Privacy Policy
Last Updated: 2026
This Privacy Policy describes how infoEIGHT ("the Platform", "We", "Us", or "Our") collects, processes, stores, and protects personal information when educational institutions use our School ERP platform.
The platform is a multi-tenant Software-as-a-Service (SaaS) system used by schools, colleges, and educational institutions ("Institutions") to manage academic administration, student information, communication, finance, attendance, examinations, and related services.
Each Institution using the platform acts as the primary data controller for the personal data of its students, parents, staff, and other users. The ERP Provider typically acts as a data processor that processes information on behalf of the Institution.
1. Scope of This Policy
This Privacy Policy applies to:
- Institutions using the ERP platform
- Students enrolled in those institutions
- Parents and guardians
- Teachers and school staff
- Administrative users
- Visitors accessing the platform
This policy applies to all services, modules, applications, APIs, mobile applications, and integrations provided as part of the ERP platform.
2. Roles and Responsibilities
2.1 ERP Provider
The ERP provider operates and maintains the technical infrastructure of the platform including servers, databases, authentication systems, and security controls.
2.2 Institution (Client)
The Institution determines what data is collected from students, parents, and staff and how that information is used.
Institutions are responsible for:
- Obtaining consent where required
- Ensuring lawful collection of personal data
- Managing user accounts
- Responding to data access or correction requests
3. Categories of Information Collected
3.1 Student Information
- Full name
- Date of birth
- Gender
- Photographs
- Address
- Contact details
- Admission and enrollment information
- Attendance records
- Grades and academic performance
- Assignments and assessments
- Transport details
- Hostel information
- Health information where provided
- Disciplinary records
- Library records
3.2 Parent or Guardian Information
- Full name
- Phone number
- Email address
- Relationship to student
- Emergency contact details
- Billing and payment information
3.3 Teacher and Staff Information
- Name and contact details
- Employee ID
- Department and role
- Salary and payroll data
- Attendance and leave records
- Performance evaluations
3.4 Administrative Data
- User account credentials
- Role-based access permissions
- System activity logs
- Audit records
3.5 Technical Information
- IP address
- Device identifiers
- Browser type
- Operating system
- Session activity
- Usage analytics
- Error logs
4. How Information Is Collected
Information may be collected through:- Institution data entry
- Online admission forms
- Mobile applications
- Parent portals
- Teacher portals
- Automated system logs
- Third-party integrations
5. Purpose of Data Processing
Personal data may be used for:- Student admission and enrollment management
- Attendance tracking
- Academic record management
- Examination and grading systems
- Communication between institutions and families
- Fee collection and accounting
- Library management
- Transport and hostel management
- Human resource management
- Compliance with legal obligations
- System performance monitoring
- Fraud detection and security monitoring
6. Legal Basis for Processing
Depending on jurisdiction, processing may rely on:- Consent of students or parents
- Contractual obligations between the Institution and ERP Provider
- Legitimate interests of the Institution
- Legal or regulatory obligations
7. Data Sharing and Disclosure
Information may be shared with:- Authorized school administrators
- Teachers and academic staff
- Government education authorities
- Payment gateway providers
- Cloud infrastructure providers
- SMS and email notification providers
- Learning management systems
- Security and fraud prevention services
Data is shared only when necessary to provide ERP functionality or to comply with legal requirements.
8. Third-Party Subprocessors
The platform may use third-party service providers for:- Cloud hosting
- Email delivery services
- SMS gateways
- Payment processing
- Data analytics
- Monitoring and logging services
9. Data Security
Security controls include:- Encrypted HTTPS connections
- Role-based access control
- Strong password policies
- Multi-factor authentication (optional)
- Database encryption
- Secure cloud infrastructure
- Access logging and monitoring
- Regular security audits
- Backup and disaster recovery systems
10. Data Retention
Data is retained based on:- Institutional policies
- Legal compliance requirements
- Contractual agreements
11. User Rights
Depending on jurisdiction, individuals may have the right to:- Access their personal information
- Request corrections
- Request deletion
- Withdraw consent
- Request data portability
- Object to certain types of processing
12. Cookies and Tracking
The platform may use cookies and similar technologies to:- Maintain login sessions
- Improve system performance
- Analyze user activity
- Enhance security
13. Children's Data Protection
The platform processes information about minors only on behalf of educational institutions. Schools are responsible for ensuring that appropriate consent has been obtained from parents or guardians.14. Cross-Border Data Transfers
Data may be processed or stored in data centers located in different countries depending on the hosting infrastructure. Appropriate safeguards are implemented for international transfers.15. Data Breach Notification
If a data breach occurs, we will:- Investigate the incident
- Notify affected institutions
- Take remediation steps
- Notify regulators if required by law
16. System Logs and Monitoring
For security and operational purposes, the platform maintains logs including:- User login attempts
- Administrative actions
- System errors
- API requests
17. Policy Updates
This Privacy Policy may be updated periodically. Institutions using the platform will be notified of significant changes.18. Contact Information
If you have questions about this policy, contact:
ERP Provider: infoEIGHT
Email: support@infoeight.com