Privacy Policy

Vidyakrit ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website (vidyakrit.in) or use our web and mobile applications, including our Educational Resource Planning (ERP) platform and custom software services.

Please read this Privacy Policy carefully. If you do not agree with the terms of this privacy policy, please do not access the platform.

1. Information We Collect

We may collect information about you in a variety of ways, depending on how you interact with our platform. The information we may collect includes:

A. Personal Data

Personally identifiable information that you voluntarily give to us when registering or using our platform. Categories of users include students, parents, guardians, teachers, administrators, and school staff. Information collected includes but is not limited to:

• Identity Data: Name, date of birth, gender, profile picture.
• Contact Data: Email address, phone number, physical address.
• Educational/Professional Data: Student roll numbers, grades, staff employee IDs, designations.

B. Technical and Device Data

When you access our platform, our servers automatically collect:

• Device Information: IP address, browser type, operating system, hardware model, and unique device identifiers for security and device verification purposes.
• Geolocation Data: We may collect location data to facilitate specific features, such as staff attendance tracking or secure access verification.
• Log Data: Access times, pages viewed, and routes navigated within the application. Server logs are retained for a limited period strictly for security, troubleshooting, and performance monitoring.

C. Financial Data

Financial information, such as payment method details, is collected directly by our trusted third-party payment processors. We do not store complete financial details on our servers, retaining only transaction IDs, amounts, and payment statuses for parent fee tracking and institutional reconciliation.

2. Children's Data & Educational Records

As a School ERP platform, Vidyakrit processes personal data of students, including children under the age of majority, on behalf of educational institutions.

• Institutional Responsibility: The educational institution acts as the primary data fiduciary. It is the sole responsibility of the school or educational institution to obtain all necessary and legally required consents from parents or legal guardians before inputting any children’s or students' personal information into the Vidyakrit platform.
• Our Role: Vidyakrit acts purely as a data processor for educational records and processes this data strictly to provide the requested services to the institution. We do not use student or children's data for targeted advertising or unauthorized profiling.

3. How We Use Your Information

Having accurate information about you permits us to provide a smooth, efficient, and customized experience. Specifically, we may use information collected about you via the platform to:

• Create and manage secure accounts via industry-standard authentication mechanisms.
• Process transactions, student fee payments, and generate invoices.
• Monitor and analyze usage, attendance metrics, and system performance using generic analytics and performance monitoring tools.
• Improve our application infrastructure, fix bugs, and optimize overall platform performance.
• Prevent fraudulent transactions, monitor against theft, and protect against automated attacks and abuse.
• Send administrative information, such as updates to policies, security alerts, or system notifications.

4. Disclosure of Your Information

We do not sell, trade, or rent your personal identification information to others. We may share information in specific situations:

• Trusted Third-Party Service Providers: We may share your information with third parties that perform services for us or on our behalf, including secure cloud infrastructure providers, payment processors, data analytics services, and email delivery providers. These trusted cloud providers may process data where necessary to ensure platform availability and reliability.
• Legal Obligations: If we believe the release of information about you is necessary to respond to legal process, to investigate or remedy potential violations of our policies, or to protect the rights, property, and safety of others, we may share your information as permitted or required by any applicable law.

5. Security of Your Information

We use administrative, technical, and physical security measures to help protect your personal information. This includes:

• Encryption: Data in transit and at rest is secured using industry-standard encryption protocols.
• Access Controls: Strict access controls and role-based data isolation restrict database access based on user roles (e.g., Admin, Staff, Parent, Student).
• Session Management: Secure session mechanisms and tokens are utilized to protect active user sessions.
• Security Monitoring: We actively monitor our secure cloud infrastructure for unauthorized access or anomalies.

While we have taken reasonable steps to secure the personal information you provide to us, please be aware that no security measures are perfect or impenetrable.

Data Breach Notification

In the unlikely event of a data breach that compromises personal data, Vidyakrit will notify the affected educational institutions and relevant authorities as required by applicable laws, ensuring transparency and prompt mitigation.

6. Data Retention

Vidyakrit retains customer data strictly in accordance with our role as a data processor:

• During Active Subscriptions: We retain institutional data, user accounts, and operational records for as long as the educational institution maintains an active subscription with us, ensuring uninterrupted service.
• Post-Termination & Export: Upon termination or cancellation of the service agreement, the institution will be provided a secure window to export their institutional data.
• Secure Deletion: Following the data export window, or upon explicit request from the institution, we will securely delete or anonymize the data from our active servers, unless a longer retention period is mandated by legal, tax, or regulatory obligations.

7. Use of Cookies and Tracking Technologies

We may use cookies, web beacons, tracking pixels, and other tracking technologies to help customize the platform and improve your experience. You can choose to disable cookies through your browser, but this may affect your ability to use certain platform features.

8. Your Rights

Depending on the jurisdiction, and under applicable laws such as the Digital Personal Data Protection Act, 2023 (DPDP Act) and the Information Technology Act, 2000, you may have the right to:

• Request access to the personal data we hold about you.
• Request correction of inaccurate or incomplete data.
• Request the deletion of your personal data, subject to legal and operational retention requirements.

Users affiliated with an educational institution must generally route data access, correction, or deletion requests through their respective school administrators, as the institution serves as the data fiduciary.

9. Changes to This Privacy Policy

We reserve the right to make changes to this Privacy Policy at any time and for any reason. We will alert you about any changes by updating the "Effective Date" of this Privacy Policy. You are encouraged to periodically review this Privacy Policy to stay informed of updates.

10. Contact and Compliance Information

If you have questions, comments, or legal inquiries about this Privacy Policy, please contact us at:

Vidyakrit
Registered Business Address: [Insert Registered Business Address]
Support Email: support@vidyakrit.in
Legal/Privacy Email: legal@vidyakrit.in
Grievance Officer: [Insert Name/Contact of Grievance Officer]
Business Hours: Mon-Fri, 9 AM - 6 PM IST
Jurisdiction: India