Privacy Policy

EduCore values the privacy of its users and protects the personal data collected, stored, and processed through its platform. The Privacy Policy explains how EduCore collects, uses, shares, and protects information related to students, parents, teachers, administrators, and other stakeholders using the EduCore system. EduCore complies with all applicable federal and state laws in the United States, including the Family Educational Rights and Privacy Act (FERPA) and the Children’s Online Privacy Protection Act (COPPA), as well as General Data Protection Regulation (GDPR) (where applicable) for international users. By accessing and using EduCore, users acknowledge and agree to the terms of this Privacy Policy.

This Privacy Policy applies to:

• EduCore's website, applications, and cloud-based services.
• Students, parents, teachers, administrators, and other authorized users.
• All data collected through the system, including academic, administrative, and financial records.

EduCore serves as a data processor for educational institutions, which act as data controllers in accordance with applicable laws. Schools determine the specific types of data collected, processed, and shared within the platform.

EduCore collects various types of personal and institutional data, categorized as follows:

• Full name, date of birth, gender, and student identification number.
• Contact details, including addresses, phone numbers, and email addresses.
• Academic records, including grades, attendance, test scores, and assignments.
• Behavioral records, including disciplinary actions and counseling notes.
• Health-related information, including immunization records, allergies, and medical history (as required by schools).
• Transportation details, including bus routes and authorized pickup persons.

• Full name, contact details, and relationship to student.
• Communication preferences and messaging history.
• Billing and payment records for tuition, fees, and purchases made through the school store.

• Full name, role, contact details, and employment records.
• Class schedules, lesson plans, and grading records.
• Payroll and financial details related to salary and benefits.

• School enrollment records, admissions details, and staff employment records.
• Fee structures, payment transactions, and financial statements.
• Budget allocations, inventory management, and cafeteria expenses.

• IP addresses, browser type, and operating system.
• Device information, including cookies and user behavior tracking (when permitted).
• Login credentials, security logs, and activity timestamps.

EduCore collects and processes data to provide core educational services, including:

• Academic Management: Student enrollment, attendance, grading, and assessment tracking.
• Communication: Notifications, messaging, announcements, and parent-teacher meetings.
• Financial Transactions: Payment processing, tuition tracking, and payroll management.
• Health and Safety: Recording immunization data, emergency contacts, and school transportation details.
• System Security: User authentication, fraud prevention, and access control.

EduCore processes personal data based on:

• Consent: Schools obtain parental or guardian consent before collecting data for students under 13 years of age as required by COPPA.
• Legitimate Interest: Data processing necessary for school operations and administration.
• Legal Compliance: Adherence to FERPA and other regulatory obligations.
• Contractual Necessity: Providing services requested by schools under service agreements.

EduCore implements strict security measures to protect personal data, including:

• Encryption: All data is encrypted in transit and at rest using industry-standard protocols.
• Access Controls: Role-based permissions ensure access is limited to authorized personnel.
• Secure Servers: Data is stored on ISO 27001-certified cloud servers with routine security audits.
• Data Backups: Regular encrypted backups prevent data loss in case of system failures.
• Incident Response: A dedicated team monitors and responds to security threats.

EduCore does not sell or lease personal data. Data may be shared with:

• Educational Institutions: Schools have full access to student and staff records.
• Service Providers: Third-party vendors handling payments, analytics, or integrations (e.g., Office 365, OneRoster, Zapier) operate under strict data protection agreements.
• Regulatory Authorities: Data may be disclosed if legally required for audits, investigations, or compliance with government mandates.

Parents, guardians, and eligible students (above 18 years) have the right to:

• Access Records: Request a copy of personal data stored in the system.
• Request Corrections: Update or correct inaccurate information.
• Opt-Out of Communications: Manage preferences for emails, SMS notifications, and automated messages.
• Request Data Deletion: Schools may request data deletion where legally permissible.

All requests must be submitted through the school’s administrative office, which serves as the data controller. EduCore processes requests within 30 days unless legal retention requirements apply.

EduCore uses cookies and similar tracking tools for:

• User Authentication: Keeping sessions active after login.
• Performance Analytics: Monitoring system performance and usage trends.
• Security Purposes: Preventing unauthorized access and fraud detection.

Users may disable cookies via browser settings, though certain features may become unavailable.

EduCore retains data only for as long as necessary to fulfill its educational services and legal obligations.

• Student records remain active while the student is enrolled. Schools determine retention after graduation.
• Financial transactions are retained for seven years as required by tax laws.
• User account data is deleted upon request or after a school terminates service.

EduCore primarily stores and processes data within the United States. If data transfers occur across jurisdictions, GDPR-compliant safeguards ensure legal data handling.

EduCore reserves the right to update this Privacy Policy to reflect changes in legal requirements, system functionalities, or security practices.

• Updates will be communicated through school administrators and the EduCore platform.
• Continued use of the system constitutes acceptance of any revisions.

For inquiries regarding this Privacy Policy, data processing practices, or user rights, contact:

EduCore Data Protection Officer

• [email protected]