Privacy Notice
Introduction and Scope
This Privacy Notice applies exclusively to School Administrators ("Admins" or "Data Principals") accessing the web dashboard at lms.thepedagogycommunity.org.
This notice outlines how The Pedagogy Community ("We," "Us," or the "Data Fiduciary") collects, processes, and protects your data in compliance with the Digital Personal Data Protection (DPDP) Act, 2023 of India.
Note: Teachers and individual end-users accessing our training applications are governed by a separate Privacy Notice and Terms of Service.
Categorisation of Data Collected
A. Personal Data (Governed by DPDP Act)
When an Admin creates an account or accesses the dashboard, we collect:
Identity & Contact Data: Admin's full name and email address.
B. School / Entity Data (Not classified as Personal Data)
To register and verify the institution, we collect institutional records, including:
Identification: School name, School board, Registration / UDISE number, GST number (optional).
Location & Contact: Country, State, District, City, PIN Code, School phone, School email, Website.
Operational Details: School type, School level, Academic year start date.
C. Financial & System Data
Payment Data: Handled securely via our payment gateway partner (Razorpay). We do not store full credit card or bank account numbers on our servers.
Analytics: Usage data generated during your interaction with the LMS dashboard, processed via Amazon Web Services (AWS) analytics.
Purpose of Processing
We process the collected data strictly for the following purposes:
Account Provisioning: To create, authenticate, and manage your Admin access to the LMS dashboard.
Service Delivery: To facilitate the onboarding of your school and the subsequent management of teacher accounts.
Billing & Compliance: To process subscription payments via Razorpay and generate GST-compliant invoices.
Platform Improvement: To monitor system health and improve platform functionality using AWS analytics.
Communication: To send critical service updates, security alerts, and administrative notices.
Sub-Processors and Data Sharing
We do not sell, rent, or trade your Personal Data. We share data only with strictly vetted third-party sub-processors required to operate our platform:
Amazon Web Services (AWS): For secure cloud hosting, database infrastructure, and platform analytics.
Razorpay: For secure payment processing and subscription billing.
These sub-processors are legally bound to process data only on our explicit instructions and maintain security standards compliant with Indian law.
Data Retention Policy
We enforce the following retention protocols:
Institutional Data: Because non-personal Entity Data (e.g., School UDISE, GST, historical billing data) does not fall under the DPDP Act, School data is retained indefinitely or in accordance with our overarching Terms of Service, even if a specific Admin account is deleted. This ensures institutional continuity.
Admin Personal Data: Your personal name and email address will be retained for as long as your Admin account is active. If you request account deletion, or your authorisation is revoked by the School, your Personal Data will be erased or fully anonymised, provided there are no pending legal or billing disputes.
Rights of the Data Principal
Under the DPDP Act 2023, as an Admin providing Personal Data, you possess the following rights:
Right to Access: You may request a summary of the Personal Data we process about you.
Right to Correction & Erasure: You may request that we correct inaccurate Personal Data or erase your Personal Data (subject to the retention of institutional data outlined in Section 5).
Right to Nominate: You have the right to nominate an individual to exercise these rights on your behalf in the event of your death or incapacity.
Right to Grievance Redressal: You have the right to readily available means of grievance redressal (see Section 8).
Security Measures
Your data is stored securely on AWS infrastructure. We implement industry-standard organisational and technical measures, including role-based access control, encryption in transit, and secure database architecture, to protect against unauthorised access, alteration, or data breaches.
Grievance Redressal
In accordance with the DPDP Act 2023, if you have any questions, wish to exercise your data rights, or need to report a privacy concern, please contact our Grievance Officer:
Email: info@thepedagogycommunity.org
We aim to acknowledge all grievances within 48 hours and resolve them within the legally mandated timelines.
For questions, data-rights requests, or privacy concerns, contact us at info@thepedagogycommunity.org. We respond within 48 hours and resolve within legally mandated timelines under the DPDP Act 2023.