Privacy Policy

Effective date: 17 April 2026 · Last updated: 1 June 2026

This policy explains what information māhita collects when you use our website and products, how we use it, and the choices you have. We aim to collect only what we genuinely need, and to be transparent about everything we do with it.

1. Who we are

"māhita" in this policy refers to MAAHITA TECHNOLOGIES (OPC) PVT LTD., incorporated in India with its registered office at Rellivalasa Village, Srikakulam, Andhra Pradesh. We are the data controller for the information described in this policy.

māhita Technologies Inc. (Kitchener, Ontario, Canada) is a separately incorporated affiliate company. It operates coopiq.ca under its own privacy policy and is not the data controller for the website or products covered by this notice.

This policy applies to our marketing website at maahita.com and to our products that link to it — currently school.maahita.com and vinodam.maahita.com. Each product may have its own supplementary privacy notice that covers product-specific data such as student records; where those apply, they take precedence for that product.

2. Information we collect

Information you give us directly

• Contact enquiries. When you submit the contact form on our website, we collect your name, email address, phone number (if provided), and the contents of your message.
• Product accounts. If you sign up for one of our products, that product will collect the information described in its own privacy notice — typically email, name, and role (student, teacher, administrator, employer, etc.).

Information collected automatically

• Usage and device data. With your consent, we use Firebase / Google Analytics to understand how visitors interact with the site — pages viewed, links clicked, approximate location derived from IP, device type, and browser. We do not use this data to identify you personally.
• Preferences. We store your analytics-consent choice in your browser's localStorage so the site remembers it on your next visit. This is local to your device — nothing is sent to a server.

Information we do not collect on this website

This marketing website does not ask for payment details, government IDs, health information, or biometric data. We do not profile individuals or build advertising segments. We do not sell personal information.

3. How we use information

• To respond to enquiries you send via our contact form — partnership, investment, or general questions.
• To run and improve the website — understanding which pages are useful and where people drop off.
• To meet legal and compliance obligations, such as responding to lawful requests and keeping records required by law.

4. Cookies and analytics

We load analytics only after you actively accept the cookie banner on our website. Before you accept, no Firebase or analytics code runs and no tracking cookies are set. You can change your choice at any time using the "Cookie Preferences" link in the footer.

The third-party services we currently use that may set cookies or receive data:

• Firebase / Google Analytics (Google LLC) — site usage measurement, once you accept.
• Google Fonts — serves the Comfortaa typeface. Google may log the IP address making the request.
• Cloudflare (FontAwesome CDN) — serves icon assets. Cloudflare may log the IP address making the request.
• Google Cloud Functions — receives contact-form submissions.

5. Legal bases for processing

If you are in a jurisdiction that requires a legal basis (such as the European Economic Area, the United Kingdom, or Quebec), we rely on the following bases:

• Consent — for analytics cookies and any optional marketing communications.
• Legitimate interest — for responding to enquiries you send us and for basic site security.
• Legal obligation — for record-keeping and lawful-request compliance.

6. Sharing and disclosure

We do not sell personal information. We share it only in these situations:

• Service providers. The third parties listed in Section 4 process data on our behalf under their own security and privacy terms.
• Legal requirements. Where we are legally required to disclose information — for example in response to a court order — we will disclose only what is strictly required.
• Corporate transactions. If māhita is involved in a merger, acquisition, or sale of assets, personal information may be transferred as part of that transaction. We will notify affected users in advance.

7. International data transfers

māhita operates from India, and our analytics and cloud providers operate globally. Your information may be processed outside the country where you reside, including in the United States (Google Cloud regions). Where information is shared with our Canadian affiliate māhita Technologies Inc. for cross-border business purposes (such as engineering coordination), we apply appropriate safeguards. Where required by law, we rely on Standard Contractual Clauses or equivalent mechanisms.

8. Data retention

• Contact form submissions — retained for up to 24 months so we can follow up on your enquiry, unless you ask us to delete them sooner.
• Analytics data — retained according to our Google Analytics settings (currently 14 months), after which it is automatically aggregated or deleted.
• Browser preferences — stored on your device until you clear them or until you revoke consent.

9. Your rights

Depending on where you live, you may have the following rights in relation to the personal information we hold about you:

• Access — ask for a copy of what we hold.
• Correction — ask us to fix inaccurate or incomplete information.
• Deletion — ask us to delete information we no longer need to keep.
• Objection / restriction — ask us to stop or limit certain processing.
• Portability — ask for your data in a portable format, where applicable.
• Withdraw consent — you can decline analytics at any time via "Cookie Preferences" in the footer; you can withdraw contact-form consent by emailing us.
• Complain — you may complain to a supervisory authority (e.g. the Data Protection Board of India, or — for data shared with our Canadian affiliate — the Office of the Privacy Commissioner of Canada or the Commission d'accès à l'information du Québec).

To exercise any of these rights, email us at hello@maahita.com. We will respond within the timeframe required by applicable law.

10. Security

We use reasonable technical and organisational safeguards — encrypted transport (HTTPS), access controls, and limited internal access — to protect personal information. No method of transmission or storage is ever 100% secure; we will inform you and relevant authorities of any breach that materially affects you, as required by law.

11. Children's privacy

Our marketing website is not directed at children under 13. Our education products (such as māhita school and vinodam) are designed for use by schools, and the school acts as the controller of student data; those products' own notices set out the rules that apply to minors.

12. Changes to this policy

We may update this policy from time to time. When we do, we will change the "Last updated" date at the top of this page. If the changes are material, we will highlight them on our website or notify you by other appropriate means.

A note on this document. This policy is written in plain language to explain our actual practices. It is not legal advice and should be reviewed by qualified counsel before publication in jurisdictions with specific regulatory requirements (for example the DPDP Act 2023 in India, and PIPEDA / Quebec Law 25 in Canada to the extent cross-border affiliate data is involved).