Effective Date: 05 February 2025
Last Updated: 15 February 2026
This Privacy Policy (“Policy”) describes how Happiminds Solutions, operated by Neorealm Solutions (OPC) Private Limited, a company incorporated under the Companies Act, 2013, having its registered office at No. B817, 5th Cross, 2nd Main, Jalahalli, Bangalore, India – 560013 (hereinafter referred to as the “Company”, “we”, “our”, or “us”), collects, uses, processes, stores, transfers, and protects personal data.
Happiminds is an educational technology platform that provides cognitive skill development programs, structured assessments, adaptive learning modules, gamified exercises, performance tracking systems, and analytics for children between the ages of 6 and 16 years.
This Policy applies to parents and legal guardians, children enrolled through parents or educational institutions, schools and institutional partners, website visitors, and users of any Happiminds website, application, assessment system, dashboard, or related service (collectively referred to as the “Platform”).
This Policy is framed in accordance with the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, the Digital Personal Data Protection Act, 2023, and all other applicable laws of India.
By accessing or using the Platform, you agree to the terms of this Privacy Policy.
For the purposes of this Policy, “Personal Data” means any data about an individual who is identifiable by or in relation to such data, as defined under the Digital Personal Data Protection Act, 2023.
“Sensitive Personal Data or Information” shall have the meaning assigned under the IT Rules, 2011.
“Child” means any individual below eighteen (18) years of age.
“Parent” means a natural or legal guardian who provides consent on behalf of a Child.
“Data Principal” refers to the individual to whom the Personal Data relates.
“Processing” includes collection, recording, organisation, storage, adaptation, retrieval, use, disclosure, dissemination, transfer, restriction, erasure, or destruction of data.
The Company processes Personal Data strictly in accordance with applicable Indian law. Under the Digital Personal Data Protection Act, 2023, processing is carried out on the basis of consent provided by the Data Principal or, in the case of a Child, verifiable consent provided by a Parent.
Processing may also occur where necessary for legitimate use, including the provision of educational services, ensuring platform functionality, maintaining cybersecurity, preventing fraud, complying with legal obligations, and protecting the rights and safety of users.
The Company does not process children’s data for behavioural advertising, targeted marketing, or commercial profiling purposes.
The Company collects only such data as is necessary, proportionate, and directly related to the delivery of its educational services.
4.1 Information Collected from Parents or Guardians
When a Parent creates an account on the Platform, the Company may collect the Parent’s full name, email address, mobile number, city and state of residence, encrypted account credentials, transaction history, billing information, and records of communications with the Company.
Payment transactions are processed through RBI-compliant third-party payment gateways. The Company does not store complete debit or credit card numbers, CVV details, or banking passwords on its servers.
4.2 Information Collected About Children
For enrolled students, the Company may collect the Child’s first name, age or grade, curriculum type such as CBSE, ICSE, IGCSE, or State Board, gender if voluntarily provided, responses to assessments, quiz answers, skill progression metrics, learning performance analytics, and participation records in projects or gamified activities.
The Company does not collect Aadhaar numbers, PAN numbers, biometric identifiers, government-issued identification numbers, or financial information relating to children.
4.3 Technical and Usage Information
When users access the Platform, certain information may be collected automatically. This may include IP address, device type, browser type, operating system, login timestamps, session duration, pages visited, and system error logs. This information is used solely to maintain security, improve system performance, and enhance user experience.
4.4 Cookies and Tracking Technologies
The Platform uses cookies and similar technologies for session authentication, remembering user preferences, analysing usage patterns, and optimising performance. Users may disable cookies through browser settings; however, certain features of the Platform may not function correctly if cookies are disabled.
Personal Data is processed exclusively for lawful and legitimate purposes.
The Company processes data to create and manage user accounts, authenticate access credentials, administer subscriptions, and maintain account security.
Personal Data is used to deliver educational services, including assessments, adaptive workouts, skill development modules, progress tracking systems, cognitive analytics, certificates, and badges.
The Company may process data to generate personalised learning pathways and performance reports tailored to individual student progress.
Data may also be processed to provide customer support, respond to technical queries, troubleshoot platform issues, and maintain service continuity.
Processing is further undertaken to detect suspicious activity, prevent misuse of the Platform, protect intellectual property, and ensure cybersecurity.
The Company may process data where required to comply with applicable laws, respond to lawful government requests, or enforce contractual rights.
Personal Data will not be processed for purposes incompatible with those described above without obtaining fresh consent.
The Company recognises that children’s data requires enhanced protection and care.
Child data is collected exclusively through verified Parent accounts. Children are not permitted to independently create accounts on the Platform.
The Company does not serve behavioural advertisements to children and does not engage in profiling or commercial exploitation of children’s personal data.
Parents retain the right to access their child’s information, request correction of inaccuracies, request deletion of data, and withdraw consent for further processing. Withdrawal of consent may result in the discontinuation of access to certain or all Platform services.
The Company does not sell, rent, or trade personal data.
Personal Data may be shared with trusted third-party service providers engaged for cloud hosting, payment processing, analytics, email communications, and customer support. Such providers are contractually bound to maintain confidentiality and implement appropriate security safeguards.
Where a Child is enrolled through a school partnership, relevant progress reports and performance analytics may be shared with authorised school representatives for educational purposes.
Personal Data may be disclosed if required by law, including in response to court orders, government directives, or requests from law enforcement authorities.
In the event of a merger, acquisition, restructuring, or transfer of business assets, Personal Data may be transferred subject to equivalent data protection safeguards.
Personal Data is retained only for as long as necessary to fulfil the purposes described in this Policy, maintain active accounts, comply with legal obligations, resolve disputes, and enforce agreements.
Upon account deletion, Personal Data will be securely erased or anonymised within a reasonable period unless retention is required under applicable law.
The Company implements reasonable security practices as required under Section 43A of the Information Technology Act, 2000 and applicable standards.
Security measures include encryption of data in transit through SSL/TLS protocols, encryption of stored data, secure password hashing, role-based access controls, administrative access restrictions, periodic security reviews, vulnerability assessments, and established incident response protocols.
While the Company takes appropriate measures to safeguard data, no internet-based system can guarantee absolute security.
In the event of a data breach, the Company shall assess the incident promptly, take necessary remedial measures, notify CERT-In where legally required, and inform affected users where appropriate and in accordance with applicable law.
Under the Digital Personal Data Protection Act, 2023, Data Principals have the right to access their Personal Data, request correction of inaccurate information, request erasure of data, withdraw consent, nominate another individual to exercise rights on their behalf, and seek grievance redressal.
Requests may be submitted to support@liltalents.com. The Company will respond within the timelines prescribed by applicable law.
Where Personal Data is stored or processed outside India, such transfers shall comply with the Digital Personal Data Protection Act, 2023. Appropriate contractual safeguards will be implemented, and transfers shall not be made to jurisdictions restricted by the Government of India.
The Company shall not be liable for unauthorised access resulting from user negligence, breaches beyond reasonable control, or force majeure events. Liability shall be limited to the extent permitted by applicable law.
In accordance with applicable Indian law, grievances may be addressed to:
Grievance Officer
Happiminds Solutions
Neorealm Solutions (OPC) Private Limited
No. B817, 5th Cross, 2nd Main, Jalahalli, Bangalore, India – 560013
Email: support@liltalents.com
Grievances will be acknowledged within 48 hours and resolved within statutory timelines.
This Privacy Policy shall be governed by the laws of India. Any disputes arising in connection with this Policy shall be subject to the exclusive jurisdiction of the courts located in Bangalore, India.
The Company reserves the right to update this Privacy Policy periodically. Material changes will be communicated through email notification, platform announcements, or updates on the website. Continued use of the Platform after such changes constitutes acceptance of the revised Policy.
