Privacy Policy

1 Who We Are

Achievers' Library (referred to as "we", "us", "our", or "the Library") is a private self-study library chain operating in New Delhi, India, since May 2014. We operate three branches:

Paschim Vihar: 401, A-6 DDA Commercial Market, Near DDA Sports Complex, New Delhi – 110063
Dwarka: B-222, Palam Extension, Sector-7, Near Ramphal Chowk, New Delhi – 110075
Rohini: 1st Floor, A-306, Vijay Vihar, Phase-1, Sector-5, Near Petrol Pump, New Delhi – 110085

Data Controller: Achievers' Library HUF, New Delhi.
Contact: feedback@achieverslibrary.com | +91 9599732525

This Policy applies to all personal data collected from students, visitors, and users of our website (achieverslibrary.com), and is framed in accordance with the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 ("SPDI Rules"), and the Digital Personal Data Protection Act, 2023 ("DPDPA 2023") to the extent applicable and notified.

2 Data We Collect

We collect the following categories of personal data:

Category	Data Points	Source
Identity Data	Full name, photograph, date of birth, gender	Admission form
Contact Data	Mobile number, email address, home address	Admission form / enquiry form
Government ID	Aadhaar number (last 4 digits only), Voter ID, Passport, or College ID	Admission form
Biometric Data	Facial geometry / biometric template (not a photograph)	Biometric scanner at registration
Attendance Data	Date, time, and branch of each entry and exit	Face biometric access system
Payment Data	UPI transaction references, fee payment records (no card/bank account data stored)	Payment receipts / UPI
Usage Data	Website pages visited, IP address, browser type (anonymised)	Google Analytics / GTM
CCTV Footage	Video recordings of all common areas within the premises	On-premises CCTV system
Communications	WhatsApp messages, emails, and feedback sent to us	Direct communication

Sensitive Personal Data: Biometric data (facial geometry templates) is classified as Sensitive Personal Data or Information (SPDI) under Rule 3 of the SPDI Rules, 2011. We apply the highest standard of care to its collection, storage, and processing.

3 Biometric Data — Face Recognition Entry & Exit System

All branches of Achievers' Library are equipped with a face-recognition biometric access control system. This system is integral to the security and attendance management of the Library. The following terms govern its use:

3.1 What We Capture and Store

At admission, the biometric scanner captures your facial geometry — a mathematical representation (template) of the geometry of your face. This is not a photograph and cannot be reverse-engineered into one.
The biometric template is encrypted and stored securely in an isolated, access-controlled database.
On each subsequent entry and exit, your face is matched against your stored template in real time. The result (match / no-match), along with the date, time, and branch, is recorded as your electronic attendance.

3.2 Purpose and Legal Basis

Purpose: Secure, contactless access control; prevention of unauthorised entry; automatic and accurate electronic attendance recording; elimination of proxy attendance.
Legal Basis: Processing of biometric data is carried out with the explicit informed consent of the enrolled student, obtained in writing at the time of admission. Refusal to provide biometric consent will result in inability to access Library premises, as the biometric system is the sole access control mechanism.

3.3 Mandatory Compliance

Every enrolled student must present their face at the designated biometric scanner upon each entry to and each exit from Library premises. Entry or exit without biometric verification is not permitted. This requirement applies uniformly to all students at all branches at all times.

3.4 Retention and Deletion

Biometric templates are retained for the duration of the student's active membership plus a grace period of 90 days after membership ends (to facilitate re-enrolment without re-registration).
After the retention period, biometric templates are permanently and irreversibly deleted from all systems.
Students may request early deletion of their biometric template by submitting a written request to feedback@achieverslibrary.com. Deletion will be completed within 30 days. Note that deletion prior to membership end will require manual entry/exit procedures to be arranged.

3.5 Sharing and Security

Biometric templates and attendance data are never shared with any third party, advertiser, or external agency.
They will only be disclosed to law enforcement authorities upon receipt of a lawful order from a competent court or government authority.
The biometric system is operated on a closed, isolated network not connected to the public internet.
Access to biometric data is restricted to authorised Library management personnel only.

Important: We do not use facial recognition for any purpose other than access control and attendance. We do not share, sell, or commercialise biometric data under any circumstances. Biometric data is never used for marketing, profiling, or behavioural analysis.

4 How We Use Your Data

Purpose	Data Used	Lawful Basis
Membership administration and seat management	Identity, Contact, ID data	Contract / Consent
Fee payment processing and receipts	Identity, Payment data	Contract
Entry / exit access control	Biometric template	Explicit Consent
Electronic attendance recording	Biometric match result, timestamp, branch	Explicit Consent / Legitimate interest
Seat renewal reminders and notifications	Contact data (phone / WhatsApp)	Consent / Legitimate interest
Responding to enquiries and feedback	Contact, Communications data	Consent
Security and incident investigation	CCTV footage, Attendance data	Legitimate interest / Legal obligation
Legal compliance and law enforcement requests	All relevant data	Legal obligation
Website analytics (aggregated, anonymised)	Usage data	Legitimate interest

We do not use your personal data for automated decision-making that produces legal or significant effects on you, other than the biometric access match (match = entry permitted; no-match = entry denied), which is a security function and not a subjective decision.

5 Data Retention

Data Type	Retention Period
Membership records (name, contact, ID copy)	7 years after membership ends (for legal/audit purposes)
Fee payment records	7 years (per Income Tax Act requirements)
Biometric templates	Duration of membership + 90 days grace period
Attendance records (date/time/branch)	Duration of membership + 1 year
CCTV footage	30 days (overwritten automatically)
WhatsApp / email communications	Until resolved + 1 year
Website analytics data (anonymised)	26 months (Google Analytics default)

6 Data Sharing & Disclosure

We do not sell, rent, or trade your personal data. We may share data only in the following limited circumstances:

Law enforcement / courts: Upon receipt of a lawful order, warrant, or direction from a competent court, government authority, or law enforcement agency in India.
Technology service providers: We use Google Tag Manager, Google Analytics, and Formspree (for form submissions). These providers process data as per their own privacy policies and are prohibited from using your data for their own commercial purposes in this context.
Emergency situations: If disclosure is necessary to protect the life, health, or safety of any person on premises.
Business continuity: In the event of a merger, acquisition, or transfer of Library operations, personal data may be transferred to the successor entity, subject to equivalent privacy protections.

In all cases, we share only the minimum data necessary for the stated purpose.

7 CCTV Surveillance

CCTV cameras are installed in all common areas of all branches — entrance, exit, corridors, study halls, and parking — for the security and safety of all students and staff.
CCTV footage is stored for a maximum of 30 days and then automatically overwritten.
Footage is accessed only in the event of a security incident, theft, or upon a lawful request by authorities.
CCTV cameras are not installed in washrooms, changing areas, or any space where privacy is expected.
The presence of CCTV cameras is indicated by notices at each branch entrance.
Students may request access to footage that directly involves them by submitting a written request. The Library will consider such requests on a case-by-case basis in compliance with applicable law.

8 Website & Cookies

Our website (achieverslibrary.com) uses the following technologies:

Google Analytics (via GTM): Tracks aggregated, anonymised visitor statistics — pages visited, device type, approximate location (city level), session duration. No personally identifiable information is collected without consent.
Google Tag Manager: Manages analytics and conversion tracking tags. GTM itself does not collect personal data but facilitates the operation of tags that may.
Formspree: Our enquiry forms submit data to Formspree, which delivers it to our registered email. Formspree's privacy policy applies to data in transit.
Cookies: Google Analytics uses first-party cookies to distinguish sessions. These are analytics cookies only — no tracking cookies, advertising cookies, or third-party behavioural cookies are used on our website.

Cookie Control: You may disable cookies via your browser settings. Doing so will not affect your ability to use the website but will prevent analytics data from being recorded.

9 Your Rights

Under applicable Indian data protection law (including the SPDI Rules, 2011 and the DPDPA 2023 to the extent notified), you have the following rights with respect to your personal data:

Right to Access

Request a copy of the personal data we hold about you.

Right to Correction

Request correction of inaccurate or incomplete personal data.

Right to Erasure

Request deletion of your personal data (subject to legal retention requirements).

Right to Withdraw Consent

Withdraw consent for data processing at any time (may affect ability to use Library services).

Right to Data Portability

Request your personal data in a structured, machine-readable format.

Right to Grievance Redressal

Lodge a complaint with us or with the Data Protection Board of India (once established under DPDPA 2023).

To exercise any of the above rights, submit a written request to feedback@achieverslibrary.com or WhatsApp +91 9599732535. We will respond within 30 days of receipt of your request.

Identity Verification: To protect your data, we may ask you to verify your identity before processing any data rights request. We will not process requests from parties who cannot establish that they are the data subject concerned.

10 Children's Privacy

Library membership is open to students aged 16 years and above. We do not knowingly enrol children below the age of 16 or collect their personal data. For students aged 16–18, parental or guardian consent is obtained at admission in addition to the student's own consent for biometric data processing.

If we become aware that we have inadvertently collected data from a person below the age of 16 without appropriate parental consent, we will delete such data promptly. Parents or guardians who believe their child's data has been collected may contact us at feedback@achieverslibrary.com.

11 Data Security

We implement appropriate technical and organisational security measures to protect your personal data against unauthorised access, disclosure, alteration, or destruction:

Biometric data: Stored in encrypted form on a closed, isolated system. Not connected to the public internet. Accessible only to authorised personnel.
Membership records: Stored in password-protected systems with role-based access controls.
CCTV footage: Stored on dedicated, access-controlled DVR/NVR systems at each branch.
Website forms: Transmitted to Formspree via HTTPS (TLS encryption). Our website is served over HTTPS at all times.
Physical security: All branches are secured with biometric access control, CCTV surveillance, and staff supervision during operating hours.

No data transmission over the internet or electronic storage system is 100% secure. While we take all reasonable precautions, we cannot guarantee absolute security. In the event of a data breach that is likely to result in a risk to your rights or freedoms, we will notify affected individuals and the appropriate authority in accordance with applicable law.

12 Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements.
All changes will be published on this page with an updated "Last Updated" date.
For material changes — particularly those affecting biometric data processing — enrolled students will be notified via WhatsApp or a physical notice at each branch at least 14 days before the change takes effect.
Continued use of Library facilities after the effective date of any change constitutes acceptance of the updated Privacy Policy.
This Policy is governed by the laws of India. Any disputes shall be subject to the exclusive jurisdiction of courts in New Delhi.

13 Contact & Grievances

For any questions, requests, or complaints relating to this Privacy Policy or our data practices, please contact:

Privacy / Data Grievances:
- 📧 Email: feedback@achieverslibrary.com
- 💬 WhatsApp: +91 9599732535
General Enquiries: +91 9599732525
Paschim Vihar: 401, A-6 DDA Commercial Market, Near DDA Sports Complex, New Delhi – 110063
Dwarka: B-222, Palam Extension, Sector-7, Near Ramphal Chowk, New Delhi – 110075
Rohini: 1st Floor, A-306, Vijay Vihar, Phase-1, Sector-5, Near Petrol Pump, New Delhi – 110085

We aim to acknowledge all privacy-related grievances within 48 working hours and resolve them within 30 days. If you are not satisfied with our response, you may approach the Data Protection Board of India once it is established under the Digital Personal Data Protection Act, 2023.

📋 Table of Contents