This Privacy Policy explains how the Sustainable Capital Research Foundation ("SCRF", "we", "our", or "us") collects, uses, stores, and protects personal information when you interact with our website, publications, events, and communications. We are committed to handling your data with the same rigour and integrity we bring to our research.
01 Who We Are
The Sustainable Capital Research Foundation is an independent, not-for-profit research, policy advisory, and thought leadership institution registered in India. Our registered address is 211 Okhla Phase III, Okhla Industrial Estate, New Delhi, Delhi 110020, India.
SCRF is the data controller for personal information collected through this website and our associated services. Our subsidiary institution, the International Institute for Sustainable Finance (IISF), operates under SCRF's governance and is subject to this same Privacy Policy unless a separate policy is displayed on IISF's own digital properties.
For all privacy-related enquiries, contact us at office@sustainablecapital.com.
02 Information We Collect
We collect personal information only where it is necessary to deliver our services, respond to enquiries, or fulfil a legitimate institutional function. The categories of information we may collect include:
Information You Provide Directly
- Name, email address, job title, and organisation, when you subscribe to the SCRF Research Digest, register for an event, submit an enquiry through our contact form, or apply for a fellowship or career opportunity
- Professional background and research interests, where provided voluntarily in correspondence or fellowship applications
- Payment information, processed securely through third-party payment providers, where applicable for event registrations or paid programmes
- Any other information you choose to include in written communications with SCRF
Information Collected Automatically
- IP address, browser type, operating system, and device identifiers
- Pages visited, time spent, referral source, and navigation paths on our website
- Cookie identifiers and similar tracking technologies, as described in Section 6
Information from Third Parties
- Publicly available professional information such as LinkedIn profiles, where relevant to research partnerships or event participation
- Aggregated analytics data from service providers such as Google Analytics
03 How We Use Your Information
We use personal information for the following purposes:
- Sending the SCRF Research Digest and other publications to subscribers who have opted in to receive them
- Processing and responding to enquiries submitted through our website or by email
- Managing event registrations, attendance logistics, and post-event communications
- Reviewing and processing fellowship, internship, and career applications
- Maintaining records of policy engagement, consultation submissions, and institutional correspondence
- Improving our website and digital services through anonymised usage analytics
- Complying with applicable legal obligations, including tax, audit, and regulatory requirements
- Preventing fraud, misuse, or abuse of our platforms and services
We do not use personal information for automated profiling, targeted advertising, or any purpose incompatible with the context in which the data was collected.
04 Legal Basis for Processing
Where applicable data protection legislation requires a legal basis for processing personal data, SCRF relies on the following grounds:
- Consent: for newsletter subscriptions and any optional communications where you have actively opted in. You may withdraw consent at any time.
- Legitimate interests: for responding to enquiries, managing institutional relationships, improving our website, and fulfilling our public interest research mission, where these interests are not overridden by your rights.
- Contract: for processing information necessary to fulfil a registration, application, or service agreement.
- Legal obligation: where processing is required to comply with applicable law, regulation, or court order.
05 Sharing and Disclosure
SCRF does not sell, rent, or trade personal information. We share data only in the following limited circumstances:
- Service providers: trusted third-party vendors who assist in operating our website, managing email communications, processing payments, and organising events. These providers are contractually bound to process data only on our instructions and in accordance with applicable law.
- Research partners and co-organisers: where an event or programme is jointly organised, and only with your prior consent or clear notice at the point of registration.
- Legal and regulatory requirements: where disclosure is required by law, court order, or a regulatory authority in India or another applicable jurisdiction.
- SCRF group entities: information may be shared with IISF where necessary to administer programmes operated jointly or delivered through IISF.
- Business continuity: in the event of a restructure, merger, or transfer of SCRF's operations, personal data may be transferred to a successor entity subject to equivalent data protection obligations.
06 Cookies and Tracking Technologies
Our website uses cookies and similar technologies to operate correctly and improve the user experience. The types of cookies we use include:
- Essential cookies: required for the website to function. These cannot be disabled without impairing core functionality.
- Analytics cookies: used to understand how visitors interact with our website, through services such as Google Analytics. All analytics data is aggregated and anonymised where possible. You may opt out of Google Analytics by installing the Google Analytics Opt-Out Browser Add-on.
- Preference cookies: used to remember settings such as language preferences or form inputs.
You may manage your cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of some parts of our website. We do not use advertising cookies, tracking pixels for third-party ad networks, or behavioural profiling technologies.
07 Data Retention
We retain personal information for as long as is necessary to fulfil the purpose for which it was collected, and in accordance with our legal and institutional obligations. Specific retention periods include:
- Newsletter subscriber data: retained until you unsubscribe or withdraw consent, after which it is deleted within 30 days
- Event registration data: retained for up to two years following the relevant event, for administrative and audit purposes
- Job and fellowship application data: retained for up to one year from the date of application, unless you are successful, in which case data becomes part of your employment record
- Enquiry and correspondence records: retained for up to three years from the date of the last communication
- Website analytics data: retained in aggregated or anonymised form in accordance with the applicable service provider's data retention policy
- Financial and contractual records: retained for the period required by applicable Indian tax and accounting law, typically seven years
08 Your Rights
Subject to applicable law, you have the following rights with respect to personal information SCRF holds about you:
- Access: you may request confirmation of whether we hold personal data about you, and a copy of that data
- Correction: you may request correction of inaccurate or incomplete data
- Erasure: you may request deletion of your personal data where it is no longer necessary for the purpose for which it was collected, or where you withdraw consent
- Portability: where technically feasible, you may request a copy of your data in a structured, machine-readable format
- Objection: you may object to processing on grounds of legitimate interest or for direct marketing purposes
- Restriction: you may request that we restrict processing in certain circumstances, such as where accuracy is contested
- Withdrawal of consent: where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing
To exercise any of these rights, please write to us at office@sustainablecapital.com. We will respond within 30 days. We may ask you to verify your identity before processing your request.
If you are dissatisfied with our response, you may have the right to lodge a complaint with the applicable data protection authority in your jurisdiction.
09 Data Security
SCRF implements appropriate technical and organisational measures to protect personal information against unauthorised access, accidental loss, destruction, or disclosure. These measures include:
- Encrypted transmission of data via HTTPS across all website properties
- Access controls limiting personal data to personnel with a legitimate operational need
- Regular review of third-party service provider security practices
- Procedures for identifying, assessing, and responding to data security incidents
No method of electronic transmission or storage is completely secure. While we take reasonable steps to protect your data, we cannot guarantee absolute security. In the event of a data breach that is likely to result in risk to individuals, we will notify affected parties and, where required, the relevant regulatory authority.
10 International Transfers
SCRF is headquartered in India and processes data primarily within India. Some of our third-party service providers may operate in or transfer data to other countries, including members of the European Economic Area, the United Kingdom, and the United States. Where such transfers occur, we take reasonable steps to ensure that your data receives an equivalent level of protection, through mechanisms such as standard contractual clauses or transfers to jurisdictions with adequate data protection frameworks.
11 Third-Party Links
Our website contains links to external websites, including partner institutions, publication repositories, and government portals. This Privacy Policy applies only to SCRF's own digital properties. We are not responsible for the privacy practices of third-party websites and encourage you to review their policies independently before providing any personal information.
12 Children's Privacy
Our website and services are directed at professionals, academics, policymakers, and institutional audiences. We do not knowingly collect personal information from individuals under the age of 18. If you believe we have inadvertently collected such information, please contact us immediately and we will take prompt steps to delete it.
13 Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the services we offer. The date of the most recent revision is displayed at the top of this page. Where changes are material, we will provide notice on our website or by email to registered subscribers. Continued use of our website following the publication of an updated policy constitutes your acceptance of the revised terms.
14 Contact Us
If you have any questions, concerns, or requests relating to this Privacy Policy or the handling of your personal data, please contact us: