Privacy Policy

Your privacy is important to us. This policy explains how MadrasahSync handles your data.

Last Updated: January 1, 2026

1. Introduction

MadrasahSync ("we," "our," or "us") is a school management platform designed for Islamic educational institutions (Madrasahs). We are committed to protecting the privacy of all users, especially the children whose educational data we help manage.

Our Commitment

We are committed to complying with all applicable privacy laws, including COPPA (Children's Online Privacy Protection Act), FERPA (Family Educational Rights and Privacy Act), and GDPR where applicable.

2. Information We Collect

Data Type Examples Purpose
Account Information Name, email, password Authentication
School Information School name, address Identification
Student Information Name, DOB, progress Education records
Parent/Guardian Name, email, phone Communication
Teacher Information Name, email, classes Staff management
Payment Information Billing address Subscription billing

Automatically Collected Information

  • Usage Data: Features used, pages visited, actions taken.
  • Device Information: Device type, operating system, browser.
  • Log Data: IP address, access times, error logs.

Children's Privacy (COPPA Compliance)

MadrasahSync is designed for use by schools, teachers, and parents/guardians. We do not knowingly collect personal information directly from children under 13 without verifiable parental consent.

  • Student accounts are created by school administrators, not children.
  • Parents have full visibility into their child's data.
  • Student data is never sold or used for advertising.
  • Parents can request deletion at any time.

3. Parental Rights

Parents and guardians have the right to:

  1. Review their child's personal information.
  2. Request correction of inaccurate information.
  3. Request deletion of their child's information.
  4. Refuse further collection of their child's information.

4. FERPA Compliance

For U.S. schools, we act as a "school official" under FERPA:

  • Use education records only for specified purposes.
  • Never disclose records to third parties without consent.
  • Maintain appropriate security measures.
  • Delete records upon service termination.

5. How We Use Your Information

  • Provide Services: Operate the MadrasahSync platform.
  • Educational Management: Track progress and attendance.
  • Communication: Send notifications to users.
  • Billing: Process subscription payments.
  • Support: Respond to inquiries.
  • Security: Detect and prevent fraud.

6. Data Sharing

We share data with following third parties for service operation:

  • Supabase: Database hosting (All data encrypted).
  • Stripe: Payment processing (Billing info only).
  • Vercel: Web hosting (Traffic data).

We DO NOT:

  • Sell personal information to third parties.
  • Use student data for advertising.
  • Share data with data brokers.
  • Use personal information for AI training.

7. Data Security

We implement robust security measures including:

  • Encryption: TLS 1.3 in transit, AES-256 at rest.
  • Access Control: Role-based permissions and Row-Level Security.
  • Regular Audits: Periodic security reviews.
  • MFA: Multi-factor authentication available.

8. Contact Us

Questions about this Privacy Policy? Email: privacy@softups.com