1. Preamble and Scope of the Privacy Policy
This Privacy Policy is being issued by LawFoyer, a premier and internationally recognized legal education and information platform headquartered at Lucknow, India. LawFoyer has established itself as a trusted and authoritative source of knowledge in the field of law and legal education. Through its multiple platforms, including but not limited to lawfoyer.in, news.lawfoyer.in, academy.lawfoyer.in, lijdlr.com, and other domains and sub-domains under its effective control, management, and supervision, LawFoyer has consistently provided comprehensive services in the realm of legal education, including the conduct of workshops, webinars, bootcamps, academic courses, national and international competitions, internships, training programs, publishing opportunities, legal news, case analyses, and academic articles.
This Privacy Policy is to safeguard the privacy rights of every user, participant, subscriber, researcher, and visitor of the above-mentioned platforms. The policy not only reflects LawFoyer’s commitment to protecting personal data but also demonstrates its compliance with applicable Indian law, including the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, and the recently enacted Digital Personal Data Protection Act, 2023, which is soon to be brought into operation. Furthermore, the drafting of this Privacy Policy is guided by the constitutional recognition of privacy as a fundamental right under Article 21 of the Constitution of India as pronounced by the Hon’ble Supreme Court in Justice K.S. Puttaswamy v. Union of India (2017).
The scope of this Privacy Policy extends to all forms of data collected and processed by LawFoyer across its platforms, whether the data pertains to registered students, guest users, authors, researchers, or any third party interacting with the platform. The policy is binding upon every individual accessing or availing LawFoyer’s services and is to be read in harmony with the Terms of Service which form an integral part of the legal framework governing the relationship between LawFoyer and its users.
2. Collection of Personal Data and Information
LawFoyer, being a digital-first legal education entity, necessarily collects certain categories of information from its users for the purposes of identification, registration, academic participation, publication, certification, and compliance with legal obligations. The categories of information collected include, but are not limited to, name, contact details such as email and phone number, academic qualifications, professional background, user-generated content such as articles, blogs, and research papers, device information including IP address, browsing patterns, operating system, and cookies, as well as transactional information including payment metadata for course enrolments, subscriptions, or competition registrations.
Sensitive personal data such as passwords or financial information is collected only where strictly necessary and always with explicit consent. In line with the directives of the Reserve Bank of India, LawFoyer does not store credit card or debit card numbers on its servers. All such data is processed through RBI-compliant payment gateways that utilize tokenisation and card-on-file regulations. This ensures that LawFoyer is fully compliant with RBI’s framework on recurring payments and e-mandates.
The data collection process at LawFoyer is always accompanied by due intimation and a requirement for informed consent. Users are made aware of the purposes for which their data is being collected and are provided with the choice to either consent to or decline the collection of such information. In cases where consent is not granted, LawFoyer reserves the right to restrict access to those services which are dependent upon the processing of such data.
3. Purpose and Use of Personal Data
LawFoyer uses personal data strictly in accordance with lawful purposes, ensuring that such use is limited, proportionate, and necessary to achieve the intended objectives. The primary purposes for which data is processed include enabling seamless access to LawFoyer’s educational services, managing registrations for events and academic competitions, facilitating peer-reviewed publications, processing lawful financial transactions, issuing receipts and law compliant invoices, publishing academic contributions, providing users with newsletters and legal updates, and ensuring compliance with statutory mandates including those under CERT-In Directions, 2022 which require the retention of information and communication technology system logs for a minimum period of 180 days within India.
LawFoyer also processes data for ensuring security of its platforms, fraud detection, cybersecurity incident management, and to comply with directions of law enforcement authorities and competent courts of law. Marketing communications, including emails and newsletters relating to academic opportunities, may also be sent to users who have voluntarily opted to receive such communications, with an option to withdraw such consent at any point of time.
4. Consent, Legal Bases, and Withdrawal of Consent
All data processing activities at LawFoyer are undertaken on the basis of clear, specific, and informed consent provided by the users, except where the processing is necessary for compliance with legal obligations, enforcement of contractual rights, or protection of legitimate interests of LawFoyer. The consent sought is free from coercion, unambiguous, and capable of being withdrawn by the user at any time.
5. Web Tracking and Analytical Technologies
In order to enhance user experience and ensure efficient operation of its platforms, LawFoyer uses lawful web-tracking technologies. These web-tracking technologies may be session-based or persistent and may include functional cookies that enable navigation, analytical cookies that allow LawFoyer to monitor usage trends and advertising that facilitate relevant academic promotions. LawFoyer ensures that no web-tracking web-tracking technologies operates in a manner inconsistent with Indian law and that all such technologies are employed with transparency and consent.
6. Sharing, Transfer, and Disclosure of Data
LawFoyer may share user data with third-party processors including cloud service providers, IT vendors, payment aggregators, and academic partners, provided that all such entities are bound by confidentiality obligations and contractual clauses ensuring the lawful and secure processing of data. LawFoyer does not sell user data to third parties under any circumstances.
Cross-border transfers of data may take place where servers or service providers are located outside India. Such transfers are made only in accordance with applicable Indian law, including the DPDP Act, which contemplates government notifications restricting certain jurisdictions. Until such restrictions are in force, LawFoyer assures users that adequate contractual and technical safeguards will be employed to protect user data irrespective of its geographical location.
7. Data Retention and Security Practices
LawFoyer retains personal data only for as long as is necessary to fulfill the specific purposes for which the data was collected or to comply with applicable laws. For example, payment and financial records may be retained for audit and taxation purposes, while academic contributions may be retained for archival and indexing purposes in LawFoyer’s ISSN-recognized journal.
Security measures adopted by LawFoyer conform to globally recognized standards, including IS/ISO/IEC 27001, and involve encryption of sensitive information, firewalls, restricted access to personal data, and routine security audits. In compliance with CERT-In Directions, 2022, ICT logs are retained within India for a minimum of 180 days, and cybersecurity incidents are reported to CERT-In within the prescribed timelines.
8. Rights of Users
LawFoyer respects the rights of its users over their personal data. Users are entitled to exercise their right to access, correct, update, and erase their personal data. They may also request data portability wherever technically feasible and legally permissible. Furthermore, users have the right to withdraw consent and to register grievances with the designated Grievance Officer. With the notification of the DPDP Act, users will further enjoy the right to nominate a representative to exercise their rights in case of incapacity or death.
LawFoyer has established internal mechanisms to address such rights requests within statutory timelines. Requests may be submitted to the Grievance Officer through email communication.
9. Grievance Redressal and Data Protection Officer
To ensure transparency and accountability, LawFoyer has appointed a Grievance Officer cum Data Protection Officer (DPO) whose contact details are as follows:
Grievance Officer
Mr. Amal Singh
Email: lawfoyer@gmail.com
Phone: +91 9044790516
Timings: Monday to Saturday, 10:00 AM to 6:00 PM IST
In compliance with the Consumer Protection (E-Commerce) Rules, 2020, all grievances shall be acknowledged within 48 hours and resolved within 30 days.
10. Modifications to the Privacy Policy
LawFoyer reserves the absolute right to amend or update this Privacy Policy from time to time to reflect legislative changes, judicial pronouncements, or operational necessities. Users shall be notified of any material modifications through the platform website and continued use of the services post such via platform website shall be deemed as consent to the amended policy.