Privacy Policy

Introduction

This Privacy Policy ("Policy") outlines the privacy practices of Sparkl Edventure Private Limited ("Sparkl", "We", "Us", or “Our”) regarding the collection, use, and protection of personal information from visitors, registered users, customers, vendors, and employees, (collectively, “Users”. It also covers user’s choices concerning user’s personal information on our website, www.sparkl.me ("Website"), and details how to contact us or supervisory authorities if users have a complaint.

This privacy policy is being published in accordance with the provisions of the Information Technology Act, 2000 and other applicable Rules thereunder, including but not limited to the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (“IT Rules”)

Please read this Privacy Policy carefully and in conjunction with the Terms of Use. If you do not agree to this Privacy Policy, or do not accept any part of it, then you should not use the Platform, as the case may be. Your use and/or continued use of the Platform, as the case may be amounts to express consent to the terms of this Privacy Policy as well as the Terms of Use, where required by applicable law, we will obtain your explicit consent prior to processing your personal data.

By consenting to this Policy and accepting the Terms of Use, You agree to the collection, use, and transfer of Your personal information as outlined in this Policy. If you do not agree to this Privacy Policy, or do not accept any part of it, then you should not use the Platform. We review this Policy periodically to ensure it is up-to-date. It was last updated April 2026 Visitors should note that this Policy may change at any time, we will notify you of material changes via email or platform notification prior to such changes taking effect. Registered users will be notified of changes and given the opportunity to review the revised Policy before continuing to use our services.

Definition of Personal Information

Personal Information refers to any information that identifies or can reasonably be linked to an identifiable individual ("Personally Identifying Information"). This includes sensitive personal data as defined by applicable laws.

Collection of Information

As a visitor, You can browse our Website without providing personal information. However, we process such data based on our legitimate interests in maintaining platform security and improving services.. Personal information is collected when you register/express interest in our products or services, participate in activities, or contact us.
We collect personal information for several reasons:

To comply with legal and regulatory obligations
For the performance of a contract with You
For legitimate interests where permitted by law
With Your consent

We may also have a legal obligation to collect personal information to protect vital interests or prevent fraud including obligations under tax, fraud prevention, and law enforcement requirements.

The primary goal of collecting personal information is to provide a safe, efficient, and customized experience. This helps us tailor our courses, study materials, and tutorials to your needs. We do not voluntarily share this information with third parties, except as outlined in this Policy.
When You visit our Website, make a purchase, or register, we may collect information such as:

TYPE OF USER

VISITOR

CUSTOMER

USER

WHAT DATA WE MAY COLLECT

1. Approximate location (city/state level)

2. Website usage information (pages visited, time spent, interactions)

3. Device and browser information (device type, model, operating system)

4. Cookies and similar tracking technologies

1. Name, email address, phone number of the customer or their representative

2. Curriculum and academic requirements,parent details(email)

3. Device and application usage details (device type, model, operating system)

4. Cookies and similar tracking technologies

1. Name, email address, phone number, address, parent details(email,phone no.) and gender

2. Educational Details(school information, curriculum details, and academic preferences)

3. Device and application usage information (device type, model, operating system)

4. Payment-related information required to process subscriptions (such as transaction reference, payment status, and subscription details)

HOW AND WHY, WE USE IT

We use this information to analyse and identify your behaviour and enhance the interactions you have with the Website.

This information is collected to facilitate registration, manage subscriptions, process payments, and provide access to our services. With consent, contact details may also be used to share service updates, newsletters, or information about relevant offerings.

This information is used to deliver and manage educational services, personalize learning experiences, and communicate service-related updates.

In case of technical issues screen recordings may be collected solely for troubleshooting and support purposes. With consent, contact details may also be used to share updates, newsletters, or information about additional services.

Usage and Retention of Information

We use Your personal information to:

Provide and improve services
Personalize Your experience on our Website
Contact You regarding Your account and services
Provide customer services and marketing communications, where you have provided consent.
Detect and prevent fraudulent or illegal activities

We will store any personal data we collect from you as long as it is necessary in order to facilitate your use of the Services and for ancillary legitimate and essential business purposes – these include, without limitation, for improving our Services, attending to technical issues, and dealing with disputes.

We may need to retain your personal data even if you seek deletion thereof, if it is needed to comply with our legal obligations, resolve disputes and enforce our Agreements.

For employees, we collect information including:

Contact details, date of birth, gender, ID numbers, marital status, nationality, family details, bank details, education, and blood group (collected only where required for emergency purposes).

Employees' information is used for payroll, attendance, tax deductions, remuneration, and benefits. Vendor information is used for payments and tax deductions.

Additionally, please note:

We do not intentionally collect Special Categories of Personal Data unless required for service delivery and with appropriate safeguards. Further, if you are a Customer/User, you hereby agree and acknowledge that you shall not, under any circumstances, whether directly or indirectly, use our Services to collect or process Special Categories of Personal Data or transfer to us any such data.

The term “Special Categories of Personal Data” shall have the meaning ascribed to it under the GDPR and shall include, without limitation, data pertaining to a data subject’s race, ethnic origin, genetics, political affiliations, biometrics, health or sexual orientation.

YOUR RIGHTS UNDER CALIFORNIA CONSUMER PRIVACY ACT (CCPA)*

*This Section applies only to California residents where applicable.

Sparkl Edventure Private Limited complies with CCPA by giving you the five privacy rights for

California consumers:

The right to know about the personal information a business collects about them and how it is used and shared.
You have a right to be informed about the manner in which any of your personal data is collected or used which we have endeavored to do by way of this Policy.
The right to delete personal information collected from them.
Sparkl Edventure Private Limited gives you the right to request us to delete your personal data.
The right to opt-out of the sale of their personal information.
The right to non-discrimination for exercising their CCPA rights.

Sparkl Edventure Private Limited does not sell any data of any of its users/customers/leads. Sparkl Edventure Private Limited assures no discrimination against consumers exercising their right of privacy under CCPA. Sparkl Edventure Private Limited assures that it will not ask for waiver of privacy rights from California consumers. YOUR RIGHTS & PREFERENCES AS A DATA SUBJECT Subject to the GDPR* and applicable law’s limitations, the rights afforded to you as a data subject are:

* These rights apply where GDPR is applicable.

1. RIGHT TO BE INFORMED : You have a right to be informed about the manner in which any of your personal data is collected or used which we have endeavored to do by way of this Policy.

2. RIGHT OF ACCESS : You have a right to access the personal data you have provided by requesting us to provide you with the same.

3. RIGHT TO RECTIFICATION : You have a right to request us to amend or update your personal data if it is inaccurate or incomplete.

4. RIGHT TO ERASURE : You have a right to request us to delete your personal data.

5. RIGHT TO RESTRICT : You have a right to request us to temporarily or permanently stop processing all or some of your personal data.

6. RIGHT TO OBJECT : You have a right, at any time, to object to our processing of your personal data under certain circumstances. You have an absolute right to object to us processing your personal data for the purposes of direct marketing.

7. RIGHT TO DATA PORTABILITY : You have a right to request us to provide you with a copy of your personal data in electronic format and you can transmit that personal data for using another third-party’s product/service.

8. RIGHT NOT TO BE SUBJECT TO AUTOMATED DECISION-MAKING : You have a right to not be subject to a decision based solely on automated decision making, including profiling.

YOUR RIGHTS UNDER DPDPA :

1. Right to access information about personal data

2. Right to correction and erasure of personal data

3. Right of grievance redressal

4. Right to nominate

If you believe we have used your personal data in violation of the rights above or have not responded to your objections, you may lodge a complaint with your local supervisory authority.

If you wish to exercise your privacy rights, including accessing, correcting, deleting, or opting out of the processing of your personal data, you can contact us directly by emailing our Data Protection Officer at (dpo@sparkl.me). We will respond to your request in accordance with applicable data protection laws.

CHILDREN PRIVACY AND POLICY

We process personal data of children under 13 that use our Services, only with verifiable parental consent or through authorized educational institutions, usually as part of our contract with students (as end customers) and as stated in the Terms of Service accepted by them at the time of registration.This section of the Policy is in accordance with the U.S. Children’s Online Privacy Protection Act (“COPPA”), and outlines our practices in the United States regarding children’s personal data. For children outside the U.S., we implement reasonable measures to ensure valid consent is obtained in accordance with applicable laws.

Parental Consent:

We do not knowingly collect personal information from children without verifiable parental consent, as required under applicable laws such as COPPA. Where a child’s participation is permitted, a parent or legal guardian must provide valid consent before any personal data is collected or processed.

If we are required to obtain parental consent directly, we will obtain such consent in the following manner under COPPA:

Email Consent - In the event we wish to collect personal data from a child(Under 13), and such consent is not obtained by and through an instructor or educational institution, COPPA requires that we first seek a parent or guardian’s consent by email. In the email we will explain what information we are collecting, how we plan to use it, how the parent can provide consent, and how the parent can revoke consent. If we do not receive parental consent within a reasonable time, we will delete the parent contact information and any other information collected from the child in connection with that activity.

Parent Rights :

You have the right to review or request the deletion of your child’s personal data and refuse to permit its further collection or use. Please contact our Data Protection Officer and COPPA Compliance Officer(Shitij Mehrotra) at dpo@sparkl.me to make a request.

You also have the following rights with respect to your PII data:
‍
(i) Request access to your PII data.
(ii) Request correction of the PII data we hold about you.
(iii) Object to processing of your PII data. This right exists where we are relying on legitimate interest as the legal basis for our processing and there is something about your particular situation, which makes you want to object to our processing of your personal data on this ground. You also have the right to object to where we are processing your PII data for direct marketing purposes.
(iv) Request erasure of your PII data. You have the right to ask us to delete or remove personal data when there is no good reason for us to continue processing it.
(v) Request the transfer of your PII data. We will provide to you, or to a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Please note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
(vi) Withdraw your consent. You have the right to withdraw your consent from using your PII data. If you withdraw your consent, we may not be able to provide you with access to the Services.

Here are privacy policy clauses based on your requirements, focusing on clarity and compliance with FERPA (Family Educational Rights and Privacy Act):

1. Access to Education Records:

Sparkl Edventure Private Limited will make education records available for review within a maximum of 45 days from the date of the initial request. Every effort will be made to provide access in a timelier manner.

2. Retention of Education Records:

Sparkl Edventure Private Limited will not destroy any education record if there is an outstanding request to review that record. This policy ensures that all requested records are available for inspection by the eligible student or parent/legal guardian.

3. Rights Regarding Education Records:

"Eligible students and parents/legal guardians have the right to:
- Access: Inspect and review the student's education records.
- Request Amendment: Request that the Organization amend education records that they believe are inaccurate, misleading, or in violation of the student’s privacy rights.
- Control Disclosure: Provide consent for the disclosure of personally identifiable information from education records, except to the extent that FERPA authorizes disclosure without consent.
- File a Complaint: File a complaint with the U.S. Department of Education concerning alleged failures by the Organization to comply with the requirements of FERPA.

Sparkl may disclose student information without consent to appropriate parties when necessary to address a significant and immediate threat to the health or safety of a student or other individuals and to a lawfully issued court order or subpoena, in compliance with FERPA and other applicable laws. in accordance with FERPA.

Sparkl has appointed an EU Representative in accordance with Article 27 of the GDPR.

SPARKL EDVENTURE PRIVATE LIMITED

Rickert Rechtsanwaltsgesellschaft mbH

Colmantstraße 15, 53115 Bonn, Germany

Email - art-27-rep-sparkl@rickert.law

Sharing and Disclosure of Personal Information

We may share personal information with service providers for marketing purposes (only with your explicit consent), IT services, payment processing, customer service, data analysis, and consumer surveys. These providers are authorized to use personal information only as necessary to provide their services. Our service providers act as data processors under contractual obligations.
For employees and vendors, personal information may be shared internally on a need-to-know basis. User information, such as names, testimonials, and scores, may be shared for promotional purposes. For international customers, personal information may be transferred to India, and by using our services, You consent to this transfer.

TRANSFER OF INFORMATION

In order for us to facilitate our operations, we may transfer and store the data we collect and process in accordance with this Policy, to our database server in a third-country for Disaster Recovery purpose. Your rights and protections will, under no circumstances, be diluted by this transfer.

Further, in the ordinary course of business, we may employ other companies and people to assist us in providing certain components of our Services in compliance with the provisions of this Policy. To do so, we may need to share your data with them.

Where applicable – if the entities to which these transfers are affected are not situated in countries deemed ‘adequate’ by the European Commission, we shall enter into appropriate Data Protection Addendums with the transferee parties that comprehensively protect your data. We shall also put in place industry-standard technical and organizational measures (including robust data handling policies) to ensure that such transfers are completed in accordance with applicable laws.

Some of the examples of where we may sub-contract processing activities to third parties include—marketing assistance, processing credit card payments.

COMPELLED DISCLOSURE

In addition to the purposes set out in the Policy, we may disclose any data we collected or processed from you if it is required:

Under applicable law or to respond to a legal process, such as a search warrant, court order, or subpoena;

To protect our safety, your safety or the safety of others or in the legitimate interest of any party in the context of national security, law enforcement,litigation, criminal investigation or to prevent death or imminent bodily harm;

If required in connection with legal proceedings brought against Sparkl Edventure Private Limited its officers, employees, affiliates, customers or vendors;

To establish, exercise, protect, defend and enforce our legal rights.

SECURITY OF YOUR PERSONAL INFORMATION

We implement industry-standard technical and organizational measures by using a variety of security technologies and procedures to help protect your data from unauthorized access, use, loss, destruction or disclosure. When we collect particularly sensitive data it is encrypted using industry-standard cryptographic techniques including but not limited to SSL, TLS, RSA, and AES.

In the event of a data breach, we will notify affected users and regulators as required under applicable law.

In compliance with the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, we adhere to the following reasonable security practices and procedures to protect your personal data

Measure	Description
Access Control	We ensure that access to personal data is granted only to authorized personnel on a need-to-know basis and that such access is logged and monitored.
Data Encryption	Sensitive personal data is encrypted both in transit and at rest using strong encryption methods such as AES-256.
Network Security	We employ secure network architecture, including firewalls and intrusion detection systems, to prevent unauthorized access.
Regular Audits	We conduct regular security audits and assessments to identify potential vulnerabilities and ensure compliance with our security policies.
Employee Training	We conduct regular training programs for our employees to ensure they are aware of and comply with our security policies and procedures.
Third-Party Compliance	We ensure that any third-party service providers who handle personal data on our behalf adhere to equivalent security standards and practices.
Business Continuity Management	We have developed and tested business continuity plans to ensure the availability of critical information and systems in the event of a disruption.
Audit and Compliance	We conduct regular internal and external audits to ensure compliance with COPPA,FERPA,GDPR,DPDPA standards and continuously improve our ISMS.

Security

We take precautions to protect personal information both online and offline. Measures include SSL certification, firewalls, data encryption, physical access controls, and authorization controls. User passwords are encrypted and stored securely. If You suspect a data breach, contact us at grievance@sparkl.me.

Cookies

We use cookies to track user preferences and trends, enhancing our services. You can disable cookies in Your browser settings, but this may affect Website functionality.

Third Parties and Links

We may share your details with group companies and agents for service provision. We do not sell or disclose personal information to third parties without consent, except as necessary for service provision or as required by law. Our Website may contain third-party links; we encourage you to review their privacy practices or content.

Consulting

We use third parties for service fulfillment, payment processing, site monitoring, survey conduction, database maintenance, email administration, content administration, and performance analysis.

Choice

You can customize how we use your personal information for communication and marketing. To unsubscribe from marketing communications, follow the link in the email or contact us. We do not sell or rent Your information without consent.

Ownership of Rights

All rights to the Website and its content are owned by or licensed to us. Unauthorized use, modification, or distribution of content is prohibited. You do not acquire ownership rights by downloading material from the Website.

Your Rights

You have the right to withdraw Your consent at any time by emailing grievance@sparkl.me. You can also request access, modification, or correction of Your personal information. We may deny requests as required by law or legal proceedings.

Conditions of Use

We do not warrant that our Website or emails are virus-free. We are not liable for any damages arising from Website use.

Consent to the Policy

The Terms of Use Agreement is incorporated into this Policy. By using the Website, You consent to this Policy. For any modifications to the Terms or Policy, You may terminate Your account by emailing grievance@sparkl.me. Continued use of the service implies acceptance of the modified terms, where required, we will obtain explicit consent for material changes.

General

We may disclose information as required by law, to enforce Terms of Use, protect rights, safety, or investigate fraud. This includes sharing information with trusted service providers and in compliance with legal processes.