MUKTIDHARMAFUND

Contact Info
(+1) 253 556-7777
example@support.com
Narbethong Queensland 4725 Australia
Start donating poor people

Privacy Policy

Image
Image
1. Introduction

Muktidharma Foundation (“the Foundation”) is a not-for-profit organisation committed to protecting the privacy, confidentiality, dignity, and personal data of all individuals who interact with it, including undertrial prisoners, accused persons, their family members, donors, volunteers, partners, and website users (“Users”). Given the sensitive nature of legal aid and prisoner-related work, the Foundation adopts strict standards of data protection, confidentiality, and ethical handling of information.

 

2. Information We Collect

The Foundation may collect personal information including, but not limited to:
a. name, contact details, age, and identification information;
b. legal and case-related information necessary to provide legal aid;
c. information shared through website forms, emails, phone calls, or correspondence;
d. donor and payment-related information, where applicable;
e. volunteer or collaborator information for coordination and compliance.
Information is collected only to the extent necessary for lawful and charitable purposes.

 

3. Purpose of Collection and Use

Personal data is collected and processed solely for:
a. providing legal aid, counselling, representation, and support services;
b. coordinating with courts, legal professionals, and authorities;
c. communicating with beneficiaries, families, donors, and volunteers;
d. statutory, regulatory, audit, and reporting obligations;
e. internal governance, transparency, and accountability.
The Foundation does not use personal data for advertising, profiling, or commercial exploitation.

 

4. Legal Framework and Compliance

The Foundation processes personal data in accordance with:
a. the Information Technology Act, 2000 and applicable rules;
b. the Digital Personal Data Protection Act, 2023 (“DPDP Act”).

For the purposes of the DPDP Act:
a. the Foundation acts as a Data Fiduciary; and
b. individuals whose data is processed are Data Principals.

The Foundation endeavours to comply with evolving data protection standards and judicial guidance.

 

5. Data Principal Rights (DPDP Act, 2023)

Data Principals have the right to:
a. request access to their personal data;
b. seek correction or updating of inaccurate data;
c. request erasure of personal data, subject to legal obligations;
d. withdraw consent, where processing is consent-based;
e. raise grievances relating to data processing.

These rights may be exercised through the grievance mechanism set out in the Terms of Use.

 

6. Data Sharing and Disclosure

The Foundation does not sell, rent, or trade personal data. Personal data may be shared only when necessary and lawful, including:
a. with authorised lawyers, paralegals, volunteers, or professionals involved in legal aid;
b. with courts, prison authorities, Legal Services Authorities (including NALSA / State / District Legal Services Authorities), or government bodies as required by law or official process;
c. with service providers such as payment gateways, only to the extent required to process lawful donations.

All disclosures are made on a need-to-know basis, with due confidentiality safeguards.

 

7. Payment and Donation Data (Gateway-Aligned)

When donations are made through online payment gateways:
a. payment processing is handled by third-party RBI-regulated payment service providers;
b. the Foundation does not store sensitive payment information such as card numbers, CVV, or banking credentials;
c. limited transactional information (such as donor name, amount, transaction reference) may be retained for accounting, audit, and statutory compliance.
Payment data is processed in accordance with applicable laws and the privacy policies of the respective payment gateway providers.

 

8. Data Security

The Foundation implements reasonable security practices and procedures to safeguard personal data against unauthorised access, misuse, loss, alteration, or disclosure. Access to sensitive data, particularly relating to prisoners and legal cases, is restricted to authorised persons bound by confidentiality obligations.

 

9. Data Retention Schedule

Personal data is retained only for as long as necessary to fulfil the purpose for which it was collected or as required by law.

Indicatively:
a. legal and case-related data is retained for the duration of proceedings and statutory record-keeping periods;
b. donor and financial records are retained for audit and regulatory compliance;
c. volunteer and communication data is retained for operational purposes and thereafter securely deleted.

Data is securely deleted or anonymised upon completion of the retention period, subject to legal constraints.

 

10. Data Breach Response

In the event of a suspected or confirmed personal data breach, the Foundation shall:
a. promptly assess the scope and impact of the breach;
b. take reasonable steps to contain and mitigate harm;
c. notify authorities where required by law;
d. strengthen safeguards to prevent recurrence.

 

11. Alignment with Legal Services & Prison Authorities

The Foundation’s data handling practices are guided by principles recognised by courts, prison authorities, and Legal Services Authorities, including:
a. confidentiality of prisoner and undertrial information;
b. protection of dignity and privacy of incarcerated persons;
c. restricted access to sensitive records;
d. lawful disclosure only through authorised channels.
Nothing in this Policy permits unauthorised disclosure of prisoner information.

 

12. Updates to this Policy

This Privacy Policy may be updated from time to time to reflect changes in law or operational requirements. Updated versions shall be published on the Foundation’s website.

 

13. Contact and Grievance Redressal

Any questions, concerns, or grievances relating to privacy or data protection may be addressed to the Grievance Officer, as specified in the Terms of Use.