This Privacy Policy explains how ("DesignAI Academy", "we", "us", "our") collects, uses, stores, shares, and protects your personal information when you visit designaiacademy.in (the "Website"), sign up for a workshop, apply for a cohort, or pay for our services.

We comply with the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the Digital Personal Data Protection Act, 2023 (DPDP Act) of India.

1. Who we are

DesignAI Academy is operated by MUKESH KUMAR RANJAN, a sole proprietorship registered in BIHAR, India.
Registered Address:100, Raman Dihara, Mani,Bikramganj, Rohtas,Bihar - 802212, India

Operating Address:104, 1st Floor, SDS Palace,Suddeguntepalya, CV Raman Nagar,Bangalore - 560093, India

For privacy-related queries, the Grievance Officer is Mukesh Kumar Ranjan, reachable at mukesh2015.iitg@gmail.com

2. Information we collect

We collect only what we need to deliver the cohort, process your payment, and improve the experience.

a. Information you give us directly

• Full name

• Email address

• WhatsApp / mobile number

• City and state

• Years of design experience and current role

• Portfolio / LinkedIn / Behance / Dribbble URLs (if you choose to share)

• Cohort application responses (your goals, current level, motivation)

• Payment details (processed by our payment gateway — see Section 4)

b. Information collected automatically

• IP address, browser type, device type, operating system

• Pages visited, time spent, referral source

• Cookies and similar tracking technologies (see Section 7)

• Aggregated, anonymous analytics from Google Analytics 4, Meta Pixel, and LinkedIn Insight Tag

c. Information we do NOT collect

• We do not collect your bank account number, credit card number, CVV, UPI PIN, or any other payment instrument number on our servers. All payment data is captured and processed directly by our payment gateway (Razorpay) on their secure infrastructure.

• We do not collect government IDs (Aadhaar, PAN, passport) unless you voluntarily share them for invoicing purposes (e.g., for a corporate L&D reimbursement).

• We do not collect biometric data, health data, or any data classified as sensitive personal data under Indian law.

3. How we use your information

We use your information for the following lawful purposes only:

• To process your cohort application and payment

• To deliver the cohort (Zoom links, Discord invites, recording access, assignments, certificates)

• To send transactional emails (payment confirmation, GST invoice, class reminders, recording links)

• To send marketing emails about future cohorts, workshops, and free content — only if you have opted in. You can unsubscribe at any time using the link in every marketing email.

• To respond to your questions and provide customer support

• To improve our website, curriculum, and content based on aggregated analytics

• To comply with legal obligations (GST filing, income tax, court orders)

• To prevent fraud, abuse, and misuse of our services

We will never sell, rent, or trade your personal information to third parties for their marketing.

4. Payment processing

All payments on designaiacademy.in are processed by Razorpay Software Private Limited (or, as a backup, Cashfree Payments India Private Limited). When you make a payment:

• You are redirected to Razorpay's secure checkout

• Your card / UPI / net-banking details are entered on Razorpay's servers, not ours

• We receive only the payment status, transaction ID, amount, and your name and email — not your full payment instrument

• Razorpay is PCI-DSS compliant and regulated by the Reserve Bank of India

For Razorpay's privacy practices, please review razorpay.com/privacy.

5. Sharing your information

We share your information with a small number of vetted service providers, only to the extent necessary to deliver the cohort:

We require all our service providers to maintain confidentiality and security standards at least as strict as our own.

We may disclose your information without your consent only when required by Indian law, a court order, or to protect our legal rights, the rights of our students, or to prevent fraud.

6. Data retention

• Active student data — retained for the duration of the cohort plus 3 years (for support, alumni access, and tax records)

• Payment and invoice records — retained for 8 years, as required under the GST Act and Income Tax Act

• Workshop signup data (non-students) — retained for 2 years, then deleted unless you've opted into our newsletter

• Marketing email subscribers — retained until you unsubscribe, then deleted within 30 days

• Cookies and analytics data — retained for 26 months (Google Analytics default)

You may request deletion of your data at any time (see Section 9). We will honour the request except where we are legally required to retain it (e.g., GST records).

7. Cookies and tracking

We use cookies and similar technologies on our website to:

• Keep you logged in (if applicable)

• Remember your preferences

• Measure traffic and conversions (Google Analytics 4)

• Serve relevant ads on Instagram, Facebook, LinkedIn, and Google

• Retarget visitors who didn't complete signup

You can disable cookies in your browser settings, but some parts of the site (e.g., the application form, payment flow) may not work properly without them.

We use the following analytics and advertising trackers:

• Google Analytics 4

• Google Tag Manager

• Google Ads

• Meta Pixel (Facebook + Instagram)

• LinkedIn Insight Tag

When you first visit our website, you'll see a cookie consent banner where you can accept or reject non-essential cookies.

8. Data security

We take reasonable security measures to protect your information:

• HTTPS / TLS encryption across the entire website

• Two-factor authentication on all founder and admin accounts

• Access controls — only the founder and authorised collaborators can access student data

• Regular security reviews of our service providers

• Payment data never stored on our servers — handled directly by Razorpay

That said, no system on the internet is 100% secure. If we ever experience a data breach, we will notify affected users within 72 hours of discovery, as required under the DPDP Act.

9. Your rights

Under the DPDP Act 2023 and Indian privacy law, you have the right to:

• Access the personal data we hold about you

• Correct any inaccurate or outdated information

• Delete your data (subject to legal retention requirements)

• Withdraw consent for marketing communications at any time

• Port your data to another service in a machine-readable format

• Lodge a complaint with the Data Protection Board of India if you believe we've mishandled your data

To exercise any of these rights, write to [CONTACT EMAIL] with the subject line "Privacy Request — [Type]". We will respond within 30 days.

10. Children's data

DesignAI Academy is intended for users 18 years and older. We do not knowingly collect data from children under 18. If you believe a minor has provided us with personal data, please contact us immediately and we will delete it.

For final-year students between 17 and 18, we require parental consent before processing payment.

11. International transfers

Some of our service providers (Google, Meta, Zoom, MailerLite, Discord) store data on servers outside India. By using our services, you consent to your data being transferred to and processed in those jurisdictions, subject to safeguards equivalent to Indian privacy law.

12. Updates to this policy

We may update this Privacy Policy occasionally. The "Last updated" date at the top will reflect the latest version. If we make material changes, we'll notify you by email at least 7 days before the changes take effect.

13. Grievance Officer

If you have a complaint about how we've handled your data, you can reach our Grievance Officer: