Privacy Policy
Last updated: 27 Oct, 2024
Introduction
BeeVyuha™ (the “platform”, “we”, “us”, “our”) is a School Management Technology Platform designed to provide software services, cloud services, web and mobile applications to the staff of education institutions, students and parents (the “users”, “you”, “your”, “their”).
This privacy policy covers the data processed within our portal and applications and how we process information about our users. We respect your privacy and are committed to protecting it through its compliance with its privacy policies.
We are committed towards protecting and safeguarding the information, including personal information of our users which may be collected by us in consequence of your use / access / browsing of our web portal and mobile applications. Any personal information collected from You shall be governed by this privacy policy (Privacy Policy). This Privacy Policy provides for the nature and type of information collected, the manner in which it is collected, use of such information, and disclosure and handling of such information by us.
The users are advised to read this Privacy Policy before using / accessing our applications or otherwise providing BeeVyuha™ with their information and/ or personal information. If you do not agree with this Privacy Policy, then such you shall not be authorized to use / access our platform services and applications.
This Privacy Policy is published in compliance with, inter alia:
- Section 43A of the Information Technology Act, 2000;
- Rule 4 of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011
Information Collection
- Any data in our platform is shared by the educational institutions with which we sign a contract or is collected because the institution needs the student or parent to provide this data for specific purposes.
- No data is taken from the institution until a contract is signed by both parties.
- We share data templates for details required for various application modules in our platform that the institution is using. The institutions share the data with us directly. No third party is given the data during this process.
- We do not ask students and parents for data directly. The personal information of students and parents is collected by the institutions directly.
- In some cases, institutions ask us to provide our applications access to their staff, students, and parents from whom data is required to be collected as needed by the institution. This is done strictly to enable them to run their educational institution.
Types of Data Collected
Users of BeeVyuha™ platform provide us data (of students, parents, staff, visitors and others), by direct input or through our file upload services, for processing. We process this data on their behalf.
Personal Data
The following data is required to allow the education institutions, students, parents, and guardians to use our applications and display relevant data according to their specific and permitted usage as stipulated by the institutions:
- Students, Parents, and Staff: First Name, Last Name, Middle Name, Photograph
- Students and Staff: Date of Birth, Medical records and history, Sexual Orientation, Unique Personal Identifier
- Parents and Guardian: Address, Email ID, Contact Numbers
- School Details: Address, Email ID, Website, Phone Numbers, Financial Information such as bank account details.
Other optional data fields may be obtained as required by individual institutions.
Location Data
Geolocation details are collected to provide location-specific functionalities in our mobile application, for which explicit permission is sought from the users.
Files and Documents
Files and documents that are required to be collected by the institution from its users while using specific functionalities of our platform applications.
Usage Data
While accessing our applications using a web browser and mobile devices, we automatically collect the device ID, device type, user agent browser, and OS they are running for the purposes of application security and usage metrics.
Cookies
Our web application portal sets cookies during user login. These cookies are used to verify whether the user login has been authenticated.
Local Storage
Local storage enables our applications to store information on your device(s). We may use local storage to remember preferences, improve performance, enable features, or optimize functionality within the application.
Use of Data Collected
We do not share or sell the collected data with third parties and we use it only for the various applications that the education institution is using, including:
- To provide and maintain our service
- To provide customer support
- To gather analysis or valuable information that aids in improving our service
- To monitor the usage of our service
- To detect, prevent, and address technical issues
If the education institute wishes to integrate our software with any third-party app, we do so with the explicit permission from the education institute.
Security and Confidentiality of Data Collected
We have implemented physical, electronic and administrative protection measures in compliance with generally accepted industry standards to protect your data. This data can only be accessed by a restricted number of authorised parties.
Our applications are deployed on Linux servers, which are regularly patched to protect against the latest security threats.
- Industry-standard encryption of 128 to 256 bits to safeguard sensitive data from being intercepted by hackers over the Internet.
- Robust firewall configurations are in place to monitor and control network traffic, further enhancing security and mitigating potential risks. All servers are protected by one or more security groups, named sets of rules that specify which ingress (i.e., incoming) network traffic should be delivered to the server instance.
- The system keeps track of logins in order to identify suspicious logins and also provides a recommended option to enable MFA authentication for all users.
- All passwords are encrypted using salted, vectorized hash so no one can read passwords, including our staff.
- The system enforces strict Content Security Policy (CSP) and Cross-Origin Resource Sharing (CORS) rules to prevent unauthorized data access and code execution.
- The third-party service providers involved in payment gateway and payment processing have all been validated as compliant with the Payment Card Industry Standard (commonly known as PCI-compliant service providers). These provider integrations available in our platform are further chosen to be added during implementation with approval from the education institute that we work with to process their data.
Your Consent
You acknowledge that you accept the practices and policies outlined in this privacy policy. By using our services and software applications, you are consenting to have your personal data transferred to and processed in India. If you disagree with this policy, please refrain from using our services and software applications.
Changes to this Privacy Policy
To reflect any changes to our information practices, we may update this privacy policy. If we make any material changes to this policy, we will notify you by email (sent to the e-mail address specified in your account) or by means of a notice on the services prior the change becoming effective.
We encourage you to review this page periodically for the latest information on our privacy practices. You acknowledge that your continuing use of our services following any modifications to this privacy policy will represent your acceptance of the such modifications and your agreement to be bound by the modified privacy policy.
Contact Us
If you have any questions, grievances, or complaints with respect to the Privacy Policy, please contact us at support@beevyuha.school.
