Destination Hub logo
Up to date โ€” Version 1.1๐Ÿ›ก๏ธ GDPR Compliant๐Ÿ“ฑ App Store Ready

Privacy Policy

We believe privacy is a fundamental right โ€” not a legal formality. This policy explains, in plain language, exactly how Destination Hub collects, uses, and protects your data.

๐Ÿ“…Effective Date:13 June 2026๐Ÿ”„Last Updated:28th May 2026๐Ÿ“„Version:1.1

๐Ÿ“ŒImportant Notice

  • โ€ขThis Privacy Policy applies to the Destination Hub website, Android application, and iOS application.
  • โ€ขBy accessing or using Destination Hub, you acknowledge that you have read, understood, and agree to the practices described in this Policy.
  • โ€ขIf you do not agree with any part of this Policy, please discontinue use of the platform.

Introduction

Destination Hub ("we", "us", "our", or the "Platform") is a technology-driven Learning Management System (LMS) designed to facilitate academic administration, attendance management, and personalized learning experiences for students and educators.

We are committed to protecting the privacy of every individual who interacts with our Platform โ€” including students, instructors, and institutional administrators. This Privacy Policy ("Policy") describes:

  • What personal information we collect and why
  • How we use, store, and protect that information
  • Your rights with respect to your personal data
  • How you can contact us with questions or requests

This Policy applies to all products and services offered by Destination Hub, including our website (the "Site"), Android application, and iOS application (collectively, the "Services").

This Policy is designed to comply with applicable privacy laws including the GDPR (EU Regulation 2016/679), the Information Technology Act 2000 (India), Google Play Developer Policy, and Apple App Store Review Guidelines.

Information We Collect

We follow a strict data minimization principle โ€” collecting only information strictly necessary to provide, maintain, and improve our Services.

2.1 Information You Provide Directly

  • Full Name โ€” to identify your account and personalize your experience
  • Email Address โ€” used for authentication, account management, and essential platform communications
  • Profile Picture โ€” retrieved from your Google account at sign-in, displayed within the platform for account identification only

2.2 Information We Collect Automatically

We collect a minimal set of operational data to ensure security and stability:

  • Device Type and OS Version โ€” collected solely to ensure compatibility and diagnose technical issues; never linked to your identity
  • Session Timestamps โ€” date and time of login/logout events, used for security and audit purposes

We do NOT collect: IP addresses, browser fingerprints, behavioral tracking data, advertising identifiers, or detailed usage analytics tied to individuals.

2.3 Location Data

๐Ÿ“Location Data โ€” Important Details

  • โ€ขLocation is accessed solely during live, opt-in attendance verification sessions.
  • โ€ขWe verify whether you are within a pre-defined radius of approximately 20โ€“30 meters from the registered institution's coordinates.
  • โ€ขYour precise location coordinates are NOT stored after the verification check is complete.
  • โ€ขLocation data is NEVER shared with third parties, used for tracking, or processed for advertising or profiling.
  • โ€ขYou will always be informed before location access is requested.

2.4 Google OAuth Login Data

When you sign in with Google, we receive only the following via OAuth 2.0:

  • Your full name
  • Your email address
  • Your Google profile picture URL

We do NOT receive your Google password, Contacts, Calendar, or any other Google service data.

2.5 Information We Do NOT Collect

โŒ Phone numbers
โŒ Payment / financial info
โŒ Government IDs (Aadhaar, PAN etc.)
โŒ Sensitive personal info (health, biometric, etc.)
โŒ Persistent GPS coordinates
โŒ Microphone, camera, or contacts
โŒ Social media profiles
โŒ Advertising identifiers

How We Use Your Information

3.1 Core Platform Operations

  • Account Creation & Authentication โ€” to create, verify, and manage your user account
  • Attendance Verification โ€” to confirm your physical presence at a registered institution during scheduled sessions using one-time location checks
  • Personalized Learning Experience โ€” to display enrolled courses, progress tracking, and relevant academic content
  • Platform Security โ€” to detect and prevent unauthorized access, fraud, and abuse
  • Customer Support โ€” to respond to your queries, complaints, and requests

3.2 Platform Improvement and Analytics

๐Ÿ“ŠAnonymized Analytics Disclaimer

  • โ€ขDestination Hub may use aggregated and fully anonymized data (e.g., total active sessions per day, feature usage rates) to improve our Services.
  • โ€ขThis data does NOT include your name, email address, or any other personally identifiable information.
  • โ€ขAnonymized data cannot be used to identify any individual user.

3.3 What We Do NOT Do

  • We do not use your data for targeted advertising or behavioral profiling
  • We do not sell, rent, lease, or trade your personal information to any third party
  • We do not use your data to make automated decisions with legal or significant effects
  • We do not use your email address for unsolicited marketing communications

Legal Basis for Processing (GDPR)

If you are located in the EEA or a jurisdiction governed by GDPR-equivalent laws, we process your personal data on the following legal bases:

๐Ÿ“ƒ

Contractual Necessity

Processing required to fulfill our agreement and provide the Services you requested (e.g., account management, attendance verification).

๐Ÿข

Legitimate Interests

Minimal operational data (e.g., session timestamps, device type) to maintain platform security, where not overridden by your rights.

โœ…

Consent

Where we rely on consent (e.g., location access), you may withdraw at any time without affecting the lawfulness of prior processing.

โš–๏ธ

Legal Obligation

We may process data to comply with applicable laws, court orders, or regulatory requirements.

Leaderboard & Competitive Features

Destination Hub includes leaderboard and performance ranking features designed to encourage healthy academic competition. We take the following privacy-protective measures:

  • Your real name and profile picture will be displayed publicly on any leaderboard or ranking feature
  • Participants are identified using their real name on all leaderboard or ranking features
  • User profile information used for leaderboard display may include data you provide, such as your name and profile picture
  • Any future opt-in public identification feature will require your explicit written consent

Data Sharing and Disclosure

We do not sell, trade, or share your personal information with third parties for commercial purposes. Your data may be shared only in the strictly limited circumstances below.

6.1 Authorized Service Providers

Trusted third-party providers assist us in operating the Platform. They:

  • Act only as data processors on our behalf
  • Are contractually bound to process your data solely for the purposes we specify
  • May not use your data for their own purposes, including advertising
  • Are required to implement appropriate security measures

6.2 Legal Compliance and Protection

We may disclose your personal information when:

  • Required by applicable law, regulation, legal process, or enforceable governmental request
  • Necessary to enforce our Terms of Service or protect rights, property, or safety
  • Required to prevent or respond to fraud, security breaches, or technical issues

6.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the successor entity. We will notify you before your data becomes subject to a different privacy policy.

6.4 With Your Consent

We may share your information with third parties in any circumstance where you have provided your prior, explicit, and informed consent.

Cookies and Tracking Technologies

Destination Hub does not use third-party tracking cookies, advertising pixels, cross-site tracking technologies, or behavioral analytics tools that collect personally identifiable data.

Our platform may use essential session tokens strictly necessary for platform operation:

  • Session authentication tokens โ€” to keep you securely logged in during a session
  • CSRF protection tokens โ€” to prevent cross-site request forgery attacks

๐ŸชNo Advertising Tracking

  • โ€ขThese functional tokens are NOT used for tracking, advertising, or profiling.
  • โ€ขThey expire at the end of your session or upon logout.
  • โ€ขWe do not integrate any advertising networks, social media pixels, or cross-device tracking technologies.

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, unless a longer period is required or permitted by law.

8.1 Retention Periods

Data TypeRetention Period
Account Data (name, email, picture)Deleted upon user request without undue delay. If the system is temporarily unavailable due to server downtime, maintenance, or technical failure, deletion requests will be queued and executed promptly once services are restored, and in any case within a reasonable timeframe after restoration.
Location DataNOT stored beyond completion of each attendance verification event
Session Logs12 months retained for security, abuse prevention, and system integrity purposes
Anonymized Analytics DataMay be retained indefinitely, provided it does not identify any individual user
Legal Hold DataRetained for the duration required to comply with applicable legal obligations or valid legal requests

8.2 Account Deletion

Upon receipt of a verified deletion request, we will:

  • Permanently delete your personally identifiable information instantly upon receiving a confirmed deletion request, where technically feasible and when systems are operational
  • Remove your account from active systems and production databases, making it immediately inaccessible for normal use
  • Residual data may persist in encrypted backups for a limited period and will be removed automatically according to standard backup rotation policies

Data Security

๐Ÿ”

Encryption in Transit

TLS encryption for all data between your device and our servers

๐Ÿ’พ

Encryption at Rest

AES-256 equivalent encryption for all stored personal data

๐Ÿšช

Access Controls

Strict need-to-know access controls for all personnel

9.1 Organizational Safeguards

  • Internal data handling policies and staff confidentiality obligations
  • Regular security reviews of third-party service providers
  • Incident response procedures for suspected data breaches

9.2 Breach Notification

In the event of a personal data breach likely to result in risk to your rights and freedoms, we will notify you and/or the relevant supervisory authority without undue delay, and in any event within [INSERT: e.g., 72 hours] of becoming aware, as required by applicable law.

๐Ÿ”’Security Disclaimer

  • โ€ขWhile we implement industry-standard security measures, no method of transmission over the Internet or electronic storage is 100% secure.
  • โ€ขWe encourage you to use strong, unique passwords and contact us immediately if you suspect unauthorized access to your account.

Your Privacy Rights

๐Ÿ‘๏ธ

Right to Access

Request a copy of the personal data we hold about you

โœ๏ธ

Right to Correction

Request correction of inaccurate or incomplete personal data

๐Ÿ—‘๏ธ

Right to Deletion

Request permanent deletion of your account and data

๐Ÿ“ฆ

Right to Portability

Receive your data in a structured, machine-readable format

โ†ฉ๏ธ

Withdraw Consent

Withdraw consent (e.g., location) at any time via device settings

๐Ÿšซ

Right to Object

Object to certain types of processing, including analytics

โธ๏ธ

Right to Restriction

Request restriction of processing in certain circumstances (EEA)

๐Ÿ›๏ธ

Supervisory Authority

Lodge a complaint with your local data protection authority (EEA)

10.1 Exercising Your Rights

๐Ÿ“งPrivacy Rights Requests

  • โ€ขEmail: destinationhub1.in@gmail.com
  • โ€ขSubject Line: "Privacy Rights Request โ€“ Destination Hub Team"
  • โ€ขResponse Time: We aim to respond within 30 days of receiving a verified request.
  • โ€ขVerification: We may need to verify your identity before processing your request.

Children's and Student Privacy

Destination Hub is designed to serve students, which may include individuals under the age of 18. We take student privacy with the utmost seriousness.

11.1 Age Restrictions

Our Services are intended for students enrolled in accredited educational programs, typically aged 13 years and above. We do not knowingly collect personal data from children under 13 without verifiable parental or guardian consent.

If we discover we have inadvertently collected personal data from a child under 13 without appropriate consent, we will promptly delete such data.

11.2 Student Data Protections

  • We collect only the minimum personal data necessary from student accounts
  • Student data is never used for advertising, profiling, or commercial purposes
  • Student data is not sold or shared with third parties for any commercial purpose
  • Leaderboards use anonymized identifiers โ€” no student's real identity is ever publicly displayed
  • Institutional administrators may access only aggregate, anonymized data about enrolled students for educational administration purposes

11.3 Parental Rights

Parents or legal guardians of students under 18 may contact us to review, correct, delete, or withdraw consent for data uses relating to their child. Please email destinationhub1.in@gmail.com.

Mobile Application Permissions

Our Android and iOS applications request only the following device permissions, each strictly necessary for core platform functionality:

๐Ÿ“

Location Permission

ACCESS_FINE_LOCATIONLocation When In Use

One-time proximity check for attendance verification during active sessions only โ€” never in the background.

๐ŸŒ

Internet Permission

INTERNETNetwork Access

Required for the application to communicate with our servers for authentication, content delivery, and attendance verification.

Permissions We Do NOT Request

โŒ Camera
โŒ Microphone
โŒ Contacts
โŒ SMS / Call logs
โŒ Background location
โŒ Bluetooth / NFC

International Data Processing

Destination Hub is operated from India. Our servers and service providers may be located in India or other countries, including those within the EEA, the United States, or other jurisdictions.

Where we transfer personal data internationally, we take steps to ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses (SCCs) approved by the European Commission (for transfers to/from the EEA)
  • Contractual data processing agreements with all service providers
  • Ensuring recipient countries provide an adequate level of data protection

Third-Party Services and Links

14.1 Google OAuth

Sign-in via Google is governed by Google's Privacy Policy and Terms of Service. We encourage you to review your Google account privacy settings.

14.2 Cloud Infrastructure

We use cloud infrastructure providers to host our Platform. These providers process data on our behalf as data processors and are contractually bound by our data protection requirements.

14.3 No Advertising Networks

โœ…Ad-Free Commitment

  • โ€ขWe do not integrate any advertising networks into our Platform or applications.
  • โ€ขWe do not include affiliate tracking systems or ad-monetization SDKs.
  • โ€ขYour data is never used for advertising by us or our partners.

Consent and Withdrawal

Where our processing of your personal data is based on your consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing carried out before the withdrawal.

15.1 How Consent Is Obtained

  • Account Registration โ€” by completing registration and agreeing to our Terms of Service and this Privacy Policy
  • Location Access โ€” your device OS will prompt you explicitly before location access is granted; you must affirmatively grant this permission
  • Google OAuth โ€” by selecting 'Sign in with Google', you authorize us to receive your name, email, and profile picture

15.2 How to Withdraw Consent

  • Location Permission โ€” revoke via device Settings โ†’ Apps โ†’ Destination Hub โ†’ Permissions โ†’ Location โ†’ Deny
  • Account Data โ€” submit an account deletion request (see Section 16)
  • General Data Use โ€” contact us at destinationhub1.in@gmail.com

Account Deletion

You have the right to permanently delete your Destination Hub account and all associated personal data at any time, free of charge and without providing a reason.

16.1 How to Request Deletion

๐Ÿ“ฑ

In-App

Navigate to Settings โ†’ Account โ†’ Delete Account (if available in your app version)

๐Ÿ“ง

By Email

Send a request to destinationhub1.in@gmail.com with subject "Account Deletion Request โ€“ [Your Registered Email]"

๐ŸŒ

Web Form

https://destination-dashboard-one.vercel.app/delete-account

16.2 What Happens Upon Deletion

  • Your account will be deactivated immediately upon confirmation
  • All personally identifiable data will be permanently deleted within 30 days, subject to technical feasibility and system availability
  • Anonymized data that cannot be linked back to you may be retained
  • Data required for legal obligations will be held for the applicable statutory period only

Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time. We will use commercially reasonable efforts to provide advance notice of material changes.

17.1 How We Notify You

  • Material changes โ€” prominent notice via in-app notification and/or email at least 15 days before the change takes effect
  • Minor or clarificatory changes โ€” we will update the 'Last Updated' date at the top of this Policy
  • Continued use of the Platform after the effective date of any change constitutes your acceptance of the revised Policy
  • If you do not agree to the revised Policy, you must discontinue use and may request account deletion

The most current version of this Policy is always accessible at https://mydestinationhub.in/privacy-policy.

Legal Compliance

Destination Hub is committed to complying with applicable data protection and privacy laws. Our practices are designed to meet the requirements of the following frameworks:

๐Ÿ‡ฎ๐Ÿ‡ณ

IT Act 2000 (India)

Information Technology Act, 2000 and SPDI Rules, 2011

GDPR

EU Regulation 2016/679 (to the extent applicable to EEA users)

Google Play Policy

Data Safety and Privacy requirements under Google Play Developer Policy

Apple App Store

App Store Review Guidelines Section 5.1 (Privacy)

Contact Information & Grievance Redressal

We take all privacy concerns seriously. If you have any questions, concerns, or complaints about this Privacy Policy or our data practices, please contact us below.

19.1 General Privacy Inquiries

๐Ÿ“ง

Email

destinationhub1.in@gmail.com

Privacy / Grievance queries

โฑ๏ธ

Response Time

Within 30 days

For verified requests

๐Ÿ“

Address

[INSERT Business Address]

Registered office

๐ŸŒ

Website

https://mydestinationhub.in/privacy-policy

Policy always available here

19.2 Data Protection Officer (DPO)

[INSERT: DPO name and contact, or: "We are in the process of designating a Data Protection Officer. In the interim, all data protection queries should be directed to the email address above."]

19.3 Grievance Officer (India โ€” IT Act 2000)

๐Ÿ“‹Grievance Officer Details

  • โ€ขName: Navneet Kumar
  • โ€ขDesignation: Grievance Officer
  • โ€ขEmail: destinationhub1.in@gmail.com
  • โ€ขAddress: Andal, West Bengal, India
  • โ€ขAvailability: Monday โ€“ Friday, 09:00 AM โ€“ 05:00 PM IST
  • โ€ขGrievances will be acknowledged within 24 hours and resolved within 30 days of receipt.

19.4 Regulatory Complaints (EEA Users)

If you are located in the EEA and believe that our processing of your personal data infringes applicable data protection law, you have the right to lodge a complaint with your local data protection supervisory authority. A list of EU supervisory authorities is available at: edpb.europa.eu.

Destination Hub

Your Privacy Matters to Us

This policy was last updated on 28th May 2026. We are committed to keeping it clear, honest, and up to date.

๐Ÿ“ง Contact Us