ScholarSync
← Back to ScholarSync

Privacy Policy

Last updated: June 6, 2026

1. Introduction

ScholarSync ("we", "our", or "us") is operated by ScholarAI Systems OPC Pvt Ltd, a company registered in Bangalore, Karnataka, India. This Privacy Policy describes how we collect, use, and protect information when you use the ScholarSync platform, including our website, web application, and mobile applications (collectively, the "Service").

By using ScholarSync, you agree to the collection and use of information as described in this policy. If you are a minor (under 18), your parent or guardian must consent to this policy on your behalf.

2. Information We Collect

2.1 Information You Provide

  • Account information: name, email address, phone number, role (teacher, student, parent, administrator)
  • Organization information: school name, board affiliation (CBSE, ICSE, state board), academic year configuration
  • Academic data: class enrollments, attendance records, grades, assignment submissions, assessment scores
  • Content: documents, assignments, assessments, messages, and announcements created by teachers
  • Submissions: text responses, uploaded files (PDF, images, audio, video), handwritten work

2.2 Information Collected Automatically

  • Device information: device type, operating system, browser type, screen resolution
  • Push notification tokens: Firebase Cloud Messaging tokens for delivering notifications
  • Usage data: pages visited, features used, session duration
  • Log data: IP addresses, access times, error logs for debugging and security

2.3 Biometric Data (Optional)

If your school enables face recognition for attendance, facial embeddings are generated and stored. This feature requires explicit consent from students (or parents/guardians for minors) and can be disabled at any time by the school administrator.

3. How We Use Your Information

  • Provide and maintain the ScholarSync platform
  • Authenticate users and manage access control
  • Deliver push notifications for assignments, grades, messages, and reminders
  • Generate AI-powered educational content (assignments, assessments) using anonymized context
  • Provide academic analytics and performance tracking to teachers and parents
  • Process speech-to-text and text-to-speech for accessibility features
  • Improve the Service through aggregated, anonymized usage analytics
  • Respond to support requests and communicate important updates

4. Data Sharing

We do not sell your personal data. We share information only in these circumstances:

  • Within your organization: teachers see student data for their classes; parents see their children's data; administrators see organization-wide data
  • Service providers: we use third-party services to operate the platform (see Section 5)
  • Legal requirements: we may disclose data if required by Indian law or valid legal process

5. Third-Party Services

ScholarSync uses the following third-party services:

  • Microsoft Azure: cloud infrastructure and hosting (data stored in Azure India regions)
  • Google Firebase: push notifications (FCM) and analytics
  • OpenAI / Azure OpenAI: AI content generation (no student PII is sent to AI models)
  • Bhashini (MeitY): Indian language translation and speech services

Each third-party service is governed by its own privacy policy. We select providers that comply with applicable data protection standards.

6. Data Storage and Security

  • Data is stored on servers hosted in India (Azure India Central / South regions)
  • All data in transit is encrypted using TLS 1.2+
  • Passwords are hashed using bcrypt with per-user salts
  • Database access is protected by Row Level Security (RLS) ensuring multi-tenant isolation
  • Authentication uses JWT tokens with signature verification and token binding
  • API access is rate-limited to prevent abuse

7. Data Retention

  • Active accounts: data is retained as long as the organization's subscription is active
  • Academic records: grades, attendance, and submissions are retained for the duration of the academic relationship plus one additional academic year
  • Deleted accounts: personal data is removed within 90 days of account deletion; anonymized academic records may be retained for institutional reporting
  • Push notification tokens: invalidated tokens are automatically cleaned up

8. Children's Privacy

ScholarSync is designed for K-12 educational use, which includes users under the age of 18. Student accounts are created by school administrators, not directly by minors. We collect only information necessary for educational purposes as directed by the school.

Parents and guardians can view their child's data through their parent account, request corrections, or request data deletion by contacting their school administrator or us directly.

9. Your Rights

Under applicable Indian data protection laws, you have the right to:

  • Access your personal data held by us
  • Request correction of inaccurate data
  • Request deletion of your personal data
  • Withdraw consent for optional features (e.g., face recognition, push notifications)
  • Export your data in a machine-readable format

To exercise these rights, contact your school administrator or email us at the address below. We will respond within 30 days.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. For significant changes, we will notify organization administrators via email or in-app notification. Continued use of the Service after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or want to exercise your data rights, contact us:

  • Email: founder@scholarsync.ai
  • Organization: ScholarAI Systems OPC Pvt Ltd
  • Location: Bangalore, Karnataka, India

© 2026 ScholarAI Systems OPC Pvt Ltd. All rights reserved.

ScholarSync Learning Platform - AI-Powered Education