Privacy Policy
Privacy Policy
for Riya Institute of Hospitality (RIH)
1. Introduction
This Privacy Policy ("Policy") governs the security and processing of personal data by Riya Institute of Hospitality (hereinafter referred to as "RIH," "we," "us," or "our") in connection with personal data provided by any individual ("User" or "you") who visits, inquires about, or enrolls in the certification courses offered by RIH via our website(s), mobile site(s), or mobile app(s) (collectively, the "Website").
By accessing or using the Website or any other marketing channels, you agree to the terms of this Policy. If you disagree, please do not access or use our services.
Important Note: This Policy does not apply to third-party websites, mobile sites, or apps. We recommend you review the privacy policies of any external sites, business partners, alumni, advertisers, or sponsors we link to before interacting with them.
2. Purpose Of This Policy And Data Collection
We respect your need to understand how your information is collected, used, disclosed, transferred, and stored. This Policy sets out how we process your personal data in accordance with applicable data protection laws.
We collect personal data to fulfill our obligations to you, primarily for enrollment, certification, and course administration.
3. Types Of Personal Data We Collect
Personal data means any information from which a person can be identified. We collect, use, store, and transfer the following categories of personal data:
| Category | Description | Specific Examples for RIH |
|---|---|---|
| Identity & Contact Data | Your name, title, address, email address, and telephone numbers. | Full Legal Name (must match ID for certification), Email, Phone. |
| Educational Data | Information related to your academic background and course progression. | Previous educational documents for verification, Course enrollment, Exam scores, Attendance, Certification status. |
| Website User Data | Usernames, Passwords, and other security-related information. | Login details for the student portal. |
| Travel & Certification Data (Critical) | Mandatory information required by certifying bodies (like IATA) and travel partners. | Date of Birth, Gender, Passport details (if required for IATA travel documents/simulations), and Visa/Immigration Status (if applicable to the course/training). |
| Profile Data | Information collected progressively when you use our site. | Referral website, pages you visit, actions you take, and information from forms you fill in. |
| Technical Data | Information collected when you access our website. | IP address, login data, browser type and version, time zone setting, and operating system. |
| Usage Data | Information about how you use our Website and services. | Time spent on course modules, feature usage. |
| Public Domain/Third-Party Data | Data available publicly or received from linked social media accounts (per your settings). | Name, email address, profile picture from social media if you link your account. |
We do not intentionally collect any Special Categories of Personal Data (e.g., race, religion, health data) or information about criminal convictions through the Website.
4. Modes Of Collecting Personal Data
We primarily collect personal data when you choose to provide it to us:
- Direct Interactions: When you make an inquiry, registration, or enrollment through our Website, email, phone, or in person.
- Third Parties or Public Sources: We receive Technical Data from analytics providers (like Google) and may receive data from Certifying Boards (like IATA) regarding your results.
- Cookies & Other Technologies: We automatically receive Technical and Usage Data via cookies, server logs, and similar technologies to enhance your experience. Please see our dedicated Cookie Policy for more details.
5. Grounds For And Use Of Personal Data
We only process your personal data when the law allows us to, based on the following grounds:
| Legal Ground | Use of Data (Purpose of Processing). |
| Performance of a Contract | To register and enroll you in certification courses; to monitor academic progress, administer and grade exams, and issue official certificates; to provide On-Job Training & Internship Letters; and to fulfill specific requests (e.g., books, journals). |
| Legitimate Interests | To monitor Website usage and security; to improve our services; and to share non-personal aggregate data with business partners. |
| Legal/Regulatory Obligation | To comply with legal requirements, tax obligations, and mandates from government or regulatory authorities. |
| Consent | We rely on your explicit consent for sending you direct marketing communications via email/SMS, or for sharing your study details/resume with potential employers for placement opportunities. |
6. Data Sharing And Disclosure (The "Who")
We share your personal data with the following parties:
| Partner Category | Data Shared | Purpose of Sharing |
|---|---|---|
| Certifying Boards | Identity Data, Educational Data, Travel & Certification Data (e.g., Full Name, DOB, Exam Scores). | Mandatory sharing with bodies like IATA, GDS, and Abu Dhabi Tourism Board to validate training, register you for exams, and issue official course certifications. |
| Group Companies | Personal Information. | For improving personalization, service efficiency, and during any corporate restructuring, sale, or transfer of RIH assets. |
| Business Partners & Employers | Filtered Personal Information and academic grades. | To offer selected candidates job placements, On-Job Training, or Internship opportunities. This requires your explicit consent. |
| Service Providers | Personal Information, Payment Information. | Third parties engaged for payment processing, data hosting, data processing platforms, or market research (under confidentiality agreements). |
| Regulators/Legal Authorities | Personal Data. | When required or requested by a court, taxation authority, regulatory body, or law enforcement agency. |
RIH does not sell or rent individual names or personal data to third parties, other than sharing necessary information with our partners and certifying bodies for the purposes detailed above.
7. Data Security And International Transfers
A. Information Protection and Security
We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk of processing. These measures include:
- The pseudonymization and encryption of personal data where feasible.
- Implementing SSL encryption to protect information transmission during online transactions.
- Requiring third parties who process your data to implement the same levels of protection.
While no system is completely full-proof, we continuously use internet security procedures to keep your data safe.
B. International Data Transfers
Due to our affiliation with global certifying bodies (like IATA) and the nature of the travel field, your personal data may be transferred to and processed in countries globally where these partners or our service providers are located. We ensure these transfers comply with applicable data protection laws.
8. Data Retention And Your Rights
A. Data Retention
We will only retain your personal data for as long as necessary to fulfill the purposes for which we collected it, including for satisfying legal, regulatory, accounting, or reporting requirements, and for the establishment or defense of legal claims. We may retain anonymized data indefinitely for research or statistical purposes.
B. Your Rights
Under applicable data protection laws (such as GDPR), you have the right to:
- Be Informed: About how your personal data is used.
- Access: Obtain confirmation of whether we are processing your personal data and access that data.
- Rectification: Have any inaccurate or incomplete personal data corrected.
- Erasure (Right to be Forgotten): Request deletion of your personal data in certain circumstances.
- Restrict Processing: Request that we block the processing of your personal data in certain circumstances.
- Data Portability: Receive a copy of your personal data in a commonly used electronic format.
- Object: Object to processing being carried out, including for direct marketing purposes.
To exercise any of these rights, please send your request to the contact details provided in Section 10. We may require specific information to confirm your identity before processing your request.
9. Changes To The Policy
We reserve the right to update or change this Policy at any time. We will notify you of any substantial updates by providing a prominent notice of change on our Website or via email. Your continued use of our Website after modifications are posted constitutes your acceptance of the revised Policy.
10. Contact Information And Complaints
If you have any questions, comments, or concerns about this Policy, or wish to exercise your data rights, please contact:
Data Protection Officer:
| Contact Detail | Information |
|---|---|
| Corporate Office | M/1, Leela Business Park, Andheri-Kurla Road, Andheri East, Mumbai, Maharashtra, India Pin Code – 400 059 |
| infosec@riya.travel |
If you are dissatisfied with the handling of any privacy complaints, you may contact our customer relations team at custrelations@riya.travel.