Privacy & Data Protection

Privacy Policy

Your privacy and the security of student data are fundamental to our mission. Learn how we protect, collect, and use information in our oSlate educational platform.

Table of Contents

Privacy Overview

Onyeg Private Limited ("we," "us," or "our") is committed to protecting the privacy and security of all users of our educational technology platforms, including oSlate and WeEvaluate. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our services.

Key Principles:

  • Student Privacy First: We prioritize the protection of student educational records and personal information above all else.
  • Purpose-Limited Use: Student data is used solely for educational purposes and improving learning outcomes.
  • Transparency: We provide clear information about our data practices and obtain appropriate consent.
  • Security by Design: We implement robust security measures to protect all data in our systems.

Information We Collect

Student Information

  • Handwriting Samples: Digital captures of handwritten work submitted through our oSlate platform for evaluation and analysis
  • Assessment Data: Test scores, performance metrics, learning progress, and 360-degree evaluation results
  • Student Identifiers: Student ID numbers, grade levels, class assignments (no personally identifiable information unless required by school)
  • Usage Data: Time spent on assessments, interaction patterns, device usage statistics
  • Device Information: E-ink tablet specifications, stylus pressure data, writing speed, and technical performance metrics

Educator & Administrator Information

  • Account Information: Name, email address, job title, school affiliation
  • Authentication Data: Login credentials, access permissions, role assignments
  • Professional Information: Teaching credentials, subject areas, class rosters

Technical Information

  • System Logs: Application usage, error reports, performance monitoring
  • Device Data: Operating system, browser type, IP address (anonymized), screen resolution
  • Cookies & Analytics: Essential cookies for functionality, anonymized usage analytics

Student Data Protection (FERPA & COPPA Compliance)

Educational Records Protection

We treat all student data as educational records under the Family Educational Rights and Privacy Act (FERPA). Student handwriting samples, assessment results, and performance analytics are considered protected educational information and are handled with the highest level of security and confidentiality.

Data Minimization

  • • We collect only data necessary for educational purposes
  • • Student names are not required for core functionality
  • • Handwriting analysis focuses on academic improvement
  • • Biometric data is never collected or stored

Parental Rights

  • • Parents can request access to their child's data
  • • Right to request data correction or deletion
  • • Opt-out options for specific data processing
  • • Clear consent processes for schools

Age-Appropriate Data Handling

For students under 13 years of age, we comply with the Children's Online Privacy Protection Act (COPPA):

  • Schools act as agents for parents in consenting to data collection
  • No behavioral advertising or profiling of young students
  • Enhanced security measures for accounts with young users
  • Data retention limited to educational necessity

How We Use Your Data

Primary Educational Uses

360-Degree Student Evaluation

Comprehensive assessment of handwriting quality, cognitive skills, learning progress, and academic performance patterns

Personalized Learning Insights

AI-powered analysis to identify learning strengths, areas for improvement, and personalized recommendations

Real-Time Monitoring

Live tracking of student engagement, progress monitoring, and immediate feedback delivery

Handwriting Analysis

Detailed evaluation of letter formation, spacing, legibility, and motor skills development

Platform Operations & Improvement

  • Service Delivery: Providing core oSlate functionality, user authentication, and system maintenance
  • Performance Analytics: Monitoring system performance, identifying usage patterns, and optimizing platform efficiency
  • Security & Compliance: Detecting unauthorized access, preventing fraud, and maintaining regulatory compliance
  • Product Enhancement: Improving AI algorithms, developing new features, and refining user experience (using aggregated, anonymized data only)

We Never Use Student Data For:

  • Commercial advertising or marketing to students
  • Selling or monetizing student information to third parties
  • Creating behavioral profiles for non-educational purposes
  • Political activities or social media monitoring
  • Law enforcement purposes without proper legal authorization

Data Sharing & Disclosure

Our Data Sharing Promise

We do not sell, rent, or trade student personal information. Student data is shared only in limited circumstances that directly support educational goals or comply with legal requirements.

Permitted Sharing

  • • With your school's authorized personnel
  • • With parents/guardians (for their child's data)
  • • With educational service providers under contract
  • • For safety emergencies or child protection
  • • When required by valid legal process
  • • With your explicit consent

Never Shared With

  • • Advertisers or marketing companies
  • • Social media platforms
  • • Data brokers or analytics firms
  • • Non-educational third parties
  • • Government agencies (without legal process)
  • • Other educational institutions without consent

Service Providers & Subprocessors

We may engage trusted service providers to help deliver our educational services. These providers are contractually bound to:

  • Use student data only for authorized educational purposes
  • Implement equivalent security and privacy protections
  • Delete data when services are no longer needed
  • Prohibit further disclosure without authorization

AI & Machine Learning Processing

Responsible AI for Education

Our AI systems are designed specifically for educational benefit and are trained to provide accurate, unbiased assessments that support student learning and development.

AI Applications in oSlate

  • • Handwriting quality analysis and scoring
  • • Learning pattern recognition and insights
  • • Personalized feedback generation
  • • Cognitive skill assessment and tracking
  • • Predictive analytics for learning outcomes
  • • Automated remedial content suggestions

AI Privacy Safeguards

  • • Models trained on anonymized datasets only
  • • No facial recognition or biometric processing
  • • Bias testing and fairness monitoring
  • • Human oversight of automated decisions
  • • Transparent algorithmic decision-making
  • • Regular model auditing and validation

Data Processing for AI Training

When we use student data to improve our AI models, we follow strict privacy-preserving practices:

Anonymization: All personally identifiable information is removed before AI training
Aggregation: Individual data points are combined with others to prevent identification
Retention Limits: Training data is deleted after model development is complete
Consent: Schools provide explicit consent for AI training use of their data

Data Security Measures

Enterprise-Grade Security

We implement multiple layers of security controls to protect student data, following industry best practices and educational technology security standards.

Infrastructure Security

  • • Encrypted data storage (AES-256)
  • • Secure cloud hosting with SOC 2 compliance
  • • Network firewalls and intrusion detection
  • • Regular security vulnerability assessments
  • • Automated backup and disaster recovery

Access Controls

  • • Multi-factor authentication (MFA)
  • • Role-based access permissions
  • • Session timeout and activity monitoring
  • • Employee background checks
  • • Principle of least privilege access

Monitoring & Response

  • • 24/7 security monitoring and alerts
  • • Incident response procedures
  • • Regular security audits and penetration testing
  • • Data breach notification protocols
  • • Continuous security training for staff

Data Transmission Security

All data transmitted between your devices and our servers is protected using industry-standard encryption:

  • TLS 1.3 encryption for all web traffic
  • SSL certificates with extended validation
  • Secure API endpoints for mobile applications
  • Certificate pinning for mobile apps

Your Privacy Rights

Empowering Data Control

We believe you should have control over your data. Whether you're a student, parent, or educator, you have important rights regarding the information we collect and process.

Right to Access

Request a copy of the personal data we hold about you or your child, including assessment results and usage analytics.

Right to Rectification

Request correction of inaccurate or incomplete personal information in our systems.

Right to Erasure

Request deletion of personal data when it's no longer needed for educational purposes (subject to legal retention requirements).

Right to Restrict Processing

Limit how we process your data while we address concerns about accuracy or lawfulness.

Right to Data Portability

Receive your data in a machine-readable format to transfer to another educational service provider.

Right to Object

Opt out of certain types of data processing, including automated decision-making and profiling.

How to Exercise Your Rights

To exercise any of these rights, please contact us using the information provided in the "Contact Us" section. We will respond to your request within 30 days and may require verification of your identity to protect personal information.

Email: privacy@onyeg.com Phone: +91 9962851386

Legal Compliance & Regulations

FERPA Compliance (US)

  • • Student educational records protection
  • • Parental access and consent rights
  • • Directory information handling
  • • Annual notification requirements
  • • Audit trail maintenance

COPPA Compliance (US)

  • • Children under 13 protection
  • • School consent mechanisms
  • • Limited data collection
  • • No behavioral advertising
  • • Safe deletion procedures

GDPR Compliance (EU)

  • • Lawful basis for processing
  • • Data subject rights
  • • Privacy by design principles
  • • Breach notification procedures
  • • International data transfers

Indian Privacy Laws

  • • Digital Personal Data Protection Act
  • • IT Rules compliance
  • • Local data storage requirements
  • • Consent and notice provisions
  • • Government data localization

Data Retention Policies

We retain personal data only as long as necessary to fulfill educational purposes and comply with legal obligations:

Active Student Data: Retained while the student is enrolled and using oSlate services
Historical Records: Anonymized assessment data may be retained for research and platform improvement
Account Deletion: Personal data deleted within 90 days of account closure request
Legal Requirements: Some data retained longer when required by law or regulation

Contact Us

Privacy Questions & Concerns

If you have any questions about this Privacy Policy, our data practices, or wish to exercise your privacy rights, please don't hesitate to contact us. We're committed to addressing your concerns promptly and transparently.

Privacy Officer

privacy@onyeg.com
contact@onyeg.com
+91 9962851386

Company Details

Onyeg Private Limited
Opp Veeranaryana Takies
Velpur Road, Venkatrayapuram
Tanuku, Andhra Pradesh 534215
India
Business Hours:
Monday - Friday: 9:00 AM - 6:00 PM IST
24/7 Emergency Support Available

Our Response Commitments

24 Hours
Initial Response to Privacy Inquiries
30 Days
Complete Response to Data Rights Requests
72 Hours
Data Breach Notification (if applicable)

Policy Updates & Changes

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes:

  • We will notify schools and users via email for material changes
  • We will update the "Last Updated" date at the top of this policy
  • Previous versions will be archived and available upon request
  • Continued use of our services constitutes acceptance of the updated policy

Additional Information

Data Export & Portability

Students and schools can request their data in machine-readable formats for transfer to other educational platforms.

  • • Assessment results in CSV/JSON format
  • • Handwriting samples in standard image formats
  • • Progress reports and analytics data
  • • User account information and preferences

Third-Party Integrations

oSlate integrates with approved educational technology partners under strict data protection agreements.

  • • Learning Management Systems (LMS)
  • • School Information Systems (SIS)
  • • Assessment and evaluation platforms
  • • Cloud storage providers (encrypted)

International Data Transfers

While our primary data centers are located in India, we may transfer data internationally for processing and support services. All international transfers are protected by:

Standard Contractual Clauses (SCCs) for EU data transfers
End-to-end encryption during transit and at rest
Adequacy decisions and approved transfer mechanisms
Regular audits of international processing partners

Questions About Our Privacy Practices?

Our privacy team is here to help. Contact us for any questions about data protection, student privacy, or our compliance programs.

Email Privacy Team Contact Support
FERPA Compliant COPPA Compliant GDPR Ready SOC 2 Type II