Privacy Policy

Introduction

At Revisall, we are committed to protecting your privacy and ensuring that your personal information is handled in a safe and responsible manner. This Privacy Policy outlines how we collect, use, store, and protect personal information, particularly focusing on the data of students aged 11 to 16, educators, and parents, in compliance with the EU General Data Protection Regulation (GDPR), the Student Online Personal Information Protection Act (SOPIPA), and the Protection of Personal Information Act (POPI Act) in South Africa.

1. Information We Collect

We collect the following types of personal information:

  • Personal Data: Information relating to an identifiable individual, such as names, email addresses, phone number, country, school Name, Class Name, and other contact details.
  • Educational Data: Information related to academic performance, study guides, and assessment results.
  • Technology Data:  information related to the device and browser accessing the platform such as IP address, Session token, Online status/presence, Basic usage data, Referrer information, User-Agent information

2. How We Use Your Information

We use personal data to:

  • Provide educational services and personalized study guides.
  • Enhance learning outcomes through adaptive learning techniques.
  • Improve our platform and user experience.
  • Communicate with parents or guardians to ensure they are involved in their children’s educational progress.

NOTE : We will never sell student data to anyone, including advertisers.

3. Legal Basis for Processing

Our processing of personal data is based on the following lawful bases:

  • Consent: We obtain explicit, informed consent from parents or guardians before collecting or processing any personal data of children under 16.
  • Legitimate Interest: We process personal data to improve educational outcomes, which is in the legitimate interest of both the data subject (students) and Revisall.
  • Legal Obligation: We process data in compliance with legal obligations under GDPR, SOPIPA, and POPI Act.

4. Parental Consent and Controls

  • Parental Involvement: We require parental or guardian consent before collecting any personal data from students under the age of 16. Parents can access, review, and manage their children’s personal data through their user accounts.
  • Transparency: Our privacy policies and consent forms are written in clear, simple language to ensure students, parents, and educators understand them.

5. Data Subject Rights

Students, their parents, and teachers have the following rights regarding their personal data:

  • Right to Access: The right to access and receive a copy of their personal data.
  • Right to Rectification: The right to correct any inaccurate or incomplete personal data.
  • Right to Erasure: The right to request the deletion of personal data, particularly when it is no longer necessary for the purposes it was collected.
  • Right to Object: The right to object to the processing of personal data, especially for marketing or profiling purposes.
  • Right to Data Portability: The right to receive personal data in a structured, commonly used, and machine-readable format.

6. Data Storage and Security

We take data security seriously and implement the following measures:

  • Encryption: All personal data is encrypted both in transit and at rest.
  • Access Controls: We limit access to personal data to authorized personnel only.
  • Data Breach Notification: In the event of a data breach, we will notify affected users and relevant authorities within 72 hours, as required by GDPR and POPI Act.
  • Data centers: We store your information on Micrsoft Azure Servers located in various data centers United States and South Africa. We use commercially reasonable safeguards to protect users information from unauthorized access, use, disclosure, alteration, or destruction.

7. Data Retention

  • Retention Policy: We retain personal data only as long as necessary for the purposes for which it was collected. Once data is no longer needed, it will be securely deleted.
  • Automatic Deletion: We implement processes for automatically deleting personal data after a specified period of inactivity or upon request by the data subject.

8. Third-Party Data Sharing

  • Third-Party Processors: We may share personal data with third-party service providers who help us deliver our services. These providers are contractually obligated to comply with data protection standards equivalent to GDPR, SOPIPA, and POPI Act.
  • Cross-Border Data Transfers: Any transfer of personal data outside the EU or South Africa will be done in compliance with applicable data protection laws, ensuring that the recipient country provides adequate protection.
  • In response to legal requests or to protect the rights and safety of others
  • As required by a School Agreement

9. Special Protections for Children

  • Profiling Restrictions: We do not profile children for marketing purposes without explicit consent from their parents or guardians.
  • Advertising Restrictions: We do not use personal data of students for targeted advertising.
  • Educational Use Only: Personal data collected from students is used solely for educational purposes, as required by SOPIPA, GDPR, and POPI Act.

10. Privacy by Design and Default

  • Data Protection Impact Assessments (DPIA): We conduct DPIAs for any processing activities that may pose a high risk to the rights and freedoms of our users, especially children.
  • Privacy by Default: We ensure that the highest privacy settings are enabled by default, and only data strictly necessary for the platform's functionality is collected.

11. Complaints and Remedies

  • Complaints Process: If you believe your data protection rights have been violated, you can lodge a complaint with our Data Protection Officer at info@revisall.com.
  • Appeals: Users can appeal decisions related to their data protection rights through the Information and Data Protection Appeals Tribunal or relevant data protection authorities.

12. Policy Updates

  • Regular Reviews: We regularly review and update this Privacy Policy to reflect changes in law, technology, or our data processing practices.
  • User Notification: We will notify users of significant changes to this policy and seek new consents if necessary.

Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact us at:

  • Email: info@revisall.com
  • Phone: +267 71 64 9999
  • Mailing Address: Plot 6343 Mokawe Close, Tshimotharo, Gaborone, Botswana