Privacy policy

This policy explains how ARCHD Attendance (the "Service", the "System", or "we") collects, uses, discloses, and protects information when you use our applications or related websites. The Service is intended for students, teachers, staff, administrators, and other authorized users of an educational institution. By using the Service, you acknowledge that you have read this policy. If your institution provides additional policies or agreements, those apply where relevant.

1. Data controller

The service provider or system administrator designated by your educational institution determines the purposes and means of processing data in the system. For questions about your data, contact your institution's administrator or the unit your institution has assigned.

2. Information we may collect

Depending on your institution's configuration and enabled features, we may process:

• Account and identity data, such as institutional ID or email, name, role (e.g., student, teacher, administrator), and credentials used to sign in.
• Attendance and related activity data, such as check-in times, attendance status, class sessions, or records created under your institution's processes.
• Device and technical logs, such as device type, operating system, app version identifiers, or information required for security and troubleshooting (as actually collected by the system).
• Location or classroom presence verification data, such as approximate location, network data, or other information used to help prevent proxy attendance, only where your institution enables those features.
• Analytics and performance data, such as usage events, error information, or technical data used to analyze, improve, and troubleshoot the Service, using non-identifying data where feasible.

3. Purposes of use

We or your institution may use data for lawful purposes, including:

• Providing attendance recording and reporting aligned with educational obligations and institutional management.
• Authenticating users, preventing unauthorized access, and maintaining system security.
• Verifying classroom presence or attendance conditions to help reduce proxy attendance or improper use.
• Complying with legal requirements or orders from competent authorities.
• Improving performance and stability (including anonymized analytics where feasible).

4. Legal bases

Processing may rely on bases such as performance of a contract or pre-contractual steps, compliance with legal obligations, or legitimate interests of the institution, depending on context and applicable data protection law.

5. Disclosure and transfers

Data is primarily used within your institution and by authorized operators. We may share data with infrastructure providers (e.g., hosting or cloud services) under appropriate safeguards. Cross-border transfers, if any, are handled in line with applicable laws.

6. Retention

We retain data only as long as necessary for the purposes above or as required by law and institutional policy. After that period, data is deleted, destroyed, or anonymized as appropriate.

7. Your rights

Subject to applicable law, you may have rights such as access, rectification, erasure or restriction, objection, withdrawal of consent (where consent is the basis), or lodging a complaint with a supervisory authority. Submit requests through channels your institution defines. See the "Account & data deletion" page or /en/data-deletion for erasure-related details.

8. Analytics, technical services, and external providers

The Service may use external providers for analytics, error processing, or infrastructure, such as hosting, cloud services, error logging, or usage analytics. These services help keep the System secure, stable, and appropriate for institutional use. Such information is used only as necessary to provide the Service, maintain security, and improve the System.

9. Security

We apply appropriate technical and organizational measures to protect data against unauthorized access, loss, or misuse. However, no internet transmission is completely secure; please protect your sign-in credentials.

10. Changes to this policy

We may update this policy from time to time. Material changes will be communicated through appropriate channels (e.g., the website or institutional notices). Continued use after changes may constitute acceptance. Please review the "Last updated" date at the top periodically.

11. Contact

For privacy questions or requests related to your personal data, contact your institution's administrator or the privacy contact your institution has designated. If your institution has not provided a channel, you may contact the ARCHD Attendance administrator through the contact channel shown on the Service website or application.