1. Policy Objective

This Privacy Policy explains how Poovar Foundation collects, processes, stores, and protects personal data in the course of its operations.

2. Categories of Data Collected

2.1 Personal Data

• Identity details (name)

• Contact information (email, phone, address)

• Financial reference data (transaction ID, donation amount)

• PAN (for statutory compliance under 80G, where applicable)

2.2 Technical Data

• IP address and device identifiers

• Browser type and session data

• Website interaction analytics

3. Legal Basis for Processing

Data is processed for:

• Fulfilling donation-related transactions

• Compliance with statutory obligations

• Legitimate organizational interests such as communication and reporting

4. Data Handling Principles

Poovar Foundation adheres to:

• Lawful and transparent data processing

• Purpose limitation (data used only for stated purposes)

• Data minimization and accuracy

5. Data Sharing Framework

Personal data may be disclosed only:

• To authorized payment processors for transaction execution

• To regulatory authorities when legally required

• To auditors for financial verification

No commercial exploitation of data is undertaken.

6. Data Security Measures

Security controls include:

• Secure servers and encrypted transactions

• Restricted internal access

• Periodic system monitoring

7. Data Retention Policy

Data is retained for:

• Legal compliance (tax and audit requirements)

• Operational and reporting needs

Thereafter, it is securely deleted or anonymized.

8. User Rights

Subject to applicable law, users may:

• Request access to their data

• Seek correction or updates

• Request deletion where legally permissible

9. Cross-Border Data Handling

If any third-party service involves cross-border processing, adequate safeguards are ensured.

10. Policy Updates

This policy may be revised periodically to reflect legal or operational changes.