Himalaya 1derWomen Scholarship Programme
This Privacy Policy explains how personal data is collected, used, stored, shared, and protected when you submit KYC (Aadhaar), parental consent, and bank details through this portal. We process personal data in line with General Data Protection Regulation (GDPR) principles, including lawfulness, fairness, transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity, and confidentiality.
By using this portal and ticking consent checkboxes in each form section, you acknowledge that you have read and understood this policy.
1. Data Controller and Contact
- Programme stakeholders process your data for scholarship administration and disbursement.
- For privacy questions or rights requests, contact the programme operations team using the details provided in official communication.
2. Personal Data We Collect
- Identity and KYC data: name, Aadhaar details, date of birth, city, and uploaded Aadhaar documents.
- Parental/guardian consent data: child and guardian details, declarations, signature, and related uploaded files.
- Financial data: account holder name, bank name, account number, IFSC, branch, and optional UPI ID.
- Operational data: timestamps, submission statuses, review notes, and technical logs required for secure operation.
3. Purposes and Legal Bases (GDPR)
- To verify identity and eligibility, process consent records, and disburse scholarship funds.
- To comply with legal and regulatory obligations (including anti-fraud, audit, and accounting requirements).
- To maintain platform security and prevent misuse.
- Primary legal bases include consent, performance of a programme-related process, and compliance with legal obligations.
4. Consent Management
- Separate terms-and-conditions consent is collected in the Aadhaar, parent consent, and bank details sections.
- You may withdraw consent for future processing by contacting the programme team, subject to legal and operational obligations already in progress.
- Withdrawal may affect eligibility, verification completion, or disbursement if required data can no longer be processed.
5. Data Sharing and Processors
- Data is shared only with authorised reviewers, payment operations, and approved service providers who support scholarship delivery.
- Where third-party processors are used, they act under contractual confidentiality and security obligations.
- Data is not sold for commercial advertising purposes.
6. International Data Transfers
- If data is transferred outside your jurisdiction, appropriate safeguards are applied, such as contractual protections and security controls.
- Transfers are limited to what is necessary for secure system operations and programme administration.
7. Retention and Deletion
- Personal data is retained only as long as needed for scholarship processing, dispute handling, legal compliance, and audit.
- When retention is no longer required, data is deleted or anonymised in accordance with internal schedules and applicable law.
8. Security Measures
- Access controls, secure upload/download paths, and role-based review workflows are used to protect personal data.
- We apply administrative, technical, and organisational safeguards to prevent unauthorised access, loss, misuse, or alteration.
9. Your GDPR Rights
- Right of access, rectification, erasure, restriction, objection, and data portability (subject to applicable limitations).
- Right to withdraw consent at any time for processing based on consent.
- Right to lodge a complaint with a supervisory authority if you believe your data rights are violated.
10. Children and Guardian Data
- This programme handles data related to minors through parent/guardian submissions and declarations.
- Parent/guardian consent is required to validate processing linked to scholarship participation and disbursement.
11. Policy Updates
- This Privacy Policy may be updated to reflect legal, operational, or security changes.
- The latest version on this page is the effective version for portal usage.