PRIVACY POLICY

CMR National Pre-University College (CMRNPUC)
Website: https://npuc.cmr.ac.in
Last Updated: March 2026

1) Who We Are

CMR National Pre-University College (“CMRNPUC”, “we”, “our”, “us”) is part of the CMR Jnanadhara Trust, Bengaluru, Karnataka, India.
We operate campuses across Bengaluru including HRBR Layout, ITPL, Byrathi, BTM Layout, and NICE Road.

This Privacy Policy explains how we collect, use, share, retain, and protect personal data when you:

visit our website,
submit enquiries or applications,
participate in events, or
interact with us as a student, parent/guardian, alumni, staff member, job applicant, or website visitor.

2) Who This Policy Applies To

This Policy applies to: prospective students and parents/guardians, enrolled students (Class 11 and 12), parents/guardians, alumni, staff members, job applicants, and general website visitors.

Because many of our students may be minors (under 18), we follow additional safeguards for student data.

3) What Information We Collect

A) Information You Provide Directly

We may collect personal information when you:

submit an admission enquiry or application (e.g., name, phone, email, date of birth, academic records, address),
register for events (e.g., Experience Walk, Readiness Session),
subscribe to newsletters,
contact us via phone/email/support forms, or
apply for jobs through our careers portal.

B) Information Collected Automatically (Website Usage)

When you visit our website, we may automatically collect: IP address and general location, browser details, pages visited, time spent, referring source/search query, and device type.

C) Information from Third-Party Platforms We Use

We may receive or process information through platforms used for education administration and institutional operations, such as:

Google Workspace / Gmail (communications / educator login),
Ekya Schools platform (educator/student portals),
Trakstar (job applications),
Zoho Forms (support and enquiry submissions),
Alumni portal.

4) Cookies and Similar Technologies

Our website uses cookies to improve usability and security. Cookies are small text files stored on your device. We may use:

Essential cookies (site functions like sessions/forms),
Preference cookies (save choices/settings),
Analytics cookies (understand site usage and improve the experience).

You can disable cookies in your browser settings, but parts of the website may not function properly. Our website is built on WordPress; WordPress cookies follow standard session/security practices.

5) How We Use Your Information

We use personal information to:

process admission enquiries and applications,
communicate academic matters, events, and updates,
send newsletters (only when you have opted in),
manage student records, attendance, and academic performance,
process recruitment/job applications,
improve our website and digital services,
meet legal/regulatory obligations, and
support spam detection and website security.

6) Lawful Basis for Processing (DPDP Alignment)

We process personal data for lawful purposes, primarily:

with your consent, or
for certain legitimate uses permitted under applicable law.

Where consent is required, you can withdraw it; however, withdrawal may affect our ability to provide certain services (for example, continuing an admission process or sending updates).

7) Protection of Student Data and Minors

We recognise many of our students are minors and are committed to:

collecting only the minimum data necessary for education and administration,
not selling/renting/sharing student data for commercial purposes,
seeking parental/guardian consent before collecting sensitive information from students under 18,
not publishing identifiable student photos/names/academic results online without explicit written consent, and
using student-facing platforms that follow applicable child data protection standards.

If you believe a child’s data has been collected without appropriate consent, contact us at admissions.npuc@npuc.cmr.ac.in.
(Under DPDP, verifiable parental consent is required before processing a child’s personal data. (DPDPA.com))

8) Media, Photos, and Published Content

We may publish photographs, videos, or student work on our website, social media, newsletters, or marketing materials only after obtaining written consent (and parental/guardian consent where required).

If you upload images through our website, avoid embedded location data (EXIF GPS). Uploaded media may be visible to authorised staff.

9) How We Share Your Information

We do not sell your personal data. We may share it only when needed:

with authorised staff/educators who require it for their roles,
with CMR Jnanadhara Trust / CMR Group for administrative purposes,
with the Department of Pre-University Education, Government of Karnataka for regulatory compliance,
with trusted service providers (e.g., Ekya Schools, Zoho, Trakstar) under confidentiality and security obligations,
with law enforcement/government authorities when required by law or to protect safety.

10) Cross-Border Processing (If Applicable)

Some service providers may store or process data outside India (for example, depending on vendor infrastructure). Where cross-border processing occurs, we aim to apply reasonable safeguards and comply with applicable restrictions.
Under DPDP, the Government may restrict transfers to certain countries/territories via notification.

11) How Long We Retain Your Data

We retain personal data only as long as needed for education, operations, and legal/regulatory requirements. In general:

student academic records: as required by the Department of Pre-University Education, Government of Karnataka,
admission enquiries/applications: up to 2 years,
newsletter subscriptions: until you unsubscribe,
job applications: 6 months after the position is filled,
website analytics data: up to 12 months,
website comments/feedback: retained for moderation and reference (reviewed periodically; you may request deletion where feasible).

(Under DPDP, data should be erased when the purpose is no longer served, unless retention is required by law. )

12) Data Security

We use appropriate technical and organisational measures to protect personal data, including:

secure HTTPS connections,
access controls for sensitive records, and
regular reviews of data handling practices.

No internet transmission is fully secure. Please use strong passwords and contact us if you suspect unauthorised use.

13) Personal Data Breach Response

If a personal data breach occurs, we will assess the incident, take steps to reduce harm, and provide intimation to affected individuals and the appropriate authority as required. (DPDP requires notifying the Board and affected Data Principals in the prescribed manner. )

14) Your Rights (Under DPDP and Applicable Indian Law)

Subject to applicable law and regulatory obligations, you may have rights to:

request information about processing,
request correction/updating/erasure,
withdraw consent,
access a grievance redressal mechanism, and
nominate another person to exercise rights in case of death/incapacity.

How to exercise your rights:
Write to us using the contact details in Section 17 (Contact & Grievance Redressal). (Note: your earlier draft mistakenly pointed rights requests to “Section 12”; the correct contact section is “Contact Us”. )
We may verify your identity before processing requests.

If you believe your rights have been violated, you may also approach the Data Protection Board of India as provided under applicable law.

15) Embedded Content from Other Websites

Our pages may include embedded content (e.g., YouTube videos, Google Maps, social media feeds). Embedded content may collect data, use cookies, or track interactions as if you visited the third-party site directly. Please review the privacy policies of those platforms.

16) Changes to This Policy

We may update this Policy from time to time due to operational changes or legal updates. The latest version will be posted on our website with a revised date. Continued use of our website indicates acceptance of the updated policy.

17) Contact & Grievance Redressal

For questions, rights requests, or privacy concerns, contact:
CMR National Pre-University College (CMR Jnanadhara Trust, Bengaluru, Karnataka, India)
Email: admissions.npuc@npuc.cmr.ac.in
Phone: 080-47095123
Contact page: https://npuc.cmr.ac.in/contact-us/

For data protection concerns specifically, you may also write to the Principal of your nearest CMRNPUC campus (HRBR Layout, ITPL, Byrathi, BTM Layout, or NICE Road).

We will provide a readily available grievance redressal mechanism as required under DPDP.