Pygmalion Foundation (“the Foundation”, “we”, “our”, or “us”) is committed to protecting the personal information of every individual who interacts with us, including visitors to our website, beneficiaries of our programs, donors, partners, volunteers, employees, and other stakeholders.

This Privacy Policy describes how the Foundation collects, uses, discloses, stores, and safeguards personal information in accordance with the Digital Personal Data Protection Act, 2023 (“DPDP Act”), best governance practices applicable to not-for-profit entities, and ethical standards expected of social-purpose organisations.

The Foundation collects personal information in the course of its legitimate operations, including administration of CSR programs, delivery of training and community initiatives, donor engagement, communications, and website management. Information collected may include names, contact details, demographic information, photographs, educational details, feedback, messages submitted through the website, and any other data voluntarily shared by individuals. In addition, for beneficiaries enrolled in skill development or educational programs, additional information such as age, gender, academic background, progress records, and program-related documentation may also be collected with informed consent. We do not collect sensitive personal information unless it is strictly required for program delivery, statutory reporting, or compliance with applicable law, and only after obtaining explicit consent. Personal information collected by the Foundation is used for purposes including responding to enquiries, managing program participation, coordinating with donors and partners, assessing program outcomes, conducting monitoring and evaluation, maintaining beneficiary records, improving service delivery, and fulfilling statutory and audit obligations.

We may also use aggregated or anonymised data to measure impact, prepare reports, and share program achievements without identifying any individual. The Foundation processes personal data on lawful grounds, which may include consent, contractual necessity, legitimate program-related purposes, and compliance with legal or regulatory requirements.

The Foundation may disclose personal data to authorised employees, program partners, auditors, consultants, statutory bodies, or government authorities strictly on a need-to-know basis and only when necessary for program implementation, compliance, or reporting. We do not sell, rent, trade, or commercially exploit personal data under any circumstances. Where we engage third-party service providers (such as learning institutions, impact assessment agencies, IT service providers, or event organisers), we ensure that they follow adequate standards of data protection and confidentiality. By using our website, participating in our programs, or engaging with the Foundation, individuals acknowledge and consent to the practices described in this Privacy Policy.

The Foundation reserves the right to update or modify this Policy at any time to reflect legal updates, operational changes, or governance enhancements. The most recent version will always be available on our website. For questions, clarifications, or data-related requests, individuals may contact us at : reachout@pygmalion-foundation.org