Last updated: April 2026

Privacy Policy

Your school's data is yours. Here's exactly how we handle it.

1. Overview

ZenCampus ("we", "our", or "us") is committed to protecting the privacy of schools, teachers, parents, and students who use our platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information.

By using ZenCampus, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Information You Provide

School and institutional data:

  • School name, address, and official contact details
  • Administrator, teacher, and staff names, email addresses, and phone numbers

Student records (entered by school administrators):

  • Full name, admission number, date of birth, gender, nationality
  • Aadhaar number (where provided for identification purposes)
  • Blood group and medical conditions (where disclosed for welfare purposes)
  • Permanent and current address
  • Emergency contact name and phone number
  • Attendance records, assessment marks, and academic progress notes
  • Enrolment date, class assignment, and student status

Parent and guardian data:

  • Full name, email address, and phone number (used for account access and WhatsApp notifications)
  • Relationship to the linked student(s)

Financial data:

  • Fee category configuration and per-student fee amounts
  • Payment amounts, dates, modes, and receipt references
  • Fee waivers, discounts, and outstanding balances
  • No full card or bank account numbers are stored

2.2 Information Collected Automatically

  • Browser type, operating system, and IP address
  • Pages visited, timestamps, and session duration
  • Audit log entries: user identity, action type, affected resource, millisecond-accurate timestamp, and originating IP address
  • Error logs and performance diagnostics

3. How We Use Your Data

  • Provide, operate, and maintain ZenCampus platform services
  • Send account-related notifications — including fee reminders, attendance alerts, and school announcements — via email and WhatsApp Business API
  • Process fee payments, generate receipts, and maintain financial records
  • Generate anonymised analytics to improve the platform
  • Maintain tamper-proof audit logs of administrative actions for accountability and compliance
  • Respond to support requests and troubleshoot issues
  • Comply with legal obligations

We do not use student data for advertising, profiling, or resale under any circumstances.

4. Data Sharing

4.1 Service Providers

We engage trusted third-party vendors who process data only on our behalf under strict contractual obligations. Current sub-processors include:

  • Supabase (AWS infrastructure) — database hosting, authentication, and file storage. Supabase holds SOC 2 Type II certification.
  • Meta (WhatsApp Business API) — delivery of attendance alerts, fee reminders, and school announcements to parents via WhatsApp. Messages use Meta-approved templates only; ZenCampus does not store message content.
  • Vercel — application hosting and serverless function execution.

4.2 Legal Disclosure

We may disclose information if required by law or valid requests by public authorities. We will notify your institution prior to disclosure unless legally prohibited.

4.3 Business Transfers

In the event of a merger or acquisition, we will notify affected institutions at least 30 days in advance and provide an option to export and delete data.

5. Data Retention

We retain your school's data for the duration of your active subscription plus a 90-day grace period after cancellation, during which you may export your data. After this, all personal data is permanently deleted.

6. Security

  • All data in transit is encrypted via TLS 1.2+
  • Data at rest is encrypted using AES-256
  • Access to production systems requires MFA from authorised personnel
  • Regular penetration testing and vulnerability assessments are conducted
  • Automated daily backups with geographic redundancy

In the event of a confirmed data breach, we will notify your school within 72 hours.

7. Your Rights

  • Access - request a copy of personal data we hold
  • Correction - update inaccurate or incomplete data
  • Erasure - request deletion of your data
  • Portability - export your school's data (CSV / JSON)
  • Opt-out - unsubscribe from marketing communications anytime

To exercise any right, contact privacy@zencampus.in. We respond within 30 days.

8. Cookies

  • Essential cookies - required for the platform to function
  • Analytics cookies - anonymised usage data; can be disabled in browser settings

We do not use advertising or cross-site tracking cookies.

9. Children's Privacy

ZenCampus is a B2B platform sold to schools, not directly to students. Students do not hold user accounts on the platform — they are represented as data entities managed by school administrators. Parents/guardians are the registered users who can view their child's data. Schools are responsible for obtaining any parental consents required under applicable law (including DPDP Act obligations in India) before entering student data into the platform.

Sensitive student data — including Aadhaar numbers, medical conditions, and blood group — should only be entered when required for the school's operational or regulatory needs and must be handled in accordance with applicable data protection law.

10. Policy Changes

When we make material changes, we will notify the primary school administrator via email at least 14 days before they take effect. Continued use of ZenCampus after changes constitutes acceptance of the revised policy.

11. Contact Us

Have a data-related question?

Our privacy team responds within one business day.

Contact Privacy Team

Terms of Service

Your rights, responsibilities, and usage rules.

Read Terms

Book a Demo

See ZenCampus live before deciding.

Schedule now