Privacy Policy

Your privacy and data security are our top priorities

Last Updated: December 2026

1. Introduction

Welcome to AcadVista. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our academic management application (the "App"). AcadVista is designed as an institutional tool for educational institutions to manage academic data, and we are committed to protecting your privacy and ensuring the security of your information.

Please read this Privacy Policy carefully. By using the App, you acknowledge that you have read and understood this policy and agree to be bound by its terms. If you do not agree with the terms of this Privacy Policy, please do not use the App.

2. Data Controller and Processor Roles

AcadVista as a Data Processor: AcadVista functions primarily as a data processor on behalf of educational institutions (the "Data Controllers"). The institutions using AcadVista are responsible for the collection, use, and disclosure of student and staff data in accordance with applicable laws and regulations.

Institutional Responsibility: Your educational institution is the Data Controller and determines what data is collected, how it is used, and the purposes for processing. AcadVista processes this data solely on behalf of and under the instructions of your institution.

Our Role: We provide the technological infrastructure and services to enable institutions to manage their academic operations efficiently and securely.

3. Information We Collect

The information collected through AcadVista is determined by your educational institution. The types of data typically processed include:

3.1. Personal Information

  • Student Data: Name, enrollment number, date of birth, contact information, academic records, attendance records, examination marks, fee details, and other educational data.
  • Faculty/Staff Data: Name, employee ID, contact information, subject assignments, timetable information, and other professional details.
  • Parent/Guardian Data: Name and contact information for communication purposes.

3.2. Authentication Data

  • Email and Password: We use Firebase Authentication with email and password credentials. Your password is securely hashed and encrypted by Firebase, and we never have access to your plain-text password.
  • Profile Information: Your email address, name, and optional profile picture are stored to provide personalized access to the App.

3.3. Usage Data

  • Information about how you interact with the App, such as features accessed and actions performed within institutional permissions.

3.4. Device Information

  • Device type, operating system version, and unique device identifiers for the purpose of providing and improving the App's functionality.

3.5. Photos and Files

  • Profile Photos: Users may upload profile photos, which are stored securely in Firebase Cloud Storage.
  • Document Downloads: The App allows downloading of reports and academic documents as needed.

4. How We Use Your Information

AcadVista processes data solely for the purposes instructed by your educational institution, which typically include:

  • Academic Management: Managing attendance, marks, timetables, inventory, committees, and other academic operations.
  • Communication: Facilitating communication between students, faculty, and administration through notifications and announcements.
  • Analytics and Reporting: Generating reports on attendance, performance, and other metrics for institutional decision-making.
  • Service Improvement: Analyzing usage patterns to improve the App's features and user experience.
  • Authentication and Security: Verifying user identity and maintaining the security of institutional data.

5. Data Storage and Security

5.1. Cloud Infrastructure

All data is stored in Google Cloud Firebase, which provides enterprise-grade security and complies with international data protection standards including GDPR and SOC 2.

  • Firestore Database: Stores all academic and user data with automatic encryption at rest and in transit.
  • Cloud Storage: Stores profile photos and documents with secure, authenticated access.
  • Firebase Authentication: Manages user authentication with industry-standard security protocols.

5.2. Security Measures

  • Role-Based Access Control: Access to data is strictly controlled based on user roles (student, faculty, admin) and institutional permissions.
  • Data Encryption: All data is encrypted in transit using TLS/SSL and at rest using industry-standard encryption.
  • Multi-Tenant Architecture: Each institution's data is logically separated and cannot be accessed by other institutions.
  • Regular Security Audits: We perform regular security reviews and updates to maintain the highest security standards.
  • Secure Authentication: Firebase Authentication provides industry-standard email/password authentication with bcrypt password hashing and secure session management.

5.3. Data Retention

Data is retained as long as your educational institution maintains an active account with AcadVista or as required by applicable laws and regulations. Your institution controls data retention policies.

6. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. Data is shared only in the following circumstances:

  • Within Your Institution: Data is accessible to authorized users within your institution based on their role and permissions.
  • Service Providers: We use Google Cloud Platform and Firebase (both operated by Google LLC) to host and manage data. Google processes data in accordance with their privacy policies and data processing agreements.
  • Legal Compliance: We may disclose information if required by law, court order, or government regulation, or to protect the rights, property, or safety of AcadVista, our users, or others.
  • Institutional Transfer: If your institution requests data export or transfer, we will comply with their lawful instructions.

Important: AcadVista does NOT use any third-party analytics services (such as Google Analytics, Facebook Analytics, etc.) and does NOT integrate any advertising networks. We do not track users for advertising purposes.

7. Third-Party Services

The App integrates with the following third-party service:

Firebase has its own privacy policy and terms of service. We encourage you to review them to understand how Google handles your data.

8. Your Rights and Choices

Depending on your jurisdiction and applicable laws, you may have the following rights:

  • Access: Request access to the personal data we process on behalf of your institution.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your data, subject to institutional policies and legal requirements.
  • Restriction: Request restriction of processing in certain circumstances.
  • Data Portability: Request a copy of your data in a structured, commonly used format.
  • Objection: Object to processing of your data in certain circumstances.

To exercise these rights: Please contact your educational institution directly, as they are the Data Controller. They will coordinate with AcadVista to fulfill your requests.

9. Permissions and Device Access

The App may request the following permissions on your device:

  • Internet Access: Required to connect to Firebase backend services and sync data.
  • Storage: Used for caching data, storing downloaded reports, and managing profile photos locally.
  • Notifications: Used to send important updates, announcements, and alerts from your institution (via Firebase Cloud Messaging).
  • Camera (Future): May be requested in future updates for features like document scanning or profile photo capture. This permission is not currently active.

You can manage these permissions in your device settings. Note that denying certain permissions may limit the functionality of the App.

10. Children's Privacy

AcadVista is designed for use by educational institutions and may be used by students of various ages. We do not knowingly collect personal information directly from children under 13 without institutional authorization and parental consent where required by law.

Educational institutions using AcadVista are responsible for obtaining necessary consents and complying with applicable laws regarding children's data, including COPPA (Children's Online Privacy Protection Act) in the United States and similar regulations in other jurisdictions.

11. International Data Transfers

Your data may be transferred to and processed in countries other than your own, including the United States and other countries where Google Cloud Platform operates data centers. These countries may have data protection laws that differ from your jurisdiction.

We rely on Google Cloud Platform's compliance with international data protection frameworks, including:

  • EU-US Data Privacy Framework
  • Standard Contractual Clauses (SCCs)
  • GDPR compliance measures

For more information, see Google Cloud Privacy.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will update the "Last Updated" date at the top of this policy.

Material Changes: If we make material changes that significantly affect your privacy rights, we will notify you through the App or via email (if provided), and we may require you to accept the updated policy to continue using the App.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

13. Data Breach Notification

In the unlikely event of a data breach that affects your personal information, we will notify your educational institution promptly, and they will notify affected individuals as required by applicable laws.

We maintain incident response procedures and work with our infrastructure providers to minimize the risk of data breaches and respond effectively if they occur.

14. Compliance with Laws

We are committed to complying with applicable data protection and privacy laws, including but not limited to:

  • General Data Protection Regulation (GDPR) - European Union
  • Family Educational Rights and Privacy Act (FERPA) - United States
  • Children's Online Privacy Protection Act (COPPA) - United States
  • Information Technology Act, 2000 - India
  • Other applicable local, state, national, and international laws

15. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact:

AcadVista Privacy Team

Developer: Dr. Prabhjot Singh

Email: prabhjot.bajwa1@gmail.com

Website: www.acadvista.in

For data access, correction, or deletion requests: Please contact your educational institution first, as they are the Data Controller. If you need assistance, you can also reach out to us at the contact information above.

16. Acceptance of This Policy

By using AcadVista, you signify your acceptance of this Privacy Policy. If you do not agree with this policy, please do not use our App. Your continued use of the App following the posting of changes to this policy will be deemed your acceptance of those changes.

Thank you for trusting AcadVista with your academic management needs. We are committed to protecting your privacy and providing a secure, reliable platform for educational institutions.