This Privacy Policy explains how ProofChain Private Limited (“ProofChain”, “we”) handles personal data collected through ProofSchool. It is drafted to align with the Digital Personal Data Protection Act 2023 (“DPDP Act”), the IT Rules 2011, and best practice for processors of minor data.
ProofSchool is a B2B platform. The school using ProofSchool is the Data Fiduciary. ProofChain is the Data Processor. We process personal data only on the school's documented instructions. The school is responsible for the lawful basis of processing, parental consent, and the underlying relationship with respondents.
1.What we collect
We process the following categories of personal data:
- School admin data — name, email, phone (optional), role, school affiliation. Collected during onboarding from the principal-administrator. Used to administer the account.
- Teacher data — name, employee code (optional), email (optional), subjects, sections, grade band. Uploaded by the school admin. Used to identify the subject of each assessment report.
- Student response data — anonymous feedback answers, language preference, response timestamp. No student name and no student identifier is stored with the answers, and the answers carry no IP address or device identifier — they cannot be traced to a student.
- Participation records — which roll numbers have responded in a cycle, so each student answers once and the school can see completion. These are kept separate from the answers and are never linked to them. We keep a hashed IP and device signal at this participation level for spam-prevention only; the raw IP is never stored.
- Teacher self-submissions — structured text artifacts (lesson plan, assessment paper, reflective practice). Authored by the teacher, retained as evidence.
- Billing data — handled by Razorpay; we store the resulting payment confirmation, amount, and order metadata. Card / UPI details never reach our servers.
- Diagnostic data — error reports (Sentry), uptime telemetry (Better Stack), and infrastructure logs. Diagnostic data is filtered to exclude student response content.
2.What we do not collect
- We do not collect student names, government IDs (Aadhaar, etc.), location data, biometric data, financial details tied to minors, or any health information.
- We do not collect or store raw IP addresses. Response IPs are hashed at the edge and the original is discarded.
- We do not place tracking cookies on the public response forms. Admin dashboard uses Firebase Auth session cookies only — no third-party tracking.
3.How we use it
We process personal data only for these purposes, all on the school's documented instructions:
- Run anonymous feedback collection cycles configured by the school admin.
- Generate AI per-teacher reports for the school's internal use and optional SARAS upload.
- Provide the principal-administrator with audit trails of consent, response volume, and report generation.
- Handle billing and account administration.
- Respond to support requests, grievance officer queries, and DPDP data principal rights requests.
- Maintain platform security, prevent abuse, and meet legal obligations.
4.Student feedback is anonymous
ProofSchool is built so that a student's feedback cannot be traced back to the student. When a student responds, we do not store their name, a login, or any identifier alongside their answers. Neither the teacher nor the school can see who said what.
In practice this means:
- A roll number is used at the start of the form only to ensure each student answers once. It is recorded separately from the answers, is never linked to what was said, and that link is not readable by the teacher, the school, or any other ProofSchool user. The answers themselves carry no roll number, IP address, or device identifier.
- Your school owns and manages its student roster (names and roll numbers) and is the Data Fiduciary for that information. ProofChain processes it only on the school's instructions. Any notice to parents about a child taking part in school feedback is provided by the school under its own admission terms.
- Because individual responses are anonymous, they cannot be singled out and tied to one student. A parent who does not want their child to take part can ask the school to exclude them from a feedback cycle. Questions about a child's data can be sent to the school or to privacy@proofchain.in.
5.Where data lives
All school + student data is stored in asia-south1 (Mumbai) Firestore + Storage operated by Google Cloud. Data does not leave India for processing.
Sub-processors (third parties to whom we entrust limited categories of data, by purpose):
- Google Cloud / Firebase — primary hosting, database, storage, authentication. India region.
- Anthropic — AI inference for narrative report generation and artifact evaluation. We pass aggregated text inputs only; no minor identifiers. By Anthropic policy, customer inputs are not used for model training.
- Razorpay — payment processing for annual subscription orders and recharge packs. PCI-DSS compliant; we never see card / UPI details.
- Resend — transactional email delivery (invoices, password resets, report-ready notifications).
- Sentry — error monitoring on the admin dashboard. Diagnostic events only; response content is filtered out.
- Better Stack — uptime monitoring and status page. No customer data passes through.
The current sub-processor list is also published in our Data Processing Addendum and updated quarterly. We will give schools 30 days' notice before adding a new sub-processor with access to school or student personal data; schools may object in writing, which will trigger a good-faith discussion and a right to terminate without penalty if no resolution is reached.
6.Retention
We retain school + student data for the duration of the School's subscription. On subscription end (cancellation or non-renewal):
- A 90-day grace window for the School to export reports, audit trails, and aggregate data.
- After 90 days, school and student personal data is purged. The audit trail of consent + erasure is retained as required by the DPDP Act.
- Billing records (invoices, payment confirmations) are retained for 8 years to meet tax and audit obligations under Indian law.
7.Data principal rights (DPDP)
Under the DPDP Act, the data principal (the person whose data is being processed — typically a student, parent, or teacher) has the right to:
- Access a summary of their personal data we hold.
- Correct inaccurate or outdated data.
- Erase data, subject to lawful retention exceptions.
- Nominate another person to exercise their rights on their behalf.
- Grievance redressal (see Section 11).
Because ProofChain is the Data Processor and the school is the Data Fiduciary, requests should be addressed to the school in the first instance. Where ProofChain receives a request directly, we will route it to the relevant school and assist them in responding.
8.Security
We protect personal data with technical and organisational measures appropriate to the risk:
- Transport encryption — TLS 1.2+ for all connections.
- At-rest encryption — Firestore and Storage encrypt at rest by default (Google Cloud AES-256).
- Authentication — Firebase Auth with strong password requirements; session expiry; admin impersonation audit-logged.
- Authorisation — Firestore Security Rules enforce school-level isolation. Engineers cannot read school data without a logged access request approved by the school admin.
- Audit log — every admin action, consent capture, AI generation, and credit debit is recorded immutably and exportable on request.
- Incident response — documented and rehearsed 72-hour breach notification path (see Section 9).
9.Breach notification
If we become aware of a personal data breach affecting school or student data, we will:
- Notify the affected School's principal-administrator in writing within 72 hours of discovery, with available facts on scope, cause, and remediation in progress.
- Notify the Data Protection Board of India as required by the DPDP Act.
- Cooperate with the School's onward notification to data principals where required.
- Publish a post-incident summary at status.proofschool.in once forensic facts are confirmed.
10.No cross-product joins, no model training
ProofChain operates multiple products (ProofScript, ProofBooks, ProofSound, ProofLegal, ProofTrain, ProofSchool). School data lives in dedicated ProofSchool collections in Firestore. Engineers cannot query or join school data with data from other products. ProofChain does not use school or student data to train external AI models.
11.Grievance officer
Under the IT Rules 2021, our grievance officer is:
Aravinth Raj S.C.
ProofChain Private Limited, India
legal@proofchain.in
We acknowledge grievances within 24 hours and resolve them within 15 days. The Data Protection Officer designated under the DPDP Act's implementation rules will be appointed once the rules are notified; this contact will continue in the interim.
12.Changes to this policy
We may revise this Privacy Policy from time to time. Material changes (categories of data processed, retention periods, cross-border transfer, sub-processor additions) take effect on 30 days' notice to the principal-administrator at their registered email. Other changes take effect on publication.
13.Contact
For privacy questions, data principal rights requests, or to raise a concern:
ProofChain Private Limited
India
privacy@proofchain.in · legal@proofchain.in