Important: This policy is a global compliance baseline and should be reviewed by licensed legal
counsel before use in each country/state.
1. Introduction
We take your privacy seriously. This policy explains how [School Name] and our system provider collect, use,
and protect your personal information in compliance with GDPR.
2. What Data We Collect
Category
Examples
Legal Basis
Identity
Name, ID number, photo, date of birth.
Public Task (Education)
Contact
Email, phone number, home address.
Public Task / Contract
Academic
Grades, attendance, class schedule.
Public Task
Health (Sensitive)
Allergies, medical conditions.
Explicit Consent / Vital Interests
3. How We Use Your Data
To manage your enrollment and academic progress.
To communicate with students and parents.
To ensure safety and medical care when needed.
To process fee payments (parents).
4. Data Retention
We keep your data only as long as necessary:
Student Record: Until you leave the school + 7 years (archived).
Health Data: Deleted 3 years after you leave.
Payment Records: Kept for 7 years for tax laws.
5. Your Rights (GDPR)
You have the right to:
Access: Request a copy of your data.
Rectify: Correct mistakes in your data.
Erase: Ask us to delete your data (Right to be Forgotten).
Export: Get your data in a portable format.
Object: Stop us from using your data in certain ways.
6. Cookie & Tracking Preferences
We use consent categories so users can control non-essential tracking:
Essential: Required for login, security, and platform operation.
Analytics: Helps us measure quality and improve performance.
Preferences: Remembers user choices and language.
Marketing: Optional and only enabled where legally allowed.
You can reject non-essential cookies or update preferences later. We also respect supported browser privacy
signals (such as Global Privacy Control and Do Not Track) for non-essential categories by default.
7. Regional Privacy Rights
Depending on location, users may also have rights to:
Opt out of sale/sharing of personal information (where applicable).
Limit use of sensitive personal information.
Appeal denied data-rights requests.
File complaints with local supervisory authorities.
8. Contact Us
If you have privacy questions, please contact our Data Protection Officer (DPO):
This page explains what we know about you and how we keep it safe.
What info do we have? ๐
We know your name, your birthday, your class, your grades, and who your parents are.
We also know if you have any allergies (like peanuts!) so we can keep you safe.
Why do we need it? ๐ซ
We need it to teach you! It helps us know which class you're in, print your report card, and call
your parents if you get sick.
Is it safe? ๐
Yes! We keep it in a secure computer system. Only your teachers and school staff
can see it. We don't sell it to anyone.
Can I see it? ๐
Sure! You can ask your teacher or parent to show you what info we have. If something is wrong (like
we spelled your name wrong), tell us and we'll fix it!