Effective Date & Introduction

Effective Date:

Last Updated:

MBS College, a distinguished academic institution affiliated with Guru Gobind Singh Indraprastha University (GGSIPU), places the utmost importance on the privacy, confidentiality, and protection of the personal information of all individuals associated with the institution. Whether you are a prospective student, current learner, parent, alumni, faculty member, or a website visitor, this policy serves as a transparent declaration of how your data is collected, processed, used, retained, and safeguarded across various touchpoints of interaction with the college.

We recognize the sensitivity of the personal data shared with us during academic and administrative processes and commit to maintaining the highest standards of data ethics and governance in compliance with the prevailing laws, including the Information Technology Act, 2000, and the Digital Personal Data Protection Act, 2023.

1.Categories of Personal Data Collected

MBS College collects a diverse set of data to fulfill its academic, legal, statutory, and operational responsibilities. The data collected may include:

a) Personal Information:

- Full name, date of birth, gender, nationality, and parental information
- Contact details including residential and email addresses, mobile and landline numbers
- Government-issued identity proofs such as Aadhaar, PAN, passport, voter ID

b) Academic Records:

- Previous academic transcripts and certificates
- Entrance exam results and qualifying eligibility documents
- Semester-wise performance, attendance, and internal assessments

c) Financial Data:

- Fee payment receipts and scholarship/bursary details
- Bank account details for refunds or scholarships

d) Technical and Digital Footprint:

- IP address, MAC address, device identifiers
- Log-in timestamps, cookies, browser type, operating system

e) Sensitive or Special Category Data (collected only where required):

- Disability certifications for reasonable accommodation
- Health records for medical assistance on campus

2. Collection of Data for Students Below 18

Recognizing the sensitivity of data related to minors, MBS College does not knowingly collect data from individuals under the age of 18 without obtaining verified parental or legal guardian consent. Where the applicant is a minor, all forms and consents must be signed or acknowledged by the guardian. Such data is handled with heightened safeguards.

3. Purpose of Processing and Legal Justification

We collect and process your personal data for clearly defined and lawful purposes which include:

- Processing applications for admission and verifying eligibility criteria
- Allocating students to specific courses, batches, and sections
- Issuing ID cards, maintaining attendance, and academic progression records
- Disbursing scholarships, refunds, or other financial transactions
- Coordinating examinations, evaluations, and certifications
- Facilitating placement drives, internships, and alumni engagement
- Complying with statutory, legal, and regulatory requirements from bodies such as GGSIPU, UGC, and AICTE
- Monitoring and improving digital infrastructure, service accessibility, and campus safety

4. Legal Basis of Consent and Legitimate Interest

We seek explicit consent from users where required. In all other cases, data is processed under one or more of the following legal grounds:

- Fulfilling our academic or administrative obligations as part of our contract with students
- Compliance with legal or regulatory mandates
- Serving legitimate interests of the institution without infringing individual rights

You may withdraw consent at any time, though this may affect your ability to access some services.

5. Data Storage and Retention Policy

MBS College ensures that your data is stored securely using encrypted systems with access limited to authorized personnel only. Our data retention policy adheres to regulatory standards:

- Student academic and admission data: retained for 10 years after graduation
- Financial records: retained for 7 years as per tax and audit regulations
- Health/disability documentation: retained for the period of study only
- Archived documents may be retained in anonymized form for institutional research and statistical purposes

6. Use of Third-Party Tools and Technology Integrations

To enhance academic and administrative delivery, the college may engage third-party service providers for:

- Learning Management Systems (e.g., Moodle, Blackboard)
- Online admission and fee payment portals (e.g., Razorpay, Paytm)
- Placement and internship platforms
- Communication tools (e.g., email delivery services, SMS gateways)

Each vendor is contractually obligated to handle data only within the scope of services and must comply with security and confidentiality requirements.

7. Data Protection and Cybersecurity Measures

We adopt a multi-layered approach to protect data from loss, misuse, unauthorized access, or alteration.This includes:

- Use of SSL certificates and secure HTTPS protocols
- Role-based access control and multi-factor authentication
- Regular software patching and vulnerability testing
- Incident response and data breach notification protocols

Physical records are stored in locked storage with restricted access. Staff with data access responsibilities receive periodic training in data protection practices.

8. Your Rights and How to Exercise Them

All stakeholders have the right to:

- Request access to their personal data held by the college
- Request correction or updates to incorrect information
- Request data deletion (subject to institutional or legal retention obligations)
- Object to data processing or automated profiling
- Withdraw previously granted consent for non-essential communication

To exercise your rights, please submit a formal request to [email protected] along with valid identity proof. We aim to respond within 15 working days.

9. Cookies, Tracking, and Web Behavior Analytics

Our digital platforms use cookies and third-party analytics tools (such as Google Analytics) to:

- Measure website traffic and visitor trends
- Understand content performance and improve user navigation
- Maintain secure sessions for logged-in users

Users can control cookie preferences through their browser settings. Most cookies used are temporary and expire after the session ends.

10. Third-Party Services and External Hyperlinks

Our website may contain links to external websites or applications that operate independently These may include:

- GGSIPU's official student portal
- Examination registration links
- Vendor-hosted library systems

MBS College does not accept liability for the privacy practices or content of such external services. Users are encouraged to review the privacy policies of those services independently.

11. Grievance Redressal and Contact Information

For any queries, concerns, or complaints regarding personal data handling or this Privacy Policy, you may reach out to our designated Data Protection Officer (DPO):

Data Protection Officer (DPO)
MBS College Privacy Office
Email: [email protected] Phone: 011-25071504, Address: Sector 09, Dwarka, New Delhi, 110077

You may also lodge a complaint with the appropriate data protection authority if you believe your rights under applicable laws have been violated.

12. Policy Review and Version Control

This Privacy Policy is subject to annual review or earlier if required by regulatory changes or institutional needs. Substantive updates will be published on the college website and shared through official communication channels. We advise all stakeholders to check this page periodically to remain informed of how their data is handled and protected.