Tekstac's GDPR Compliance
Last updated: January 9 2026
We at Tekstac (a product of Teknoturf Info Services Pvt.Ltd) are committed to protecting the privacy and personal data of individuals who use our platform. This Privacy Policy explains how we collect, use, store, and protect personal data, and how we align with the principles of the General Data Protection Regulation (EU) 2016/679 (“GDPR”).
Although Tekstac is based in India, we have implemented GDPR-aligned practices targeted for EU residents as well to ensure a high standard of data protection and future readiness.
1. Our Role Under GDPR
Tekstac acts as:
- a Data Processor, when processing personal data on behalf of customer organizations using the Tekstac platform, and
- a Data Controller, for limited data related to our own business operations (such as customer communications).
In most learner and employee upskilling scenarios, our customers act as the Data Controllers, and Tekstac processes data strictly based on their instructions.
2. Personal Data We Process
Tekstac may process the following categories of personal data:
- Name
- Email address
- Phone number
- Job title / role information
- Skills and competency data
We do not process any special categories of personal data (such as health, biometric, or sensitive personal information).
3. Purpose of Data Processing
Personal data is processed only for legitimate business and learning purposes, including:
- Learning delivery and learner enablement
- Skills intelligence and role-based learning paths
- Learner progress tracking and course completion
- Leaderboards and performance insights
- Assessments and analytics
- Platform operations, security, and support
Data is never processed in a manner incompatible with these purposes.
4. Lawful Basis for Processing
Tekstac processes personal data based on one or more of the following lawful bases:
- Performance of a contract with our customers
- Compliance with legal obligations
- Legitimate interests related to platform delivery, security, and improvement
- Consent, where required and applicable
5. Data Storage & Location
Tekstac’s infrastructure is hosted in India.
We currently do not transfer personal data outside India and do not engage in cross-border data transfers involving the European Union.
6. Security & Protection Measures
Tekstac implements appropriate technical and organizational measures to protect personal data, including:
- Encryption of data in transit
- Role-based access controls
- Secure authentication mechanisms
- System logging and monitoring
- Physical and logical access safeguards
We also maintain an incident response and breach management process designed to promptly assess, contain, and respond to any security incidents, in alignment with GDPR Article 32 principles.
7. Data Subject Rights
In line with GDPR principles, individuals have the right to:
- Request access to their personal data
- Request correction of inaccurate or incomplete data
- Request deletion of their personal data (“Right to be Forgotten”)
- Request restriction or objection to certain processing activities
Tekstac handles data subject requests directly and responds in a timely and transparent manner.
8. Data Deletion & Retention
When a valid deletion request is received and approved:
- Personal data is fully and permanently erased from Tekstac systems
- Deleted data cannot be recovered
Tekstac retains personal data only for as long as necessary to fulfill the purposes for which it was collected, unless a longer retention period is required by law or contractual obligations.
9. Sub-Processors & Third-Party Vendors
Tekstac may engage trusted third-party vendors (such as cloud infrastructure or support services) that may process personal data on our behalf.
We ensure that:
- Appropriate due diligence is conducted before engaging vendors
- Data protection obligations are contractually enforced
- Sub-processors maintain security and privacy standards at least equivalent to ours
10. Transparency & Accountability
Tekstac is committed to transparency, fairness, and accountability in all data processing activities. We maintain internal documentation and governance practices that support responsible data handling and continuous improvement of our privacy framework.
Contact Us
If you have any questions, concerns, or requests related to privacy or data protection, please contact us at:
Email: privacy@tekstac.com
Note: This Privacy Policy is intended to demonstrate Tekstac’s alignment with GDPR principles and global data protection best practices.
