Thank you for choosing DevLabs Alliance as your learning partner!

This web site is owned and operated by DevLabs Alliance Private Limited (“DevLabs” “we”, “our”, or “us”or the “Company”).
We are committed to protecting your privacy; we take data protection and privacy very seriously.
This Privacy Policy (“Policy”) describes how DevLabs collects, uses, shares and secures the personal information you provide us when you visit the Websites owned and operated by DevLabs, and when you use our Service(s).
This policy governs information you provide to us or we learn from your use of this web site (the “Site“) and constitutes a legal agreement between you, as the user of the Site, and the Company, as the owner of the Site.
For the purpose of this Privacy Policy, sensitive personal data or information of a person is as defined under applicable privacy laws. Please note that usage of the terms personal information/ personally identifiable information/ personal data, in this Privacy Policy includes sensitive personal data or information, wherever appropriate and/or mandated under applicable privacy laws.

Collected Information

In general, you can visit the Site without telling us who you are or revealing any personally identifiable information about yourself. By providing your Personal Information to us, you explicitly agree to our collection and use of such information as described in this Policy. If you choose to register, and are 13 years of age or older, we will collect and process such information from you, including but not limited to the below mentioned (“Personal Information”):

Information that you provide to us by filling in forms. This includes contact information such as name, email address, mailing address, phone number, financial information, if any, unique identifiers such as preferences information such as favourites lists, transaction history.
Information that you provide when you write directly to us (including by e-mail).
Information that you provide to us by writing on our blogs;
Information relating to logs is automatically reported by your browser each time you access our Site. When you use the Site, our servers automatically record certain information that your web browser sends whenever you visit any website. These server logs may include information such as your web request, Internet Protocol (IP) address, browser type, referring/ exit pages and URLs, number of clicks, domain names, landing pages, pages viewed, and other such information. We use this information, which does not identify users, to analyze trends and to gather demographic information about the user base as a whole. We do not link this automatically-collected data to personally identifiable information.
We may collect information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies help us improve our Site and deliver a better and personalized service. Cookies enable Us: to estimate Our users’ usage size and pattern;
- to store information about your preferences, and allow us to customize our Site according to your interests;
- to speed up your searches;
to recognize you when you return to our Site.

Usage of Collected Information

You have certain rights in relation to your Personal Information. You can request access your Personal Information and confirm that it remains correct and up-to-date and also request that we delete your Personal Information. Please also note that certain Personal Information may be exempt from such requests in certain circumstances, which may include if we need to retain your Personal Information to comply with any legal and regulatory purposes or obligation under applicable laws.

Children’s Privacy

We are committed to protecting children’s privacy online. This Site is intended for users above the age of 13. We do not knowingly collect payment related information from children.

Billing

If you use or provide services on the Site for which we implement a billing system for you, we will collect additional information from you so that we can process and collect billing information. For example, we may collect your mailing address to remit payments.

The Site uses software tags called “Cookies” to identify customers when they visit our Site. Cookies are used to remember user preferences and maximize performance of our services. The information we collect with cookies is not sold, rented, or shared with any outside parties. Users who disable their Web browser’s ability to accept cookies will be able to browse our Site but may not be able to successfully use our Service.
We use both session ID cookies and persistent cookies. A session ID cookie expires when you close your browser. A persistent cookie remains on your hard drive for an extended period of time. You can remove persistent cookies by following directions provided in your Internet browser’s “help” file. Persistent cookies enable us to track and target the interests of our users to enhance the experience on our Site.
This privacy policy covers the use of cookies by our Site only and does not cover the use of cookies by any advertisers.

Notice to End Users

In some cases an administrator may create an account in DevLabs on the behalf of a “End-User” and may provide his/her information, including Personal Information. In such cases the administrator who may be your Employer or a DevLabs Authorised Training partner (ATP) is our “Customer.” We collect Information under the direction of our customers and have no direct relationship with the End-User whose personal data we process.
A End-user’s use of the DevLabs platform may be subject to the Customer’s policies, if any. Our Customer must have the authority to act on behalf of the End-User and to consent to the collection and use of their Personal Information as described in this Privacy Policy. If you are an End-user using our platform, please direct your privacy inquiries to your administrator. DevLabs is not responsible for the privacy or security practices of our customers, which may differ from those set forth in this privacy statement.

Links to Third Party Sites

Our Site may, from time to time, contain links to and from the websites of our affiliated merchants, partner networks, affiliates and other third parties. The inclusion of a link does not imply any endorsement by us of the third party website, the website’s provider, or the information on the third party website. If you follow a link to any of these websites, please note that these websites may be governed by their own privacy policies and we disclaim all responsibility or liability with respect to these policies or the websites. Please check these policies and the terms of the websites before you submit any information to these websites.

Security

All information you provide to us is stored on our secure servers. As a registered user with an account and a password, you are responsible for keeping your password confidential. We take commercially reasonable safeguards to protect and preserve the integrity and security of your Personal Information submitted to us, both during transmission and once we receive it against loss, theft, unauthorised access, disclosure, reproduction, use or amendment. No method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially reasonable means to protect your Personal Information, we assume no liability for any disclosure of information due to errors in transmission, unauthorised third party access or other acts of third parties, or acts or omissions beyond our reasonable control and you agree that you will not hold us responsible for any breach of security unless such breach has been caused as a direct result of our gross negligence or wilful default. If we learn of a security systems breach we may attempt to notify you electronically so that you can take appropriate protective steps. By using this Site or providing personal information to us you agree that we can communicate with you electronically regarding security, privacy, and administrative issues relating to your use of this site. We may post a notice on our Site if a security breach occurs. We may also send an email to you at the email address you have provided to us in these circumstances. Depending on where you live, you may have a legal right to receive notice of a security breach in writing.

Sharing your personal information

If you have purchased DevLabs course, we may ask you for testimonial, we will display your testimonial on our website, photos and videos or in our social media channels such as Facebook, YouTube or Flickr. You should be aware that your publicly identifiable information could be used to send you promotional, unsolicited messages. We are not responsible for your personal information which you have chosen to display.
If you don’t want us to feature your pictures/testimonials on our website or on our social media channels, you can raise a support ticket by sending an e-mail at the address mentioned below.

Emails

If you choose to register for our products and services, we will send you certain promotional emails. Promotional emails advertise our products and services and/or the products and services of our Users and Affiliates. If you do not want to receive promotional emails from us, you may elect to opt-out of receiving promotional emails at any time by hitting the “unsubscribe” button at the bottom of any of our e-mails or writing to us through e-mail mentioned below.

RESIDENT OF EUROPEAN UNION

From the 25th of May, 2018, the processing of Personal Information of ‘users based in the European Union (“EU”) is subject to the EU General Data Protection Regulation (“GDPR”). This section provides information as relates to EU users’ rights, and our responsibilities, under this regulation.

Company is headquartered in the India, and we have operations, entities, and service providers in the Information and throughout the world. As such, we and our service providers may transfer your Personal Information to, or store or access it in, jurisdictions that may not provide equivalent levels of data protection as your home jurisdiction. We will take steps to ensure that your Personal Information receives an adequate level of protection in the jurisdictions in which we process it.

We rely on consent in connection with Personal Information collections or uses that are necessary to enhance the user experience, to enable optional services or features, or to communicate with you.

Withdrawal of consent
We believe that we are only entitled to access or use your Personal Information as long as we have your consent to do so. Whenever we rely on your consent, you will always be able to withdraw that consent.
Erasure
We will also erase all your Personal Information that we hold, upon your request to us to do so. Provided that we may decline to process your request if we believe that doing so could impede the right of freedom of expression and information of others or when doing so is contrary to the local applicable laws.
Access to personal information
We are committed to be completely transparent vis-à-vis the Personal Information that we hold. You can ask us to share with you all the Personal Information that we hold of yours, and we will do so.
Rectification
In case you feel that your Personal Information with us is inaccurate, we allow you to have it rectified by placing a request with us in that regard.

We may decline to process requests that are frivolous/ vexatious, can jeopardize the privacy of others, and processing which would be highly impractical. For placing a request to exercise any of these rights, you can get in touch with us– using the details set out below.

DIGITAL PERSONAL DATA PROTECTION (DPDP) ACT COMPLIANCE POLICY

DevLabs Alliance Pvt. Ltd.
22th September, 2025
https://devlabsalliance.com

1. Introduction

The Digital Personal Data Protection Act, 2023 (DPDP Act) is India’s landmark legislation that governs the processing of digital personal data to safeguard individuals’ privacy while balancing lawful data usage for legitimate purposes. This Policy outlines the principles, procedures, roles, and responsibilities adopted by DevLabs Alliance Pvt. Ltd. (hereinafter referred to as "the Company") to ensure compliance with the DPDP Act, 2023, applicable rules, and internationally recognized data protection standards.

2. Objective

This Policy aims to:

Ensure lawful, fair, and transparent processing of digital personal data.
Protect the rights of individuals (Data Principals).
Implement robust measures for data privacy, security, accountability, and redressal.
Demonstrate compliance with the DPDP Act, 2023, and related statutory requirements.

3. Scope

This Policy applies to:

All employees, contractors, consultants, interns, and third-party vendors who process personal data on behalf of the Company.
All digital personal data collected, stored, transmitted, or otherwise processed by the Company.
All data processing activities conducted within or related to Indian data subjects, regardless of the location of the data processor.

4. Definitions

For the purpose of this Policy, the terms used shall have the meanings assigned under the DPDP Act, 2023:

Personal Data:Any data about an individual who is identifiable by or in relation to such data.
Data Principal: The individual to whom the personal data relates.
Data Fiduciary:Any person, company, or entity that determines the purpose and means of processing personal data.
Processing: Any automated or manual operation performed on personal data, including collection, storage, usage, disclosure, or erasure.
Consent: A freely given, specific, informed, unambiguous, and affirmative indication of the Data Principal’s agreement to process personal data.
Significant Data Fiduciary:As designated by the Central Government based on factors like volume of data processed, risk of harm, and impact on sovereignty.

5. Principles of Data Processing

The Company adheres to the following data protection principles:

Lawful and Fair Processing: Personal data shall be processed lawfully and with the informed consent of the Data Principal.
Purpose Limitation: Data shall be collected for specific, clear, and lawful purposes and not further processed in a manner incompatible with those purposes.
Data Minimization: Only the minimum data necessary for the stated purpose shall be collected and processed.
Accuracy: Reasonable steps shall be taken to ensure data is accurate and up-to-date.
Storage Limitation: Data shall be retained only as long as necessary for the purposes for which it was collected.
Security Safeguards:Appropriate technical and organizational measures shall be in place to prevent unauthorized access, alteration, or disclosure.
Accountability:The Company shall demonstrate compliance with applicable data protection obligations.

6. Legal and Regulatory Compliance

The Company complies with the following legal provisions:

Under the Digital Personal Data Protection Act, 2023 (DPDP Act):

Section 4 & 6 mandate that personal data must be processed lawfully with valid consent and clear notice to the Data Principal (individual).
Section 7 provides for deemed consent under specific circumstances such as medical emergencies, legal requirements, or public interest functions.
Section 8 outlines core obligations of Data Fiduciaries, including ensuring data accuracy, purpose limitation, implementing technical safeguards, and ensuring timely data deletion.
Section 14 requires Data Fiduciaries to establish a grievance redressal mechanism for users to raise concerns regarding data processing.
Sections 15 & 16 focus on mandatory breach reporting and impose penalties for non-compliance.

Punishment:Financial penalties under the Act may extend up to ₹250 crore for serious violations like failure to protect personal data, improper processing, or breach notification delays.

Under the Information Technology Act, 2000:

Section 43A holds a corporate body liable if it fails to implement reasonable security practices and procedures while handling sensitive personal data.

Punishment: Compensation up to ₹5 crore may be awarded to the affected individuals for negligence in safeguarding personal data.

Section 7 provides for deemed consent under specific circumstances such as medical emergencies, legal requirements, or public interest functions.

Punishment: Imprisonment up to 3 years, and/or fine up to ₹5 lakh.

7. Data Breach Response

In the event of a data breach:

An internal assessment will be initiated immediately to ascertain scope, impact, and risks.
Incidents shall be reported to the internal authority and escalated without delay.
Corrective measures will be implemented to prevent recurrence.
If the breach is likely to cause harm, affected Data Principals and the Data Protection Board of India will be notified promptly, in accordance with the DPDP Act.

8. Appointment of Data Protection Officer (DPO)

Where mandated (e.g., designation as a Significant Data Fiduciary), the Company shall appoint a Data Protection Officer who will:

Act as the Company’s liaison with the Data Protection Board of India.
Monitor and enforce data protection compliance across departments.
Address grievances raised by Data Principals regarding their personal data.

9. Grievance Redressal Mechanism

Data Principals may file complaints regarding:

Inaccurate data: Complaints related to the processing or retention of incorrect or outdated personal data, which may result in harm or misrepresentation.
Refusal to correct or delete data: Instances where the Company fails to act on legitimate requests for correction or deletion of personal data as per the rights of the Data Principal.
Consent withdrawal issues: Concerns arising from the Company’s failure to honour a Data Principal’s withdrawal of consent, leading to continued or unauthorized processing of personal data.
Breach of privacy rights: Any act or omission by the Company that results in a violation of the Data Principal’s privacy rights, including unauthorized access, sharing, or misuse of personal data.

Grievances can be submitted via email to grivience@devlabsalliance.com and must include contact details and a brief description of the issue. All grievances will be addressed within 30 working days. If unresolved, complaints may be escalated to the Data Protection Board of India.

10. Engagement with Third-Party Data Processors

The Company may engage third-party processors to handle personal data on its behalf, under the following conditions:

A written agreement outlining responsibilities and compliance with this Policy.
Prior due diligence of the third party’s privacy and security practices.
Periodic audits to ensure ongoing compliance.
Cross-border data transfers will comply with the rules under the DPDP Act and government guidelines.

11. Training and Awareness

All employees shall undergo mandatory data protection training upon joining.
Regular refresher sessions and awareness campaigns shall be held.
Contractors, interns, and third-party vendors may also be required to participate in orientation on data privacy obligations.
Training records shall be maintained for audit and compliance purposes.

12. Penalties for Non-Compliance

Non-compliance with this Policy or the DPDP Act may lead to the following consequences:

Penalties under DPDP Act, 2023:

Up to ₹250 crore for failure to take reasonable security safeguards.
Up to ₹200 crore for breach of Data Principal’s rights.
Up to ₹50 crore for failure to report data breaches.

Internal Disciplinary Action:

Suspension, warning, or termination of employment or contract.
Legal proceedings in case of gross misconduct or willful violation.

Frequently Asked Questions (FAQ)

Q1:What is considered personal data under the DPDP Act?

A:Any digital information that identifies or relates to an individual, such as name, email, IP address, biometric data, etc.

Q2:Can I withdraw my consent once given?

A:Yes, consent can be withdrawn at any time by the Data Principal, and processing must stop unless covered under deemed consent or legal obligation.

Q3:What should I do if I suspect a data breach?

A:Immediately notify the internal IT/security team or the Data Protection Officer.

Q4:What are my rights as a Data Principal?

A:Right to access, correct, delete data, and grievance redressal.

Q5:Who do I contact for privacy-related concerns?

A:Reach out to our Grievance Officer at grivience@devlabsalliance.com.

13. Review and Amendments

This Policy will be reviewed annually or as required due to changes in law or business operations. Amendments will be communicated to all stakeholders accordingly.