P
ProofSchool

Privacy

Privacy Policy

Version 1.0 · Effective 14 May 2026

This Privacy Policy explains how ProofChain Private Limited (“ProofChain”, “we”) handles personal data collected through ProofSchool. It is drafted to align with the Digital Personal Data Protection Act 2023 (“DPDP Act”), the IT Rules 2011, and best practice for processors of minor data.

ProofSchool is a B2B platform. The school using ProofSchool is the Data Fiduciary. ProofChain is the Data Processor. We process personal data only on the school's documented instructions. The school is responsible for the lawful basis of processing, parental consent, and the underlying relationship with respondents.

1.What we collect

We process the following categories of personal data:

  • School admin data — name, email, phone (optional), role, school affiliation. Collected during onboarding from the principal-administrator. Used to administer the account.
  • Teacher data — name, employee code (optional), email (optional), subjects, sections, grade band. Uploaded by the school admin. Used to identify the subject of each assessment report.
  • Student response data — anonymous feedback answers, language preference, response timestamp. No student name, no student identifier. We collect a hashed IP per response for rate-limiting and audit purposes only; the raw IP is never stored.
  • Parental consent records — consent token, hashed IP, terms version, timestamp, school + class reference. Recorded before any student response is accepted from a minor.
  • Teacher self-submissions — structured text artifacts (lesson plan, assessment paper, reflective practice). Authored by the teacher, retained as evidence.
  • Billing data — handled by Razorpay; we store the resulting payment confirmation, amount, and order metadata. Card / UPI details never reach our servers.
  • Diagnostic data — error reports (Sentry), uptime telemetry (Better Stack), and infrastructure logs. Diagnostic data is filtered to exclude student response content.

2.What we do not collect

  • We do not collect student names, government IDs (Aadhaar, etc.), location data, biometric data, financial details tied to minors, or any health information.
  • We do not collect or store raw IP addresses. Response IPs are hashed at the edge and the original is discarded.
  • We do not place tracking cookies on the public response forms. Admin dashboard uses Firebase Auth session cookies only — no third-party tracking.

3.How we use it

We process personal data only for these purposes, all on the school's documented instructions:

  • Run anonymous feedback collection cycles configured by the school admin.
  • Generate AI per-teacher reports for the school's internal use and optional SARAS upload.
  • Provide the principal-administrator with audit trails of consent, response volume, and report generation.
  • Handle billing and account administration.
  • Respond to support requests, grievance officer queries, and DPDP data principal rights requests.
  • Maintain platform security, prevent abuse, and meet legal obligations.

4.Parental consent for minor data

The DPDP Act treats students under 18 as Children. We will not process Children's personal data without verifiable parental consent.

In practice this means:

  • Before a student response is submitted, a parental consent step records the parent's signature (digital or paper-slip-home for primary schools), the terms version, the timestamp, and a hashed IP for audit. Schools that use the paper-slip-home flow upload an attestation that consent forms are on file.
  • A parent may revoke consent at any time by emailing privacy@proofchain.in or contacting the school. Revocation triggers erasure of all responses attributable to that student's consent token within 30 days; the audit trail of consent + erasure is retained as required by the DPDP Act.
  • Anonymised aggregates and AI-generated narrative excerpts that have already been incorporated into a closed assessment report remain in that report; on parent request, ProofChain will redact the originating verbatim quote.

5.Where data lives

All school + student data is stored in asia-south1 (Mumbai) Firestore + Storage operated by Google Cloud. Data does not leave India for processing.

Sub-processors (third parties to whom we entrust limited categories of data, by purpose):

  • Google Cloud / Firebase — primary hosting, database, storage, authentication. India region.
  • Anthropic — AI inference for narrative report generation and artifact evaluation. We pass aggregated text inputs only; no minor identifiers. By Anthropic policy, customer inputs are not used for model training.
  • Razorpay — payment processing for annual subscription orders and recharge packs. PCI-DSS compliant; we never see card / UPI details.
  • Resend — transactional email delivery (invoices, password resets, report-ready notifications).
  • Sentry — error monitoring on the admin dashboard. Diagnostic events only; response content is filtered out.
  • Better Stack — uptime monitoring and status page. No customer data passes through.

The current sub-processor list is also published in our Data Processing Addendum and updated quarterly. We will give schools 30 days' notice before adding a new sub-processor with access to school or student personal data; schools may object in writing, which will trigger a good-faith discussion and a right to terminate without penalty if no resolution is reached.

6.Retention

We retain school + student data for the duration of the School's subscription. On subscription end (cancellation or non-renewal):

  • A 90-day grace window for the School to export reports, audit trails, and aggregate data.
  • After 90 days, school and student personal data is purged. The audit trail of consent + erasure is retained as required by the DPDP Act.
  • Billing records (invoices, payment confirmations) are retained for 8 years to meet tax and audit obligations under Indian law.

7.Data principal rights (DPDP)

Under the DPDP Act, the data principal (the person whose data is being processed — typically a student, parent, or teacher) has the right to:

  • Access a summary of their personal data we hold.
  • Correct inaccurate or outdated data.
  • Erase data, subject to lawful retention exceptions.
  • Nominate another person to exercise their rights on their behalf.
  • Grievance redressal (see Section 11).

Because ProofChain is the Data Processor and the school is the Data Fiduciary, requests should be addressed to the school in the first instance. Where ProofChain receives a request directly, we will route it to the relevant school and assist them in responding.

8.Security

We protect personal data with technical and organisational measures appropriate to the risk:

  • Transport encryption — TLS 1.2+ for all connections.
  • At-rest encryption — Firestore and Storage encrypt at rest by default (Google Cloud AES-256).
  • Authentication — Firebase Auth with strong password requirements; session expiry; admin impersonation audit-logged.
  • Authorisation — Firestore Security Rules enforce school-level isolation. Engineers cannot read school data without a logged access request approved by the school admin.
  • Audit log — every admin action, consent capture, AI generation, and credit debit is recorded immutably and exportable on request.
  • Incident response — documented and rehearsed 72-hour breach notification path (see Section 9).

9.Breach notification

If we become aware of a personal data breach affecting school or student data, we will:

  • Notify the affected School's principal-administrator in writing within 72 hours of discovery, with available facts on scope, cause, and remediation in progress.
  • Notify the Data Protection Board of India as required by the DPDP Act.
  • Cooperate with the School's onward notification to data principals where required.
  • Publish a post-incident summary at status.proofschool.in once forensic facts are confirmed.

10.No cross-product joins, no model training

ProofChain operates multiple products (ProofScript, ProofBooks, ProofSound, ProofLegal, ProofTrain, ProofSchool). School data lives in dedicated ProofSchool collections in Firestore. Engineers cannot query or join school data with data from other products. ProofChain does not use school or student data to train external AI models.

11.Grievance officer

Under the IT Rules 2021, our grievance officer is:

Aravinth Raj S.C.
ProofChain Private Limited, Coimbatore, Tamil Nadu, India
grievance@proofchain.in

We acknowledge grievances within 24 hours and resolve them within 15 days. The Data Protection Officer designated under the DPDP Act's implementation rules will be appointed once the rules are notified; this contact will continue in the interim.

12.Changes to this policy

We may revise this Privacy Policy from time to time. Material changes (categories of data processed, retention periods, cross-border transfer, sub-processor additions) take effect on 30 days' notice to the principal-administrator at their registered email. Other changes take effect on publication.

13.Contact

For privacy questions, data principal rights requests, or to raise a concern:

ProofChain Private Limited
Coimbatore, Tamil Nadu, India
privacy@proofchain.in · grievance@proofchain.in