Privacy Policy

Learn how OneStep Global collects, uses, shares, and protects your personal data across our website, services, events, and communications.

Privacy Policy

Learn how OneStep Global collects, uses, shares, and protects your personal data across our website, services, events, and communications.

PRIVACY POLICY

1. Introduction

OneStep Global (“OneStep Global”, “we”, “us”, or “our”) is a market-entry and growth consultancy specialising in the higher education sector.

We help universities, academic service providers, and government organisations expand their footprint across Asia and other markets.

We are committed to protecting the privacy and security of the personal data we hold.

This Privacy Policy explains how we collect, use, share, and safeguard personal data when you:

  • Visit our website at www.onestep.global (“Website”)
  • Contact us or submit an enquiry
  • Subscribe to newsletters or marketing communications
  • Register for or attend our events, webinars, conclaves, or briefing sessions
  • Apply for a role with us
  • Engage with us as a client, partner, supplier, or stakeholder

Please read this policy together with our Cookie Policy and any other notices we may provide on specific occasions.

2. Who We Are (Data Controller)

For the purposes of applicable data protection laws, OneStep Global is the controller responsible for your personal data.

  • Gurugram (Head Office): 7th Floor, Magnum Tower-1, 703–704, Golf Course Ext. Road, Sector 58, Gurugram, Haryana 122011, India
  • Mumbai: 5th Floor, Lodha Supremus Wadala, Off Eastern Freeway, Near New Cuffe Parade, Mumbai, Maharashtra 400037, India
  • Bengaluru: 4th Floor, 401, 14th, Cunningham Road, Vasanth Nagar, Bengaluru, Karnataka 560001, India
  • Dubai: OneStep Global Ingress – FZCO, IFZA Business Park, DDP, Building A1, Dubai Silicon Oasis, Dubai, United Arab Emirates (Licence No. 38200)

General Contact: hello@onestep.global

3. The Personal Data We Collect

We may collect and process the following categories of personal data:

  • Identity and Contact Data – Name, job title, employer/institution, email address, telephone number, postal/business address and country.
  • Enquiry and Correspondence Data – Information provided through forms, requests and communications.
  • Event and Registration Data – Details provided when registering for or attending events, webinars, conclaves and briefing sessions.
  • Marketing and Communications Data – Marketing preferences and communication choices.
  • Recruitment Data – CV/résumé, qualifications, employment history and application information.
  • Client, Partner and Supplier Data – Business contact information required to manage relationships and provide services.
  • Technical and Usage Data – IP address, browser type and version, device information, time-zone setting, operating system and website usage information.

We generally do not seek to collect special category or sensitive personal data through the Website. Please do not send us such information unless specifically requested for a lawful purpose.

4. How We Collect Your Personal Data

  • Directly from you – When you fill in forms, contact us, subscribe, register for events, apply for a role, or otherwise interact with us.
  • Automatically – Through cookies and similar technologies.
  • From third parties and public sources – Including institutional clients, partners, event co-hosts, LinkedIn, referrals, and publicly available sources.

5. How We Use Your Personal Data and Legal Basis

We use personal data only where the law allows us to. The lawful bases include performance of a contract, legitimate interests, consent, and compliance with legal obligations.

Purpose Legal Basis
Respond to enquiries and provide requested information Legitimate interests; steps prior to entering a contract
Provide consultancy and representation services Performance of a contract; legitimate interests
Organise and manage events, webinars and briefing sessions Legitimate interests; consent (where required)
Send newsletters and marketing communications Consent and/or legitimate interests
Manage recruitment and assess applications Steps prior to entering a contract; legitimate interests
Operate, secure and improve the Website Legitimate interests; consent for non-essential cookies
Comply with legal, regulatory and accounting obligations Legal obligation

Where we rely on legitimate interests, we ensure those interests are not overridden by your rights. Where we rely on consent, you may withdraw it at any time.

6. Marketing Communications

We may send information about our services, events and insights where you have consented or where otherwise permitted by law.

You may opt out at any time using the unsubscribe link in our emails or by contacting us. Opting out will not affect service-related communications.

7. How We Share Your Personal Data

  • Group offices and affiliated entities.
  • Institutional clients and academic partners.
  • IT, hosting, CRM, email, analytics and marketing providers.
  • Professional advisers including lawyers, auditors and insurers.
  • Authorities and regulators where legally required.
  • Successors in the event of a merger, acquisition or business sale.

We do not sell your personal data.

8. International Transfers

OneStep Global operates across multiple jurisdictions including India and the UAE and works with clients and partners in the UK, Europe and other regions.

Your personal data may be transferred to, stored in, or accessed from countries other than your own.

We implement appropriate safeguards, including Standard Contractual Clauses and equivalent protections, while complying with GDPR, UK GDPR and India's DPDP Act.

9. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, regulatory and reporting obligations.

When personal data is no longer required, it will be securely deleted or anonymised.

10. Data Security

We have implemented appropriate technical and organisational measures designed to protect personal data against unauthorised access, accidental loss, alteration, disclosure or destruction.

While we take reasonable steps to protect your data, no method of transmission over the internet is completely secure, and we cannot guarantee absolute security.

11. Your Rights

  • Access your personal data.
  • Correct inaccurate or incomplete information.
  • Request deletion of your data.
  • Restrict or object to processing.
  • Data portability.
  • Withdraw consent at any time.
  • Nominate another person to exercise rights in the event of death or incapacity (DPDP Act).
  • Lodge complaints with relevant authorities.

We may need to verify your identity before responding to requests.

12. Cookies

Our Website uses cookies and similar technologies to operate effectively, analyse traffic, and improve your experience.

Please see our Cookie Policy for full details.

13. Third-Party Links

Our Website and communications may contain links to third-party websites, plug-ins and services. We do not control these third parties and are not responsible for their privacy practices.

14. Children's Data

Our Website and services are directed at institutions and professional audiences and are not intended for children.

Where we process personal data relating to minors, including student-facing briefing sessions, we do so in accordance with applicable law, including the DPDP Act, and obtain parental or guardian consent where required.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with a revised “Last updated” date. Where changes are significant, we will provide a more prominent notice. We encourage you to review this policy periodically.

16. Contact Us

If you have any questions about this Privacy Policy, would like to exercise any of your data protection rights, or wish to make a complaint regarding how your personal data is handled, please contact us using the details below.

OneStep Global

Registered Office:
7th Floor, Magnum Tower-1, 703–704,
Golf Course Extension Road,
Sector 58, Gurugram,
Haryana 122011, India

Privacy & Data Protection Email:
privacy@onestep.global

General Enquiries:
hello@onestep.global

Data Protection / Grievance Officer:
[Insert Name]
[Insert Email Address]

We may need to verify your identity before processing certain requests relating to your personal data. We will respond to your request within the timeframes required under applicable data protection laws.

Note:- This Privacy Policy is provided as a template to assist OneStep Global and does not constitute legal advice. Given OneStep Global’s cross-border operations (India, UAE, UK/Europe) and its handling of client, partner, event, and recruitment data, we strongly recommend having this policy reviewed by a qualified legal or data protection professional and tailored to the specific tools, processors, and legal entities involved before publication.