Overview

Our commitment to data protection

At Scolvia, we understand that educational data is among the most sensitive information institutions handle. This Privacy Policy explains our practices regarding the collection, use, storage, and protection of personal data when you use our School ERP platform.

We process personal data in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) in the European Union, the Family Educational Rights and Privacy Act (FERPA) in the United States, and other relevant regulations in the jurisdictions where we operate.

Important Note

By using Scolvia, you acknowledge that you have read and understood this Privacy Policy. If you are using Scolvia on behalf of an educational institution, you confirm that you have the authority to bind that institution to these terms.

Information We Collect

Types of data we process

We collect different types of information depending on your role and how you interact with our platform. This data helps us provide, improve, and secure our services.

Institution Information

School name, address, contact details, and registration information
Administrative staff details and authorization documents
Financial and billing information for subscription management
Institutional policies and configuration settings

Student Information

Personal details: name, date of birth, student ID, and photograph
Academic records: grades, attendance, assignments, and progress reports
Guardian/parent contact information and emergency contacts
Medical information and special requirements (when provided)

Staff Information

Professional details: name, role, department, and qualifications
Contact information: email, phone, and office location
Employment records: hire date, contracts, and performance data
Teaching assignments, schedules, and workload information

Automatically Collected Information

Device information: IP address, browser type, operating system
Usage data: login times, features accessed, and session duration
Cookies and similar tracking technologies (see Cookies section)
Error logs and diagnostic data for troubleshooting

How We Use Information

Purposes for data processing

We use the collected information for various purposes to deliver our services effectively and improve user experience. All processing is done with a valid legal basis under applicable data protection laws.

Service Delivery

Provide and maintain core ERP functionality for institutions

User Management

Manage accounts, authentication, and access controls

Communications

Send important updates, alerts, and service notifications

Analytics

Generate insights and reports for institutional improvement

Security

Detect and prevent fraud, abuse, and security incidents

Improvement

Enhance our services based on usage patterns and feedback

Legal Basis for Processing

We process personal data based on: (1) Contract - to fulfill our service agreement, (2) Legal Obligation - to comply with education and tax laws, (3) Legitimate Interests - for security and service improvement, and (4) Consent - for optional features like marketing communications.

Information Sharing

When and how we share your data

We take your privacy seriously and do not sell personal data. We only share information in limited, specific circumstances:

Within Your Institution

Data is shared between authorized users within your educational institution according to role-based access permissions.

Service Providers

We use trusted third-party services for hosting (AWS), analytics, and customer support, all bound by strict data protection agreements.

Legal Requirements

We may disclose data when required by law, court order, or to protect our rights, property, or safety.

Business Transfers

In the event of a merger, acquisition, or asset sale, personal data may be transferred with appropriate safeguards.

Data Security

How we protect your information

We implement comprehensive security measures to protect personal data from unauthorized access, alteration, disclosure, or destruction.

Encryption

AES-256 encryption for data at rest and TLS 1.3 for data in transit

Infrastructure

SOC 2 Type II certified data centers with 99.9% uptime guarantee

Access Control

Role-based access with MFA and comprehensive audit logging

Security Certifications

Our security practices are validated by independent third-party auditors. Scolvia maintains:

ISO 27001 SOC 2 Type II GDPR Compliant FERPA Compliant

Data Retention

How long we keep your data

We retain personal data only as long as necessary to provide our services, comply with legal obligations, resolve disputes, and enforce our agreements.

Account Data

Retained for the duration of your account plus 30 days after deletion for recovery purposes.

Educational Records

Retained according to institutional policies and legal requirements (typically 3-7 years).

Usage Logs

Retained for 12 months for security analysis and system improvement.

Payment Information

Billing records retained for 7 years per tax and accounting regulations.

Data Deletion Requests

You can request deletion of your personal data at any time. We will comply within 30 days, subject to any legal obligations that require us to retain certain records.

Your Rights

Control over your personal data

Under data protection laws, you have specific rights regarding your personal information. We are committed to honoring these rights:

Right to Access

Request a copy of your personal data we hold

Right to Rectification

Correct inaccurate or incomplete personal data

Right to Erasure

Request deletion of your personal data under certain conditions

Right to Restrict

Limit how we process your personal data

Right to Portability

Receive your data in a structured, machine-readable format

Right to Object

Object to processing based on legitimate interests

How to Exercise Your Rights

To exercise any of these rights, please contact us at privacy@scolvia.com. We may need to verify your identity before processing your request.

If you are unsatisfied with our response, you have the right to lodge a complaint with your local data protection authority.

Cookies & Tracking

How we use cookies and similar technologies

We use cookies and similar tracking technologies to enhance your experience, analyze usage, and deliver personalized content.

Cookie Type	Purpose	Duration	Your Control
Essential	Required for core functionality like authentication and security	Session - 1 year	Cannot be disabled
Functional	Remember preferences like language and display settings	1 year	Can be disabled
Analytics	Help us understand how users interact with our platform	2 years	Can be disabled
Marketing	Track visitors across websites for targeted advertising	90 days	Can be disabled

Managing Cookies

You can manage your cookie preferences through your browser settings or our cookie consent banner. Disabling certain cookies may affect the functionality of our services.

Children's Privacy

Protecting young users

Scolvia is designed for educational institutions and takes special care to protect the privacy of children under 13 years of age in compliance with COPPA (Children's Online Privacy Protection Act) and similar regulations worldwide.

Parental Consent

We require verifiable parental consent before collecting personal information from children under 13, in accordance with COPPA requirements.

Limited Collection

We collect only the minimum information necessary for educational purposes and do not use children's data for marketing.

Enhanced Security

Children's data receives additional security protections and is only accessible to authorized school personnel and parents/guardians.

Parental Rights

Parents and guardians can review their child's personal information, request deletion, and refuse further collection by contacting their child's school or emailing privacy@scolvia.com.

Policy Changes

Updates to this privacy policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

Notification of Changes

We will notify you of any material changes to this policy via email or through a prominent notice on our platform at least 30 days before the changes take effect.

Effective Date

The effective date of the current version is displayed at the top of this page. Previous versions are available upon request.

Your Continued Use

By continuing to use Scolvia after changes to this policy, you acknowledge and agree to the updated terms.

Review History

To view previous versions of this Privacy Policy or track changes over time, please contact us at privacy@scolvia.com.

Contact Us

Get in touch with our privacy team

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email

For general privacy inquiries:

privacy@scolvia.com

Mailing Address

BitCandor Technologies Limited
Suite 2080A
60 Tottenham Court Road
London
United Kingdom

Need Help?

Our support team is available to assist you with any privacy-related questions or concerns.

Visit Support Center

Privacy Policy

On This Page

Questions?

Data Controller