Last updated: 17 June 2026

Privacy Policy

At Disha Education Pvt. Ltd., your privacy is fundamental to everything we build. This policy explains how we collect, use, and protect your personal data.

This Privacy Policy applies to all services offered by Disha Education Pvt. Ltd. under the domain disha.in and its subdomains. By using our platform, you agree to the practices described herein. This policy is compliant with the Digital Personal Data Protection (DPDP) Act 2023.

Information We Collect

  • Personal identification information (name, email address, phone number, date of birth)
  • Academic and professional details (qualifications, skills, career goals)
  • Usage data (pages visited, features used, session duration)
  • Device and browser information (IP address, browser type, operating system)
  • Payment information (processed securely via Razorpay; we do not store card details)
  • Communications you send us via chat, email, or support tickets

How We Use Your Information

  • Personalise your career guidance and course recommendations
  • Process enrolments, payments, and issue certificates
  • Send transactional emails, OTPs, and important platform notifications
  • Improve our AI models, recommendation engine, and platform features
  • Comply with legal obligations under the DPDP Act 2023 and other applicable laws
  • Detect and prevent fraud, spam, and security threats

Data Sharing & Disclosure

  • We do not sell your personal data to third parties.
  • We share data with trusted service providers (e.g., Razorpay, Resend, Twilio) solely to deliver our services.
  • We may share anonymised, aggregated data with research partners and government bodies.
  • We disclose data when required by law, court order, or regulatory authority.
  • In the event of a merger or acquisition, data may be transferred to the successor entity.

Data Retention

  • Account data is retained for the duration of your account and up to 3 years after closure.
  • Payment records are retained for 7 years as required by Indian financial regulations.
  • Log and analytics data is retained for 12 months.
  • You may request deletion of your data at any time (subject to legal retention requirements).

Your Rights

  • Right to access: Request a copy of the personal data we hold about you.
  • Right to correction: Ask us to correct inaccurate or incomplete data.
  • Right to erasure: Request deletion of your data where no legal obligation requires retention.
  • Right to data portability: Receive your data in a structured, machine-readable format.
  • Right to withdraw consent: Withdraw consent for processing at any time.
  • Right to grievance redressal: Lodge a complaint with our Data Protection Officer.

Security

  • We implement AES-256 encryption for data at rest and TLS 1.3 for data in transit.
  • Access to personal data is restricted to authorised personnel on a need-to-know basis.
  • We conduct regular security audits and penetration testing.
  • We are ISO 27001 certified and compliant with the DPDP Act 2023.

Cookies

  • We use essential, analytics, and preference cookies to operate and improve the platform.
  • You can manage cookie preferences via our Cookie Settings panel.
  • For full details, please read our Cookie Policy.

Contact & Grievance Officer

  • Data Protection Officer: privacy@disha.in
  • Grievance Officer: grievance@disha.in
  • Postal address: Disha Education Pvt. Ltd., 4th Floor, Tech Hub, BKC, Mumbai β€” 400 051
  • Response time: We aim to respond to all requests within 30 days.