Privacy Policy
Institute of Digital Technology (IDT)
Privacy Policy
Last updated: 5 June 2025
1 . Introduction
Your privacy matters to us. This Privacy Policy explains how IDT (Institute of Digital Technology) collects, uses, stores, and protects the personal information you share via our websites idt.com.pk, sub-pages (including /apply-now and course pages), portals, and in-person registrations. By interacting with IDT, you agree to the practices described here.
2 . What We Collect
| Category | Examples | How We Collect |
|---|---|---|
| Identity & Contact | Full name, email, phone/WhatsApp number, CNIC (optional), mailing address | Application forms, event sign-ups, live chat, email |
| Educational & Career | Highest qualification, work experience, portfolio links | Course enrollment forms, surveys |
| Payment | Cardholder name, masked card digits, transaction IDs, bank details for refunds | Secure payment gateways, bank transfer receipts |
| Usage Data | IP address, browser type, time-zone, pages visited, clicks | Cookies, Google Analytics, server logs |
| Marketing Preferences | Consent to receive emails/SMS, ad interaction data | Opt-in checkboxes, third-party ad platforms |
We do not knowingly collect data from children under 16 without parental consent.
3 . How We Use Your Information
Service Delivery – Process applications, create student accounts, schedule classes, issue certificates.
Customer Support – Respond to inquiries, technical issues, and refund requests.
Payments & Accounting – Verify transactions, generate invoices, handle refunds.
Improvement & Analytics – Analyse website traffic, course performance, and user feedback.
Marketing – Send course updates, offers, and event invitations only if you’ve opted in.
Legal Compliance – Satisfy tax, audit, or regulatory obligations under Pakistani law.
4 . Legal Bases for Processing
Depending on the context, we rely on one or more of these grounds:
Contractual necessity (to deliver the course you enrolled in)
Legitimate interests (improving services, preventing fraud)
Consent (marketing emails/SMS, cookies)
Legal obligation (tax and accounting rules)
5 . Sharing & Disclosure
| Recipient | Purpose | Safeguards |
|---|---|---|
| Instructors & Mentors | Attendance tracking, feedback | Limited to course-relevant data only |
| Payment Processors (e.g., Stripe, local banks) | Secure transaction handling | PCI-DSS compliance |
| CRM & Email Platforms (TheBigBot CRM, MailerLite) | Automated reminders, certificates | Data-processing agreements in place |
| Regulatory Authorities | Statutory reporting | Shared only when legally required |
| Prospective Employers / Partners | With your explicit request (e.g., reference check) | Separate consent obtained |
We never sell your personal data.
6 . Cookies & Tracking Technologies
IDT uses cookies, pixel tags, and similar tools to:
Keep you logged in to the student portal
Remember site preferences (language, batch selection)
Measure ad performance (Facebook Pixel, Google Ads)
You can block non-essential cookies via your browser settings or our cookie banner.
7 . Data Security
TLS encryption secures all form submissions.
Access to student data is role-based and monitored.
Regular backups are stored in encrypted form on ISO-27001-certified servers.
Staff receive annual data-protection training.
8 . Data Retention
Student records & certificates: 7 years from course completion (regulatory requirement).
Marketing data: until you withdraw consent or after 24 months of inactivity.
Unused application data: deleted after 12 months if you don’t enroll.
9 . Your Rights
| Right | What it Means | How to Exercise |
|---|---|---|
| Access | Request a copy of the data we hold about you | Email privacy@idt.com.pk |
| Correction | Fix inaccurate or incomplete data | Same as above |
| Deletion | Ask us to erase data, subject to legal limits | Same as above |
| Withdraw Consent | Opt out of marketing at any time | Unsubscribe link / SMS STOP |
| Data Portability | Receive your data in a machine-readable format | Written request |
If you reside in a jurisdiction with additional rights (e.g., GDPR), we honour those as well.
10 . Third-Party Links
Our site may link to external tools, partner sites, or job boards. We are not responsible for their privacy practices—please review their policies individually.
11 . International Transfers
Some service providers (e.g., cloud hosting) may store data on servers outside Pakistan. We ensure an adequate level of protection through standard contractual clauses or equivalent safeguards.
12 . Changes to This Policy
We may update this Privacy Policy to reflect new laws or practices. Major changes will be announced via email or site banner. Continued use of IDT services after an update implies acceptance.
13 . Contact Us
Data Protection Officer (DPO)
Institute of Digital Technology, Shah Ali Town, Okara, Punjab, Pakistan
Phone: +92 311 600 5009
Email: info@idt.com.pk
