Back
Legal

Privacy Policy

This Privacy Policy applies to Quality Management Services ("QMS", "we", "us", "our"), a proprietary firm registered under the laws of India, with its principal office at Pune, Maharashtra. This policy governs the collection, use, storage, sharing and protection of personal information in accordance with the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and applicable provisions of the Digital Personal Data Protection Act, 2023 (DPDPA).

1. Information We Collect

We collect information you provide directly and information generated through your interaction with our website and services: 

  • Identity & Contact Data: Name, designation, company name, email address, phone number, postal address, city, state, country.
  • Training & Enrolment Data: Educational qualifications, employer name, selected course, batch preference, payment reference, attendance and assessment records, certificate details.
  • Financial Data: Transaction IDs processed via Razorpay payment gateway. We do not store card numbers, CVV or UPI credentials on our servers.
  • Technical Data: IP address, browser type, operating system, referring URLs, pages visited, time and duration of visit (collected via server logs and analytics tools).
  • Communication Data: Records of correspondence when you contact us by email, phone, WhatsApp or inquiry forms.

2. Purpose & Legal Basis for Processing

We process your personal data for the following purposes under applicable Indian law:

  • To process training registrations, issue certificates, and deliver purchased services (contractual necessity).
  • To process payments and issue GST-compliant tax invoices as required under the Goods and Services Tax Act, 2017 and the Income Tax Act, 1961.
  • To communicate service updates, course schedules, batch confirmations, and assessment results.
  • To send marketing communications about new courses and services (with your consent; unsubscribe option available in every email).
  • To improve our website and services through analytics.
  • To comply with legal obligations, court orders or requests from statutory authorities.

3. Sensitive Personal Data or Information (SPDI)

In ordinary course we do not collect SPDI as defined under Rule 3 of the IT (SPDI) Rules, 2011 (passwords, financial information beyond transaction IDs, health data, biometrics, sexual orientation etc.). If such information is voluntarily provided for any specific programme (e.g., occupational health training requiring medical context), it will be used solely for that purpose, protected with appropriate technical safeguards, and not shared without your explicit written consent.

4. Sharing of Information

We do not sell, rent, or trade your personal data. We may share data with:

  • Payment Processors: Razorpay Software Pvt. Ltd. (PCI-DSS compliant) for transaction processing.
  • Certification Bodies: IINDT and other accreditation bodies where your enrolment requires formal registration.
  • Cloud & Hosting Providers: AWS (Mumbai region) for certificate storage; email service providers for transactional emails.
  • Statutory Authorities: Tax authorities (GSTN), courts, or law enforcement where required by law.
  • Business Successors: In the event of a merger, acquisition, or sale, your data may be transferred subject to equivalent privacy protections.

5. Data Retention

Training records, certificates and GST-related financial records are retained for a minimum of 8 years as required under the Income Tax Act, 1961 and GST record-keeping norms. Inquiry and marketing data is retained for 3 years or until you withdraw consent, whichever is earlier. Technical/server logs are purged after 90 days.

6. Your Rights (Under DPDPA 2023)

  • Right of Access: Request a summary of personal data held about you.
  • Right to Correction: Request correction of inaccurate or outdated data.
  • Right to Erasure: Request deletion of data not required for legal or statutory purposes.
  • Right to Grievance Redressal: Lodge a grievance with our Data Protection Officer (details below).
  • Right to Nominate: Nominate another individual to exercise rights on your behalf in case of death or incapacity.

To exercise any right, write to: ga.jadhav09@gmail.com with subject "Data Rights Request". We will respond within 30 days.

7. Cookies & Tracking

This website uses essential session cookies to maintain form state and analytics cookies to understand traffic. No cross-site tracking cookies are deployed. You may disable cookies in your browser settings; this may affect form functionality.

8. Security

We implement reasonable security practices as mandated by the IT (SPDI) Rules, 2011, including HTTPS/TLS encryption in transit, access controls, and regular security reviews. No system is completely secure; in the event of a data breach that is likely to cause harm, we will notify affected individuals and the appropriate authority as required under applicable law.

9. Third-Party Links

Our website may contain links to third-party websites (e.g., LinkedIn, YouTube). We are not responsible for the privacy practices of those sites. Please review their respective privacy policies.

10. Grievance Officer

In accordance with the Information Technology Act, 2000 and rules made thereunder, the name and contact details of the Grievance Officer are:

Er. Ganesh Jadhav
Quality Management Services
Pune, Maharashtra – 411001
Email: ga.jadhav09@gmail.com
Phone: +91 98817 11979
Working Hours: Monday – Saturday, 9:00 AM – 6:00 PM IST

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be notified via email or a prominent notice on this website. Continued use of our services after the effective date of a revised policy constitutes acceptance of the revised terms.