Please read this Privacy Policy carefully before enrolling in any program, using our platforms, or submitting any personal information to SKM Yoga.
This Privacy Policy ("Policy") is published by SKM Yoga ("SKM Yoga", "we", "us", or "our") in accordance with the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 ("SPDI Rules"), and the Digital Personal Data Protection Act, 2023 ("DPDPA"), along with all other applicable laws and regulations of India governing the collection, processing, storage, disclosure, and protection of personal data. This Policy governs all personal data collected and processed by SKM Yoga in connection with its programs, services, platforms, and communications, and is binding upon all individuals who interact with SKM Yoga in any capacity whatsoever.
For the purposes of applicable data protection legislation, including the Digital Personal Data Protection Act, 2023, SKM Yoga operates as the Data Fiduciary in respect of all personal data collected through its programs, platforms, enrollment processes, and institutional interactions. As Data Fiduciary, SKM Yoga determines the purposes and means of processing of personal data and is responsible for ensuring that all processing activities are conducted in compliance with applicable law, the terms of this Policy, and any consent provided by the Data Principal. SKM Yoga's decisions regarding the processing of personal data are final, subject to the rights afforded to Data Principals under applicable law.
"Personal Data" means any data about an individual who is identifiable by or in relation to such data, whether directly or indirectly, including but not limited to the individual's name, contact details, financial information, identification numbers, health records, digital identifiers, and any other information that, alone or in combination with other data, can reasonably be used to identify a specific natural person, as defined under the Digital Personal Data Protection Act, 2023 and the SPDI Rules. All references to "personal data" in this Policy shall include Sensitive Personal Data or Information ("SPDI") as classified under applicable law, unless the context otherwise requires.
"Sensitive Personal Data or Information" (SPDI) means personal data as specifically classified under Rule 3 of the Information Technology (SPDI Rules) 2011, including passwords, financial information such as bank account details and payment card numbers, physical and mental health conditions, sexual orientation, medical records and history, biometric data, and any other information classified as sensitive under applicable law or its subsequent amendments. SKM Yoga collects SPDI only to the limited extent strictly necessary for the delivery of its enrolled programs and services, and processes such data with heightened care, restricted internal access, and explicit attention to the consent and rights of the Data Principal.
This Policy applies to all individuals ("Data Principals") who provide personal data to SKM Yoga in any manner, including enrolled students, prospective students, retreat participants, workshop attendees, yoga therapy clients, corporate wellness program participants, website visitors, platform users, and any other individual who interacts with SKM Yoga through its physical premises, digital platforms, official communication channels, or third-party booking systems. By enrolling in any SKM Yoga program, accessing any SKM Yoga platform, or submitting any personal data to SKM Yoga through any channel, you acknowledge that you have read and accepted the terms of this Policy in their entirety.
This Policy applies to personal data collected, received, stored, or otherwise processed by SKM Yoga in connection with enrollment and registration in yoga classes, teacher training programs, retreats, workshops, masterclasses, certification courses, mentorship programs, private sessions, and wellness services; access to and use of SKM Yoga's official website, mobile applications, digital portals, virtual classroom environments, and online content libraries; yoga therapy consultations, individualized wellness guidance, and one-on-one mentorship services; corporate wellness programs, institutional partnerships, and organizational yoga arrangements; and all official communications between SKM Yoga and its students, clients, or associated individuals through any channel.
This Policy does not apply to, and SKM Yoga assumes no responsibility for, the personal data practices of third-party platforms, external booking aggregators, payment gateway providers, accommodation and retreat center partners, courier and logistics services, or any other independent external service providers whose services may be engaged in connection with SKM Yoga's programs. Each such third-party entity operates under its own independently published privacy policy and data protection framework. Students and users are expressly advised to independently review the privacy policies of all third-party platforms and service providers before transacting with or submitting personal data to such entities.
SKM Yoga collects identity and contact information from individuals for the purpose of establishing and managing the student's enrollment relationship with the institution. Such information includes the individual's full legal name, date of birth, gender, residential address, nationality, country of domicile, email address, telephone and WhatsApp contact number, and emergency contact details where voluntarily provided. This information is collected at the time of enrollment, program registration, platform account creation, or formal inquiry submission, and is used exclusively for the administrative, communicative, and operational purposes of SKM Yoga as described in this Policy.
SKM Yoga collects and maintains enrollment and program data pertaining to each enrolled student, including the student's program preferences, enrolled course details, assigned batch information, session attendance records, academic performance data, assessment and examination results, certification eligibility status, course completion records, and feedback or evaluations submitted by or about the student. Such enrollment and program data is generated and maintained throughout the duration of the student's enrollment and for the retention period applicable under this Policy, for the purposes of program administration, certification issuance, institutional reporting, and quality assurance.
SKM Yoga collects financial and transactional data in connection with the processing of enrollment fees, program charges, and related financial transactions. Such data includes enrollment fee payment records, invoice references, transaction identification numbers, payment gateway confirmation details, bank account or payment instrument identifiers provided for the purpose of processing approved refunds, and GST identification numbers or tax registration details applicable to corporate clients. All financial data is collected and retained in accordance with applicable tax legislation and financial record-keeping obligations under Indian law, and is accessible only to authorized finance personnel within SKM Yoga.
Where a student or client voluntarily discloses health or medical information for the purpose of customizing their yoga practice, accessing medical exception provisions under SKM Yoga's institutional policies, or participating in yoga therapy services, SKM Yoga may collect such health data including medical conditions, physical limitations, disabilities, chronic health issues, dietary requirements, allergies, and wellness preferences relevant to the enrolled program. All health and medical information constitutes Sensitive Personal Data or Information under applicable law and shall be processed by SKM Yoga exclusively for the specific purpose for which it was voluntarily disclosed, with heightened access controls and in strict compliance with the SPDI Rules.
Where a student submits medical certificates, physician letters, clinical reports, hospital discharge summaries, or other health documentation in support of a medical exception request, enrollment deferral application, or refund claim, such documentation constitutes Sensitive Personal Data or Information under applicable law. SKM Yoga collects such documentation solely for the purpose of evaluating the specific exception or deferral request, and retains it only for the period necessary to process and resolve the relevant claim. All medical documentation submitted to SKM Yoga is treated with strict confidentiality and is accessible only to authorized administrative personnel directly responsible for processing the related request.
When a student or user accesses SKM Yoga's digital platforms, website, or online learning environments, SKM Yoga's systems automatically collect certain technical data, including Internet Protocol (IP) addresses, browser type and version, operating system, device type and identifiers, session data, page visit logs, clickstream data, access timestamps, and platform usage analytics. This technical data is collected automatically through cookies and similar tracking technologies embedded in SKM Yoga's digital infrastructure and is used for the purposes of platform security, performance monitoring, user experience improvement, and detection of unauthorized access or fraudulent activity.
SKM Yoga may collect photographic or multimedia data pertaining to enrolled students in the following limited circumstances: profile photographs voluntarily submitted by students for certification document production, platform registration, or official institutional records; and images or recordings captured during in-person classes, virtual sessions, retreat activities, or institutional events where the student has been informed of the possibility of recording and has not objected in writing prior to the relevant session. SKM Yoga shall not use photographic or multimedia data of any individual for marketing, promotional, or public communications purposes without obtaining the individual's explicit prior written consent.
SKM Yoga processes personal data on the basis of the Data Principal's freely given, specific, informed, unconditional, and unambiguous consent where such consent is the designated lawful basis for the relevant processing activity. Consent may be provided through affirmative enrollment actions, explicit acceptance of these terms during registration, consent checkboxes on digital enrollment forms, or explicit written authorization communicated through official channels. Consent obtained by SKM Yoga shall be recorded and maintained as part of the student's enrollment record. Data Principals have the right to withdraw their consent at any time through a formal written request to SKM Yoga's Grievance Officer, subject to the conditions described in this Policy.
SKM Yoga processes personal data where such processing is necessary for the performance of a contract to which the Data Principal is a party, or in order to take steps at the request of the Data Principal prior to entering into a contract with SKM Yoga. Contractual necessity as a basis for processing encompasses all personal data required to enroll, administer, deliver, and complete an enrolled yoga program or wellness service, process enrollment fees and approved refunds, issue certifications and credentials, manage attendance and assessment records, and fulfill all obligations undertaken by SKM Yoga under the enrollment agreement. Processing on this basis does not require separate consent and continues for the duration of the contractual relationship.
SKM Yoga processes certain categories of personal data where such processing is necessary for compliance with a legal obligation to which SKM Yoga is subject under applicable Indian law. Processing on the basis of legal obligation includes the retention of financial and transactional records in compliance with the Income Tax Act, 1961 and applicable GST legislation; the maintenance of institutional records as required under applicable educational and wellness sector regulations; the reporting of specified transactions or activities to regulatory or statutory bodies as mandated by law; and the disclosure of personal data to competent authorities pursuant to a valid legal order, court direction, or statutory requirement. Such processing is mandatory and cannot be avoided by the withdrawal of consent.
SKM Yoga processes certain personal data where such processing is necessary for the pursuit of SKM Yoga's legitimate institutional interests, provided that such interests do not override the fundamental rights, freedoms, and privacy interests of the Data Principal. Legitimate interests relied upon by SKM Yoga as a lawful basis for processing include the prevention and detection of fraud and unauthorized access; the maintenance of platform and institutional security; the enforcement of SKM Yoga's institutional policies and enrollment terms; the analysis of aggregate program participation and platform usage data for institutional improvement; and the protection of SKM Yoga's legal rights and interests in the event of disputes or claims. SKM Yoga performs a balancing assessment before relying on legitimate interests as a processing basis.
SKM Yoga processes personal data for the purpose of managing the complete enrollment lifecycle for all programs and services offered by the institution. Enrollment management processing encompasses the verification of enrollment eligibility, confirmation of enrollment and batch assignment, maintenance of enrollment records, communication of enrollment-related information to the student, processing of batch transfers and program deferrals where approved, and management of enrollment terminations, withdrawals, and completions. This processing is essential to SKM Yoga's ability to maintain accurate institutional records, ensure the integrity of its certification programs, and fulfill its obligations to enrolled students under applicable enrollment agreements.
SKM Yoga processes personal data for the purpose of facilitating the effective delivery of yoga classes, teacher training programs, retreats, workshops, therapy sessions, private sessions, and digital learning content to enrolled students. Program delivery processing includes the allocation of instructors and session resources based on enrollment data, management of attendance and participation records, delivery of course materials and digital content through appropriate platforms, tracking of student progress and performance, facilitation of assessment and evaluation processes, and coordination of retreat logistics including accommodation and meal arrangements where applicable. All personal data processed for program delivery purposes is used exclusively to serve the educational and wellness needs of the enrolled student.
SKM Yoga processes personal data for the purpose of communicating with enrolled students and institutional contacts regarding all matters related to their enrollment and participation in SKM Yoga's programs. Communication processing encompasses the transmission of enrollment confirmations, payment receipts and invoices, program schedules and timetables, class reminders and schedule changes, administrative notices and policy updates, certification and examination information, and institutional announcements of material relevance to enrolled students. All communication by SKM Yoga is directed to the official contact details provided by the student at the time of enrollment, and the student is responsible for maintaining accurate and current contact information in SKM Yoga's records.
SKM Yoga processes financial and transactional personal data for the purpose of collecting, recording, verifying, and processing all enrollment fees, program charges, supplementary service fees, and approved refund transactions associated with its services. Payment processing encompasses the generation and issuance of tax-compliant invoices, verification of payment receipt and clearance, maintenance of financial records as required by applicable tax and accounting regulations, processing of approved refund transactions to the student's original payment source, and resolution of payment disputes and discrepancy claims. All payment data is handled in compliance with applicable financial regulations and Payment Card Industry Data Security Standards where applicable.
SKM Yoga processes personal data for the purpose of evaluating, recording, and issuing yoga certifications, attendance certificates, course completion letters, and other academic and professional credentials to qualifying students upon successful fulfillment of all program requirements. Certification processing encompasses the recording of attendance data and assessment results, determination of certification eligibility against prescribed criteria, preparation and issuance of certification documents, and maintenance of certification records as part of SKM Yoga's institutional credential registry. All certification records are retained for the applicable retention period specified in this Policy to facilitate future verification of issued credentials by students, employers, or professional bodies.
Where a student has voluntarily disclosed health or medical information, SKM Yoga processes such Sensitive Personal Data for the limited purpose of accommodating the student's specific health-related needs within the enrolled program, exercising appropriate caution in the design and delivery of yoga instruction, evaluating medical exception and deferral claims submitted under SKM Yoga's institutional policies, and facilitating the delivery of individualized yoga therapy services by qualified yoga therapists. All health accommodation processing is confined to the specific purposes for which the health information was disclosed and is not used for any other purpose, including general institutional analysis, marketing, or sharing with third parties beyond those directly involved in the student's wellness program delivery.
SKM Yoga processes personal data for the purpose of complying with its applicable statutory obligations, regulatory requirements, and legal duties under Indian law. Legal compliance processing encompasses the maintenance and filing of tax records and GST documentation as required under the Income Tax Act, 1961 and Central Goods and Services Tax Act, 2017; the retention of financial and transactional records as required by applicable accounting regulations; the reporting of specified information to regulatory or statutory bodies as required by law; and the disclosure of personal data to competent governmental or judicial authorities pursuant to a valid and binding legal order or direction. Processing for legal compliance purposes takes priority over the Data Principal's preferences or requests for deletion where retention is legally mandated.
SKM Yoga processes certain personal data for the purpose of detecting, preventing, investigating, and addressing fraudulent activity, unauthorized access, identity misrepresentation, policy violations, and security threats affecting SKM Yoga's platforms, programs, and institutional resources. Fraud prevention processing includes the monitoring of login activity and platform access patterns for anomalous behavior, verification of payment transaction legitimacy, investigation of suspicious refund claims or payment disputes, verification of identity and documentation submitted in connection with exception requests, and enforcement of SKM Yoga's institutional policies against unauthorized credential sharing, unauthorized recording, and misuse of platform access. All fraud prevention processing is conducted with appropriate safeguards to minimize privacy intrusion.
SKM Yoga processes aggregated and, where possible, anonymized technical and usage data for the purpose of improving the functionality, performance, content quality, and user experience of its digital platforms and online learning environments. Platform improvement processing includes the analysis of aggregated session data, page engagement metrics, content consumption patterns, and platform error logs to identify areas for technical enhancement; the evaluation of student feedback and satisfaction data to inform curriculum and program development decisions; and the assessment of enrollment trends and program participation patterns to guide SKM Yoga's educational offering strategy. No individual's personal data is used for platform improvement analysis without appropriate aggregation or anonymization where technically feasible.
Where a student or visitor has explicitly provided consent to receive marketing communications from SKM Yoga, SKM Yoga may process the individual's contact information for the purpose of sharing promotional content, course announcements, retreat information, special enrollment offers, and institutional updates by email, SMS, or WhatsApp. Marketing communications are sent only to individuals who have opted in to receive such communications, and every marketing communication includes a clear and accessible mechanism for the recipient to withdraw their consent and opt out of future communications at any time. Withdrawal of consent to marketing communications shall not affect the lawfulness of processing based on consent prior to withdrawal, nor shall it affect SKM Yoga's ability to communicate essential enrollment-related information to enrolled students.
SKM Yoga does not sell, rent, trade, auction, license, or otherwise commercially transfer the personal data of any student, client, or platform user to any third party for commercial or financial consideration under any circumstances whatsoever. Personal data collected by SKM Yoga is shared with external parties solely to the limited extent necessary to deliver the enrolled program or service, to process authorized financial transactions, or to fulfill applicable legal obligations, and such sharing is governed by appropriate data processing agreements or legal obligations requiring the recipient to maintain the confidentiality and security of the shared data. SKM Yoga's business model does not involve the monetization of student or user personal data through sale or transfer to data brokers or advertising networks.
Access to personal data within SKM Yoga's organization is governed by a strict role-based access control framework that restricts access to personal data to only those authorized personnel who require such access in the direct performance of their legitimate institutional functions. Faculty members, administrative staff, finance personnel, and technical support teams are granted access only to the specific categories of personal data necessary for their designated responsibilities. All personnel with access to personal data are bound by confidentiality obligations, either contractually or as a matter of institutional policy, and are subject to disciplinary action in the event of unauthorized access, use, or disclosure of personal data entrusted to SKM Yoga.
SKM Yoga engages authorized payment gateway operators and banking institutions as third-party service providers for the purpose of securely processing enrollment fee payments, generating payment confirmations, and remitting approved refund transactions to students' original payment sources. All payment gateway providers engaged by SKM Yoga are required to comply with applicable Payment Card Industry Data Security Standards and applicable financial regulations. Personal data shared with payment processing service providers is limited to the financial and identification data strictly necessary for the completion of the specific payment or refund transaction, and is not used by such providers for any purpose beyond the processing of the authorized transaction on behalf of SKM Yoga.
SKM Yoga engages cloud hosting providers, data center operators, and technology platform vendors as third-party service providers for the purpose of maintaining the digital infrastructure necessary to deliver its online programs, store institutional records securely, and operate its digital learning platforms. All technology and hosting service providers engaged by SKM Yoga are contractually bound to process personal data exclusively in accordance with SKM Yoga's documented instructions, to implement and maintain appropriate technical and organizational security measures, and to comply with all applicable data protection laws governing the processing of personal data on behalf of a data fiduciary. Data hosted with third-party providers remains subject to SKM Yoga's data protection obligations.
For the delivery of online yoga programs, virtual classes, live-streamed sessions, and digital learning content, SKM Yoga utilizes third-party video conferencing platforms, learning management systems, and content streaming services. Enrollment in online programs constitutes acceptance of the possibility that certain interaction data, including participation in live sessions, may be processed by such third-party platform providers in accordance with their own terms of service and privacy policies. SKM Yoga endeavours to select platform providers that maintain data protection standards consistent with applicable legal requirements and will inform students of any material changes to the platforms used to deliver their enrolled online programs.
In connection with the organization of retreat programs and residential training courses, SKM Yoga shares limited personal data with third-party retreat center partners, accommodation providers, and hospitality vendors to the extent necessary to confirm and manage the student's retreat reservation and participation. Personal data shared with retreat and accommodation partners is limited to name, contact details, dietary preferences, and health information relevant to accommodation requirements, and is shared only upon confirmation of the student's enrollment in the applicable retreat program. Students are advised that retreat and accommodation partners operate under their own data protection policies, and SKM Yoga shall not be liable for such partners' independent data processing activities.
SKM Yoga engages authorized courier and postal logistics services for the purpose of dispatching physical certification documents, course completion letters, and course materials to enrolled students upon program completion. Personal data shared with courier and logistics service providers is limited to the student's full name, delivery address, and contact telephone number, as strictly required for the execution of the delivery service. Such data is shared solely for the purpose of fulfilling the specific delivery transaction and is not retained by the logistics provider beyond the period necessary to complete and confirm the delivery. Students are responsible for ensuring the accuracy and currency of their delivery address details in SKM Yoga's records.
SKM Yoga may disclose personal data to competent governmental or regulatory authorities, law enforcement agencies, courts of law, or statutory bodies where such disclosure is required or compelled by applicable law, a valid legal order, judicial directive, or regulatory mandate issued by a competent authority. SKM Yoga shall, where legally permissible, endeavour to notify the affected Data Principal prior to making such a disclosure. In cases where prior notification is prohibited by the applicable legal order or where such notification would defeat the purpose of the disclosure, SKM Yoga shall comply with the legal requirement without advance notice to the Data Principal. No such legally compelled disclosure shall constitute a breach of this Policy or of SKM Yoga's data protection obligations.
SKM Yoga's digital platforms deploy essential cookies that are technically necessary for the basic operation of the platform, including user authentication, session management, security token verification, and the maintenance of user login states across platform interactions. Essential cookies cannot be disabled without materially impairing the functionality of the platform, and users who wish to use SKM Yoga's digital services are required to accept the use of essential cookies as a condition of platform access. Essential cookies do not collect personal data beyond what is technically necessary for platform operation and do not track user behavior across third-party websites or platforms outside SKM Yoga's digital ecosystem.
SKM Yoga's digital platforms deploy analytical cookies for the purpose of collecting aggregated and, where possible, anonymized data about how users interact with the platform, including page visit frequency, session duration, navigation pathways, content engagement patterns, and technical error occurrences. This analytical data enables SKM Yoga to understand how its platforms are used, identify areas requiring technical or content improvement, and optimize the user experience for enrolled students and platform visitors. Analytical cookies do not identify individual users by name or personal data but may associate usage data with a device identifier or IP address. Users may opt out of analytical cookies through their browser settings without affecting core platform functionality.
SKM Yoga's digital platforms deploy preference and functionality cookies for the purpose of remembering user settings, language preferences, content display choices, and other platform customization selections made by the user during previous platform sessions. These cookies enable SKM Yoga to deliver a more personalized and efficient platform experience by reducing the need for users to re-enter their preferences upon each visit. Preference cookies do not collect sensitive personal data and are confined to the storage of user interface and accessibility preferences. Users may disable preference cookies through their browser settings, though doing so may result in the loss of personalized settings and require users to re-configure their preferences upon each platform visit.
Where a user has provided explicit prior consent to the use of marketing cookies, SKM Yoga may deploy marketing and retargeting cookies for the purpose of displaying relevant advertisements and promotional content about SKM Yoga's programs and services to the consenting user across digital platforms and advertising networks. Marketing cookies track certain browsing behavior for the purpose of presenting program recommendations and promotional offers that may be relevant to the user's demonstrated interests. Users who have not provided consent to marketing cookies, or who subsequently withdraw such consent through the platform's cookie preference center or browser settings, shall not be subjected to interest-based advertising through SKM Yoga's marketing technology infrastructure.
SKM Yoga retains enrollment and program records, including student registration data, batch assignment details, attendance records, assessment results, and certification records, for a period of seven (7) years from the date of the student's program completion, voluntary withdrawal, or termination of the enrollment relationship with SKM Yoga, whichever occurs first. This retention period is established in accordance with applicable statutory record-keeping requirements and SKM Yoga's institutional need to maintain accurate historical enrollment records for the purposes of certification verification, dispute resolution, and compliance with regulatory obligations. Upon expiration of the applicable retention period, enrollment records shall be securely deleted or irreversibly anonymized in accordance with SKM Yoga's data destruction protocols.
SKM Yoga retains financial and transactional records, including payment receipts, enrollment invoices, tax records, refund processing records, and financial correspondence, for a period of eight (8) years from the date of the relevant transaction, in compliance with the requirements of the Income Tax Act, 1961, the Central Goods and Services Tax Act, 2017, and applicable accounting and auditing standards. Financial records are retained for this extended period to facilitate tax assessment proceedings, statutory audits, financial dispute resolution, and compliance verification by competent regulatory authorities. Access to retained financial records is restricted to authorized finance and compliance personnel within SKM Yoga and designated external auditors acting under confidentiality obligations.
Health and medical information, including medical certificates, physician letters, clinical reports, and other health documentation submitted to SKM Yoga by enrolled students, constitutes Sensitive Personal Data and is subject to a minimum retention period. Such records are retained only for the period strictly necessary to process and resolve the specific exception, deferral, or therapy request for which they were submitted, and are thereafter securely deleted or anonymized, unless continued retention is specifically mandated by applicable law or required for the defense of a legal claim arising from the relevant matter. SKM Yoga shall not retain health information beyond the period of immediate operational necessity and shall not use retained health data for any secondary purpose not disclosed at the time of collection.
Records of official communications between SKM Yoga and enrolled students or institutional contacts, including email correspondence, formal written requests, refund communications, grievance submissions, and administrative correspondence, are retained for a period of three (3) years from the date of the relevant communication. Communications records are retained for this period to facilitate dispute resolution, evidence production in legal proceedings, institutional accountability, and compliance with applicable record-keeping obligations. After the expiration of the three-year retention period, communications records are subject to secure deletion or anonymization, except where their continued retention is required for ongoing legal proceedings or regulatory compliance purposes.
Records of marketing consent provided by individuals, including the date, scope, and mechanism of consent, are retained for the duration of the consent's operational validity and for a reasonable administrative period thereafter, to enable SKM Yoga to demonstrate compliance with applicable consent requirements under the Digital Personal Data Protection Act, 2023. Where a Data Principal withdraws consent to marketing communications, the withdrawal is recorded and the individual's contact details are added to SKM Yoga's suppression list to prevent future marketing communications. The fact and date of consent withdrawal are retained in SKM Yoga's compliance records to document the Data Principal's opt-out status and prevent inadvertent re-inclusion in marketing communications.
SKM Yoga implements industry-standard encryption protocols to protect personal data during electronic transmission across its digital platforms and communication channels. All data transmitted between users and SKM Yoga's digital platforms is encrypted using Transport Layer Security (TLS) protocols to prevent interception or unauthorized access during transmission. Sensitive Personal Data, including financial information and health records, is subject to additional encryption safeguards during storage to protect against unauthorized access in the event of a security incident affecting SKM Yoga's data infrastructure. SKM Yoga reviews and updates its encryption standards periodically to maintain alignment with evolving industry best practices and applicable regulatory guidance on data security.
SKM Yoga maintains a role-based access control framework governing all access to personal data held within its institutional systems and databases. Access to personal data is restricted to authorized personnel on a need-to-know basis, with each staff member's system access privileges scoped to the minimum data categories required for their designated institutional function. All access to personal data systems requires individual authentication credentials, and privileged access to sensitive data categories is subject to enhanced authentication requirements. SKM Yoga maintains access logs for its personal data systems and conducts periodic audits to verify that access privileges remain consistent with current role assignments and to detect any unauthorized or anomalous access activity.
SKM Yoga conducts periodic security assessments, including vulnerability assessments and penetration testing of its digital platforms and data infrastructure, to identify and remediate security weaknesses before they can be exploited by malicious actors. Security audit findings are reviewed by SKM Yoga's management and technical teams, and identified vulnerabilities are prioritized and remediated in accordance with their assessed risk severity. SKM Yoga also reviews its data processing arrangements with third-party service providers periodically to ensure that such providers maintain security standards appropriate to the sensitivity of the personal data they process on SKM Yoga's behalf. The results of security audits are treated as confidential institutional information.
In the event of a personal data breach affecting personal data held by SKM Yoga that is likely to result in a risk to the rights and interests of affected Data Principals, SKM Yoga shall comply with its breach notification obligations under the Digital Personal Data Protection Act, 2023 and applicable regulations, including notifying the Data Protection Board of India and affected Data Principals in the prescribed form, within the prescribed timeframe, and with the prescribed information. SKM Yoga maintains an internal data breach response protocol governing the detection, containment, assessment, and reporting of personal data security incidents. Notwithstanding the security measures implemented by SKM Yoga, no electronic system can be guaranteed to be completely immune from security breaches.
SKM Yoga ensures that all personnel who have access to personal data in the course of their employment receive appropriate training on their data protection obligations, the requirements of SKM Yoga's Privacy Policy, and the procedures for identifying and responding to potential data security incidents. Data protection awareness training is conducted as part of the onboarding process for new personnel and is supplemented by periodic refresher training to address developments in applicable data protection law and updates to SKM Yoga's internal data governance framework. Personnel who handle Sensitive Personal Data or Information are subject to enhanced training requirements and are required to acknowledge their understanding of and compliance with SKM Yoga's SPDI handling protocols.
Every Data Principal has the right to obtain from SKM Yoga, upon submission of a formal written request to the designated Grievance Officer, confirmation as to whether SKM Yoga holds personal data pertaining to that individual, and to receive a copy of the personal data held, along with information identifying the purposes for which such data is being processed, the categories of data involved, and the identity of any third parties to whom such data has been disclosed. SKM Yoga shall respond to valid data access requests within the timeframe prescribed under applicable law. Access requests are subject to identity verification procedures to ensure that personal data is disclosed only to the Data Principal to whom it pertains or their duly authorized representative.
Every Data Principal has the right to request the correction, completion, or updating of inaccurate, incomplete, or outdated personal data held by SKM Yoga, without undue delay following the receipt of a valid correction request. Data Principals may submit correction requests by providing SKM Yoga's Grievance Officer with a formal written request identifying the specific data to be corrected and the accurate information to be substituted, accompanied by such supporting documentation as may be reasonably necessary to verify the accuracy of the proposed correction. SKM Yoga shall process all valid correction requests and communicate the outcome to the requesting Data Principal within the timeframe prescribed under applicable law, and shall update its records accordingly.
Every Data Principal has the right to request the deletion or erasure of their personal data held by SKM Yoga where such data is no longer necessary for the purposes for which it was collected, where the Data Principal has withdrawn consent and no other lawful basis for processing exists, where the processing is unlawful, or where erasure is required for compliance with a legal obligation. Erasure requests must be submitted in writing to SKM Yoga's designated Grievance Officer. SKM Yoga shall evaluate erasure requests against applicable legal retention obligations and may decline to erase data where continued retention is required by applicable law or necessary for the establishment, exercise, or defense of legal claims. Where erasure is granted, SKM Yoga shall securely delete or anonymize the relevant personal data.
Every Data Principal who has provided consent to the processing of their personal data by SKM Yoga has the right to withdraw that consent at any time by submitting a formal written withdrawal notification to SKM Yoga's designated Grievance Officer. Withdrawal of consent shall not affect the lawfulness of any processing that was carried out by SKM Yoga on the basis of consent prior to the date of withdrawal. Where a Data Principal withdraws consent to processing that is necessary for the delivery of an enrolled program, SKM Yoga may be unable to continue providing the relevant program or service, and the student may be required to forfeit enrollment in accordance with SKM Yoga's institutional policies. SKM Yoga shall act on all valid consent withdrawal requests without undue delay.
Every Data Principal who has a grievance relating to the processing of their personal data by SKM Yoga, or regarding SKM Yoga's compliance with applicable data protection law, has the right to have such grievance addressed by SKM Yoga's designated Grievance Officer within a reasonable and legally prescribed timeframe. Grievances must be submitted in writing through the official channels specified in this Policy, with a clear description of the nature of the grievance, the specific data processing activity or practice that is the subject of the complaint, and the relief sought by the Data Principal. SKM Yoga shall investigate all formally submitted grievances in good faith and communicate the outcome of its investigation to the grievant within the applicable legal timeframe.
In accordance with the provisions of the Digital Personal Data Protection Act, 2023, every Data Principal has the right to nominate another individual to exercise their data protection rights on their behalf in the event of the Data Principal's death or incapacity. A nomination may be made by submitting a formal nomination declaration to SKM Yoga's designated Grievance Officer, identifying the nominated individual and the scope of rights delegated. SKM Yoga shall maintain the nomination record as part of the Data Principal's institutional file and shall accept and act upon valid requests submitted by a duly nominated representative upon receipt of appropriate evidence of the Data Principal's death or incapacity and the nominee's acceptance of the nomination.
Data Principals may exercise any of the rights described in this Policy by submitting a formal written request to SKM Yoga's designated Grievance Officer through the official contact details specified in this Policy. All requests must be submitted in writing and must include the Data Principal's full name, enrollment or account reference details (if applicable), a clear description of the right being exercised, and sufficient information to enable SKM Yoga to identify and locate the relevant personal data. SKM Yoga reserves the right to require identity verification from individuals submitting data rights requests prior to processing, to ensure that personal data is disclosed or acted upon only in response to requests from the actual Data Principal or their duly authorized representative.
SKM Yoga offers certain programs designed for minor participants, including Kids Yoga programs and youth wellness workshops. All personal data relating to individuals below the age of eighteen (18) years shall be collected and processed by SKM Yoga only with the freely given, specific, informed, and verifiable consent of the minor's parent or lawfully appointed guardian. Parents and guardians enrolling minor participants are required to provide all enrollment information on behalf of the minor and to supervise the minor's access to any digital platforms, online content, or virtual sessions made available through SKM Yoga's programs. SKM Yoga shall not knowingly collect personal data from minors without verifiable parental or guardian consent.
In connection with programs involving minor participants, SKM Yoga shall collect only the minimum categories and quantity of personal data strictly necessary for the safe delivery of the enrolled youth program and the fulfillment of any applicable legal obligations relating to the wellbeing and safety of minor participants. SKM Yoga shall not use personal data collected in connection with a minor's enrollment for marketing or promotional communications directed to the minor, and any marketing communications directed to parents or guardians based on their child's enrollment shall be limited to relevant program updates and shall comply with applicable legal requirements governing commercial communications involving children.
In the context of operating digital learning platforms, processing international student enrollments, and engaging global technology service providers, personal data collected by SKM Yoga may be transferred to or processed in jurisdictions outside India by SKM Yoga's authorized third-party technology and service providers. All cross-border transfers of personal data by SKM Yoga shall be conducted in strict compliance with the provisions of the Digital Personal Data Protection Act, 2023, including any notifications issued by the Central Government of India designating permissible countries or territories for cross-border data transfer. SKM Yoga shall ensure that appropriate contractual safeguards, including data processing agreements with recipient service providers, are in place to protect personal data in the receiving jurisdiction to the standard required under applicable Indian law.
International students who provide personal data in connection with enrollment payments denominated in foreign currencies should be aware that any financial personal data associated with cross-border payment transactions may be processed by SKM Yoga's payment gateway providers and correspondent banking institutions in jurisdictions outside India in connection with the execution and settlement of the payment. Such processing is necessitated by the nature of international financial transactions and is conducted by regulated financial institutions subject to applicable financial services laws in their respective jurisdictions. SKM Yoga does not have direct control over the data practices of correspondent banks and international payment networks involved in cross-border settlement and advises international students to review applicable payment provider terms.
SKM Yoga does not subject any enrolled student or Data Principal to decisions that produce legal effects or similarly significant impacts based solely on automated processing of their personal data, without meaningful human review and involvement in the decision-making process. All material decisions affecting a student's enrollment status, certification eligibility, refund entitlement, or program participation are made by authorized SKM Yoga personnel exercising human judgment and discretion, with personal data serving as one of the inputs informing such decisions. Where automated systems are used to support administrative processing, the output of such systems is subject to human review before any consequential action is taken affecting the Data Principal's rights or interests.
SKM Yoga is committed to the principle of data minimization and shall collect only the categories and quantity of personal data that are strictly necessary and proportionate to the specific purposes for which such data is collected and processed. SKM Yoga shall not collect personal data speculatively or in excess of what is reasonably required for the identified purpose, and shall periodically review its data collection practices to ensure ongoing compliance with the data minimization principle. Where a particular purpose can be achieved through the processing of anonymized or aggregated data without reference to identifiable personal data, SKM Yoga shall employ such privacy-preserving approaches in preference to the collection or use of identifiable personal data.
SKM Yoga processes personal data exclusively for the specific, explicit, and legitimate purposes for which it was collected and as described in this Policy, and shall not process personal data in a manner incompatible with such purposes without first obtaining fresh and specific consent from the Data Principal or establishing an alternative lawful basis for the proposed further processing. Where SKM Yoga wishes to process personal data for a new purpose not contemplated at the time of collection, it shall assess whether the proposed new processing is compatible with the original purpose, and where such compatibility cannot be established, shall notify the affected Data Principal and obtain their consent before proceeding with the new processing activity.
SKM Yoga shall take reasonable steps to ensure that the personal data held in its institutional records is accurate, complete, and kept up to date having regard to the purposes for which it is processed. Enrolled students are responsible for notifying SKM Yoga promptly of any changes to their personal data, including changes to their name, contact details, address, health information, and payment details, through the official communication channels designated in this Policy. SKM Yoga shall act on correction notifications received from Data Principals without undue delay and shall update its records to reflect the corrected information. SKM Yoga's ability to deliver accurate communications and services is dependent on the accuracy of the personal data provided by the student.
All SKM Yoga personnel, contractors, and authorized representatives who access personal data in the course of their engagement with SKM Yoga are bound by strict confidentiality obligations that prohibit the unauthorized use, disclosure, copying, transfer, or retention of personal data beyond what is necessary for their designated institutional function. Confidentiality obligations apply during the period of the individual's engagement with SKM Yoga and continue to apply following the termination of such engagement, for as long as the relevant personal data remains identifiable. SKM Yoga enforces its confidentiality obligations through contractual provisions, institutional policies, and disciplinary procedures applicable to all categories of personnel with access to personal data.
SKM Yoga is committed to embedding data protection and privacy considerations into the design and development of its programs, platforms, and data processing systems from the outset, in accordance with the principle of privacy by design. When designing new programs, developing new platform features, or implementing new data processing activities, SKM Yoga shall assess the privacy implications of the proposed activity, identify and implement appropriate technical and organizational safeguards, and ensure that data protection is treated as a foundational design requirement rather than an afterthought. SKM Yoga shall also implement privacy-enhancing technologies and default privacy settings in its digital platforms to minimize the collection and processing of personal data by default.
In accordance with the requirements of the Information Technology Act, 2000, the SPDI Rules, 2011, and the Digital Personal Data Protection Act, 2023, SKM Yoga has appointed a designated Grievance Officer responsible for addressing all data protection queries, privacy grievances, data rights requests, and complaints submitted by Data Principals. The Grievance Officer shall acknowledge receipt of all formal grievance submissions within such timeframe as is prescribed under applicable law and shall endeavour to resolve all substantive grievances within thirty (30) days of receipt of a complete and properly documented grievance submission. The contact details of SKM Yoga's Grievance Officer are as specified in this Policy and are also published on SKM Yoga's official website.
All grievances, data rights requests, privacy queries, and formal communications relating to this Policy or SKM Yoga's data processing practices must be directed exclusively to SKM Yoga's designated Grievance Officer at the following official contact details: Email: privacy@skmyoga.com; Registered Office Address: [Registered Office Address of SKM Yoga], India; Official Website Contact Portal: [SKM Yoga Official Website URL]. Communications relating to data protection matters that are submitted through unofficial channels, personal email addresses of staff members, or social media platforms shall not be treated as formal grievance submissions and shall not trigger SKM Yoga's formal grievance response obligations. SKM Yoga endeavours to respond to all formally submitted grievances within thirty (30) days.
Where a Data Principal is dissatisfied with SKM Yoga's response to a formally submitted grievance, or where SKM Yoga fails to respond to a grievance within the prescribed timeframe, the Data Principal has the right to escalate the matter to the Data Protection Board of India (DPBI) established under the Digital Personal Data Protection Act, 2023. The Data Protection Board of India has the authority to adjudicate complaints relating to alleged violations of the DPDPA, to impose remedial directions upon data fiduciaries found to be in violation of their statutory data protection obligations, and to award compensation to Data Principals in appropriate cases. SKM Yoga shall cooperate fully with any inquiry, investigation, or proceeding initiated by the Data Protection Board of India in relation to its data processing activities.
SKM Yoga's official website and digital platforms may contain links to third-party websites, social media platforms, external resources, and partner portals. The inclusion of any such link does not imply SKM Yoga's endorsement of the linked website or its content, and SKM Yoga accepts no responsibility for the privacy practices, data collection activities, or content of any third-party website or platform accessible through a link from SKM Yoga's digital properties. Users who follow links to third-party websites do so at their own risk and are advised to review the privacy policies of any third-party website before submitting personal data to or interacting with such websites. SKM Yoga's Privacy Policy applies only to personal data collected directly by SKM Yoga.
Where individuals interact with SKM Yoga's official social media pages, profiles, or accounts on platforms including but not limited to Instagram, Facebook, YouTube, LinkedIn, and WhatsApp, certain interaction data may be processed by SKM Yoga for the purpose of responding to queries, engaging with the institutional community, and managing SKM Yoga's social media presence. Such interaction data may also be processed by the relevant social media platform in accordance with the platform's own terms of service and privacy policy. SKM Yoga advises individuals not to transmit Sensitive Personal Data or confidential information through social media platforms, and to direct all formal data protection queries exclusively to SKM Yoga's designated official communication channels.
SKM Yoga may use WhatsApp as a communication channel for the transmission of enrollment confirmations, program updates, class reminders, and institutional announcements to enrolled students who have provided their WhatsApp contact numbers during the enrollment process. Students who provide a WhatsApp number to SKM Yoga consent to receiving institutional communications through this channel. Students who wish to opt out of WhatsApp communications from SKM Yoga may notify the administrative office in writing, following which SKM Yoga shall cease using WhatsApp as a communication channel for that student and shall revert to email-based communication. WhatsApp communications are subject to WhatsApp Inc.'s own terms of service and privacy policy, which operate independently of SKM Yoga's institutional privacy framework.
SKM Yoga may record virtual classes, online training sessions, live-streamed workshops, and digital educational programs for the purposes of quality assurance, provision of recorded content to enrolled students who could not attend live, and improvement of educational delivery. Where a virtual session will be recorded, SKM Yoga shall notify enrolled participants at the commencement of the session. Students who do not wish to appear in a recorded session are advised to keep their camera disabled during the recording. Recording of any SKM Yoga virtual session by students without prior written authorization from SKM Yoga management is strictly prohibited and constitutes a material breach of the student's enrollment terms, irrespective of the student's own participation in the session.
SKM Yoga's physical training centers, studio premises, and retreat facilities may be equipped with closed-circuit television (CCTV) surveillance systems for the purposes of maintaining the safety and security of students, staff, and institutional property, and deterring and detecting unauthorized access or security incidents. The operation of CCTV systems at SKM Yoga premises is governed by applicable laws relating to surveillance and data protection. CCTV footage is retained for a limited period consistent with security purposes and is accessible only to authorized institutional security or management personnel. Students who attend in-person programs at SKM Yoga premises are informed of the presence of CCTV systems through appropriate signage at the relevant locations.
Where a student provides a testimonial, review, success story, or feedback about their experience with SKM Yoga's programs or services, and SKM Yoga wishes to publish such content in its marketing materials, website, social media channels, or promotional communications, SKM Yoga shall obtain the student's explicit prior written consent before publishing any identifiable testimonial content. Consent to publish testimonials is entirely voluntary and shall not affect the student's enrollment status or access to any program. Students who have previously consented to publication of a testimonial and subsequently wish to withdraw such consent may notify SKM Yoga's administrative office in writing, and SKM Yoga shall take reasonable steps to remove the relevant content from its active marketing materials.
SKM Yoga may use anonymized, aggregated, or de-identified data derived from student enrollment and participation records for the purposes of institutional research, educational outcome analysis, industry reporting, curriculum development, and business planning, without restriction, provided that such data does not identify or render identifiable any individual Data Principal. Anonymized and aggregated data that is genuinely incapable of being re-identified does not constitute personal data for the purposes of applicable data protection law and is not subject to the restrictions and obligations set out in this Policy. SKM Yoga shall implement appropriate technical safeguards to minimize the risk of re-identification when generating and using anonymized data sets for institutional purposes.
Where SKM Yoga provides corporate wellness programs, institutional yoga services, or organizational wellness partnerships to corporate clients, personal data relating to the corporate client's employees or participants may be collected and processed in connection with the program. Such personal data is processed by SKM Yoga solely for the purpose of delivering the contracted wellness program to the corporate client's employees and in accordance with the terms of the applicable corporate service agreement. Corporate clients are responsible for obtaining all necessary consents from their employees for the sharing of employee personal data with SKM Yoga in connection with the corporate wellness program, and by engaging SKM Yoga's corporate services, represent that such consents have been duly obtained.
SKM Yoga reserves the right to amend, update, or revise this Privacy Policy at any time to reflect changes in applicable data protection legislation, regulatory requirements, institutional data processing practices, or the nature and scope of SKM Yoga's programs and services. Any material amendments to this Policy shall be communicated to enrolled students and platform users through publication of an updated Policy on SKM Yoga's official website, accompanied by the revised effective date and a clear indication of the material changes made. Continued use of SKM Yoga's programs, platforms, or services following the publication of an amended Policy shall constitute the Data Principal's acceptance of the revised terms. Data Principals who do not accept the revised Policy are advised to discontinue use of SKM Yoga's services.
This Privacy Policy is effective from 1st June 2025 and supersedes all previous privacy notices, data protection statements, or privacy policies published by SKM Yoga prior to this date. The version number and effective date of the current Policy are displayed at the top of this document. SKM Yoga maintains an archive of previous versions of this Policy for internal compliance and audit purposes. Students and users who require a copy of a previous version of this Policy for reference purposes may submit a written request to SKM Yoga's Grievance Officer, and SKM Yoga shall endeavour to provide the relevant historical version where available and where the request is made for a legitimate purpose.
This Privacy Policy and all matters arising from or related to SKM Yoga's collection, processing, storage, disclosure, and protection of personal data shall be governed by and construed in accordance with the laws of India, including but not limited to the Information Technology Act, 2000; the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011; the Digital Personal Data Protection Act, 2023; the Indian Contract Act, 1872; the Consumer Protection Act, 2019; and such other applicable statutes, rules, and regulations as may be enacted or amended from time to time by competent legislative or regulatory authorities in India governing the processing of personal data and the operation of digital services.
All disputes, claims, proceedings, and legal actions arising from or in connection with this Privacy Policy, SKM Yoga's data processing practices, or any alleged violation of a Data Principal's rights under applicable data protection law shall be subject to the exclusive jurisdiction of the competent courts located within the jurisdiction of New Delhi, India. Data Principals who are residents of jurisdictions outside India acknowledge and consent to the jurisdiction of the Indian courts for the resolution of disputes arising under this Policy and waive any objection to the exercise of jurisdiction by such courts on grounds of inconvenient forum or otherwise. The foregoing is without prejudice to the right of any Data Principal to file a complaint with the Data Protection Board of India.
If any provision of this Privacy Policy is found by a court of competent jurisdiction or the Data Protection Board of India to be invalid, unlawful, void, or unenforceable under applicable law, such provision shall be deemed severed from this Policy to the extent of its invalidity or unenforceability, without affecting the validity, legality, and enforceability of the remaining provisions of this Policy, which shall continue in full force and effect. In the event that a severed provision is fundamental to the operation of this Policy, SKM Yoga shall amend the relevant provision to give effect to the original intent of the parties to the maximum extent permissible under applicable law, and shall publish the amended provision as part of an updated version of this Policy.
SKM Yoga's failure or delay in exercising any right, power, or remedy available to it under this Privacy Policy or applicable data protection law shall not constitute a waiver of such right, power, or remedy, nor shall it preclude any future exercise of the same. No waiver by SKM Yoga of any specific breach of this Policy by a Data Principal or third party shall be construed as a waiver of any subsequent or continuing breach of the same or any other provision of this Policy. All rights and remedies available to SKM Yoga under this Policy and applicable law are cumulative and not exclusive of any other right or remedy available at law or in equity.
This Privacy Policy, read in conjunction with SKM Yoga's institutional Terms and Conditions, Refund and Cancellation Policy, Code of Conduct, and any program-specific terms communicated to students at the time of enrollment, constitutes the complete and entire agreement between SKM Yoga and the Data Principal with respect to the collection, processing, and protection of personal data, and supersedes all prior representations, understandings, negotiations, and agreements, whether oral or written, relating to the same subject matter. In the event of any conflict between the provisions of this Policy and the provisions of any program-specific terms communicated at enrollment, the more protective provision in favor of the Data Principal's privacy rights shall prevail.
To the extent required by applicable law, SKM Yoga shall, upon receipt of a valid and formally submitted written request from a Data Principal, provide the requesting individual with a copy of the personal data they have provided to SKM Yoga in a structured, commonly used, and machine-readable electronic format, to facilitate the transfer of such data to another service provider where technically feasible. Data portability requests are subject to identity verification and to the applicable limitations under prevailing data protection legislation. SKM Yoga shall not be required to provide data in a portable format where doing so would adversely affect the rights and freedoms of other individuals, or where the relevant data has been generated by SKM Yoga through its own internal processing activities rather than provided directly by the Data Principal.
SKM Yoga may use enrolled students' program participation data, content consumption patterns, assessment performance data, and stated learning preferences to generate personalized program recommendations and content suggestions within SKM Yoga's digital platforms. Such personalization is conducted for the purpose of enhancing the relevance and educational value of the student's platform experience and is based on the student's own behavioral data within SKM Yoga's systems. Students who prefer not to receive personalized recommendations may disable this feature through their platform account settings where available, or may submit a written request to SKM Yoga's administrative office to opt out of personalization processing. No personalization is conducted on the basis of Sensitive Personal Data.
In the event of a merger, acquisition, restructuring, or transfer of SKM Yoga's institutional operations or assets to a successor entity, personal data held in SKM Yoga's institutional records may be transferred to the successor entity as part of the transferred institutional assets, subject to the successor entity assuming SKM Yoga's data protection obligations in relation to such data and complying with applicable data protection law governing such transfers. SKM Yoga shall, to the extent practicable and legally permissible, notify affected Data Principals of any material change in the identity of the Data Fiduciary responsible for processing their personal data prior to the completion of such institutional transfer, and shall afford Data Principals the opportunity to exercise applicable data rights in connection with the transfer.
By providing personal data in connection with the enrollment of a minor participant in any SKM Yoga program, the parent or guardian providing such data represents and warrants that they are the minor's lawful parent or guardian, that they have full legal authority to consent to the collection and processing of the minor's personal data on the minor's behalf, and that all information provided is accurate, complete, and provided with the genuine intention of enrolling the minor in the relevant SKM Yoga program. Parents and guardians who withdraw consent to the processing of a minor's personal data must notify SKM Yoga's Grievance Officer in writing, and such withdrawal may affect SKM Yoga's ability to continue delivering the enrolled program to the minor participant.
SKM Yoga shall not process any personal data unless a lawful basis for the specific processing activity has been identified and documented in accordance with applicable data protection law. All new data processing activities proposed by SKM Yoga are assessed by the responsible administrative personnel against the lawful bases available under applicable law prior to implementation, and processing commences only where a valid and documented lawful basis has been established. SKM Yoga's internal data governance framework includes a register of processing activities documenting the lawful basis applicable to each category of personal data processing conducted by the institution, which is maintained and updated in accordance with regulatory guidance and institutional policy.
SKM Yoga is committed to maintaining full transparency with Data Principals regarding the personal data it collects, the purposes for which such data is processed, the lawful bases upon which processing is conducted, and the recipients to whom personal data may be disclosed. All disclosures required to be made to Data Principals under applicable data protection law, including information about SKM Yoga's identity as the Data Fiduciary, the contact details of the Grievance Officer, and the rights available to Data Principals, are made through this Policy and any supplementary privacy notices provided at the point of data collection. SKM Yoga shall not process personal data in a manner that is undisclosed, deceptive, or inconsistent with the representations made to Data Principals at the time of collection.
Where SKM Yoga inadvertently receives personal data from an individual who has not enrolled in or applied for any SKM Yoga program, and such receipt was neither solicited nor required for any legitimate institutional purpose, SKM Yoga shall assess whether such data can be lawfully retained for any relevant purpose. Where no legitimate purpose for retention is identified, SKM Yoga shall securely delete or destroy the unsolicited personal data as soon as practicable following its receipt, and shall notify the individual of its decision to delete such data where doing so is reasonably practicable. SKM Yoga shall not use unsolicited personal data for marketing or any other purpose that was not the subject of the original interaction through which the data was received.
SKM Yoga shall conduct privacy impact assessments in relation to data processing activities that are likely to result in a high risk to the rights and interests of Data Principals, including the introduction of new data processing technologies, significant changes to the scope or nature of personal data collected, and the initiation of data processing activities involving Sensitive Personal Data on a large scale. Privacy impact assessments shall identify the risks associated with the proposed processing activity, assess the necessity and proportionality of such processing, and identify measures to mitigate identified privacy risks to an acceptable level. The outcomes of privacy impact assessments shall inform SKM Yoga's decisions regarding the implementation of new data processing activities and the design of appropriate safeguards.
Personal data that has reached the end of its applicable retention period under this Policy, or that has been ordered to be deleted in response to a valid erasure request from a Data Principal, shall be disposed of by SKM Yoga in a secure and irreversible manner that prevents unauthorized recovery, reconstruction, or access. Secure disposal of digital personal data shall be effected through industry-standard data destruction methods, including cryptographic erasure, secure overwriting, or physical destruction of storage media as appropriate to the storage medium and the sensitivity of the data. Personal data contained in physical records shall be disposed of through secure shredding or incineration. SKM Yoga shall maintain records of data disposal activities for institutional audit and compliance purposes.
Where SKM Yoga proposes to engage a new third-party data processor, replace an existing data processor with a different service provider, or materially change the scope of a data processing arrangement with an existing third-party processor in a manner that affects the personal data of enrolled students, SKM Yoga shall assess the impact of such changes on its data protection obligations and shall notify affected Data Principals where the change is material and where notification is required under applicable law. SKM Yoga shall ensure that all incoming and outgoing data processing arrangements are governed by appropriate data processing agreements requiring compliance with applicable data protection standards and restricting the processor's use of personal data to authorized purposes only.
SKM Yoga maintains an internal record of its personal data processing activities in accordance with its data governance obligations under applicable law. The record of processing activities documents, for each processing activity conducted by SKM Yoga, the categories of personal data processed, the purposes of processing, the lawful basis relied upon, the categories of recipients to whom data may be disclosed, cross-border transfer information, applicable retention periods, and the technical and organizational security measures implemented to protect the relevant data. The record of processing activities is maintained as a confidential institutional document and is made available to the Data Protection Board of India or other competent regulatory authorities upon lawful request.
SKM Yoga shall cooperate fully and in good faith with the Data Protection Board of India, and any other competent regulatory or governmental authority, in connection with any inquiry, investigation, audit, or enforcement proceeding relating to SKM Yoga's personal data processing activities and compliance with applicable data protection law. Such cooperation shall include the production of relevant documentation, records, and information requested by the regulatory authority within the legally prescribed timeframe, the facilitation of access to relevant personnel and systems where required, and the implementation of any remedial measures directed by the regulatory authority in response to identified compliance deficiencies. SKM Yoga's cooperation with regulatory authorities shall be documented and reported to senior institutional management.
All SKM Yoga employees, faculty members, independent contractors, consultants, and other individuals engaged by SKM Yoga in any capacity who have access to personal data in the course of their engagement are required to comply fully with the provisions of this Privacy Policy, SKM Yoga's internal data protection procedures, and all applicable data protection laws. Compliance with data protection obligations is a material term of all employment agreements, faculty engagement contracts, and contractor agreements executed by SKM Yoga. Breach of data protection obligations by any SKM Yoga staff member or contractor shall be subject to appropriate disciplinary action, up to and including termination of engagement, and may result in personal liability under applicable data protection legislation.
By enrolling in any SKM Yoga program, accessing any SKM Yoga digital platform, submitting personal data through any form or communication channel, or otherwise engaging with SKM Yoga's programs or services in any capacity, you acknowledge and confirm that you have read this Privacy Policy in its entirety, that you fully understand its terms and the manner in which SKM Yoga collects, processes, stores, and protects your personal data, that you consent to such collection and processing to the extent that consent is the applicable lawful basis for the relevant processing activity, and that you unconditionally accept the terms of this Policy as a binding element of your relationship with SKM Yoga. In the case of a minor's enrollment, the parent or guardian providing consent confirms the same on behalf of the minor participant.
SKM Yoga expressly reserves all rights not specifically granted to Data Principals under this Privacy Policy or applicable data protection law, including the right to amend, update, or replace this Policy at any time in accordance with the provisions hereof; the right to enforce all provisions of this Policy to the fullest extent permitted by applicable law; the right to pursue all available legal remedies against any individual who violates the data protection provisions of this Policy or attempts to circumvent SKM Yoga's data security measures; the right to make final and binding administrative decisions on all matters of data governance and privacy management within SKM Yoga's institutional framework; and the right to exercise reasonable discretion in exceptional circumstances while maintaining the overall integrity of SKM Yoga's data protection commitments to its enrolled students and institutional community.
Stay connected with India’s leading yoga brand for yoga classes, teacher training, retreats, meditation, yoga NET JRF preparation, wellness coaching and holistic healing programs.
Daily yoga inspiration, retreat updates, yoga events, transformation stories and wellness sessions.
Explore yoga reels, meditation clips, yoga lifestyle content and premium wellness visuals.
Watch yoga classes, pranayama tutorials, yoga NET lectures and healing practices online.
Receive yoga updates, training notifications, retreat schedules and wellness announcements instantly.
Get direct support, yoga class information, instant bookings and personalized wellness guidance.
Connect professionally with SKM Yoga for corporate wellness and yoga education opportunities.
Follow yoga news, wellness trends, motivational thoughts and official SKM Yoga updates.
Speak directly with SKM Yoga experts for yoga classes, TTC programs and retreat consultations.