NEWv1.9.0 — Prometheus metrics, OpenTelemetry tracing & Swagger UI (107 endpoints) now live
NeoEduSuite
HomeFeaturesSolutionsPricingAboutContact
Log in
Legal

Privacy Policy

Last updated February 2026 · CyberShield Technologies Pvt. Ltd.

Your school owns its data. This policy explains exactly what we collect, why, and how it is protected — in plain language.

1.Introduction

This Privacy Policy explains how CyberShield Technologies Pvt. Ltd. collects, uses and protects information when your institution uses NeoEduSuite. It covers all data processed across the Admin, Instructor, Student and Parent portals.

2.Data We Collect

We process:
  • Student records — admission, academic, attendance and contact details.
  • Staff data — profiles, roles and payroll information where enabled.
  • Financial data — fee transactions, invoices and payment references.
  • Usage data — logs needed to operate and secure the service.

3.Aadhaar Data

Where collected, Aadhaar numbers are encrypted with AES-256 before being written to the database, in line with UIDAI guidelines. The encryption key is never stored alongside the data, and Aadhaar data is never transmitted to third parties.

4.Payment Data

Online payments are processed by Razorpay and other licensed gateways. We do not store card details — only the transaction ID, amount and status required for reconciliation and receipts.

5.How We Use Data

We use data solely to operate the product — running modules, sending notifications, generating reports and meeting compliance obligations. We do not sell data or use it for advertising.

6.Data Sharing

We share data only with processors needed to deliver the service:
  • Razorpay / PayU — payment processing.
  • MSG91 / TextLocal — SMS delivery.
  • Nexus-Auth — authentication.
  • AWS Mumbai — hosting (data stays in India).

7.DPDP Act 2023

In line with the Digital Personal Data Protection Act 2023, data principals have the right to access, correct and erase their personal data. Requests can be made to privacy@neoedusuite.in and are actioned within statutory timelines.

8.Data Retention

Active accounts retain data for as long as the service is used. On cancellation, a 30-day export window is provided, after which data is securely deleted unless retention is legally required.

9.Security

We protect data with TLS 1.3 in transit, AES-256 at rest, PostgreSQL Row-Level Security for tenant isolation, RS256 JWT authentication and full audit logging of every write operation.

10.Contact

For any privacy questions or to exercise your rights, contact privacy@neoedusuite.in.
Questions? Email us — we respond within 2 working hours.
Accent