top of page

PRIVACY POLICY

​

We value the trust you place in us and recognize the importance of secure transactions and information privacy. This Privacy Policy (“Policy”) describes how AV. Meiyappan Matriculation Higher Secondary School, operating its official website, parent/student portals, mobile applications, and digital platforms (together, the “Platform”), collects, uses, shares, and safeguards your personal information.

By visiting or using the Platform, you agree to be bound by this Policy, the Terms & Conditions, and applicable laws of India, including the Information Technology Act, 2000, the Digital Personal Data Protection Act, 2023, and the rules made thereunder. If you do not agree, please discontinue use of the Platform.

  1. For the purposes of this Privacy Policy:

    1. “Personal Data” shall have the meaning assigned to it under the Digital Personal Data Protection Act, 2023;

    2. “Data Principal” means the individual to whom the Personal Data relates and, in the case of a child, includes the parent or lawful guardian;

    3. “Processing” shall include collection, storage, use, disclosure, retention, or deletion of Personal Data; and

    4. “Platform” shall mean the School’s website, parent/student portals, mobile applications, and digital systems.

  2. Collection of Your Information

    1. When you use our Platform, we may collect, store, and process certain information provided by you, generated through your activity on the Platform, or lawfully obtained from third parties. In general, you may browse the Platform without revealing your identity. However, once you provide Personal Data, you will no longer remain anonymous to us. Wherever applicable, we will indicate which fields are mandatory and which are optional. You always retain the choice not to provide information; however, certain features, services, or facilities may not be available without it.

    2. By providing your Personal Data on the Platform, you expressly consent to the collection, use, storage, sharing, and processing of your Personal Data in accordance with this Privacy Policy and the provisions of the Digital Personal Data Protection Act, 2023 and other applicable laws.

    3. Consent shall be free, specific, informed, unconditional, and unambiguous, signified by a clear affirmative action. You may withdraw your consent at any time by contacting us at the details provided below. Withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal, but may limit or restrict your ability to access certain services or facilities of the School.

    4. Notwithstanding anything contained herein, the School may process Personal Data without separate consent where such processing is necessary for the performance of its educational, statutory, safety, or legal obligations, or for purposes recognised as “legitimate uses” under the Digital Personal Data Protection Act, 2023.

    5. We collect and process information relating to student admissions, academic records, attendance, health and emergency information, fee payments, participation in curricular and extracurricular activities, and other school-related services. Such data is processed solely for educational, administrative, safety, and statutory compliance purposes.

    6. Information You Provide Directly

      1. Account and Registration Data. When you seek admission, enroll a student, register on our parent/student portal, or otherwise interact with the School, we may collect details such as your name, email address, phone number, residential address, and payment details (credit/debit card, UPI, or other permitted instruments).

      2. Content You Share. If you upload or submit content such as assignments, academic submissions, feedback, communications, forms, or other school-related materials, or interact via our official communication channels, we will collect the information you provide.

      3. Communications. Any correspondence sent to us (emails, letters, circular responses, or support requests) or received from third parties about your activities may be stored in your user or student record.

      4. Program Enrollment Data. If you enroll in academic programs, extracurricular activities, events, or initiatives conducted by the School or in collaboration with third-party educational partners, we may collect additional details such as name, date of birth, gender, address, and other relevant academic or administrative information.

    7. Information Collected Automatically

      1. We may automatically track and collect information relating to your usage, including:

      2. Platform usage patterns and interactions with our educational services.

      3. Device and application data, such as performance metrics, error logs, browser type, operating system, and IP address.

      4. Navigation data, such as the URL you came from, the URL you next visit, and your browsing patterns on the Platform.

      5. Usage data from our digital systems and platforms, including performance and operational data.

      6. Such data may be compiled and analyzed on an aggregated basis to improve our Platform, ensure system security, and better understand usage trends.

    8. Information from Third Parties. Where you access our services through third-party educational platforms or service providers, we may receive your information from such entities. In such cases, your data will also be subject to the third party’s privacy practices. We are not responsible for the privacy policies of such third parties.

  3. Use of Your Information. We use the information collected from you, or about you, strictly for legitimate, lawful, and purpose-limited activities connected with the functioning of the School, including the following:

    1. To Provide and Improve Services

      1. To deliver, administer, and manage the School’s educational, academic, and administrative operations, including admissions, enrollment, attendance management, assessments, examinations, academic records, and student progression.

      2. To process school fee payments, refunds (if any), and related financial transactions, and to maintain accurate accounting, audit, and statutory financial records in accordance with applicable laws.

      3. To enable and manage student participation in curricular, co-curricular, extracurricular, cultural, sports, training, and other school-organised programs, activities, events, and initiatives.

      4. To personalize educational support, academic resources, and learning-related services where appropriate, based on grade level, curriculum requirements, or student-specific needs, without engaging in automated profiling having legal or significant effects.

      5. To conduct internal reviews, audits, analytics, and performance assessments aimed at improving the functionality, reliability, security, and effectiveness of the School’s digital platforms, systems, and institutional services.

    2. To Communicate with You

      1. To respond to enquiries, grievances, feedback, complaints, or requests submitted by students, parents, guardians, staff, or other users of the Platform.

      2. To issue essential school-related communications, including academic updates, circulars, notices, timetable changes, examination schedules, emergency alerts, safety notifications, policy updates, and administrative instructions.

    3. To Ensure Security, Compliance, and Legal Obligations

      1. To verify identity, eligibility, or authority of parents, guardians, students, or staff where required for admissions, access to systems, safety protocols, or compliance purposes.

      2. To detect, prevent, investigate, and address unauthorized access, misuse, security incidents, data breaches, or violations of the School’s policies, platform rules, or acceptable use standards.

      3. To comply with applicable laws, rules, regulations, directions, and requirements issued by educational boards, governmental authorities, statutory bodies, or courts, including record-keeping and reporting obligations.

      4. To protect the safety, security, and property of students, parents, staff, visitors, and the general public, including for emergency response, health and safety management, and incident prevention.

    4. For Institutional and Research Purposes

      1. To analyse usage trends, engagement patterns, and operational data in an aggregated or anonymised manner for institutional planning, quality enhancement, and policy formulation.

      2. To develop, improve, and enhance educational infrastructure, facilities, academic delivery methods, digital systems, and student support services, without compromising individual privacy rights.

    5. Monitoring. The School may monitor access to and usage of the Platform and related digital systems solely to ensure appropriate, lawful, and policy-compliant use, maintain system integrity, and prevent misuse, abuse, or violations of applicable law or School policies.

    6. Fresh Consent. The School shall process Personal Data only for the purposes specified at the time of collection. Where there is any material change in the purpose of processing, such change shall be communicated in advance, and fresh consent shall be obtained from the Data Principal or lawful guardian, where required under applicable law.

  4. Cookies and Tracking Technologies. The School uses cookies and similar tracking technologies on the Platform to facilitate secure access, ensure reliable operation of digital systems, improve functionality, and enhance user experience. Such technologies are used strictly for institutional, administrative, and security purposes and not for commercial advertising or behavioural profiling.

    1. Cookies. Cookies are small text files placed on a user’s device by the Platform to enable core functionality, recognise devices, store user preferences, and understand interactions with the Platform.

    2. Types of Cookies We Use

      1. Essential Cookies. Essential cookies are necessary for the operation of the Platform, including user authentication, session management, system security, and access to restricted areas of the Platform.

      2. Performance and Analytics Cookies. Performance and analytics cookies are used to collect aggregated and anonymised information regarding Platform usage, system performance, and error reporting, which assists the School in improving reliability, functionality, and user experience.

      3. Preference Cookies. Preference cookies enable the Platform to remember user settings, such as language preferences or display options, to provide a consistent and customised experience across sessions.

    3. Use of Tracking Technologies. In addition to cookies, the School may use similar tracking technologies, such as web beacons or device identifiers, solely to recognise returning users, monitor traffic patterns, maintain system integrity, detect unauthorised activity, and support security and operational monitoring.

    4. Managing Your Choices. Users may manage, restrict, or disable cookies through their browser or device settings. However, disabling certain cookies may affect the availability, functionality, or performance of the Platform, including access to secure or personalised features.

  5. Sharing of Personal Information. The School does not sell, lease, or rent Personal Data to any third party and limits disclosure of such data strictly to lawful and purpose-based sharing as set out below.

    1. Internal Access. Personal Data may be accessed and used internally by authorised teachers, administrative staff, management, or other personnel of the School solely on a need-to-know basis and only for legitimate educational, administrative, safety, or statutory purposes.

    2. Service Providers and Third Parties. The School may share Personal Data with carefully selected third-party service providers who assist in the operation and administration of the School’s services and digital systems, including:

      1. Payment service providers engaged for processing school fees, refunds (if any), and related financial transactions.

      2. Technology, cloud hosting, enterprise resource planning (ERP), learning management systems, and analytics providers engaged for hosting, data storage, system administration, performance monitoring, and technical support.

      3. Communication service providers engaged for the delivery of official communications, including SMS, email notifications, alerts, and circulars.

    3. Data Processor Obligations. All third-party service providers engaged by the School shall act solely on documented instructions of the School and shall be contractually bound to implement appropriate technical and organisational safeguards to protect Personal Data, in compliance with applicable data protection and information security laws.

    4. Legal and Regulatory Disclosures. Personal Data may be disclosed to governmental authorities, regulatory bodies, law enforcement agencies, courts, or other public authorities where such disclosure is required under applicable law, regulation, court order, or governmental direction.

    5. Business or Institutional Transfers. In the event of any restructuring, reorganisation, change in management, merger, or transfer of control of the School or its operations, Personal Data may be transferred to the relevant entity, subject to continued confidentiality obligations and compliance with applicable data protection laws.

    6. Sharing With Consent. In circumstances not covered above, Personal Data may be shared with third parties only where explicit and informed consent has been obtained from the Data Principal or lawful guardian, as applicable.

  6. Security Precautions. The School is committed to safeguarding Personal Data and implements reasonable security practices and procedures to protect such data against unauthorised access, disclosure, alteration, loss, misuse, or destruction. While the School endeavours to maintain appropriate safeguards, no method of transmission over the internet or method of electronic storage is completely secure.

    1. Technical and Organisational Measures. The School adopts appropriate technical and organisational security measures, which may include:

      1. Use of secure servers, firewalls, and access-controlled systems to restrict unauthorised access to Personal Data.

      2. Implementation of encryption, pseudonymisation, or similar protective measures for Personal Data in transit and, where appropriate, at rest.

      3. Role-based and need-to-know access controls to ensure that Personal Data is accessible only to authorised personnel for legitimate educational or administrative purposes.

      4. Regular system monitoring, logging, and review mechanisms to identify potential security vulnerabilities, misuse, or unauthorised activity.

      5. Periodic assessment of security practices, including updates to technical safeguards and internal procedures, to address evolving risks and technological developments.

    2. Administrative and Staff Controls

      1. Limiting access to Personal Data to trained staff, teachers, and authorised service providers who are bound by confidentiality and data protection obligations.

      2. Providing reasonable awareness and guidance to staff regarding data protection, acceptable use of systems, and handling of student and parent information.

    3. User Responsibility. While the School implements reasonable safeguards, users are responsible for maintaining the confidentiality of their login credentials, restricting unauthorised access to their devices, and promptly notifying the School of any suspected compromise or misuse of their accounts.

    4. No Absolute Security. Notwithstanding the security measures adopted, the School does not guarantee absolute security of Personal Data. Users acknowledge that transmission of information over the internet and electronic storage involves inherent risks, and the School shall not be responsible for security breaches beyond its reasonable control.

    5. In the event of a personal data breach, the School shall take reasonable steps to mitigate harm and shall notify affected Data Principals and the Data Protection Board of India, where such notification is required under the Digital Personal Data Protection Act, 2023.

  7. Data Retention. The School retains Personal Data only for such period as is reasonably necessary to fulfil the purposes for which it was collected, including educational, administrative, legal, safety, and statutory obligations, and thereafter only to the extent required or permitted under applicable law.

    1. Student and Administrative Records. Student records, academic data, attendance records, assessment and examination records, disciplinary records (if any), and other administrative information may be retained for such periods as are prescribed or permitted under applicable education laws, board regulations, governmental directions, and institutional policies.

    2. Legal, Regulatory, and Statutory Retention. Personal Data may be retained where necessary to comply with legal or regulatory obligations, respond to lawful requests from governmental authorities or courts, establish or defend legal claims, or comply with applicable limitation periods under law.

    3. Account Deletion Requests. Where a Data Principal or lawful guardian requests deletion of Personal Data or closure of an account or access to the Platform, such request shall be processed subject to the School’s statutory, regulatory, and educational record-keeping obligations. Personal Data that is required to be retained under applicable law or regulations shall not be deleted until such retention requirements are satisfied.

    4. Determination of Retention Periods. Retention periods for different categories of Personal Data shall be determined in accordance with applicable education laws, board regulations, statutory requirements, limitation periods, and legitimate institutional needs. Upon expiry of the applicable retention period, Personal Data shall be securely deleted, anonymised, or otherwise rendered inaccessible, unless further retention is required under law.

  8. Your Rights. The School respects the rights of Data Principals in relation to their Personal Data and provides mechanisms to exercise such rights, subject to applicable law and reasonable verification requirements.

    1. Right to Access. You may request confirmation as to whether the School processes your Personal Data and seek access to such data, along with information regarding the nature of processing, subject to applicable legal limitations.

    2. Right to Correction and Updating. You may request correction, completion, or updating of inaccurate, incomplete, or outdated Personal Data held by the School, where such correction is necessary for lawful and accurate record-keeping.

    3. Right to Withdrawal of Consent. You may withdraw consent for processing of Personal Data where processing is based on consent. Such withdrawal shall not affect the lawfulness of processing prior to withdrawal and may restrict the School’s ability to provide certain educational or administrative services.

    4. Right to Deletion. You may request deletion of Personal Data that is no longer necessary for the purpose for which it was collected, subject to retention obligations under applicable law, educational regulations, or statutory requirements.

    5. Right to Grievance Redressal. You may raise complaints or grievances relating to the processing of Personal Data with the School’s Grievance Officer in accordance with the procedure set out under this Policy.

    6. Limitation of Rights. Exercise of the above rights may be restricted where such restriction is necessary to comply with legal obligations, protect the rights of other individuals, maintain academic integrity, or fulfil statutory or regulatory requirements.

  9. Children’s Privacy. The School primarily caters to children and minors and recognises the heightened responsibility involved in processing children’s Personal Data.

    1. Parental or Guardian Consent. Personal Data of students shall be collected and processed only with the consent of parents or lawful guardians, or in accordance with applicable law, and solely for educational, administrative, safety, and statutory purposes.

    2. Purpose Limitation. Children’s Personal Data shall not be processed for purposes unrelated to education, student welfare, safety, or legal compliance, nor shall it be used for commercial advertising or profiling.

    3. Reasonable Safeguards. The School shall implement reasonable safeguards, taking into account the best interests of the child, to prevent misuse, unauthorised access, or disclosure of children’s Personal Data.

    4. Parental Rights. Parents or lawful guardians may exercise rights of access, correction, withdrawal of consent, or deletion on behalf of their children, subject to applicable law and the School’s retention obligations.

    5. Best Interests of the Child. All processing of children’s Personal Data shall be undertaken in a manner consistent with the best interests of the child, and the School shall avoid any processing that is likely to cause harm, profiling, or discrimination.

  10. International Data Transfers. 

    1. Personal Data collected by the School is primarily stored and processed within India. However, in limited circumstances, Personal Data may be stored or processed outside India, including on cloud-based systems or servers operated by third-party service providers, only where such transfer is permitted under applicable law. 

    2. Such cross-border transfers shall be undertaken with appropriate technical, contractual, and organisational safeguards to ensure continued protection of Personal Data and in compliance with the Digital Personal Data Protection Act, 2023 and any restrictions or conditions notified by the Government of India.

  11. Grievance Redressal. The School is committed to addressing concerns relating to the processing of Personal Data in a timely and transparent manner.

    1. Grievance Officer. In accordance with the Information Technology Act, 2000, the rules made thereunder, and the Digital Personal Data Protection Act, 2023, the School has appointed a Grievance Officer to address complaints, queries, and requests relating to this Privacy Policy and the processing of Personal Data.

      1. Name: Usha Varadharajan

      2. Email: avmschool@avm.in

      3. Address: 155, 5th Street, AVM Colony, Virugambakkam, Chennai 600 092.

    2. Resolution Timeline. Complaints or grievances raised by a Data Principal or lawful guardian shall be acknowledged within forty-eight (48) hours of receipt and resolved within thirty (30) days, or such shorter period as may be prescribed under applicable law.

    3. Escalation. If the Data Principal is not satisfied with the resolution provided by the School, they may escalate the grievance to the Data Protection Board of India in accordance with the provisions of the Digital Personal Data Protection Act, 2023.

  12. Legal Framework and Compliance. This Privacy Policy is governed by and shall be interpreted in accordance with the laws of India.

    1. Applicable Laws. Without limitation to the foregoing, this Policy has been framed in compliance with, and shall be subject to, the provisions of:

      1. The Digital Personal Data Protection Act, 2023, including rules, regulations, and directions issued thereunder;

      2. The Information Technology Act, 2000, and the rules framed thereunder;

      3. The Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, to the extent applicable;

      4. Applicable circulars, guidelines, notifications, and directions issued by educational boards, governmental authorities, and statutory bodies relating to data protection, child safety, and educational administration.

    2. Jurisdiction. Subject to applicable law, the courts at Chennai, Tamil Nadu, shall have exclusive jurisdiction in respect of any dispute arising out of or in connection with this Privacy Policy.

  13. Limitation of Liability

    1. To the maximum extent permitted under applicable law, the School, its management, trustees, directors, employees, teachers, staff, and authorised representatives shall not be liable for any indirect, incidental, consequential, special, exemplary, or punitive damages, including but not limited to loss of data, loss of reputation, loss of academic opportunity, loss of profits, business interruption, or any other intangible losses, arising out of or in connection with the use of, inability to use, or reliance on the Platform or the services provided by the School, even if the School has been advised of the possibility of such damages.

    2. Notwithstanding anything contained herein, the aggregate liability of the School for any and all claims, demands, actions, or proceedings arising out of or relating to this Privacy Policy or the processing of Personal Data shall, to the extent permitted by law, be limited to the total fees actually paid to the School by or on behalf of the student for the relevant academic period immediately preceding the event giving rise to such claim.

    3. Nothing in this clause shall limit or exclude liability where such limitation or exclusion is not permitted under applicable law.

  14. Policy Updates

    1. The School reserves the right to revise, amend, or update this Privacy Policy from time to time to reflect changes in legal requirements, institutional practices, operational needs, or technological developments.

    2. Any material changes to this Privacy Policy shall be communicated through the Platform or by other reasonable means, as may be required under applicable law. The date of the most recent update shall be indicated at the beginning of this Policy.

    3. Your continued access to or use of the Platform after the effective date of any updated Privacy Policy shall constitute your acknowledgment and acceptance of such changes. If you do not agree with the revised Policy, you should discontinue use of the Platform and may exercise your rights in accordance with this Policy and applicable law.

This Privacy Policy constitutes the complete and binding statement of the School’s practices with respect to the collection, use, processing, storage, and protection of Personal Data in relation to the Platform. By continuing to access or use the Platform, or by engaging with the School’s educational or administrative services, you acknowledge that you have read, understood, and agreed to be bound by the terms of this Privacy Policy, subject to applicable law.

bottom of page