Privacy Policy

Last updated: August 15th, 2025

Welcome to Commons Connect! At Commons Connect we are committed to protecting your privacy and handling your data with care and transparency. Through our policy, we attempt to be as clear and simple as possible so that our users understand what they are signing up for. We are in compliance with the Government of India’s THE DIGITAL PERSONAL DATA PROTECTION ACT, 2023. The Act outlines the government’s rules and regulations for digital bodies to handle data and grants rights to all parties within the limits of the law. Our policy outlines the way we are trying to put in place mechanisms to collect, use and protect your data under the aforementioned Act.

By agreeing to our Terms of Service, you are liable to be covered by our Privacy Policy as well. We use your Personal data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy.

A. Definitions

For this Privacy Policy, unless the context otherwise requires:

  1. Data — means a representation of information, facts, concepts, opinions or instructions in a manner suitable for communication, interpretation or processing by human beings or by automated means; this specifically refers to digital personal data by which an individual is identifiable.
  2. Company (referred to as either “the Company”, “We”, “Us” or “Our” in this Agreement) refers to CommonsTech Foundation for Participatory Technologies, Plot No. 2, First Floor, 100 Ft Road, Ghitorni, MG Road, New Delhi.
  3. Data Fiduciary refers to the Company — CommonsTech Foundation for Participatory Technologies — that collects, stores and provides services based on this data.
  4. Data Principals or “You” refers to the person to whom this data relates and whose data is being processed. The Data Principal is also the Child/Guardian of anyone below the age of 18.
  5. Account means a unique account created for You to access our Service or parts of our Service. Cookies are small files placed on Your computer, mobile device or any other device by a website, containing the details of your browsing history on that website among its many uses.
  6. Country refers to Delhi, India.
  7. Device means any device that can access the Service such as a computer, a cell phone or a digital tablet.
  8. Personal Data is any information that relates to an identified or identifiable individual.
  9. Service refers to our App, WebApp, WhatsApp, IVR and Website. Service Provider means any natural or legal person who processes the data on behalf of the Company.
  10. Third-party Social Media Service refers to any website or social network website through which a User can log in or create an account to use the Service.
  11. Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
  12. Website refers to CommonsTech Foundation for Participatory Technologies, accessible from https://core-stack.org/.
  13. “You” means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.

B. Collecting and Using Your Personal Data

Types of Data Collected

1. Personal Data

While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to:

  • First name and last name
  • Phone number
  • Geolocation
  • Usage Data
  • Your Profile Photo
  • Gender

2. Usage Data

Usage Data is collected automatically when using the Service. Usage Data may include information such as Your Device’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

When You access the Service through a mobile device, We may collect certain information automatically, including but not limited to the type of mobile device You use, Your mobile device’s unique ID, IP address, operating system, mobile browser type, unique device identifiers and other diagnostic data. We may also collect information that Your browser sends whenever You visit our Service.

3. Tracking Technologies and Cookies

We use Cookies and similar tracking technologies to track activity on Our Service and store certain information. Tracking technologies used are beacons, tags, and scripts to collect and track information and to improve and analyze Our Service. The technologies We use may include:

  • Cookies or Browser Cookies. A Cookie is a small file placed on Your device. You can instruct Your browser to refuse all Cookies or to indicate when a Cookie is being sent. However, if You do not accept Cookies, You may not be able to use some parts of our Service. We use both Session and Persistent Cookies for the purposes set out below.
  • Necessary / Essential Cookies — Type: Session Cookies. Administered by: Us. Purpose: These Cookies are essential to provide You with services available through the Website and to enable You to use some of its features. They help to authenticate users and prevent fraudulent use of user accounts.
  • Cookies Policy / Notice Acceptance Cookies — Type: Persistent Cookies. Administered by: Us. Purpose: These Cookies identify if users have accepted the use of cookies on the Website.
  • Functionality Cookies — Type: Persistent Cookies. Administered by: Us. Purpose: These Cookies allow us to remember choices You make when You use the Website, such as remembering your login details or language preference, to provide a more personalised experience.

4. Use of Your Personal Data

The Company may use Personal Data for the following purposes:

  • To provide and maintain our Service, including to monitor the usage of our Service.
  • To manage Your Account and give You access to different functionalities available to registered users.
  • For the performance of a contract — the development, compliance and undertaking of the purchase contract for products, items or services You have purchased or any other contract with Us through the Service.
  • To contact You by email, telephone, SMS, or other forms of electronic communication regarding updates, security notices, or informative communications related to the Service.
  • To provide You with news, special offers and general information about goods, services and events we offer that are similar to those you have already purchased or enquired about, unless You have opted not to receive such information.
  • To manage Your requests — to attend and manage Your requests to Us.
  • For business transfers — to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Our assets.
  • For other purposes such as data analysis, identifying usage trends, determining the effectiveness of promotional campaigns, and improving our Service, products and your experience.

5. Sharing Data

We may share Your personal information in the following situations:

  • With Service Providers — to monitor and analyze the use of our Service and to contact You.
  • For business transfers — in connection with any merger, sale of Company assets, financing, or acquisition of all or a portion of Our business.
  • With Affiliates — who will be required to honor this Privacy Policy, including Our parent company and any subsidiaries or joint venture partners.
  • With business partners — to offer You certain products, services or promotions.
  • With other users — when You share personal information in public areas of the Service, such information may be viewed by all users and publicly distributed.
  • With Your consent — for any other purpose not covered above, with Your explicit consent.

6. Retention of Your Personal Data

The Company will retain Your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy, including to comply with legal obligations, resolve disputes, and enforce our legal agreements and policies. Usage Data is generally retained for a shorter period, except when used to strengthen security or improve functionality, or when legally required to retain it for longer. You can revoke, change or request correction of this data at support@core-stack.org.

7. Transfer of Your Personal Data

Your information, including Personal Data, is processed at the Company’s operating offices and in any other places where the parties involved in the processing are located. This information may be transferred to and maintained on computers located outside of Your state or province. Your consent to this Privacy Policy followed by Your submission of such information represents Your agreement to that transfer. The Company will take all steps reasonably necessary to ensure that Your data is treated securely and no transfer of Your Personal Data will take place to an organization without adequate controls in place.

8. Disclosure of Your Personal Data

Business Transactions
If the Company is involved in a merger, acquisition or asset sale, Your Personal Data may be transferred. We will provide notice before Your Personal Data is transferred and becomes subject to a different Privacy Policy.

Law Enforcement
Under certain circumstances, the Company may be required to disclose Your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

Other Legal Requirements
The Company may disclose Your Personal Data in the good faith belief that such action is necessary to:

  • Comply with a legal obligation
  • Protect and defend the rights or property of the Company
  • Prevent or investigate possible wrongdoing in connection with the Service
  • Protect the personal safety of Users of the Service or the public
  • Protect against legal liability

9. Security of Your Personal Data

The security of Your Personal Data is important to Us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While We strive to use commercially acceptable means to protect Your Personal Data, We cannot guarantee its absolute security.

10. Children’s Privacy

Our Service does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from anyone under the age of 13. If You are a parent or guardian and You are aware that Your child has provided Us with Personal Data, please contact Us. If We become aware that We have collected Personal Data from anyone under the age of 13 without verification of parental consent, We take steps to remove that information from Our servers. If We need to rely on consent as a legal basis for processing Your information and Your country requires consent from a parent, We may require Your parent’s consent before We collect and use that information.

11. Links to Other Websites

Our Service may contain links to other websites that are not operated by Us. If You click on a third-party link, You will be directed to that third-party’s site. We strongly advise You to review the Privacy Policy of every site You visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.

12. Changes to this Privacy Policy

We may update Our Privacy Policy from time to time. We will notify You of any changes by posting the new Privacy Policy on this page. We will let You know via email and/or a prominent notice on Our Service prior to the change becoming effective, and update the “Last updated” date at the top of this Privacy Policy. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.