Skip to Content

Privacy Policy

Privacy Policy

Effective Date: April 25, 2025

Heartitude Foundation

https://www.heartitudefoundation.com

1. Preamble and Scope of Applicability

This Privacy Policy ("Policy") is promulgated by Heartitude Foundation, a non-profit entity duly incorporated and existing

under applicable laws of the Republic of India, and is intended to delineate, in exhaustive and comprehensive terms, the

modalities and legal bases upon which personally identifiable and non-identifiable information ("Data") of individuals

("Users," "You," or "Data Subjects") interacting with the Foundation's digital infrastructure-including, without limitation,

the aforementioned website-is collected, processed, utilized, stored, transmitted, disclosed, and expunged.


2. Categorization and Typology of Data Collected


The Foundation, either autonomously or through duly contracted third-party service providers, may collect, store, and

process the following classes of information:


    2.1 Personal Data

       This includes but is not limited to:

  • Full name and title.
  • Email address(es).
  • Residential or mailing address(es).
  • Contact number(s).
  • Financial and transactional identifiers, including bank or card-related data, for donation processing.
  • Any other identifiers voluntarily provided via forms, email correspondence, or telephonic communication.

    2.2 Non-Personal and Derivative Data

       Includes metadata and telemetry data collected via technological means, including:

  • Internet Protocol (IP) address.
  • Browser typology and version.
  • Operating system and device characteristics.
  • Temporal and geographical patterns of site visitation.
  • Cookie data and pixel-based tracking metrics.

3. Purposes of Processing and Legal Grounds

The Foundation undertakes the processing of data for one or more of the following lawful purposes:


  • Execution of donation transactions and generation of fiscal acknowledgments.
  • Responding to User-initiated queries and operational correspondence.
  • Dissemination of newsletters, campaign updates, event invitations, and promotional material, subject to opt-in consent.
  • Enhancement of website architecture, content relevance, and user interface efficacy, including via statistical aggregation and algorithmic optimization.


Data processing is conducted pursuant to the User's explicit or implicit consent, fulfillment of contractual or

quasi-contractual obligations, or in furtherance of legitimate interests of the Foundation, where such interests are not

overridden by User rights.


4. Disclosure and Transborder Transfer of Data


Data, in whole or in part, may be disclosed under the following strictly regulated circumstances:


  • To external vendors, payment processors, cloud hosting entities, or digital infrastructure providers engaged under enforceable data protection agreements.
  • Where mandated under applicable laws, governmental or judicial orders.
  • In the context of organizational audits, compliance inspections, or merger/affiliation deliberations.


No personal data shall be monetized, bartered, or disclosed to unrelated third parties without informed consent.


5. Data Security Measures and Incident Response


The Foundation employs a multi-layered information security framework including, inter alia, Secure Socket Layer (SSL)

encryption, role-based access protocols, pseudonymization, periodic vulnerability scans, and data backup redundancies.

In the unlikely event of a data breach, the Foundation shall initiate its Incident Response Protocol and notify affected

data subjects in accordance with applicable legal timeframes.


6. Data Subject Rights and Redressal Mechanisms


In accordance with international best practices and evolving jurisprudence in Indian data protection frameworks, Users

may invoke the following rights:


  • Right to access and portability of personal data.
  • Right to rectification of erroneous or outdated information.
  • Right to erasure ("right to be forgotten") subject to legal retention obligations.
  • Right to object to direct marketing communications.
  • Right to lodge a complaint with a supervisory or adjudicating authority.


All such requests must be submitted in writing to the Data Protection Officer (DPO) at the contact details below, and

may require identity verification.


7. Third-Party Interactions and External Links


This website may contain hyperlinks to third-party domains. The Foundation expressly disclaims responsibility for the

privacy standards and data handling practices of such external platforms. Users are advised to consult the respective

privacy notices of such third parties.


8. Data Retention and Archival Protocol


Personal data shall be retained only for the duration reasonably necessary to fulfill the purposes outlined herein, subject

to applicable statutory or regulatory retention mandates. Following expiration, data shall be anonymized or securely

destroyed using cryptographic deletion protocols.


9. Jurisdiction, Governing Law, and Dispute Resolution


This Policy shall be governed by and construed in accordance with the laws of India. Any disputes arising out of or

related to this Policy shall be subject to the exclusive jurisdiction of the competent courts of Kozhikode, Kerala, India.


10. Modifications, Revisions, and Policy Supersession


This Policy is subject to intermittent review and modification, which may be effectuated at the sole discretion of the

Foundation without prior notice. Continued use of the website constitutes binding acceptance of any updated version of

this Policy.


11. Contact Details and Data Protection Queries


For questions, requests, or complaints relating to this Policy or any data protection matters, please contact:


Heartitude Foundation


Address: 476/A Padinhare Kurunthala, Mokavoor, Kozhikode, Kerala - 673303


Email: [email protected]


Phone: +91 949616014