Privacy Policy

Last updated: 2026-07-07

This is an engineering-baseline policy, not a legal document. It accurately describes what this application actually does with data today. It has not been reviewed by a lawyer and is not a substitute for one — see docs/COMPLIANCE.md in this project for the full regulatory context and known gaps before treating this as sufficient for a real commercial launch in any specific country.

What we collect

Account information for every user (School Admin, Teacher, Student, Parent): name, email, phone (optional), and a securely hashed password. Depending on your role, we also hold: student records (date of birth, gender, admission details, section/class, guardian links), attendance, homework/classwork records, leave requests, fee invoices and payments, notices, events, and achievement records. All of this exists to operate the school — there is no data collected beyond what a school actually needs to run its daily operations.

Guardian consent for a student's own login

Most students don't have their own login — only a parent does. If a school wants a student to have their own account, we require the linked parent to explicitly approve that request from their own dashboard before the login is created. See your account's Privacy & data requests section for how this works if you're a parent.

No tracking, no profiling, no advertising

There is no ad tech, no third-party analytics or tracking scripts, and no behavioral profiling of any user — students included. This is true by construction: none of that infrastructure exists anywhere in this application.

How long we keep data

Attendance, fee, and audit-log records are never hard-deleted — they're archived via a status change (e.g. a student is marked "withdrawn," not removed), because schools have real financial and record-keeping obligations that require this history to stay intact. If you want data corrected, exported, or deleted where that's legally possible, see "Your rights" below.

Your rights

You can request access to, correction of, erasure of, or a portable export of the data we hold about you from your account's security page once you're signed in. A School Admin reviews and responds to every request. Erasure requests are handled case by case — some records can't be fully deleted where retention is legally required (see above).

How we protect your data

Passwords are hashed with Argon2id, never stored in plain text. Optional two-factor authentication (an authenticator app code) is available from your account's security page. Every school's data is isolated from every other school at the database level (row-level security), not just in application code. Changes to sensitive records are logged with who made them and when.

Contact

Questions about this policy or your data should go to your school's administrator, who can also submit or resolve a data request on your behalf.

Back to login