The purpose of this document - “Cookies Policy” - is to inform you about the way cookies work and about the related processing of personal data in connection with the viewing of our website http://www.isic..co.in in accordance with Digital Personal Data Protection Act, 2023 (DPDP Act) and the Information Technology Act, 2000 (IT Act) and SPDI Rules, 2011. In case a Visitor grants their consent to the use of cookies, this Cookies Policy serves to provide all the terms and conditions of the given consent and to fulfill the information obligation regarding the processing of personal data. In the Cookies Policy, the Visitor will also find information on how to disable cookies and obtain information on the processing of personal data within the meaning of the DPDP Act & the IT Act including the SPDI Rules for technical cookies.
The Website is operated by ALIVEID Educom Private Limited (ALIVEID) with GST Number 06ABCFG5945P1ZV, with its registered office at 103, 1st Floor, Good Earth Business Bay 2, Sector 58, Gurugram, Haryana - 122111. The aforementioned company also acts as the data controller.
Each Visitor is required to read this Cookies Policy and, if they do not understand any information or have any other request, they may contact ALIVEID at the contacts listed here. (www.isic.co.in)
Any and all processing of personal data by ALIVEID is also governed by the Privacy Policy that is available here. (www.isic.co.in/privacy-policy) The Privacy Policy contains detailed information about your rights, how to exercise them, as well as the relevant contacts.
ALIVEID shall mean ALIVEID Educom Private Limited with GST Number 06ABCFG5945P1ZV, with its registered office at 103, 1st Floor, Good Earth Business Bay 2, Sector 58, Gurugram, Haryana - 122111 which operates the Website and also acts as the data controller, unless specified otherwise in this Cookies Policy.
Rules shall mean the Rules for the Use of IDs and Cards that are available here (www.isic.co.in/terms-of-use).
Cookies Policy shall mean this Cookies Policy.
Privacy Policy shall mean the Privacy Policy that is available here (www.isic.co.in/privacy-policy).
General Terms and Conditions shall mean the General Terms and Conditions for Ordering that are available here (www.isic.co.in/terms-of-use)..
Visitor shall mean a person that visits the Website and uses the Website services.
Cookies shall mean short text files that enable the recording of information about visits to the Website, language selection, Visitor behavior on the Website, Visitor settings, and other functions. Cookies are stored on the Visitor’s computer via the browser. Cookies may be used for Website functions and, if their use is permitted, also for analysis or remarketing.
FB shall mean the ISIC India Facebook page: https://www.facebook.com/profile.php?id=100064411100872
Insta shall mean the ISIC India Insta page: https://www.instagram.com/india_isic/
Website shall mean https://www.isic.co.in/
ID shall mean any ISIC, IYTC, ITIC, and Alive ID that may be issued by a university or school, ALIVEID or another authorized distributor.
Card shall mean any card with an AliveID / Alive license, Alive membership card that may be issued by ALIVEID or another authorized distributor.
Holder shall mean a User of any ID or Card; a Holder is also a data subject.
DPDP Act means the Digital Personal Data Protection Act, 2023, as enacted by the Government of India, together with all rules, regulations, notifications, and amendments made thereunder, and any successor or replacement legislation governing the protection of digital personal data in India.
IT Act means the Information Technology Act, 2000, as enacted by the Government of India, together with all rules, regulations, notifications, and amendments made thereunder, including but not limited to the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011.
Personal Data shall mean any information relating to an identified or identifiable data subject; a data subject shall be identified or identifiable in case they can be identified, directly or indirectly, in particular by reference to a number, code or to one or more factors specific to their physical, physiological, mental, economic, cultural or social identity; for example, Personal Data include your email address and mobile phone number, and Personal Data may also include information about your shopping preferences in connection with your surname. It is necessary to process your Personal Data in order to issue an ID or a Card.
Processing of Personal Data shall mean any operation or set of operations which is systematically performed by a controller or processor on Personal Data, whether by automated means or otherwise. The Processing of Personal Data shall mean, in particular, collection, recording on data carriers, disclosure, adaptation or alteration, retrieval, use, transmission, dissemination or otherwise making available, storage, exchange, alignment or combination, blocking, and destruction thereof; collection of Personal Data shall mean a systematic procedure or set of procedures aimed at obtaining Personal Data for the purpose of storing them on a data carrier for immediate or later processing; storage of Personal Data shall mean maintaining data in a form that allows them to be further processed; blocking of Personal Data shall mean an operation or set of operations which limits the manner or means of processing of Personal Data for a specified period of time, with the exception of necessary interventions; destruction of Personal Data shall mean the physical destruction of their carrier, their physical erasure or their permanent exclusion from further processing.
Purpose of processing shall mean the reason why ALIVEID processes Personal Data.
Category shall mean specific types of Personal Data we need for Processing, such as identification data (such as name and surname).
Data, cookies (small text files), and web beacons (small images that have a similar function to cookies and that are also known as “tracking pixels”) are stored on the Visitor’s computer in connection with their Visit to the Website. Unlike cookies, which are stored on the hard-drive of the Visitor’s computer, web beacons are an integral part of the Website. When cookies are used, the Visitor is not specifically identified by means of identification data; however, due to the use of network identifiers, IP addresses or cookies, the processing within the meaning of the DPDP Act & IT Act takes place. For the sake of clarity within this Cookies Policy, cookies shall also mean any similar tools that work with data from the User’s device or obtain data about the User, device, pages viewed, etc.
Cookies are stored by the Visitor’s browser on the Visitor’s device for the following purposes:
Technical cookies = without these cookies, it is not possible to view and use the Website; these cookies cannot be disabled;
Analytical cookies = cookies that ensure the functionality of the Website; however, the Website may be used (to a limited extent) without the use thereof; these cookies offer improved functionality when using the Website (e.g. content selection) and also provide ALIVEID with information about subpage traffic and supporting data for further analysis; these cookies are only used with consent and can be disabled at any time;
Marketing cookies = cookies that enable ALIVEID and third parties to display preferred content, advertising, including cross-website advertising, and to use Visitor behavior data for anonymous analyses; these cookies are only used with consent and can be disabled at any time.
5.1. Technical cookies
5.1.1 Cookiebot
Purpose of processing: Managing consents to cookies on websites in accordance with the applicable legislation, ensuring transparency and control over the use of cookies for users.
Legal basis for the processing of personal data: Legitimate interest, which may be objected to.
Categories of personal data concerned: Information about the user’s consent to cookies, IP address in an anonymized form, browser, device, and geographic location data, network identifiers, data related to the use of the service.
Recipients: Usercentrics A/S, Havnegade 39, 1058 Copenhagen, Denmark.
Period for which personal data will be stored: 12 months.
Legitimate interests: Selected important tasks, legal acts, and communications of the user will be stored for inspection purposes. More information is available here. (www.isic.co.in/privacy-policy)
Source from which personal data originate: User.
Link to third-party terms of service: Cookiebot Privacy Policy.
5.1.2 Google Cloud Vision
Purpose of processing: Analysis and recognition of content in images using machine learning. The tool is used for identity verification through photographs. More information is also available here. (www.isic.co.in/privacy-policy)
Legal basis for the processing of personal data: Performance of a contract, in cases where the user utilizes the photograph verification service when ordering the services.
Categories of personal data concerned: Photographs uploaded for analysis and metadata information about these photographs, network identifiers, data related to the use of the service.
Recipients: Google Ireland Ltd, Ireland; Google LLC, Mountain View, California, USA.
Transfers of personal data to third countries: Based on the performance of the contract, personal data may be transferred to third countries. As an appropriate safeguard, we have concluded standard contractual clauses in accordance with Article 46 of the GDPR. If a third country is subject to an adequacy decision, such decisions shall also apply. More information on this topic is available here.
Period for which personal data will be stored: Data are stored for the time necessary to perform the analysis (no more than a few seconds).
Legitimate interests: Selected important tasks, legal acts, and communications of the user will be stored for inspection purposes. More information is available here. (www.isic.co.in/privacy-policy)
Source from which personal data originate: User.
Link to third-party terms of service: Google Cloud Terms of Service + https://business.safety.google/privacy/
5.1.3 Sentry.io
Purpose of processing: Real-time error monitoring and reporting, providing an overview of application performance and helping to quickly resolve issues.
Legal basis for the processing of personal data: Performance of a contract; without this tool, it is not possible to view and use the Website.
Categories of personal data concerned: Information about errors, exceptions, application performance, device data, and user interactions leading to errors, network identifiers, data related to the use of the service.
Recipients: Sentry (Functional Software, Inc.), San Francisco, California, USA.
Transfers of personal data to third countries: Personal data may be transferred to third countries. As an appropriate safeguard. If a third country is subject to an adequacy decision, such decisions shall also apply.
Period for which personal data will be stored: 90 days.
Legitimate interests: Selected important tasks, legal acts, and communications of the user will be stored for inspection purposes. More information is available here. (www.isic.co.in/privacy-policy)
Source from which personal data originate: User’s device.
Link to third-party terms of service: https://sentry.io/terms/
5.1.4 Google RECAPTCHA
Purpose of processing: The tool makes it possible to distinguish between humans and robots; this is important for the proper functioning of forms. The tool also protects against automated access and possible attacks by robots. More information is also available here. (www.isic.co.in/privacy-policy)
Legal basis for the processing of personal data: Performance of a contract.
Categories of personal data concerned: Data relating to the use of the Website, network identifiers, data related to the use of the service.
Recipients: Google Ireland Ltd, Ireland; Google LLC, Mountain View, California, USA.
Transfers of personal data to third countries: Based on the performance of the contract, personal data may be transferred to third countries. If a third country is subject to an adequacy decision, such decisions shall also apply. More information on this topic is available here. (www.isic.co.in/privacy-policy)
Period for which personal data will be stored: Data are stored for the time necessary to perform the check.
Legitimate interests: Selected important tasks, legal acts, and communications of the user will be stored for inspection purposes. More information is available here. (www.isic.co.in/privacy-policy)
Source from which personal data originate: User or user’s device, as appropriate.
Link to third-party terms of service: https://business.safety.google/compliance/ + https://business.safety.google/privacy/
5.2. Analytical cookies
5.2.1 Google Analytics
Purpose of processing: Analysis of the Website traffic and user behavior for the purpose of optimizing content and user experience.
Legal basis for the processing of personal data: Consent, which is given voluntarily and can be withdrawn at any time via cookie settings.
Categories of personal data concerned: Information about the visits to the Website, demographic information, device information, geographic location, and interactions with content, network identifiers, data related to the use of the service.
Recipients: Google Ireland Ltd, Ireland; Google LLC, Mountain View, California, USA.
Transfers of personal data to third countries: Based on your consent, data may be transferred to third countries. If a third country is subject to an adequacy decision, such decisions shall also apply.
Period for which personal data will be stored: 14 months.
Legitimate interests: Consent, its withdrawal, and any other actions taken by the user will be stored for inspection purposes. More information is available here. (www.isic.co.in/privacy-policy)
Source from which personal data originate: User’s device.
Link to third-party terms of service: Google Analytics Terms of Service + https://business.safety.google/privacy/
5.2.2 Microsoft Clarity
Purpose of processing: Analysis of user behavior on the Website through session recordings and heat maps, which helps understand user interactions and optimize the user experience.
Legal basis for the processing of personal data: Consent, which is given voluntarily and can be withdrawn at any time via cookie settings.
Categories of personal data concerned: Information about user sessions, such as clicks, page scrolling, mouse movements, device, browser, and geographic location data, network identifiers, data related to the use of the service.
Recipients: Microsoft Corporation, Redmond, Washington, USA.
Transfers of personal data to third countries: Based on your consent, data may be transferred to third countries. If a third country is subject to an adequacy decision, such decisions shall also apply. More information on this topic is available here. (www.isic.co.in/privacy-policy)
Period for which personal data will be stored: Session data: 30 days; Tagged or favorite sessions: 13 months; Heat map data: 13 months.
Legitimate interests: Consent, its withdrawal, and any other actions taken by the user will be stored for inspection purposes. More information is available here. (www.isic.co.in/privacy-policy)
Source from which personal data originate: User’s device.
Link to third-party terms of service: https://learn.microsoft.com/en-us/clarity/faq#privacy
5.3. Marketing cookies
5.3.1 Google Ads
Purpose of processing: It is used to display ads within search and content networks. The tool makes it possible to display ads that are tailored to the user’s interests and to determine the success of individual campaigns.
Legal basis for the processing of personal data: Consent, which is given voluntarily and can be withdrawn at any time via cookie settings.
Categories of personal data concerned: Data relating to the use of the Website and clicks on subpages, network identifiers, data related to the use of the service.
Recipients: Google Ireland Ltd, Ireland; Google LLC, Mountain View, California, USA.
Transfers of personal data to third countries: Based on your consent, data may be transferred to third countries.. If a third country is subject to an adequacy decision, such decisions shall also apply. More information on this topic is available here. (www.isic.co.in/privacy-policy)
Period for which personal data will be stored: No more than 400 days.
Legitimate interests: Consent, its withdrawal, and any other actions taken by the user will be stored for inspection purposes. More information is available here.
Source from which personal data originate: User’s device.
Link to third-party terms of service: https://business.safety.google/compliance/
5.3.2 META (Facebook & Instagram)
Purpose of processing: It is used to display personalized (tailored) ads within this social network.
Legal basis for the processing of personal data: Consent, which is given voluntarily and can be withdrawn at any time via cookie settings.
Categories of personal data concerned: Data relating to the use of the Website and clicks on links, network identifiers, data related to the use of the service.
Recipients: Meta Platforms Ireland Limited, 6 Serpentine Avenue, Dublin, D04 H0C9, Ireland.
Transfers of personal data to third countries: Based on your consent, data may be transferred to third countries.. If a third country is subject to an adequacy decision, such decisions shall also apply. More information on this topic is available here. (www.isic.co.in/privacy-policy)
Period for which personal data will be stored: 90 days.
Legitimate interests: Consent, its withdrawal, and any other actions taken by the user will be stored for inspection purposes. More information is available here. (www.isic.co.in/privacy-policy)
Source from which personal data originate: User’s device.
Link to third-party terms of service: https://transparency.meta.com/cs-cz/
5.3.5 Spotify
Purpose of processing: It is used to track user interaction with the Spotify player, such as playback, pause, or listening duration. It can be used for analytical or marketing purposes.
Legal basis for the processing of personal data: Consent, which is given voluntarily and can be withdrawn at any time via cookie settings.
Categories of personal data concerned: Device identifiers, IP address, behavioral information, browser type and operating system, possible connection to Spotify account if the user is logged in, network identifiers, data related to the use of the service.
Recipients: Spotify AB, Regeringsgatan 19, SE-111 53 Stockholm, Sweden.
Transfers of personal data to third countries: Based on your consent, data may be transferred to third countries.. If a third country is subject to an adequacy decision, such decisions shall also apply. More information on this topic is available here. (www.isic.co.in/privacy-policy)
Period for which personal data will be stored: Period necessary for the specified purpose.
Legitimate interests: Consent, its withdrawal, and any other actions taken by the user will be stored for inspection purposes. More information is available here. (www.isic.co.in/privacy-policy)
Source from which personal data originate: User’s device.
Link to third-party terms of service: https://www.spotify.com/legal/privacy-policy/
Cookie settings can be updated at any time here.
Consent given by the Visitor to the controller can be withdrawn at any time. Consent can be withdrawn by updating the settings – see the link above. Where the legal basis is the performance of a contract, it is not possible to continue using the service or the Website (as appropriate), if cookies are disabled – it is not possible to refuse these services through cookie settings.
Most web browsers also make it possible to control most types of cookies through the browser settings. The Visitor can set their browser to notify them when cookies are being used, and they can decide whether to accept them or not. The Visitor can disable cookies in their browser settings. If the Visitor disables cookies, they may not be able to use all the features of their web browser and websites. Cookies that are already stored can be deleted from the Visitor’s computer at any time.
The Visitor can find detailed information on how to delete, disable, or continuously block cookies in the user manual for their browser. Instructions for the most commonly used browsers are available here.
More information about cookies, and
all information about the processing of personal data and the Visitor’s rights under the DPDP Act & the IT Act is available here. https://egazette.nic.in/WriteReadData/2023/248601.pdf, https://www.indiacode.nic.in/handle/123456789/1999
This Cookies Policy shall take effect on 1 May 2025.
ALIVEID is entitled to update this Cookies Policy. Any changes shall take effect upon publication of the Cookies Policy. The Visitor is required to monitor changes to this Cookies Policy. The current version of the Cookies Policy is always published on the Website, and may be archived and reproduced by the Visitor.