Privacy Policy

1 Introduction to the Policy –

1.1. We are committed to safeguarding the privacy of our website visitors and service users.

1.2. This policy applies with respect to the personal data of our website visitors and service users.

1.3.  In this policy, “we”, “us” and “our” refer to Synthesis Knowledge Resources LLP, whose details are provided at Section 12.

1.4 This document is published in accordance with the provisions of Rule 4(1) of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 which requires the publishing of a privacy policy for handling of or dealing in personal information including sensitive personal data or information.

1.5 The below described privacy policy (“Privacy Policy”) is applicable when the services of Synthesis Knowledge Resources LLP, being in the nature of e-learning courses that prepare a candidate to take up various papers of the ACCA Qualification conducted by the ACCA (ACCA being the Association of Chartered Certified Accountants), are availed by you (“Service”).

1.6 Please read this Privacy Policy carefully, as you must agree to the provisions hereof in order to be permitted to use our Service. It is also important that you read this Privacy Policy before using or submitting information, in relation to our Service as it is designed to inform you about our practices regarding collection, use, access and disclosure of information gathered about you via our Service. By use of our Service you expressly consent to our practices regarding collection, use, access, storage and disclosure of information gathered about you via our Service in accordance with this Privacy Policy.

1.7 Definitions required for the proper understanding of this Policy –
“Personal Information or Personal Data” means any information that relates to a natural person, which, either directly or indirectly, in combination with other information available or likely to be available with a body corporate, is capable of identifying such person;

“Sensitive Personal Data or Information or SPDI ” of a person means such personal information which consists of information relating to (i) password, (ii) financial information such as Bank account or credit card or debit card or other payment instrument details, (iii) physical, physiological and mental health condition, (iv) sexual orientation, (v) medical records and history, (vi) biometric information, (vii) any detail relating to the above clauses as provided to a body corporate for providing service, and (viii) any of the information received under above clauses by a body corporate for processing, or as stored or processed under lawful contract or otherwise.

2 Kinds of Personal Data collected and usage of such data –

2.1 In this Section 2, we have set out:

(a) the general categories of personal data that we may process;

(b) the purposes for which we may process personal data; and

(c) the legal basis of the processing.

In order for us to provide the Services in an efficient manner, we would require to receive certain information about you. When you access the Services, the information collected by us from you may include (without limitation) the information set out in the following paragraphs. As such, the information collected by us may constitute ‘Personal Information or Personal Data’ or ‘Sensitive Personal Data or Information’.

2.2 We may process data about your use of our website and services (“usage data”). The usage data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use. The source of the usage data is our analytics tracking system. This usage data may be processed for the purposes of analysing the use of the website and services. The legal basis for this processing is our legitimate interests, namely monitoring and improving our website and services.

 

2.3 We may process your account data (“account data”). The account data may include your name and email address. The source of the account data is you or your employer. The account data may be processed for the purposes of operating our website, providing our services, ensuring the security of our website and services, maintaining back-ups of our databases and communicating with you. The legal basis for this processing is consent or our business interests, namely the proper administration of our website and business or the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract.

 

2.4 We may process your information included in your personal profile on our website (“profile data”). The profile data may include your name, address, telephone number, email address, profile pictures, gender, date of birth, relationship status, interests and hobbies, educational details and employment details. The profile data may be processed for the purposes of enabling and monitoring your use of our website and services. The legal basis for this processing is consent or our business interests, namely the proper administration of our website and business or the performance of a contract between you and us and/or taking steps, at you request, to enter into such a contract.

2.5 We may process your Personal Data including SPDI that are provided in the course of the use of our Services (“service data”). The service data may include educational progression and performance through our eLearning portals. The source of the service data may be from you or your employer or an examination body for any professional qualifications you are sitting. The service data may be processed for the purposes of operating our website, providing our services, ensuring the security of our website and services, maintaining back-ups of our databases and communicating with you. The legal basis for this processing is consent or our business interests, namely the proper administration of our website and business or the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract.

2.6 We may process information that you post for publication on our website or through our Services (“publication data”). The publication data may be processed for the purposes of enabling such publication and administering our website and Services. The legal basis for this processing is consent or our business interests, namely the proper administration of our website and business or the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract.

2.7 We may process information contained in any enquiry you submit to us regarding Services (“enquiry data”). The enquiry data may be processed for the purposes of offering, marketing and selling relevant goods and/or services to you. The legal basis for this processing is consent or our business interests, namely the proper administration of our website and business or the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract.

2.8 We may process information relating to our customer relationships, including customer contact information (“customer relationship data”). The customer relationship data may include your name, your employer, your job title or role, your contact details, and information contained in communications between us and you or your employer. The source of the customer relationship data is you or your employer. The customer relationship data may be processed for the purposes of managing our relationships with customers, communicating with customers, keeping records of those communications and promoting our products and services to customers. The legal basis for this processing is consent or our business interests, namely the proper management of our customer relationships or the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract.

2.9 We may process information relating to transactions, including purchases of goods and services, that you enter into with us and/or through our website (“transaction data”). The transaction data may include your contact details, and the transaction details. The transaction data may be processed for the purpose of supplying the purchased goods and services and keeping proper records of those transactions. The legal basis for this processing is the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract and our legitimate interests, namely the proper administration of our website and business.

2.10 We may process information that you provide to us for the purpose of subscribing to our email notifications and/or newsletters (“notification data”). The notification data may be processed for the purposes of sending you the relevant notifications and/or newsletters. The legal basis for this processing is consent or the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract.

2.11 We may process information contained in or relating to any communication that you send to us (“correspondence data”). The correspondence data may include the communication content and metadata associated with the communication. Our website will generate the metadata associated with communications made using the website contact forms. The correspondence data may be processed for the purposes of communicating with you and record-keeping. The legal basis for this processing is consent or our business interests, namely the proper administration of our website and business and communications with users.

2.12 We may process any of your Personal Data including SPDI identified in this policy where necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure. The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights and the legal rights of others.

2.13 We may process any of your Personal Data including SPDI identified in this policy where necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, or obtaining professional advice. The legal basis for this processing is our legitimate interests, namely the proper protection of our business against risks.

2.14 In addition to the specific purposes for which we may process your Personal Data including SPDI set out in this Section 2, we may also process any of your Personal Data including SPDI where such processing is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

2.15 Please do not supply any other person’s personal data to us, unless we prompt you to do so.

3 Disclosure of Personal Data –

3.1 We may disclose your Personal Data including SPDI to any member of our group of companies (this means our partners, subsidiaries, our ultimate holding company and all its subsidiaries, other body corporates in which our partners are interested etc.) insofar as reasonably necessary for the purposes, and on the legal basis set out in this policy.

3.2 We may disclose your Personal Data including SPDI to our insurers and/or professional advisers insofar as reasonably necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, obtaining professional advice, or the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.

3.3 We may disclose service data to professional bodies such as the Association of Chartered Certified Accountants (www.accaglobal.com in so far as reasonably necessary for maintaining our registered status with these bodies as an approved supplier of training courses towards their qualifications.

3.4 Financial transactions relating to our website and Services are handled by our payment services providers, Razorpay Software P Ltd or our partner’s providers, Stripe. We will share transaction data with our payment services providers only to the extent necessary for the purposes of processing your payments, refunding such payments and dealing with complaints and queries relating to such payments and refunds. You can find information about the payment services providers’ privacy policies and practices at https://razorpay.com/privacy/ and https://stripe.com/en-gb/privacy

3.5 In addition to the specific disclosures of Personal Data including SPDI set out in this Section 3, we may disclose your Personal Data including SPDI where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person. We may also disclose your Personal Data including SPDI where such disclosure is necessary in the exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure or were such disclosure is required to be made under applicable law.

4 Transfer of your Personal Data to other countries –

4.1 In this Section 4, we provide information about the circumstances in which your Personal Data including SPDI may be transferred to countries outside India.

4.2 We and our other group companies have offices and facilities located in other countries outside India and accordingly, we may have to transfer your Personal Data to these countries. These transfers will be protected by appropriate safeguards, and as per Indian law, the transfers of any Personal Data or Sensitive Personal Data or Information will be subject to the same levels of data protection as are adhered to in India. .

4.3 For the purpose of storing the information, we may engage third party vendors. For this reason, you hereby agree that for every authorisation which you grant to us in this Privacy Policy, you also grant such authorisation to such third-party vendors. You agree not to hold us liable, directly or indirectly, in any manner whatsoever for any actions of any of these vendors, and that you will take legal action against them directly should they commit any tort or other actionable wrong against you and release us from any and all liability whatsoever in this regard.

4.4 By using the Services, you agree and acknowledge that your Personal Information including SPDI may be transferred within and across national boundaries. You acknowledge that in the process of providing the Services, some activities relating to handling of information collected under the Privacy Policy may be done by our trusted third party vendors or agents, web hosting providers, communication services, and web analytic providers who are bound by our privacy policy.

4.5 You acknowledge that the Personal Data including SPDI that you submit for publication through our website or Services may be available, via the internet, around the world. We cannot prevent the use (or misuse) of such Personal Data including SPDI by others.

5 Retention and Deletion of Personal Data –

5.1 This Section 5 sets out our data retention policies and procedure, which are designed to help ensure that we comply with our legal obligations in relation to the retention and deletion of Personal Data including SPDI.

5.2 We take reasonable steps to ensure that your sensitive Personal Information including SPDI is retained only for so long as is necessary for the purpose for which it was collected, unless a longer period of retention is required under lawful contract or by applicable law.

5.3 Notwithstanding the other provisions of this Section 5, we may retain your Personal Data including SPDI where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

6 Amendments to the Privacy Policy

We reserve the right, in our sole discretion, to change, modify, add or delete portions of this Privacy Policy at any time without notice, and it is your responsibility to review this Privacy Policy from time to time on the website, in order to keep track and take note of the changes. You availing the Services following any amendment of this Privacy Policy will signify and constitute your consent to and acceptance of such revision to this Privacy Policy. We will not file or store a copy of these terms for each interaction with you. We therefore recommend that you save a copy of this Privacy Policy for future reference and ensure that such copies can be reliably verified as being effective (i.e. published on our website on a particular date.

7 Rights of provider of information –

7.1 In this Section 7, we have summarised the rights that you have under data protection law. Some of the rights are complex, and not all of the details have been included in our summaries. Accordingly, you should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights.

7.2 Your principal rights under data protection law are:

(a) the right to access: You have the right to receive confirmation as to whether or not we process your Personal Data including SPDI and, where we do, access to the Personal Data including SPDI, together with certain additional information. That additional information includes details of the purposes of the processing, the categories of Personal Data including SPDI concerned and the recipients of the Personal Data including SPDI.

(b) the right to rectification: You have the right to have any inaccurate Personal Data including SPDI about you rectified and, taking into account the purposes of the processing, to have any incomplete Personal Data including SPDI about you, completed;

(c) the right to withdraw consent: You, at all times, have the option not to provide any Personal Data including SPDI or other information about you and otherwise withdraw your consent by communicating the same to us. Withdrawal will not affect the lawfulness of processing before the withdrawal. Upon withdrawal, we will have no obligations towards you nor will we be liable in relation to any Services offered by us during the time you had consented to retain the information with us.

7.2 You have the right to withdraw your consent to our processing of your Personal Data including SPDI for direct marketing purposes (including profiling for direct marketing purposes). If you withdraw such consent, we will cease to process your Personal Data including SPDI for this purpose.

7.3 You have the right to object to our processing of your Personal Data including SPDI for scientific or historical research purposes or statistical purposes on grounds relating to your particular situation, unless the processing is necessary for the performance of a task carried out for reasons of public interest.

7.4 You may exercise any of your rights in relation to your Personal Data including SPDI by written notice to us.

8 Cookie Policy –

8.1 A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.

8.2 Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.

8.3 Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.

9 Purpose of Cookies for us –

9.1 We use cookies for authentication, in order to properly identify you when you visit our website and navigate through it. It helps us to determine if and when you are logged into our website. These cookies store information about your preferences and personalise the website experience for you. It also helps us analyse the use and performance of our website and Services. Cookies are also used as an element of the security measures used to protect user accounts, including preventing fraudulent use of login credentials, and to protect our website and Services generally.

10 Cookies used by our service providers

10.1 Our service providers use cookies and those cookies may be stored on your computer when you visit our website.

10.2 We use Google Analytics to analyse the use of our website. Google Analytics gathers information about website use by means of cookies. The information gathered relating to our website is used to create reports about the use of our website. Google’s privacy policy is available at: https://www.google.com/policies/privacy/.

11 Managing cookies

11.1 Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links:

(a) https://support.google.com/chrome/answer/95647?hl=en (Chrome);

(b) https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences (Firefox);

(c) http://www.opera.com/help/tutorials/security/cookies/ (Opera);

(d) https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies (Internet Explorer);

(e) https://support.apple.com/kb/PH21411 (Safari); and

(f) https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy (Edge).

11.2 Blocking all cookies will have a negative impact upon the usability of many websites.

11.3 If you block cookies, you will not be able to use all the features on our website.

12 Reasonable Security Practices and Procedures

We strive to ensure the security, integrity protection and privacy of your Personal Information including SPDI against unauthorized access or unauthorized alteration, disclosure or destruction. We follow stringent security techniques and requirements for handling sensitive and Personal Information including SPDI. These techniques and requirements are fully compliant with the guidelines set forth under the applicable laws. Our servers are accessible only to authorized personnel. Your information covered under this Privacy Policy is shared with respective personnel only on a ‘need to know’ basis and/ or to provide the Services you have requested. While we take every step to safeguard the confidentiality of your Personal Information, by availing the Services, you agree and confirm that we will not be liable for any negligence, disclosure due to errors in transmission or unauthorized acts of third parties.

Notwithstanding anything contained herein, we shall not be liable for any loss, damage or misuse of your Personal Information including SPDI due to a Force Majeure Event.

For the purposes of this Privacy Policy a ‘Force Majeure Event’ shall mean any event that is beyond our reasonable control and shall include, without limitation, sabotage, fire, flood, explosion, acts of God, civil commotion, strikes or industrial action of any kind, riots, insurrection, war, acts of government, computer hacking, unauthorised access to computer data and storage device, computer viruses breach of security and encryption or any other cause beyond our control.

13 Our details

13.1 This website is owned and operated by Synthesis Knowledge Resources LLP.

13.2 We are registered in India under LLP registration no. AAJ – 0401 and our registered office is at Plot No 92, 2nd Floor, Gita Building, Opposite Sion Bus Depot, Sion East, Mumbai , India – Pin 400022.

13.3 You can contact us:

(a) by post, to the postal address given above;

(b) using our website contact form;

(c) by telephone, on the contact number published on our website; or

(d) by email, using the email address published on our website.

14 Acceptance to Terms

By availing our Services, you are deemed to have agreed to the terms of this Privacy Policy and the fact that we collect, store, handle, process and share/transfer your information, including Personal Information and SPDI, in the manner provided in this Privacy Policy.

15 Disputes

Any disputes over inter alia collection, storage and handling of Personal Information including SPDI will be governed by this Privacy Policy and by the laws of India and courts of Mumbai shall have exclusive jurisdiction, in this regard.

16 Grievance Officer –

13.1. We have appointed a Grievance Officer to oversee compliance with this Privacy Policy to address any discrepancies and complaints that may be received from any provider of information. The contact information for our Grievance Officer is as follows:

Name: Varija Shah

Address: Gita Building, 2nd Floor, Opposite Sion Bus Depot, Sion East, Mumbai – 400022

Phone: 9320007897(Time: 10 AM to 7PM, 6 days a week from Monday to Saturday)

Email:  varija.shah@synthesisgroup.in