services on our behalf strictly on confidential terms. They provide a variety of services to us, including billing, sales, marketing, test proctoring, couriers, mentoring, recruitment consulting, product content and features, advertising, analytics, research, customer service, student support, data storage, security, fraud prevention, credit facilities, payment processing and legal services. Such third parties may also collect additional information to serve you better. By submitting your details, you explicitly agree and consent to the collection of such additional information by these third parties.
12. Data Principal rights
Depending on applicable law, you may have the right to:
Right to Access Information
Right to Correction and Erasure
Right to Withdraw Consent
Right to Grievance Redressal
Right to Nominate
To exercise a right that you believe you may be entitled to under applicable law, please write to us at head@cic.iitkgp.ac.in
We may need to verify your identity before we fulfil your request.
Our response and further processing of the request to exercise these rights will depend upon the law applicable in relation to the rights exercised by you. We may refuse requests that are unreasonably repetitive, require disproportionate technical effort, risk the privacy of others, may compromise an ongoing investigation, or are impractical. It is our policy to never discriminate against you for exercising any of these rights.
13. Policy on Children’s Data
We do not knowingly collect, process, or store personal data of individuals under the age of 18. Our platforms are intended for use by adults only.
By accessing or using our platforms and accepting this Policy, you confirm and represent that you are 18 years of age or older. If we become aware that personal data of a minor has been collected without the required consent, we will take appropriate steps to delete such data in compliance with applicable law.
14. Data Security and Retention
IIT KGP ensures that appropriate technical and organisational measures are in place to safeguard Personal Data and maintain a secure environment for information held both electronically and in physical form. Robust security controls, supported by internal policies and risk assessments, are implemented to prevent unauthorised access, unlawful processing, accidental loss, or damage to Personal Data. Clear responsibilities and accountability for data security are assigned, along with periodic risk reviews to ensure ongoing protection of confidentiality, integrity, and availability of data.
Personal Data is retained only for as long as necessary to fulfil the purposes for which it was collected, or as required under applicable laws, including for establishing, exercising, or defending legal rights. Where required to extend the retention period, consent will be obtained. Data may also be securely deleted earlier if the purpose for which it was collected has been fulfilled. Users may exercise their applicable data protection rights as provided under this Policy.
15. External Links and Third-Party Services
Our website or platform may contain links to third-party websites or services that are not operated by us (for example, university portals, payment gateways, or external content repositories). We do not control and are not responsible for the privacy practices of such third-party sites.
If you follow a link to any third-party site, you are encouraged to review their privacy policy to understand how your Personal Data will be processed.
16. Breach Notification
Where a data breach is likely to result in a risk to the rights and freedoms of individuals, it will be reported to the relevant supervisory authority within 72 hours of the Institute becoming aware of it and may be reported in more than one instalment. Individuals will be informed directly in the event that the breach is likely to result in a high risk to the rights and freedoms of that individual. If the breach is sufficient to warrant notification to the public, the Institute will do so without undue delay.
17. Use of Website and Terms of Service
Use of the website and platform is governed by the applicable Terms of Use, which, together with this Privacy Policy, set out the legal framework for accessing and using our services. This Policy forms an integral part of such Terms by reference.
18. Updates to this Policy
We may update this Policy periodically. The updated version will be posted on this page with the “Last Updated” date. Continued use of the Platform constitutes acceptance of the revised Policy.
The institution has appointed a Data Protection Officer; who can be reached at the details below:
Name: Sandip Chakraborty
Email Address: head@cic.iitkgp.ac.in
