OneRiki

ClubConnect

Back to Home/Privacy Policy
Legal Framework
Data Protection

Privacy Policy

Our commitment to safeguarding your personal data and institutional information.

OneRiki Privacy Operations
Data Controller
Last Revision
March 11, 2026

Your privacy is paramount to us. It is OneRiki's policy to respect and strictly protect your privacy regarding any information we may collect from you across the ClubConnect platform.

Registration on ClubConnect is strictly optical and intended exclusively for verifiable members of the GITAM University ecosystem. We do not aggregate public, non-student data.

Our Data Promise

We explicitly promise that we do not sell, rent, or trade your personal data to any third-party advertisers or external marketing agencies.

1. Information We Collect

We only ask for personal information when we truly need it to provide a service to you, operating within the boundaries of fair and lawful means, with your knowledge and consent. We collect:

  • Identity Data: First Name, Last Name, GITAM Roll Number, Branch, and Year of Study.
  • Contact Data: Institutional or Personal Email Address, and optionally Phone Number.
  • Profile Data: Avatar images, biography text, club affiliations, and role/designation within those clubs.
  • System Data: Automatically collected diagnostic data, browser type, device information, and IP addresses used for platform security.

2. How We Use Your Information

The information we collect from you is utilized to ensure smooth platform operation and to verify your standing within the university. We use your data to:

  • Create, verify, and authenticate your user account.
  • Provide and maintain the core ClubConnect functions (e.g., event RSVPs, club rosters).
  • Send you administrative notices, technical notices, status updates, and security alerts.
  • Allow club administrators to manage their events and verify student attendance.

3. Data Sharing & Disclosure

While we don't sell your data, limited data sharing is required for the platform to function effectively within a university environment.

  • Club Administrators: When you join a club or RSVP to an event, the administrators of that specific club receive access to your Name, Roll Number, and Email to manage logistics securely.
  • Service Providers: We use secure, industry-standard third-party vendors (e.g., Supabase for database hosting, NextAuth for authentication) who are bound by strict data processing agreements.
  • Legal Obligations: We may disclose your data if required to do so by university administration (in severe disciplinary cases) or by law.

4. Security Measures

We value your trust in providing us your Personal Information, and thus we are striving to use commercially acceptable means of protecting it.

Your data is stored in secure, encrypted databases equipped with Row-Level Security (RLS) to ensure that users cannot access records they are not authorized to view. We employ HTTPS/SSL for all data transmission. However, remember that no method of transmission over the internet, or method of electronic storage, is 100% secure.

Auth & Passwords

We do not store your raw passwords. Password hashing and salting are handled by highly secure standard cryptographic protocols managed by our enterprise authentication provider.

5. Your Data Rights

You have persistent control over your personal data. At any time, logged-in users may:

  • View all personal data currently stored in your profile settings.
  • Update, modify, or correct inaccuracies in your data.
  • Request a full export of your data or request complete account deletion (Right to be Forgotten) by contacting support.

Privacy Inquiries

We take privacy extremely seriously. If you have any concerns regarding how your data is being handled, or if you wish to exercise your data rights and request an export or deletion, please reach out to our privacy team.

Email Privacy Team