top of page

#Unnati – Privacy Policy

Effective Date: 1st Oct 2025
Last Updated: 30th Oct 2025

1. Introduction

Welcome to #Unnati, India’s first brand collaboration platform connecting brands, CSR teams, NGOs, and social initiatives to build meaningful partnerships.

This Privacy Policy explains how we collect, use, share, and protect your personal data in accordance with the Digital Personal Data Protection Act, 2023 (“DPDP Act”) and other applicable data protection laws.

By accessing or using #Unnati (the “Platform”), you consent to the collection and processing of your personal data as described in this Policy.

2. Legal Basis and Role

Under the DPDP Act, #Unnati acts as the Data Fiduciary, determining the purpose and means of processing personal data.
You, the user (whether an individual, brand, or organization representative), are the Data Principal.

We are committed to collecting and processing personal data only for lawful purposes, with your free, specific, informed, and unambiguous consent, or as otherwise permitted under the Act.

3. Definitions (as per DPDP Act)

  • “Personal Data” – Any data about an individual who is identifiable by or in relation to such data.

  • “Data Principal” – The individual to whom the personal data relates and includes parents or lawful guardians of children.

  • “Data Fiduciary” – The entity determining the purpose and means of processing personal data (#Unnati).

  • “Processing” – Any operation performed on personal data, such as collection, storage, use, sharing, or deletion.

  • “Consent” – Any freely given, specific, informed, and unambiguous indication of the Data Principal’s agreement to the processing of their personal data.

4. Categories of Data We Collect

Depending on your user role (CSR partner, organization, or individual), we may collect the following categories of data:

4.1 Personal Data

  • Name, contact number, email address, gender, and designation.

  • Account credentials for platform access.

  • Communication preferences and activity history.

4.2 Organizational / CSR Data

  • Brand name, company registration details, CSR registration number, contact person information.

  • NGO registration certificates (12A, 80G, FCRA, etc.), PAN, and organizational profile.

  • Campaign and project details submitted for collaboration.

4.3 Technical Data

  • IP address, browser type, operating system, device identifiers, usage logs, and cookies for analytics and performance monitoring.

4.4 Payment Information

  • Payment details for premium listings, subscriptions, or sponsorship features (processed securely through third-party payment gateways).

We do not collect sensitive personal data such as passwords, biometric identifiers, or financial account numbers beyond what is necessary for payment processing.

5. Purpose of Processing

We collect and process your personal data only for specific, lawful, and consented purposes, including:

  1. Account creation and user verification.

  2. Matching and discovery of collaborations between brands and social organizations.

  3. Facilitating communication between potential partners.

  4. Providing platform services, features, and updates.

  5. Improving our services through analytics and user feedback.

  6. Compliance with legal or regulatory obligations.

We will not use your data for purposes beyond those consented to unless permitted under law or with renewed consent.

6. Consent Management

  • Your consent is explicitly obtained during registration or when submitting personal information.

  • You have the right to withdraw consent at any time through your account settings or by emailing us (see Section 12).

  • Withdrawal of consent will not affect the lawfulness of processing done prior to withdrawal but may limit access to certain services.

7. Use of Data for Legitimate Purposes

In limited circumstances, we may process data without consent when it is:

  • Necessary for performance of a legal obligation.

  • In response to a court order or law enforcement request.

  • For employment-related or corporate due diligence requirements.

  • For public interest activities permitted under the DPDP Act.

8. Data Sharing and Disclosure

#Unnati does not sell or rent user data.
We may share limited data under the following lawful conditions:

  • With Collaboration Partners: To facilitate CSR and NGO partnerships based on your consent or participation.

  • With Service Providers: For secure hosting, analytics, communication, or payment processing.

  • With Legal Authorities: When mandated by applicable law or judicial order.

  • With Marketing Channels: Only with your explicit consent, for showcasing successful collaborations or campaigns.

All third parties are bound by confidentiality and data protection obligations consistent with the DPDP Act.

9. Data Storage, Retention, and Security

  • All personal data is stored on secure servers located in India.

  • We employ encryption, firewalls, and access control to safeguard data from unauthorized access or breaches.

  • Personal data is retained only for as long as necessary to fulfill the stated purpose or as required by law.

  • Once data is no longer needed, it will be securely deleted or anonymized.

In case of any personal data breach, we will notify the Data Protection Board of India and affected Data Principals as per Section 8(6) of the DPDP Act.

10. Your Rights as a Data Principal

Under Chapter III of the Digital Personal Data Protection Act, 2023, you have the following rights:

  1. Right to Access – Obtain confirmation of whether your personal data is being processed.

  2. Right to Correction – Request correction, completion, or updating of your personal data.

  3. Right to Erasure – Request deletion of personal data when the purpose has been fulfilled or consent withdrawn.

  4. Right to Nominate – Nominate another person to exercise your rights in case of death or incapacity.

  5. Right to Grievance Redressal – File a complaint with our Data Protection Officer (DPO) or escalate to the Data Protection Board of India if unresolved.

All requests will be acknowledged and addressed within 30 working days as required by law.

11. Children’s Data

#Unnati does not knowingly collect data from individuals under 18 years of age.
If data from a minor has been inadvertently collected, it will be deleted upon verification.

12. Grievance Redressal & Data Protection Officer

We have appointed a Data Protection Officer (DPO) responsible for compliance with the DPDP Act and grievance management:

Data Protection Officer – #Unnati
Email: dpo-hu@alumnik.com
Response Time: Within 30 business days.

If you are not satisfied with the resolution, you may escalate the issue to the Data Protection Board of India (DPBI) under Section 13 of the DPDP Act.

13. Data Principal Requests (Access, Correction, Erasure)

To exercise your rights, please send a written request to the DPO with the subject line:
“DPDP Data Request – [Access / Correction / Deletion]”.
We may verify your identity before fulfilling the request.

14. Third-Party Links

The Platform may include external links or integrations (e.g., payment gateways or CSR reporting tools). #Unnati is not responsible for the data practices of such third-party services. Please review their privacy policies separately.

15. Policy Updates

We may update this Policy periodically to reflect changes in law, technology, or business practice.
Any material changes will be notified via email or an in-app alert.

Continued use of the Platform after updates signifies your acceptance of the revised Policy.

16. Contact Information

For any questions, complaints, or data protection requests, contact:

#Unnati – Legal & Compliance / Data Protection Office
Email: dpo-hu@alumnik.com

Add your own content here. Click to edit.

bottom of page