Privacy Policy

Saphala Technologies ("we", "us", "our") operates SchoolVerse. This Privacy Policy explains in detail what personal data we collect, why we collect it, how we process and protect it, and the rights available to you. We are committed to best-effort compliance with India's Digital Personal Data Protection Act (DPDP), 2023, and other applicable data-protection laws. Where we say "you" in this policy, we mean the learner, parent, guardian, teacher, or school administrator using SchoolVerse.

Part A — Individual Learners (B2C)

1. Types of Data We Collect

We collect only the data necessary to deliver and improve the SchoolVerse learning experience. This falls into the following categories:

• Account details: Name, email address, mobile number, date of birth (where provided), and a hashed (never plaintext) password.
• School and class information: School name, grade/class, section, board or state syllabus, admission number, and preferred language — used to serve the correct curriculum.
• Learning progress: Lesson completion records, time-on-task per lesson, GCE (Guided Concept Experience) phase interactions, lab session events, and chapter/topic completion status.
• Assessment attempts: Quiz answers and scores, objective test attempts (per question, per option selected), subjective submission text, IQ Lab attempts, and flashcard review events. These are used to build your Sage learning profile — never shared with advertisers.
• XP, streak, and activity: XP events and ledger entries, achievement unlocks, streak counters, and leaderboard participation — used for motivation tracking and fairness monitoring.
• Analytics events: Feature-level interactions (buttons clicked, tabs opened, content replayed) collected in aggregate to improve product quality. These events are linked to your account for personalisation, and may be anonymised for aggregate reporting.
• Device and session information: Device type, operating system version, browser or app version, device identifier (for the one-device policy), IP address, and session tokens. See Section 4 (Device & Session Tracking) for details.
• App and browser interaction data: Screen navigation paths, scroll depth on lesson content, error events, and performance timing — used to detect and fix technical issues.
• Payment records: Transaction ID, order status, course entitlements, and payment method type (card/UPI/wallet). Full card numbers and CVVs are handled exclusively by Razorpay (our PCI-DSS certified payment processor) and are never transmitted to or stored on SchoolVerse servers.
• Parent and guardian information: Parent or guardian name and mobile number, collected where provided voluntarily or required for accounts of learners under 13.

2. Purpose of Data Usage

Each category of data is collected for specific, documented purposes:

• Learning continuity: Your progress data ensures lessons, labs, and tests resume exactly where you left off, across sessions and (where permitted) devices.
• AI mentor recommendations: Saphala Sage uses your assessment history, lesson completion signals, and XP patterns to suggest revision targets, identify weak areas, and personalise concept explanations. See Section 5 for the full AI disclaimer.
• Personalisation: Curriculum served to you is filtered by board, subject, class, and learning pace derived from your progress history.
• Analytics and platform improvement: Aggregate patterns across all learners are used to improve content quality, fix difficult concepts, and prioritise new features. Aggregate analytics do not identify individual learners.
• Progress tracking and reporting: Your school administrator (for B2B accounts) can view your attendance, lesson progress, and XP within their tenant. You can view your own progress at any time.
• Security and fraud prevention: Device identifiers and session data are used to enforce the one-device policy, detect account sharing, and block unauthorised access. See Section 4.
• Communications: Account-related emails only — password reset links, payment receipts, policy change notifications, and security alerts. We do not send promotional or marketing emails without your explicit, separate consent.
• Legal compliance: Financial records, transaction logs, and certain account data may be retained to comply with Indian tax law, court orders, or regulatory requirements.

3. Data Sharing — Who We Share With and Why

We do not sell your personal data to advertisers, data brokers, or any third party, under any circumstances. We share your data only in the following limited, operationally necessary situations:

• Infrastructure and hosting providers: Our servers run on cloud infrastructure (Neon/AWS). These providers store data under strict confidentiality agreements and process it solely to run the platform — not for their own purposes.
• AI processing providers: Saphala Sage may send anonymised learning signal data (not your name or email) to AI model providers (currently Anthropic) to generate educational feedback. These providers are bound by data processing agreements and are prohibited from using this data for model training without explicit consent.
• Payment processor: Razorpay receives the transaction data necessary to process your payment. SchoolVerse receives only the transaction outcome and entitlement record. Razorpay is PCI-DSS Level 1 certified.
• Email delivery provider: A transactional email service provider sends system emails on our behalf. They receive your email address and the email content — no other personal data.
• Your school administrator (B2B only): If you are enrolled through a school subscription, your progress, attendance, and XP data is visible to your school's designated SchoolVerse administrator within their isolated tenant. Your data is not visible to administrators of other schools.
• Legal authorities: Where required by a valid court order, Indian law, or governmental authority. We will notify you of such requests where legally permitted to do so.

We provide each service provider with the minimum necessary access to your data. We do not grant broad access to any provider beyond what is needed for their specific function.

4. Device and Session Tracking

To implement our one-device policy and protect your account, we collect and process the following device and session signals:

• Device identifiers: A device fingerprint derived from your hardware, OS, and browser combination. On Android, the Android Device ID may be used. These identifiers are stored in hashed form and used only for security purposes.
• Login and session tracking: We record the time, approximate location (country/state level, derived from IP address), and device of each login. This helps detect unauthorised access to your account.
• Security monitoring: Patterns such as rapid switching between devices, simultaneous sessions from different geolocations, or repeated failed login attempts trigger automated security checks.
• Suspicious activity detection: If more than 3 distinct devices access your account within a 30-day window, an automated review is triggered. You will be notified before any account action is taken, except in cases of severe breach risk. See our Device Usage Policy for details.

5. AI Mentor and Analytics — Important Disclaimer

Saphala Sage (AI Mentor) is an educational tool. Before using it, please understand:

• Educational suggestions only: Sage's recommendations are algorithmic educational suggestions derived from your learning signals. They are not professional advice — not medical, psychological, career, legal, or otherwise. Always consult qualified professionals for decisions beyond academic study.
• Deterministic-first design: The majority of Sage's intelligence (80–90%) is rule-based and deterministic. Generative AI is used only when deterministic logic is insufficient to answer your question.
• Analytics influence recommendations: Your quiz scores, lesson completion patterns, time-on-task, and XP events feed into Sage's revision suggestions and weak-area identification. This processing occurs on your individual account data — it is not a comparison against other learners' identifiable data.
• AI imperfection: Generative AI can produce incorrect or incomplete responses. SchoolVerse does not guarantee the accuracy of AI-generated explanations. Always cross-reference with your textbooks, teachers, or trusted educational resources.
• No emotional or personal counselling: Sage is designed to refuse requests for emotional support, personal relationship advice, or topics outside educational scope. It will redirect you to appropriate resources.

6. Parent and Guardian Responsibility

SchoolVerse serves learners of all ages, including minors. Where this involves children:

• Under 13: A parent or legal guardian must create the account and provide verifiable consent before the account is activated. We do not knowingly collect personal data from children under 13 without this consent.
• 13–17: Learners may self-register. We encourage parents to be aware of their child's account. Parental oversight features (progress visibility for linked parents) are available where your school has enabled them.
• School-mediated accounts: When a school creates accounts for its students, the school acts as the data fiduciary for that student's data within their tenant. SchoolVerse processes that data on behalf of the school under the institutional agreement.
• Reporting concerns: If you believe a minor's data has been collected or processed without appropriate consent, contact privacy@schoolverse.app immediately. We will investigate and act within 5 business days.

7. Security — What We Do and What We Cannot Promise

We apply reasonable and industry-standard technical and organisational measures to protect your personal data:

• Data is encrypted in transit (TLS 1.2+) and at rest.
• Passwords are stored as hashed values — never in plaintext.
• Access to production data is restricted to authorised engineers under least-privilege controls.
• Session tokens are rotated and expire. Device sessions are monitored for anomalous patterns.
• Our infrastructure providers hold industry security certifications (AWS, Neon).

However, no system connected to the internet can guarantee absolute security. In the event of a data breach that is likely to result in a risk to your rights, we will notify affected users as required by the DPDP Act, 2023. If you discover a security vulnerability, please disclose it responsibly to security@schoolverse.app.

8. Data Retention and Deletion

We retain personal data only for as long as necessary for the purposes described in this policy. Specific retention periods:

• Active accounts: All personal and learning data is retained for as long as your account remains active.
• After account deletion: Personal identifiers (name, email, mobile, device IDs) are deleted within 90 days of a verified deletion request. Learning analytics records may be converted to anonymised form and retained for product improvement.
• Legal and compliance retention: Financial transaction records are retained for a minimum of 7 years under Indian tax and accounting law. Security logs and access records may be retained for up to 2 years for fraud investigation and legal purposes.
• Academic integrity holds: Where an account is under investigation for academic misconduct or platform abuse, deletion requests may be paused until the investigation is closed. You will be notified of any such hold within 15 days of submitting your deletion request.

To request deletion of your account and personal data, email privacy@schoolverse.app from your registered address. We will confirm receipt within 5 business days and complete the deletion within 90 days unless a legal hold applies.

9. Cookies and Local Storage

We use browser local storage and first-party session cookies for authentication and session management. We use first-party analytics only — we do not use third-party advertising cookies or cross-site tracking pixels. Clearing your browser's local storage will sign you out and reset session preferences. The device notice and certain UI preferences are stored locally and do not leave your device.

10. Your Rights Under DPDP Act, 2023

As a data principal under the DPDP Act and applicable law, you have the right to:

• Access a summary of the personal data we hold and the purposes for which it is processed.
• Correct inaccurate or out-of-date personal data.
• Erase your personal data, subject to the legal retention obligations described in Section 8.
• Withdraw consent for any processing based on consent at any time, without affecting the lawfulness of prior processing.
• Grievance redressal — raise a complaint with our Grievance Officer (see Section 13).
• Nominate a trusted individual to exercise your rights on your behalf.

Submit rights requests by emailing privacy@schoolverse.app from your registered email address. We will respond within 15 business days.

Part B — Schools and Institutional Users (B2B)

11. School Responsibilities as Data Fiduciary

When a school deploys SchoolVerse to its students, the school acts as the data fiduciary for its students' personal data under the DPDP Act. SchoolVerse acts as the data processor. By deploying SchoolVerse, the school confirms that it:

• Has obtained the necessary permissions and consents from students, parents, or guardians as required by applicable law and its own institutional policies.
• Manages student access responsibly — creating accounts only for enrolled students, deactivating accounts promptly when students leave, and ensuring students use their own accounts.
• Protects admin credentials and ensures that no unauthorised person accesses the Admin panel. Admin credentials must not be shared or written down in accessible locations.
• Instructs students on appropriate use of the platform in line with the Acceptable Use Policy.

12. Institutional Analytics

School administrators can access the following analytics within their tenant:

• Individual student lesson completion, test scores, XP totals, and attendance.
• Class-level and school-level aggregated performance reports.
• Teacher activity logs (lessons assigned, content published, assessments set).

This access is scoped strictly to the school's own tenant. Administrators cannot access data belonging to students from other schools or institutions, even if those students use the same SchoolVerse platform.

13. Tenant Isolation

Each school operates as a fully isolated, multi-tenant environment on SchoolVerse:

• Student data, course content, and analytics belonging to one school are not accessible to any other school, institution, or third party on the platform.
• Tenant isolation is enforced at the server level through authenticated API scoping — not merely through UI-level restrictions.
• SchoolVerse engineers access individual tenant data only when required for authorised support operations, under documented access controls.
• Schools must not attempt to access or query data outside their tenant boundary. Any such attempt is a violation of the Terms & Conditions and may result in account termination.

14. Audit and Access Logging

For security and compliance, the following administrative actions are logged within each institutional tenant:

• Administrator login events (time, IP address, device).
• Student account creation, modification, and deactivation.
• Bulk data imports and credential generation events.
• Course assignments and content publishing actions.

These logs are retained for a minimum of 12 months and may be provided to the school administrator upon request, or to legal/regulatory authorities when required by law.

15. Infrastructure and Service Providers

SchoolVerse uses the following categories of third-party service providers to operate the platform. Each receives only the minimum data necessary for its function:

• Cloud hosting and database: AWS and Neon (PostgreSQL). Store all application and learning data under strict security controls.
• AI processing: Anthropic (Claude) processes anonymised learning signal data to power Sage AI feedback. No student PII is transmitted in AI requests.
• Payment processing: Razorpay handles payment transactions. Receives transaction data only; no access to learning data.
• Email delivery: A transactional email provider sends system emails. Receives email addresses and email content only.
• Analytics and monitoring: Internal first-party event collection only. No third-party analytics SDKs (e.g. Google Analytics, Mixpanel) are embedded in the learner-facing application.

All service providers are engaged under contracts that prohibit them from using SchoolVerse data for their own commercial purposes and require them to maintain appropriate security measures.

16. Compliance Statement

SchoolVerse makes best-effort commitments to comply with applicable data protection law, including the DPDP Act, 2023. We are a growing platform and are working toward formal certification and compliance reviews. Specifically:

• We do not claim ISO 27001, SOC 2, or any other security certification at this time unless explicitly stated in your institutional agreement.
• We do implement the technical and organisational measures described in this policy and update them as the platform scales.
• Schools that require a formal Data Processing Agreement (DPA) for compliance purposes may request one at legal@schoolverse.app.

Policy Updates

We will notify you of material changes to this Privacy Policy via email or in-app notification at least 14 days before changes take effect. The "Last Updated" date at the top of this page always reflects the most recent version. Continued use of SchoolVerse after the effective date constitutes acceptance of the updated policy.

Contact and Grievance Officer

For privacy queries, rights requests, or complaints:

• Email: privacy@schoolverse.app
• Address: Saphala Technologies, Andhra Pradesh, India
• Response time: 15 business days for rights requests; 5 business days for urgent concerns (security, child data)

Under the DPDP Act, 2023, you also have the right to escalate unresolved complaints to the Data Protection Board of India once it is constituted and operational.