Data Security

Privacy & Data Protection

We hold scholar information in absolute trust. Review how we secure, process, and align academic profile parameters to guarantee complete data confidentiality.

EFFECTIVE DATE: May 23, 2026VERSION: 1.0.0 (UGC & DPDP Compliant)

1. Information We Collect

To offer a robust, university-aligned digital internship validation portal, ActiveGrad collects specific identifiers from scholars during registration, payment processing, and academic training:

  • Personal Profiling: Full name, student login credentials, contact email, and active mobile number.
  • Academic Affiliations: Home university, partner college, active department, registration rolls, session metadata, semester markers, and degrees (e.g. UG/PG).
  • Emergency Contacts: Emergency contact name, relationship, and telephone number (strictly utilized for official university-mandated internship risk declaration templates).
  • Activity Logs: Active hours, assignment completions, grading logs, dynamic credit markers, and digital certification transcripts.

2. How We Use Information

We compile and process profile data strictly to optimize learning pipelines, compile institutional consent documents, and issue verifiable certificates:

  • Academic Records Compilation: Building verifiable internship portfolios and formal consent forms.
  • University Syncing: Transmitting authenticated final transcripts to credit coordinators at partner colleges.
  • Portal Security: Confirming login keys, tracking dynamic payment milestones, and managing administrative dashboards.

3. Academic Records & Integration

As an official credit-bearing education portal aligned with the National Education Policy (NEP) 2020, ActiveGrad preserves specific completion records permanently to facilitate verification requests by registrar offices.

VERIFICATE REGISTRY ARCHIVE

Student profiles, enrollment histories, assignment metrics, and generated internship completion documents (Consent Forms, Offer Letters, and Certificate Keys) are archived in a secure PostgreSQL registry to support dynamic hash inquiries. This guarantees scholars can retrieve official credit endorsements for years to come.

4. Security Protocols

Data security is deeply embedded within our engineering architecture.

All student profiles are stored inside Supabase databases using rigorous Row-Level Security (RLS) policies. This ensures scholars can query only their own profile details, while administrative overlays are secured behind role-verified JWT signatures. Data transmission utilizes industry-standard Transport Layer Security (TLS 1.3), and all database records are backed up in fully encrypted cold-storage buckets.

5. Dynamic Sharing Protocols

ActiveGrad does not sell, lease, or distribute student directories to any marketing networks or commercial entities. Sharing parameters are limited to:

  • Your Institution: Transmitting attendance records, course scores, and certificate signatures directly to your college administrators for credit allocation.
  • Legal Mandates: Supporting official verification requests from national regulatory agencies, state universities, or law enforcement boards when legally subpoenaed.

6. Scholar Rights & Compliances

Under India's Digital Personal Data Protection (DPDP) Act, you possess clear rights to:

  1. Inquire & Access: Request a digital digest of your profile parameters.
  2. Rectify: Modify outdated or incorrect records via your profile interface or helpdesk.
  3. Consent Withdrawal: Revoke consent for analytics cookies. Note that revoking essential authentication variables will block portal access due to operational failures.

For formal data requests, contact our Compliance Officer at: privacy@activegrad.com.