The information provided in this Privacy Policy is for general informational purposes and outlines how CIACA — Central India Adventure & Climbing Association collects, uses, protects, and manages personal data.

This policy is drafted in accordance with applicable Indian laws including:

• Information Technology Act, 2000

• Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011

• Digital Personal Data Protection Act, 2023 (DPDP Act)

This Privacy Policy does not constitute legal advice. Users are encouraged to review applicable laws or consult legal professionals where necessary.

By accessing or using CIACA services, website, certification programs, or training platforms, users consent to the practices described herein.

CIACA respects the privacy, confidentiality, and security of all individuals interacting with the organization including:

• Certification applicants

• Training participants

• Institutional partners

• Government authorities

• Website visitors

• Adventure professionals and instructors

CIACA collects only necessary information required for:

• Certification and accreditation processes

• Training administration

• Safety compliance documentation

• Government reporting requirements

• Organizational communication

CIACA follows data minimization, transparency, and security-first principles.

1. Information We Collect

1.1 Personal Information

May include:

• Full Name

• Date of Birth

• Contact Number

• Email Address

• Residential Address

• Government ID proof

• Emergency contact details

• Medical fitness declaration (for adventure activities)

1.2 Professional Information

For certification purposes:

• Qualifications

• Training records

• Experience certificates

• Skill assessments

• Instructor licenses

• Institutional affiliations

1.3 Technical Information

Automatically collected when using website:

• IP address

• Browser type

• Device information

• Cookies and usage analytics

• Website interaction behavior

2. Purpose of Data Collection

CIACA uses collected information for:

✅ Processing certifications and licenses
✅ Maintaining national safety records
✅ Training enrollment and verification
✅ Issuing certificates & ID credentials
✅ Safety audits and compliance checks
✅ Government reporting requirements
✅ Communication and updates
✅ Website improvement and analytics

CIACA does NOT sell personal data.

3. Legal Basis for Processing

Data is processed under:

• User consent

• Contractual necessity (training/certification)

• Legal compliance obligations

• Public safety and regulatory requirements

4. Data Sharing Policy

Information may be shared only with:

• Government departments

• Safety regulatory authorities

• Accreditation partners

• Training institutions

• Emergency response authorities (if required)

CIACA never shares personal data for commercial marketing purposes.

5. Data Storage & Security

CIACA implements reasonable security practices including:

• Secure servers

• Encrypted digital storage

• Restricted administrative access

• Periodic security audits

• Secure certification databases

Physical documents are stored under controlled administrative custody.

6. Data Retention Policy

Data is retained:

• During certification validity period

• As required under law or government compliance

• For safety audit and verification purposes

After expiry, records may be archived or securely deleted.

7. User Rights (Under DPDP Act 2023)

Users may request:

• Access to personal data

• Correction of inaccurate information

• Data deletion (where legally permissible)

• Withdrawal of consent

• Information on data usage

Requests may be submitted via official CIACA contact channels.

8. Cookies Policy

CIACA website may use cookies to:

• Improve user experience

• Monitor website performance

• Analyze visitor behavior

Users may disable cookies through browser settings.

9. Third-Party Links

The CIACA website may contain links to external websites. CIACA is not responsible for privacy practices of third-party platforms.

Users should review external privacy policies separately.

10. Children’s Privacy

CIACA does not knowingly collect personal data from individuals under 18 years without guardian consent, especially for training programs involving minors.

11. Policy Updates

CIACA reserves the right to update this Privacy Policy periodically to reflect:

• Legal updates

• Regulatory requirements

• Organizational developments

Updated versions will be published on the official website.

12. Contact Information

For privacy-related inquiries:

Climbing & Indoor Adventure Certification Authority of India (CIACA)
National Certification & Safety Authority – Adventure Sector

Email: privacy@ciaca.in
Website: www.ciaca.in

This Privacy Policy positions CIACA as:

• National certification authority

• Government-aligned institution

• Safety-focused organization

• Legally structured body

• Data-responsible regulator