Effective Date: October 7, 2025
Last Updated: October 7, 2025

Introduction

Project Maanasi is a humanitarian initiative providing mental health and primary care services to rural communities in Karnataka, India. Our website address is: https://projectmaanasi.org/

This Privacy Policy outlines how we collect, use, protect, and manage your personal information when you visit our website, make donations, contact us, or interact with us through various channels. We are committed to protecting your privacy and ensuring a safe, transparent experience.

Project Maanasi operates under the Bangalore Midtown Charitable Trust.

Information We Collect

Personal Information

We collect personal information only when you voluntarily provide it through:

Website Contact Forms:

● Name, email address, phone number
● Message content and inquiry details
● Any additional information you choose to share

Donation Processing:

● Donor name, contact details, payment information
● Billing address for payment processing
● Tax receipt information (PAN card details if provided)
● Donation amount, date, and payment method

Email Communications:

● Email address when you subscribe to our newsletter
● Name and contact preferences
● Communication history and preferences

Website Technical Information:

● IP address, browser type, operating system, device information
● Pages visited, time spent on website, referral sources
● Cookies and similar tracking technologies data
● General geographic location (city/region level)

Information We Do NOT Collect

● Medical or health information

● Patient data or clinical records

● Sensitive biometric data

● Financial information beyond donation processing

● Personal information from children under 18 without parental consent

    Legal Basis for Processing

    Under the Digital Personal Data Protection Act (DPDPA) 2023, we process your personal data based on:

    Consent: For newsletter subscriptions, marketing communications, and optional website features
    Legitimate Interest: For processing donations, responding to inquiries, website security, and organizational communications
    Legal Obligation: For tax compliance related to donation receipts and charitable organization reporting requirements

    How We Use Your Information

    Website Operations

    ● Responding to your inquiries and contact form submissions
    ● Providing information about our projects and initiatives
    ● Improving website functionality and user experience
    ● Ensuring website security and preventing fraud
    ● Analyzing website usage to enhance content and navigation

    Donation Management

    ● Processing one-time and recurring donations securely
    ● Sending donation confirmations and tax receipts
    ● Maintaining donor records for transparency and compliance
    ● Providing updates on how donations are being utilized

    Communications

    ● Sending newsletters and project updates (with your consent)
    ● Responding to questions about our work and impact
    ● Sharing success stories and program developments
    ● Notifying you of important organizational updates

    Transparency and Accountability

    ● Preparing annual reports and impact statements
    ● Conducting analysis on donation patterns and website engagement
    ● Meeting regulatory requirements for charitable organizations
    ● Sharing aggregated, anonymized data about our reach and impact

    Data Sharing and Disclosure

    We do not sell, rent, or trade your personal information. We may share limited data with:

    Service Providers

    ● Payment Processors: Secure donation processing (Razorpay, PayPal, or similar)
    ● Email Service Providers: Newsletter delivery and donor communications
    ● Website Hosting: Server management and website maintenance
    ● Analytics Providers: Google Analytics for website performance (with IP anonymization)

    Organizational Partners

    ● Rotary Foundation: For grant reporting and program updates
    ● Auditing Services: For financial audits and compliance verification

    Legal Requirements

    We may disclose information when required by law:

    ● Tax authorities for donation verification and compliance
    ● Government agencies for charitable organization reporting
    ● Legal authorities in response to valid legal requests or court orders

    All third parties are contractually bound to maintain confidentiality and use data only for specified purposes.

    Data Security

    We implement comprehensive security measures to protect your information:

    Technical Safeguards:

    ● SSL encryption for all data transmission
    ● Secure servers with regular security updates
    ● Protected payment processing systems
    ● Regular security monitoring and vulnerability assessments
    ● Secure backup procedures

    Organizational Measures:

    ● Limited access to personal data by authorized staff only
    ● Staff training on data protection and privacy practices
    ● Regular review of data handling procedures
    ● Incident response procedures for any security concerns

    Payment Security:

    ● We do not store credit card or banking information
    ● All payment processing through certified, secure gateways
    ● PCI DSS compliance for payment handling

    Data Retention

    We retain your personal data for the following periods:

    Data TypeRetention PeriodPurpose
    Donation Records7 yearsTax compliance, audit requirements
    Contact Form Submissions2 yearsFollow-up and inquiry resolution
    Newsletter SubscriptionsUntil unsubscribeCommunication management
    Website Analytics2 yearsPerformance analysis and improvement
    Email Communications3 yearsRelationship management and context

    We securely delete data when retention periods expire, unless legal obligations require longer retention.

    Your Privacy Rights

    Under DPDPA 2023, you have the following rights:

    Access and Information

    ● Request copies of personal data we hold about you
    ● Understand how your data is being processed and why
    ● Receive information about data sharing with third parties

    Correction and Updates

    ● Correct inaccurate or incomplete information
    ● Update your contact preferences and details
    ● Modify newsletter subscription settings

    Deletion and Restriction

    ● Request deletion of your personal data (subject to legal obligations)
    ● Withdraw consent for voluntary data processing
    ● Restrict processing in certain circumstances
    ● Object to processing based on legitimate interests

    Data Portability

    ● Request your data in a structured, machine-readable format
    ● Transfer your data to another organization (where technically feasible)

    How to Exercise Your Rights

    Email: projectmaanasiorg@gmail.com
    Subject Line: “Privacy Rights Request”
    Phone: +91 80 4091 5509

    We will respond within 30 days and may require identity verification for security purposes.

    Cookies and Tracking Technologies

    Our website uses cookies to enhance your experience:

    Essential Cookies

    ● Required for basic website functionality and security
    ● Enable proper form submission and session management
    ● Cannot be disabled without affecting site performance

    Analytics Cookies

    ● Google Analytics to understand website usage patterns
    ● Help us improve content and user experience
    ● Use anonymized data that cannot identify individuals
    ● Can be opted out through Google Analytics opt-out tools

    Preference Cookies

    ● Remember your language and accessibility preferences
    ● Enhance user experience on return visits
    ● Can be cleared through browser settings

    Managing Cookies

    ● Browser Settings: Configure your browser to block or delete cookies
    ● Google Analytics Opt-out: Use Google’s browser add-on to opt out
    ● Cookie Preferences: Contact us to discuss cookie preferences

    Most browsers accept cookies automatically, but you can modify settings to decline cookies. Note that disabling cookies may limit website functionality.

    Third-Party Links

    Our website may contain links to:
    ● Social media platforms (Facebook, Twitter, LinkedIn, Instagram)
    ● Research publications and healthcare resources
    ● Government and regulatory body websites
    ● Funding partner websites
    We are not responsible for the privacy practices of external websites. Please review their privacy policies before providing personal information.

    Newsletter and Communications

    Email Subscriptions

    ● All newsletter subscriptions are opt-in with clear consent
    ● Easy unsubscribe options in every email
    ● Preference management to choose communication types
    ● No sharing of email addresses with external organizations

    Communication Frequency

    ● Monthly newsletter with project updates
    ● Special announcements for major milestones
    ● Annual impact reports and financial transparency updates
    ● Emergency communications only for critical organizational updates

    International Visitors

    If you visit our website from outside India:

    ● Your data may be processed in India under Indian privacy laws
    ● We provide the same privacy protections regardless of your location
    ● Contact us if you have specific privacy concerns based on your jurisdiction

    Children’s Privacy

    ● We do not knowingly collect information from children under 18
    ● If we become aware of child data collection, we will delete it promptly
    ● Parents/guardians can contact us about any concerns regarding children’s data
    ● Educational content on our website is designed for general public viewing

    Data Breach Notification

    In the unlikely event of a data breach:

    ● We will assess the risk and notify affected individuals if necessary
    ● Notification will occur within 72 hours when feasible and required
    ● Clear information about the breach and protective steps will be provided
    ● Support will be available for affected individuals

    Changes to This Policy

    We review this Privacy Policy annually and update it as needed. Changes will be posted on this page with a new effective date. For significant changes:
    ● We will notify users via email or prominent website notice
    ● Provide 30 days’ notice before implementation
    ● Obtain fresh consent where legally required

    Version History:

    v1.0 – October 7, 2025: Initial comprehensive policy

    Contact Information

    For Privacy Questions and Rights Requests:

    Bangalore Midtown Charitable Trust
    (Operating Project Maanasi)

    Mailing Address:
    Unit No 109, 1st Floor
    Prestige Towers, No 99
    Residency Road
    Bangalore 560025, India

    Primary Contact:
    Email: projectmaanasiorg@gmail.com
    Phone: +91 80 4091 5509

    Office Hours:
    Monday – Friday: 10:00 AM – 5:00 PM IST
    Saturday: 10:00 AM – 2:00 PM IST
    Sunday: Closed

    Response Time:
    ● Privacy rights requests: Within 30 days
    ● General inquiries: Within 5 business days
    ● Urgent matters: Within 24 hours

    For complaints about our data handling practices, you may also contact:
    ● Data Protection Board of India (when operational)
    ● Karnataka State Consumer Commission
    ● Charity Commissioner, Karnataka

    Our Commitment

    Project Maanasi is committed to transparency, accountability, and protecting your privacy. This policy reflects our dedication to ethical data practices while enabling us to share our impactful work in mental healthcare with supporters, partners, and the communities we serve.

    Your trust allows us to continue providing essential mental health services to underserved rural communities in Karnataka. We take this responsibility seriously and welcome your feedback on our privacy practices.

    Thank you for supporting Project Maanasi’s mission to provide accessible, compassionate mental healthcare to those who need it most.