Privacy Policy

Last Updated: January 11, 2026

1. INTRODUCTION AND SCOPE

This Privacy Policy (“Policy”) describes how ManishJassal.com (“Platform,” “we,” “us,” “our,” or “Company”), operated by Manish Jassal, collects, uses, processes, discloses, transfers, and safeguards personal data and information obtained from users (“User,” “you,” or “your”) through the website located at https://www.manishjassal.com and all associated pages, content, services, and materials (collectively, the “Website”).

This Policy applies to all information collected through the Website, including personal data, non-personal information, cookies, tracking technologies, and any other data gathering mechanisms. The provisions of this Policy apply to all uses of the Website by any person, regardless of age, location, or purpose.

Visiting, navigating, or employing any Website element confirms you have reviewed, comprehended, and accepted the gathering, application, and handling of your data per this Privacy Policy. Disagreeing with these methods requires instant cessation of Website activity.

The Company upholds relevant data safeguards laws, such as India’s Digital Personal Data Protection Act (DPDPA), 2023, and the EU’s General Data Protection Regulation (GDPR), as relevant.

2. DEFINITIONS

Personal Data: Data tied to a known or knowable person, covering items like name, email, home address, phone, birth date, IP address, device IDs, location details, or anything else that pinpoints identity directly or indirectly.

Processing: Every action on personal data, from gathering and logging to organizing, storing, altering, retrieving, consulting, applying, revealing, spreading, or erasing.

Data Controller: The organization (ManishJassal.com) decides data processing goals and methods.

Data Processor: Any party handling personal data for the Data Controller.

Data Principal: An individual to whom personal data relates.

Sensitive Personal Data: Personal data exposing race or ethnicity, political views, faith or beliefs, union ties, genetics, ID biometrics, health status, or intimate life/sexual details.

Lawful Basis: The legal ground upon which the Company is authorized to process personal data, including but not limited to consent, contract performance, legal obligation, legitimate interests, or public task.

3. INFORMATION WE COLLECT

3.1 Information You Provide Voluntarily

The Company collects personal data that you voluntarily provide when interacting with the Website, including:

A. Registration and Account Information: During account setup, newsletter sign-up, or service enrollment, you might supply:

  • Full name
  • Email address
  • Password or authentication credentials
  • Postal address (if applicable)
  • Telephone number
  • Date of birth or age verification information
  • Educational or professional background
  • Profile photograph or avatar (if applicable)
  • Payment information (processed securely through third-party payment processors)

B. Communication and Correspondence: When you contact the Company through contact forms, email, chat, or other communication channels, we collect:

  • The content of your message
  • Your contact information
  • Any attachments you provide
  • Metadata associated with communication (date, time, frequency)

C. Course Review Submissions: If you submit reviews, ratings, feedback, or comments about courses or platforms, we collect:

  • Your review text and ratings
  • Your evaluation scores
  • Associated metadata (submission date, helpful ratings from other users)

D. Survey and Feedback Information: If you participate in surveys, questionnaires, or feedback forms, we collect:

  • Your responses and preferences
  • Demographic information (if requested)
  • Usage patterns and satisfaction data

E. Payment and Transaction Information: When making purchases or enrolling through affiliate links, we collect:

  • Transaction records
  • Payment method information (processed by secure third-party payment processors)
  • Billing address
  • Transaction history

3.2 Information Collected Automatically

The Company automatically collects certain information about your device, browsing activities, and interactions with the Website without explicit consent, including:

A. Device Information:

  • Device type, model, and operating system
  • Browser type and version
  • Device identifiers (MAC address, device ID)
  • Mobile network information (if applicable)
  • Device settings and capabilities

B. Usage Data and Analytics:

  • Visited pages plus duration on each
  • Links clicked and navigation patterns
  • Search queries and filters used
  • Course reviews and recommendations viewed
  • Download activity
  • Interaction with content (scrolling, copying, printing)
  • Origin of your visit to the Website.
  • Exit pages and bounce rates

C. Network and Connection Information:

  • IP address
  • Internet Service Provider (ISP)
  • Connection type (WiFi, mobile data, broadband)
  • Approximate geographic location based on IP address
  • Connection speed and stability

D. Cookies and Tracking Technologies (see Section 7 for detailed information):

  • Cookie identifiers and values
  • Session information
  • Tracking pixel data
  • Local storage identifiers
  • Analytics tracking codes

E. Click-Through and Engagement Data:

  • Clicks on affiliate links
  • Engagement with advertisements
  • Form submissions and completion rates
  • Video playback data (if applicable)
  • Content sharing activity

3.3 Information from Third Parties

The Company may receive personal data from third-party sources, including:

A. Third-Party Analytics Providers: Data about your Website usage from Google Analytics, similar analytics services, and heat mapping tools.

B. Affiliate Networks and Course Platforms: Information about clicks, referrals, and conversions when you access linked courses or platforms.

C. Social Media Platforms: If you link your social media account to the Website or use social login functionality, we receive profile information with your consent.

D. Advertising Partners: Information about ad impressions, clicks, and conversions for marketing analysis purposes.

E. Service Providers: Information shared by third-party service providers who support Website operations, including email service providers, hosting providers, and customer relationship management (CRM) platforms.

4. PURPOSES OF DATA COLLECTION AND PROCESSING

The Company processes personal data for the following lawful purposes:

4.1 Service Delivery and Website Operation

  • Creating and maintaining user accounts
  • Processing transactions and enrollments
  • Delivering course reviews, comparisons, and recommendations
  • Responding to inquiries and providing customer support
  • Sending transactional communications (confirmation emails, password resets)
  • Administering the Website and ensuring technical functionality
  • Debugging, troubleshooting, and security testing
  • Fulfilling legal and regulatory obligations

4.2 Communication and Marketing

  • Sending newsletters, promotional content, and marketing communications (with opt-in consent)
  • Notifying users of updates to the Website, policies, or services
  • Conducting surveys and requesting feedback
  • Responding to user inquiries and feedback
  • Sending personalized recommendations based on browsing history
  • Announcing new course reviews or platform comparisons relevant to user interests

4.3 Analytics and Improvement

  • Analyzing Website usage patterns and user behavior
  • Identifying technical issues and performance metrics
  • Conducting research on learning trends and online education markets
  • Improving Website features, functionality, and user experience
  • Testing new features and functionality
  • Generating aggregate and anonymized statistical reports

4.4 Personalization and Customization

  • Tailoring Website content and recommendations to user preferences
  • Remembering user preferences and settings
  • Creating user profiles for personalized experiences
  • Serving relevant course recommendations
  • Customizing navigation and interface based on browsing history

4.5 Affiliate and Monetization Purposes

  • Tracking clicks on affiliate links and course platform referrals
  • Recording user enrollment through affiliate links for commission calculation
  • Analyzing affiliate campaign performance
  • Facilitating commission payments from affiliate partners
  • Fraud detection and affiliate traffic analysis

4.6 Security and Compliance

  • Detecting, investigating, and preventing fraud, abuse, and security incidents
  • Protecting against unauthorized access and malicious activities
  • Enforcing the Terms and Conditions and other agreements
  • Complying with legal obligations, court orders, and regulatory requirements
  • Responding to data access requests from authorities
  • Maintaining audit trails and security logs

4.7 Business Intelligence and Research

  • Conducting market research and trend analysis in online education
  • Developing insights about learning preferences and course demand
  • Creating anonymized datasets for business decision-making
  • Benchmarking and competitive analysis

5. LEGAL BASIS FOR DATA PROCESSING

The Company processes personal data based on the following lawful bases under applicable data protection laws:

5.1 Consent

The Company obtains explicit, informed, and unambiguous consent from users before processing personal data for non-essential purposes, including:

  • Marketing and promotional communications
  • Non-transactional analytics
  • Placement of non-essential cookies and tracking technologies
  • Profiling and behavioral analysis for personalization
  • Passing data to outsiders for promotional aims.

Consent is obtained through clear opt-in mechanisms, including checkboxes, consent forms, or explicit acceptance. Users can retract consent anytime via the Company contact or communication unsubscribe features.

5.2 Contract Performance

The Company processes personal data necessary to fulfill contractual obligations to users, including:

  • Processing account registrations
  • Delivering Website services and content
  • Processing transactions and enrollments
  • Providing customer support
  • Executing affiliate agreements and commission payments

5.3 Legitimate Interests

The Company processes personal data based on legitimate interests, including:

  • Improving Website functionality and user experience
  • Detecting fraud and security threats
  • Conducting analytics and research to understand user preferences
  • Serving affiliate links and earning referral commissions
  • Maintaining Website operations and technical performance
  • Responding to legal requests and complying with the law

Users can challenge processing grounded in legitimate interests by reaching out to the Company.

5.4 Legal Obligations

The Company processes personal data when required by applicable law, including:

  • Complying with tax and accounting regulations
  • Responding to government inquiries and court orders
  • Maintaining records for regulatory compliance
  • Reporting data breaches as mandated by law

5.5 Vital Interests

In rare circumstances, the Company may process personal data to protect vital interests of individuals, including health and safety in emergency situations.

6. DATA RETENTION

The Company holds personal data only as needed for collection purposes, respecting legal mandates.

6.1 Retention Periods by Data Type

Account Information: Retained while the account is active and for a minimum of one (1) year following account deletion or termination, unless longer retention is required by law.

Transactional Data: Retained for a minimum of seven (7) years for tax, accounting, and compliance purposes, as required by Indian regulations.

Marketing Communications: Retained until the user unsubscribes or withdraws consent.

Analytics and Usage Data: Retained for a minimum of thirteen (13) months for analytics purposes, after which it is anonymized or deleted.

Cookie Data: Retained according to cookie type and expiration settings (see Section 7).

Affiliate and Commission Data: Retained for a minimum of two (2) years for commission verification and dispute resolution purposes.

Customer Support Records: Retained for a minimum of one (1) year following resolution of the inquiry.

Security and Fraud Detection Logs: Retained for a minimum of one (1) year for security and investigation purposes.

6.2 Deletion and Anonymization

Upon expiration of retention periods, the Company either permanently deletes personal data or anonymizes it in a manner that makes it impossible to identify the individual. De-identified data can persist without limit for study and insights. Users may request deletion of their personal data at any time, subject to legal obligations to retain certain data.

7. COOKIES AND TRACKING TECHNOLOGIES

7.1 What Are Cookies?

Cookies consist of tiny text files saved on your device to recall choices, monitor actions, and boost site performance. The Website uses both session-based cookies (deleted when the browser closes) and persistent cookies (stored until expiration).

7.2 Categories of Cookies Used

A. Essential/Functional Cookies (No consent required):

  • User authentication and session management
  • Security and fraud prevention
  • Website functionality and features
  • Language preferences and accessibility settings
    These cookies are necessary for the website’s operation and cannot be disabled without affecting functionality.

B. Analytics Cookies (Consent required):

  • Google Analytics and comparable services monitor visitor patterns to refine online course experiences
  • Conversion tracking for affiliate links
  • Performance monitoring and troubleshooting
  • Heatmapping and user interaction analysis
    These cookies collect aggregate information about Website usage and do not personally identify users.

C. Marketing and Advertising Cookies (Consent required):

  • Tracking affiliate referrals and conversions
  • Serving personalized recommendations
  • Retargeting ads to users who have visited the Website
  • Building audience segments for marketing purposes

    Third-party ad networks deploy cookies for cross-site targeting and personalized promotions.

D. Third-Party Cookies (Consent required):

  • Cookies placed by affiliate networks and course platforms
  • Social media plugins and integration cookies
  • Customer relationship management (CRM) tools
  • Analytics and conversion tracking services

7.3 How to Manage Cookies

Users can manage cookies through browser settings:

  • Accept or reject cookies upon first visit
  • Delete existing cookies from browser settings
  • Disable cookies entirely (note: this may affect Website functionality)
  • Opt-out of specific cookie categories through the consent management interface

Most browsers provide instructions for cookie management in their help sections. Users can also contact the Company for assistance with cookie preferences.

7.4 Similar Tracking Technologies

Beyond cookies, the Website uses:

  • Pixels and Clear GIFs: One-pixel images to track conversions and engagement
  • Local Storage: Browser storage technology similar to cookies
  • Web Beacons: Embedded tracking codes in emails and content
  • Device Fingerprinting: Identifying devices based on hardware and software characteristics

These technologies serve similar purposes to cookies and are subject to the same consent requirements.

8. DISCLOSURE AND SHARING OF PERSONAL DATA

8.1 Third-Party Disclosure

The Company may disclose personal data to third parties in the following circumstances:

A. Service Providers: The Company engages third-party vendors to perform services on its behalf, including:

  • Email service providers (Mailchimp, ConvertKit, similar platforms)
  • Web hosting and cloud infrastructure providers (AWS, Google Cloud, Bluehost)
  • Analytics platforms (Google Analytics, Hotjar, Mixpanel)
  • Payment processors and financial service providers
  • Customer support and CRM platforms (Zendesk, HubSpot)
  • Marketing and advertising platforms
  • Data security and backup providers

These service providers are contractually obligated to process data only for specified purposes and to maintain confidentiality and security safeguards equivalent to those required by this Policy.

B. Affiliate Partners and Course Platforms: When users click on affiliate links or enroll in courses through the Website, the Company may disclose:

  • Click and referral information
  • User enrollment and transaction data
  • Browsing history and course interests
  • Device and usage information
    Course platforms and affiliate partners are contractually bound to use this information only for commission calculation, fraud prevention, and service delivery.

C. Business Partners: The Company may share anonymized or aggregated data with business partners for:

  • Market research and trend analysis
  • Product development and improvement
  • Analytics and business intelligence

D. Legal and Compliance Requirements: The Company may disclose personal data when required by:

  • Court orders, subpoenas, or legal process
  • Government agencies and regulatory authorities
  • Law enforcement investigations
  • Compliance with applicable laws and regulations
    The Company will provide notice of such disclosures when legally permitted.

E. Business Transfers: If the Company is acquired, merged, or transferred, personal data may be transferred as part of the business assets. Users will be notified of any change in data control or use practices.

F. Consent-Based Disclosure: The Company may disclose personal data to third parties when users provide explicit consent, including through opt-in forms or explicit requests.

8.2 Data Processing Agreements

All service providers who access personal data are required to sign Data Processing Agreements that establish:

  • Permitted purposes and scope of processing
  • Confidentiality and security obligations
  • Data subject rights and compliance procedures
  • Limitations on sub-processing and further disclosure
  • Liability and indemnification provisions
  • Data deletion and return procedures upon termination

8.3 No Sale of Personal Data

The Company does not sell personal data to third parties. The Company does not lease, trade, or rent personal data to unaffiliated parties for their own marketing or commercial purposes. Aggregate, anonymized data that does not identify individuals may be shared for business purposes.

8.4 Cross-Border Data Transfers

If the Company transfers personal data outside India to countries that may have different data protection standards, such transfers will be conducted in compliance with applicable laws through:

  • Standard Contractual Clauses (for EU data transfers under GDPR)
  • Adequacy decisions by relevant authorities
  • Explicit user consent for international transfers
  • Equivalent safeguards and security measures

Users will be notified of any international data transfers and the safeguards implemented.

9. DATA SECURITY

9.1 Security Measures

The Company deploys layered technical, administrative, and physical defenses to shield personal data from breaches, including:

Technical Safeguards:

  • SSL/TLS encryption for data transmission (HTTPS protocol)
  • End-to-end encryption for sensitive data
  • Secure password storage using hashing algorithms
  • Database encryption for data at rest
  • Firewall protection and intrusion detection systems
  • Regular security patching and vulnerability management
  • Access logging and monitoring

Administrative Safeguards:

  • Restricted access to personal data on a need-to-know basis
  • Employee confidentiality agreements and training
  • Data processing policies and procedures
  • Incident response and breach notification protocols
  • Regular security audits and penetration testing
  • Access controls and authentication mechanisms

Physical Safeguards:

  • Secure data center facilities with controlled access
  • Backup systems and disaster recovery procedures
  • Regular system maintenance and updates
  • Video surveillance and physical security measures

9.2 Limitations of Security

While the Company employs industry-standard security measures, no system is completely secure. The Company cannot guarantee absolute security against all forms of attack, particularly:

  • Zero-day exploits and unknown vulnerabilities
  • Advanced persistent threats and nation-state attacks
  • Social engineering and human error
  • Third-party service provider breaches

Users acknowledge that transmission of data over the internet carries inherent risks. Users must secure their login details and account data to prevent unauthorized access.

9.3 Data Breach Notification

The Company activates breach protocols upon detecting personal data incidents:

  • Conduct a prompt investigation to determine the scope and impact
  • Notify affected users without unreasonable delay
  • Provide information about the breach, affected data, and mitigation measures
  • Comply with notification requirements under the DPDPA and other applicable laws
  • Report the breach to the Data Protection Board of India if required
  • Cooperate with law enforcement and regulatory authorities

Notifications will include information about the breach and recommended actions users should take to protect themselves.

10. USER RIGHTS AND CHOICES

10.1 Rights Under the DPDPA (India)

Under the Digital Personal Data Protection Act, 2023, users have the following rights:

Right to Know: Users have the right to request information about:

  • What personal data does the Company collect?
  • The purposes of processing
  • Who has access to their data?
  • How their data is being used

Right to Correct: Users may request correction of inaccurate or incomplete personal data.

Right to Delete: Users may request deletion of personal data in circumstances including:

  • Withdrawal of consent
  • Completion of the specified purpose
  • Where processing is unlawful
  • Where retention is no longer necessary

Right to Data Portability: Users may request a copy of their personal data in a structured, commonly used, machine-readable format.

Right to Grievance Redressal: Users may lodge grievances regarding data processing practices with the Company or the Data Protection Board of India.

Requests must be submitted in writing to the contact details provided in Section 12.

10.2 Rights Under GDPR (EU Users)

EU residents and users subject to GDPR have additional rights, including:

  • Right of access to personal data
  • Right to rectification of inaccurate data
  • Right to erasure (“right to be forgotten”)
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Rights related to automated decision-making and profiling
  • Learners hold the right to file complaints with the Data Protection Board after exhausting internal channels.

GDPR requests should be submitted to the contact details provided in Section 12.

10.3 Marketing Preferences and Opt-Out

Users may opt out of marketing and promotional communications by:

  • Clicking the “unsubscribe” link in emails
  • Updating preferences in their account settings
  • Contacting the Company directly
    The Company will honor opt-out requests within a reasonable timeframe, though transactional and service-related communications will continue.

10.4 Cookie Preferences

Users may manage cookie preferences through:

  • The Website’s consent management interface
  • Browser settings and controls
  • Opting out of specific analytics and advertising services
  • Contacting the Company for assistance

11. CHILDREN’S PRIVACY

The Website is not directed toward individuals under the age of eighteen (18) years. The Company does not knowingly collect personal data from children. If the Company becomes aware that it has collected data from a minor without proper consent, it will take steps to delete such data and terminate the child’s account.

Under the DPDPA, for individuals under eighteen (18) years or those with disabilities requiring guardianship, the Company requires verifiable consent from the individual’s parent, legal guardian, or authorized representative.

Parents or guardians who believe their child’s data has been collected should contact the Company immediately using the contact details in Section 12.

12. CONTACT INFORMATION

Users can reach out to the designated Data Protection Officer for Privacy Policy inquiries or data rights:

ManishJassal.com
Data Protection Officer/Privacy Contact:

Email: support@manishjassal.com
Website: https://www.manishjassal.com
Mailing Address: Gurugram, Haryana, India

For GDPR-Related Requests (EU Residents):
Email: support@manishjassal.com

For DPDPA-Related Requests (India):
Email: support@manishjassal.com

The Company addresses data rights requests within 30 days, subject to legal extensions.

13. CHANGES TO THIS PRIVACY POLICY

The Company may update, modify, or amend this Privacy Policy at any time to reflect changes in data protection practices, legal requirements, or business operations. Notice of material changes will be provided by:

  • Updating the “Last Updated” date at the top of this document
  • Posting a notice on the Website
  • Sending an email notification to registered users

Ongoing Website access after Privacy Policy revisions signals acceptance of changes. It is your responsibility to review this Policy periodically for changes. If you do not agree with any modifications, you must discontinue use of the Website.

14. THIRD-PARTY WEBSITES AND LINKS

The Website contains links to third-party websites, platforms, and resources. This Privacy Policy applies only to the Website and does not extend to third-party websites or services. The Company is not responsible for the privacy practices of third-party websites.

Before providing personal data to third-party websites or services, users are encouraged to review their privacy policies and terms. Users should share personal data with third parties judiciously to mitigate risks.

15. CALIFORNIA PRIVACY RIGHTS (CCPA)

California residents gain enhanced controls like access, deletion, and opt-out under CCPA, including:

  • Right to know what personal data is collected, used, and shared
  • Right to delete personal data
  • Right to opt out of the sale or sharing of personal data
  • Right to non-discrimination for exercising your rights

To submit a CCPA request, contact support@manishjassal.com. The Company authenticates CCPA requestors and replies within 45 days, extendable once.

16. ENTIRE AGREEMENT

This Privacy Policy, together with the Company’s Terms and Conditions, constitutes the entire agreement regarding data collection, processing, and protection practices and supersedes all prior understandings, policies, and practices.

Scroll to Top