Privacy Policy

← Back to Home Contact EduOverseaz

Introduction

Welcome to EduOverseaz (“we,” “us,” “our,” or “Company”). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how EduOverseaz collects, uses, stores, shares, and protects your personal data when you use our website, engage our services, or interact with us in any capacity.

EduOverseaz is a study abroad consulting and visa application services provider based in Karol Bagh, New Delhi. For over 13 years we have guided students and professionals pursuing education and global opportunities in Canada, Australia, the United Kingdom, the United States, Europe, and through pathway programs in Dubai and Singapore.

By using our services or providing your information, you agree to the practices described in this Privacy Policy.

Scope and Applicability

This Privacy Policy applies to all users of our services, including prospective students, current clients, website visitors, and any individual who provides personal information to us. It covers:

  • Our website and all associated pages.
  • Mobile applications (if and when applicable).
  • Email communications, newsletters, phone, and video consultations.
  • In-person consultations, events, seminars, and social media interactions.
  • Any other services rendered by EduOverseaz.

We comply with applicable data protection laws, including the Digital Personal Data Protection Act, 2023 (DPDP Act) of India, the General Data Protection Regulation (GDPR) for EU residents, and other relevant international and local regulations.

Definitions

  • Personal Data / Personal Information: Information relating to an identified or identifiable individual (name, contact details, identification documents, financial information, educational records, etc.).
  • Sensitive Personal Data: Data such as passwords, financial information, health records, biometric data, sexual orientation, and other information designated sensitive under law.
  • Data Principal: The individual to whom the personal data relates (you, the user or client).
  • Data Fiduciary: EduOverseaz, the entity that determines the purpose and means of processing personal data.
  • Data Processor: Third parties processing personal data on behalf of EduOverseaz.
  • Processing: Any operation performed on personal data, including collection, storage, use, sharing, or deletion.

Types of Personal Data We Collect

The information we collect depends on the services you request. It may include:

Identity and Contact Information

  • Full name, date of birth, gender, nationality, and addresses.
  • Email addresses, phone numbers, emergency contact details, and photographs.

Identification Documents

  • Passport details, national IDs (Aadhaar), birth and marriage certificates.
  • Proof of address documents and driving license information.

Educational Information

  • Academic transcripts, degrees, diplomas, certificates, and standardized test scores.
  • Letters of recommendation, SOPs, essays, portfolios, gap explanations, and preferred courses.

Financial Information

  • Bank details, account statements, sponsor income proof, tax returns, and asset valuations.
  • Loan applications, scholarship information, payment history, and credit card details for service fees.

Employment and Professional Information

  • Employment history, CVs, experience letters, professional certifications, and references.
  • Business registration documents for business visa applicants.

Visa and Immigration Information

  • Visa history, travel records, immigration status, visa refusals, and reasons for denials.
  • Criminal record checks, medical reports, biometrics, interview records, and travel itineraries.

Family and Dependents Information

  • Details of spouse, children, parents, siblings, and sponsor relationships.
  • Family members’ education, employment status, and relevant supporting documents.

Technical and Website Usage Information

  • IP addresses, device identifiers, browser type, operating system, pages visited, and session durations.
  • Cookies, location data (with consent), search queries, and form submissions.

Communication Records

  • Email correspondence, chat logs, call recordings (with consent), video consultations, feedback, and complaint records.

Social Media and Other Information

  • Social media handles (when provided), public posts, and direct messages.
  • Special requirements, language preferences, interests, or other information you voluntarily share.

How We Collect Your Personal Data

Directly From You

We collect information when you complete inquiry forms, contact us by email or phone, register for services, submit documents, participate in surveys, subscribe to newsletters, attend events, or create an account on our portals.

Automatically Through Technology

Data is collected via cookies, analytics tools, server logs, email tracking, and form analytics to understand website usage and improve services.

From Third Parties

We receive information from universities, testing agencies, banks (with consent), government authorities, service providers, publicly available sources, references, and family members acting on your behalf.

Through Partner Universities and Institutions

Data may be obtained from universities, pathway providers, language institutes, accommodation partners, and travel agencies to facilitate your application and onboarding.

Purpose and Legal Basis for Processing Personal Data

We process your data for the purposes below, based on contractual necessity, consent, legal obligations, or legitimate interests:

Study Abroad Consulting Services

To assess your profile, recommend suitable options, prepare and submit applications, communicate with institutions, track status, and assist with enrollment. Legal basis: performance of contract, consent, legitimate interest.

Visa Application Support

To compile visa files, complete forms, schedule appointments, provide interview preparation, liaise with authorities, and track outcomes. Legal basis: performance of contract, consent, legal compliance.

Education Loan Assistance

To evaluate loan eligibility, connect you with partner banks, support documentation, facilitate loan approvals, and offer financial planning. Legal basis: consent, performance of contract, legitimate interest.

Post-Arrival Services

To coordinate accommodation, orientation, and ongoing support after you reach your study destination. Legal basis: performance of contract, consent.

Communication and Customer Service

To respond to inquiries, deliver updates, gather feedback, and maintain service records. Legal basis: performance of contract, consent, legitimate interest.

Marketing and Promotional Activities

To send newsletters, offers, event invites, and success stories (with explicit consent). You may opt out at any time. Legal basis: consent.

Website Functionality and Improvement

To operate, secure, and optimize our website, analyze usage, and detect fraud. Legal basis: legitimate interest, consent for cookies.

Legal and Compliance Obligations

To comply with regulations, respond to legal requests, enforce agreements, and prevent illegal activities. Legal basis: legal obligation, legitimate interest.

Business Operations and Research

To maintain records, manage payments, conduct audits, train staff, manage partnerships, and analyze trends. Legal basis: legitimate interest, performance of contract.

Data Minimization and Purpose Limitation

  • We collect only the data necessary for specified purposes.
  • We do not use your data for undisclosed purposes without seeking fresh consent.
  • We periodically review and delete data that is no longer required.

How We Share Your Personal Data

We may share data with trusted partners to deliver our services:

Educational Institutions

Universities, colleges, pathway providers, language institutes, accommodation providers, and educational representatives worldwide.

Government and Regulatory Authorities

Embassies, consulates, immigration authorities, regulatory bodies, and law enforcement (as required by law).

Financial Institutions

Banks, financial partners, payment processors, and credit assessment agencies facilitating loans and payments.

Service Providers and Business Partners

Couriers, translators, medical centers, travel agencies, insurance providers, IT vendors, CRM providers, analytics, and marketing platforms.

Professional Advisors

Legal advisors, auditors, and consultants assisting with compliance and business operations.

Third-Party Verification Services

Background verification, credential evaluation, and police clearance agencies.

Marketing and Advertising Partners

Social media platforms, advertising networks, and email marketing tools (with your consent).

Affiliated Companies and Other Third Parties

Other entities within the EduOverseaz group or partners involved in joint services, mergers, or acquisitions, with your knowledge and consent.

Data Transfers Outside India

Your data may be transferred to countries where you apply (Canada, Australia, UK, USA, Europe, Dubai, Singapore) or where our cloud providers host servers. Transfers are undertaken when:

  • They are necessary to perform our contract with you (e.g., university or visa applications).
  • The receiving country ensures adequate data protection or appropriate safeguards (such as standard contractual clauses) are in place.
  • You provide explicit consent, and the transfer complies with applicable legal requirements.

Data Security Measures

We implement technical and organizational safeguards to protect your data from unauthorized access, loss, or misuse.

Technical Measures

  • Encryption (SSL/TLS) for data in transit.
  • Secure servers, firewalls, intrusion detection systems, and malware protection.
  • Role-based access controls, strong password policies, and multi-factor authentication.
  • Regular security updates, patches, and encrypted file transfers.
  • Data backups to prevent accidental loss.

Organizational Measures

  • Employee training on data protection and confidentiality agreements.
  • Physical security in offices, secure document storage, and clean desk policies.
  • Secure disposal of data, incident response plans, third-party security assessments, and privacy-by-design principles.

Data Breach Response

In the unlikely event of a data breach likely to impact you, we will:

  • Notify the Data Protection Board of India within 72 hours, when required.
  • Inform affected individuals without undue delay with guidance on protective steps.
  • Contain, investigate, and remediate the breach while preventing recurrence.

Data Retention and Deletion

We retain data only as long as necessary for business, legal, or contractual purposes.

Retention Periods

  • Active clients: For the duration of engagement and a reasonable period afterward.
  • Visa application data: 1–5 years after service completion.
  • Financial records: 7 years, as per Indian tax regulations.
  • Communication logs: 2–3 years for service quality.
  • Marketing data: Retained until you unsubscribe or withdraw consent.
  • Website analytics: Typically 6–24 months.
  • Unsuccessful applicants: Basic profiles retained 1–2 years with consent.

Data Deletion

At the end of the retention period—or upon your request where applicable—we delete personal data from active systems, anonymize backups within reasonable timelines, and ensure secure destruction of physical records.

Exceptions

We may retain data longer to comply with legal obligations, resolve disputes, enforce agreements, prevent fraud, or for archival purposes. In such scenarios, we restrict processing to the minimum required.

Cookies and Tracking Technologies

Cookies are small text files stored on your device to improve your browsing experience. We use:

Essential Cookies

Required for website functionality (session management, authentication, load balancing). Legal basis: legitimate interest.

Analytical/Performance Cookies

Help us understand site usage via tools like Google Analytics and Google Tag Manager. Legal basis: consent.

Functional Cookies

Enable personalization such as language preferences and chat widgets. Legal basis: consent.

Marketing/Advertising Cookies

Used by platforms like Google Ads, Facebook, and LinkedIn to deliver relevant promotions and measure campaign performance. Legal basis: consent.

Third-Party Cookies

Set by social media plugins, video embeds, live chat, and payment gateways. We recommend reviewing their respective privacy policies.

You can manage cookies through our consent banner, browser settings, and opt-out tools (e.g., Google Analytics Opt-out Browser Add-on, Google Ads Settings, Facebook Ad Preferences). Disabling cookies may affect site functionality. We currently do not respond to browser “Do Not Track” signals.

Your Rights as a Data Principal

Under the DPDP Act, GDPR, and other laws, you may exercise the following rights:

Right to Access

Request confirmation of data processing and access to the personal data we hold about you.

Right to Correction

Request correction or updates to inaccurate, incomplete, or outdated data.

Right to Erasure (Right to Be Forgotten)

Request deletion of data that is no longer required, when consent is withdrawn, if processing is unlawful, or when deletion is mandated by law (subject to legal exceptions).

Right to Data Portability

Receive your data in a structured, commonly used format and transfer it to another service provider where technically feasible.

Right to Withdraw Consent

Withdraw consent at any time for consent-based processing. Withdrawal does not affect prior lawful processing.

Right to Grievance Redressal

Lodge a complaint with us or the Data Protection Board of India if you have concerns about our data handling.

Right to Nominate

Appoint an individual to exercise your data rights on your behalf in the event of death or incapacity.

To exercise your rights, contact our Data Protection Officer (details below). We respond within 30 days, subject to identity verification. Most requests are processed free of charge unless manifestly unfounded, excessive, or repetitive.

Children’s Privacy

Our services are intended for individuals aged 18 or above, except where minors apply with parental or guardian consent. If we learn that we collected data from a child without appropriate consent, we will delete it promptly. Parents or guardians may contact us to review, correct, or remove their child’s data.

Special Categories of Personal Data

We process sensitive personal data—such as health records, biometrics, or financial details—only with explicit consent, when required by law, or to fulfil contractual obligations. Enhanced security controls and limited access are applied to such data.

Automated Decision-Making and Profiling

We may use automated tools to assess eligibility, recommend courses, or analyze application success probabilities. However, significant decisions are not made solely through automation; our consultants review and validate all outcomes. You may request human intervention and contest automated assessments.

Third-Party Links and Services

Our website may link to third-party sites and services (universities, embassies, payment gateways, social media platforms, document storage providers). We are not responsible for their privacy practices. We encourage you to review their policies before sharing personal data.

Changes to This Privacy Policy

We may update this policy periodically to reflect legal, regulatory, or operational changes. We will update the “Last Updated” date and notify you of significant revisions via email, website banners, or other appropriate means. Continued use of our services after changes signifies acceptance.

Grievance Redressal Mechanism

Step 1: Contact Our Data Protection Officer

Email: harnish@eduoverseaz.com • Phone: +91 7669087866 • Address: EduOverseaz, Karol Bagh, New Delhi - 110005, India.

We acknowledge complaints within 3 business days and aim to resolve them within 30 days.

Step 2: Escalation

If you are unsatisfied with our response, you may escalate the matter to senior management via the same contact details.

Step 3: Regulatory Authority

You may lodge a complaint with the Data Protection Board of India (details to be published upon constitution) or your local data protection authority if you reside outside India.

Data Processing Records

We maintain detailed records of processing activities, including categories of data processed, purposes, recipients, retention timelines, security measures, and cross-border transfer details. These records are available for audit by competent authorities.

Accuracy and Data Quality

We rely on you to provide accurate information and notify us of changes. We verify critical data against official documents where necessary and promptly correct inaccuracies upon request.

Contact Us

For questions, requests, or concerns related to this Privacy Policy:

Acknowledgment and Consent

By using our services, visiting our website, or providing your personal information, you acknowledge that you have read, understood, and agree to this Privacy Policy. If you do not agree, please refrain from using our services or providing personal information to us.

Date of Last Review: October 25, 2012 • Version: 1.0

EduOverseaz — Your Gateway to Global Education and Visa Success.