Last Updated: 28 April 2026 Privacy Policy

This Privacy Policy ("Policy") is a legally binding disclosure document issued by NoPaperForms Solutions Limited ("Company", "UniApply", "we", "us", or "our") governing the collection, receipt, storage, use, processing, disclosure, retention, transfer, and protection of Personal Data in connection with the platform branded as UniApply, accessible at https://www.uniapply.com ("Platform").

This Policy shall be read in conjunction with the Platform’s terms of use, consent notices, declarations, and any other legally operative documents made available on or through the Platform. In the event of any inconsistency, this Policy shall prevail to the extent permitted by law.

01Applicability, Scope, and Exclusions

  • This Policy applies solely to the processing of Personal Data by UniApply in its capacity as a Data Fiduciary, strictly to the extent such data is collected directly through the Platform.
  • This Policy applies to:
    • Visitors accessing or browsing the Platform
    • Parents or lawful guardians interacting with the Platform
    • Students whose information is submitted by parents or lawful guardians
    • Individuals submitting enquiries, applications, callbacks, or information requests
  • This Policy expressly excludes:
    • Processing activities undertaken independently by educational institutions, schools, counsellors, consultants, or third parties
    • Third-party websites, platforms, applications, or services linked to, embedded in, or accessible through the Platform
  • UniApply expressly disclaims any control, responsibility, or liability for Personal Data once such data is lawfully disclosed to third parties acting as independent Data Fiduciaries.

02Definitions and Statutory Interpretation

All capitalized terms not defined herein shall have the meanings assigned to them under the DPDP Act.

  • "Personal Data" shall mean any data about an individual who is identifiable by or in relation to such data.
  • "Data Principal" includes parents or lawful guardians where the data relates to a child.
  • "Child" shall have the meaning assigned under applicable law.
  • "Data Fiduciary" and "Data Processor" shall have the meanings ascribed under the DPDP Act.
  • "Processing" shall be construed broadly and includes any operation performed on Personal Data, whether automated or otherwise.
  • “Affirmative Action” shall mean submission of an enquiry or application or request for a callback or more information.

03Status, Capacity, and Limitation of Role

  • UniApply acts as a Data Fiduciary only in respect of Personal Data collected directly through the Platform.
  • Educational institutions and third parties receiving Personal Data act as independent Data Fiduciaries, and UniApply neither determines nor influences their purposes, means, or manner of processing.
  • UniApply shall not be deemed a joint Data Fiduciary, agent, trustee, or fiduciary of any third party by virtue of data disclosure.
  • To the maximum extent permitted by law, UniApply disclaims all liability arising from subsequent processing by third parties.

04Categories of Personal Data

4.1 User Provided Data

We may collect Personal Data including but not limited to:

  • Names of parents, guardians, and students
  • Contact details (email address, mobile number)
  • Location information at a city or state level
  • Academic details, preferences, and education-related inputs
  • Dates of birth or age indicators where voluntarily furnished
  • Communications, submissions, and correspondence

UniApply does not require submission of government-issued identifiers, biometric information, or financial credentials unless explicitly mandated by law.

4.2 System-Generated and Technical Data

Technical data collected automatically may include IP address, device identifiers, browser metadata, timestamps, interaction logs, and cookie data. Such data is processed strictly for security, diagnostics, compliance, and performance optimization.

4.3 Children’s Data

All data relating to children is collected exclusively through parents or lawful guardians. UniApply does not knowingly conduct profiling, behavioral analysis, or targeted advertising involving children.

05Purpose Limitation and Use Restrictions

Personal Data is processed strictly for lawful, specific, and explicit purposes, including facilitation of enquiries, communications, platform operations, security, compliance, and internal analytics conducted in aggregated or anonymized form. UniApply may use the collected personal data (such as email or mobile number) to reach out to parents via phone or email to help guide them in selecting the best school for their child.

Any use beyond such purposes is expressly disclaimed.

06Lawful Basis

Processing is undertaken only on lawful grounds recognized under the DPDP Act, including consent, performance of lawful purpose, and compliance with legal obligations.

UniApply reserves the right to continue processing where permitted notwithstanding withdrawal of consent, to the extent legally required. Data Principals may withdraw such consent in accordance with Section 11 of this Policy.

07Disclosure, Transfer, and Risk Allocation

  • Personal Data may be disclosed to educational institutions, consultants, or similar entities strictly pursuant to an explicit Affirmative Action initiated by the Data Principal or lawful guardian through the Platform.
  • Such disclosure is limited to Personal Data reasonably necessary to enable the receiving entity to respond to the relevant request.
  • Upon disclosure, the receiving entity processes such Personal Data in its capacity as an independent Data Fiduciary and in accordance with its own privacy policies, internal governance frameworks, and applicable law.
  • UniApply does not monitor, supervise, audit, or control the subsequent processing activities undertaken by such entities and shall not be construed as a joint Data Fiduciary, data controller, agent, or trustee in respect thereof.
  • To the extent permitted under applicable law, UniApply disclaims responsibility for acts, omissions, or data processing practices of third-parties beyond the point of lawful disclosure, without prejudice to its obligations under the DPDP Act in respect of processing carried out by UniApply itself.
  • UniApply may engage third-party service providers and Data Processors to process Personal Data on its behalf under written agreements imposing confidentiality, security, and data protection obligations consistent with applicable law.
  • Personal Data may be disclosed where required to comply with applicable law, regulation, judicial order, or lawful governmental requests.

08Cross Border Processing

Where Personal Data is processed, stored, or accessed outside India (including through the use of third-party service providers for email delivery, cloud infrastructure, analytics, or platform operations) UniApply undertakes commercially reasonable safeguards, which may include encryption in transit and at rest, contractual data protection obligations imposed on such providers, and restriction of access to authorized personnel only. UniApply processes cross-border transfers in compliance with the DPDP Act and applicable governmental restrictions on transfer to specified jurisdictions. UniApply disclaims liability for the operation of foreign legal regimes, regulatory actions, or enforcement proceedings beyond its reasonable control.

09Data Retention, Erasure, and Anonymization

  • UniApply retains Personal Data only for such period as is reasonably necessary to fulfil the purposes for which it was collected, including facilitation of enquiries or applications, provision of Platform services, compliance with contractual obligations, resolution of disputes, enforcement of legal rights, and compliance with applicable laws.
  • Retention periods may vary based on the nature of the Personal Data, the context of processing, statutory or regulatory requirements, and legitimate business needs. UniApply does not commit to uniform retention timelines across all data categories.
  • Where retention is no longer required, Personal Data may be securely deleted, anonymized, or irreversibly de-identified, at UniApply’s discretion, subject to applicable legal or technical constraints.
  • UniApply may retain anonymized, aggregated, or non-identifiable data indefinitely for analytics, research, product improvement, audit, or compliance purposes, as such data does not constitute Personal Data under applicable law.
  • Nothing in this Policy obligates UniApply to delete Personal Data where retention is required or permitted under applicable law, judicial order, or regulatory directive.

10Rights of Data Principals and Statutory Limitations

Subject to the DPDP Act and applicable rules, Data Principals may exercise the following rights:

  • Right to access Personal Data processed by UniApply
  • Right to request correction or updating of inaccurate or incomplete Personal Data
  • Right to request erasure of Personal Data where such data is no longer necessary or lawfully required
  • Right to withdraw consent where processing is based on consent
  • Right to grievance redressal

Exercise of rights is subject to identity verification, procedural requirements, and statutory exceptions. UniApply reserves the right to refuse, restrict, or defer requests where permitted by law, including where compliance would:

  • Conflict with legal or regulatory obligations
  • Prejudice investigation, legal proceedings, or enforcement actions
  • Involve disproportionate effort or technical infeasibility

UniApply shall not be liable for any consequences arising from denial or limitation of rights where such denial is lawful.

Requests may be submitted as described in Section 14.

11Withdrawal of Consent and Consequences

  • Where Personal Data is processed on the basis of consent, Data Principals may withdraw such consent in the manner prescribed by UniApply.
  • Withdrawal of consent shall operate prospectively and shall not affect the legality of processing carried out prior to such withdrawal.
  • Upon withdrawal, UniApply may be unable to continue providing certain features or services, and reserves the right to suspend or terminate access to the Platform, in whole or in part, where processing of Personal Data is integral to such services.
  • UniApply may continue to process Personal Data notwithstanding withdrawal of consent where such processing is required or permitted under applicable law.

12Information Security Measures and Disclaimer

  • UniApply implements reasonable administrative, technical, and organizational security measures designed to protect Personal Data against unauthorized access, alteration, disclosure, loss, or destruction, consistent with industry standards and applicable law.
  • Such measures may include access controls, encryption, monitoring, internal policies, and employee training; however, UniApply does not warrant or guarantee absolute security.
  • Data Principals acknowledge that transmission of information over the internet is inherently subject to risks, and UniApply shall not be liable for breaches arising from events beyond its reasonable control, including force majeure events, cyberattacks, or failures of third-party infrastructure.
  • To the maximum extent permitted by law, UniApply disclaims liability for any indirect, incidental, consequential, or punitive damages arising from data security incidents.

13Cookies and Tracking Technologies

The Platform uses cookies and similar technologies to support functionality and analytics. Users may manage cookie preferences through browser settings. Disabling cookies may affect certain features of the Platform.

14Grievance Redressal and Contact Information

For queries, requests, or grievances relating to this Policy or personal data processing, you may contact:

Email UsOur data privacy & security team
infosec@meritto.com

Submitting Data Subject Requests:

  • EU/EEA residents: You may exercise your GDPR rights through our EU representative, Prighter Group, via the following portal: https://app.prighter.com/portal/18828570800
  • All other users (India, UAE, US, Rest of World): Requests may be submitted through our Data Rights Portal: https://trustcenter.nopaperforms.com/your-data. Please provide your name, email address, mobile number, and details of your request. We typically respond within 30 days, or sooner where required by applicable law.

We will endeavor to respond within reasonable timelines as required under applicable law. Data Principals may escalate unresolved grievances to the Data Protection Board of India, where applicable.

15Amendments

We may update this Policy from time to time. Any changes will be effective upon publication on the Platform with an updated “Last Updated” date. Continued use of the Platform constitutes acknowledgment of the updated Policy.

16Limitation, Indemnity, and Governing Law

This Policy is a statutory disclosure instrument and does not create contractual, fiduciary, or agency obligations beyond law. All disputes shall be governed by Indian law and subject to the exclusive jurisdiction of courts at New Delhi.

It seems you have blocked the location.
It is required to find out the nearest school.
LocationAllow