Last updated: April 2026
Privacy Policy
Your privacy matters. Here's how we collect, use, and protect your data.
SCHOLARIS PRIVACY POLICY
1. INTRODUCTION
At Scholaris ("we," "our," or "us"), we take your privacy seriously. This Privacy Policy explains how we collect, use, store, and protect information when you use the Scholaris mobile application and related services (collectively, the "Service").
Scholaris is a school management platform used by educational institutions ("Schools") to manage student records, staff information, academic data, attendance, and communications. This policy applies to all users of the Service, including School Owners, Administrators, Teachers, Parents, and Students.
2. INFORMATION WE COLLECT
2.1 Account Information
When you register for or are invited to use Scholaris, we collect:
- Full name
- Email address
- Phone number
- Password (stored in encrypted form, never in plain text)
- Role (Owner, Admin, Teacher, Parent)
- School affiliation and membership(s)
A single user account may be affiliated with more than one School, each with a different role. Your profile information is associated with every School you belong to.
2.2 School Data
Schools input and manage various types of data through the Service, including:
Student Records:
- Name, date of birth, gender, nationality
- Admission number and class assignment
- Guardian email address and phone number
- Home address, emergency contact, and next-of-kin details (name, relationship, phone number)
- Blood group, height, weight, and medical alerts (free-form health notes entered by the School)
- Academic performance and attendance records
- Fee balance and payment history
- Profile photograph (where provided)
Staff Records:
- Teacher and administrator name, email address, phone number, gender
- Religion and state of origin (as entered by the School)
- Class and subject assignments
- Attendance and punctuality records
- Lesson plans submitted for review
Academic and Operational Data:
- Class schedules, subject assignments, grades, and assessments
- Fee structures, payment records, and outstanding balances
- School bank account details (bank name, account name, account number, and account type) used for fee payment reconciliation
- School QR code used for attendance verification
Communication Records:
- Messages and notifications sent through the platform between School staff and parents
2.3 Data Collected Automatically
When you use the Service, we and our cloud infrastructure provider may collect limited technical data at the infrastructure level, including:
- Device type and operating system
- Network-level access logs (IP address, connection timestamps)
- App feature usage patterns used to improve the Service
We do not use third-party analytics SDKs or crash reporting services within the app. No behavioural tracking or advertising data is collected.
2.4 Data Stored Locally on Your Device
The app stores certain information in unencrypted local storage on your device, including your current role, active School context, and app preferences (such as language selection and display settings). No sensitive personal data beyond role and School context is stored locally.
3. SPECIAL CATEGORY DATA
Certain data we process is classified as sensitive or "special category" under applicable data protection laws:
- Health data: Student medical alerts, blood group, height, and weight constitute health data relating to minors. Schools are responsible for obtaining appropriate parental or guardian consent before entering this information.
- Religious beliefs and ethnic/regional origin: Teacher profiles may include religion and state of origin fields. This data is collected solely for the School's internal HR and administrative purposes and is processed only on the School's instruction.
We do not use special category data for any purpose beyond providing the Service to the School that collected it.
4. HOW WE USE YOUR INFORMATION
We use the information we collect to:
- Provide, operate, and maintain the Scholaris Service
- Authenticate users and control access to School data
- Enable Schools to manage student records, attendance, and academic data
- Facilitate communication between School staff and parents
- Track and report on fee payments and outstanding balances
- Generate reports and summaries for School administrators and owners
- Send notifications (attendance alerts, fee reminders, School announcements)
- Deliver invite and password-reset emails via our email delivery service
- Provide technical support and respond to inquiries
- Improve the Service and develop new features
- Comply with legal obligations and protect against fraud or unauthorised access
5. HOW WE SHARE YOUR INFORMATION
5.1 Within Your School
Data entered into Scholaris is accessible only within your School, according to each user's role:
- School Owners and Administrators can access all School data
- Teachers can access data for their assigned classes and students only
- Parents can access their own child's records only
Access is enforced at the infrastructure level, meaning users cannot access data outside their authorised scope.
5.2 Service Providers
We use the following third-party service providers to operate Scholaris:
- Cloud infrastructure provider: We use a secure cloud database and authentication service for data storage, user authentication, and backend processing. Your data is stored on their servers with appropriate security safeguards.
- Email delivery provider: We use a transactional email service to deliver invitation emails and password-reset emails on our behalf. This provider receives the recipient's email address and the content of those emails.
- Payment infrastructure: For Schools using integrated fee management, payment records are processed through the platform. No payment card data is collected or stored by Scholaris.
All service providers are contractually obligated to process your information only as necessary to deliver their services and are bound by confidentiality obligations.
5.3 Legal Requirements
We may disclose information if required by law or in response to valid requests from public authorities (such as court orders or regulatory bodies). We may also disclose information to protect our legal rights, investigate fraud, or respond to emergencies involving safety.
5.4 Business Transfers
If Scholaris is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your information.
6. DEVICE PERMISSIONS
Scholaris requests the following device permissions:
- Biometric authentication (Face ID, Touch ID, fingerprint): Used solely as an optional app lock feature. All biometric matching is performed locally by your device's operating system. No biometric data, templates, or identifiers are ever transmitted to or stored by Scholaris.
- Camera: Used to scan QR codes for student and staff attendance verification. Camera access is requested only when this feature is actively used.
- Internet and network access: Required for all core app functionality.
7. DATA STORAGE AND SECURITY
7.1 Where Your Data is Stored
School data is stored on secure cloud infrastructure. Data may be stored in specific geographic regions depending on the configuration of our infrastructure provider. We implement technical safeguards to ensure each School's data is logically isolated and accessible only to authorised users of that School.
7.2 Security Measures
We implement appropriate technical and organisational measures to protect your information:
- Encryption of data in transit (TLS/SSL) and at rest
- Role-based access controls ensuring each user can only access data appropriate to their permissions
- Secure authentication with password hashing and session management
- Access controls enforced at the database level
- Secure backup procedures
No internet-based service can guarantee absolute security. Schools should also implement internal measures such as strong password policies and prompt removal of access for departed staff.
8. DATA RETENTION AND DELETION
8.1 Retention Periods
We retain School data for as long as your School maintains an active Scholaris account and for a reasonable period thereafter to allow for data export. General retention guidelines include:
- Active student and staff records: Retained while the student is enrolled or the staff member is active, and as required by the School's own retention policies
- Graduated or withdrawn student records: Retained in accordance with applicable legal requirements and School policy
- Financial records: Retained as required by applicable tax and accounting laws
8.2 Deletion
When a School terminates its Scholaris subscription:
- We retain data for a grace period (typically 30-90 days) to facilitate export
- After this period, data is securely deleted from our systems
- Anonymised or aggregated data (containing no personal identifiers) may be retained for service improvement purposes
Individual users (such as Parents) cannot directly delete School data. Requests for deletion of personal data should be directed to your School administrator, who acts as the data controller for School-held data. If your School cannot address your request, you may contact us directly.
9. YOUR RIGHTS AND CHOICES
Depending on your location and applicable laws, you may have certain rights regarding your personal information:
9.1 For School Representatives (Owners, Admins, Teachers)
- Access, correct, or update information in your School's account
- Export School data in standard formats (CSV, JSON, PDF)
- Control what data is collected and how it is used within your School
9.2 For Parents
- Access your child's records as visible within the app
- Request correction of inaccurate data from your School administrator
- Request deletion of personal information (subject to legal retention requirements)
- Object to certain processing activities
To exercise these rights, contact your School administrator in the first instance. If your School is unable to address your request, contact us directly using the details in section 13.
10. USER CONSENT AND ACCOUNT SETUP
10.1 School Owners and Direct Registrants
By creating a Scholaris account and continuing to use the Service, you confirm that you have read and agree to this Privacy Policy and our Terms of Service.
10.2 Invited Users (Teachers, Admins, Parents)
When you are invited to Scholaris by a School, you will receive an invitation email. By completing your account setup, including setting your password and confirming your account, you acknowledge that you have read and agree to this Privacy Policy and our Terms of Service. Account setup constitutes your consent to the data practices described in this policy.
11. CHILDREN'S PRIVACY
Scholaris is a platform for Schools and is not directed at children for direct self-registration. Student records relating to minors are entered and managed by the School, not by the students themselves.
Schools are responsible for:
- Obtaining appropriate parental or guardian consent before entering any minor's personal information into the Service, including health data
- Complying with applicable child privacy laws (such as COPPA in the United States, GDPR provisions for children in the EU, or equivalent requirements under the NDPR in Nigeria)
We do not knowingly collect personal information directly from children under 13. If you believe we have inadvertently received such information without appropriate consent, please contact us to arrange for its deletion.
12. INTERNATIONAL DATA TRANSFERS
School data may be transferred to and processed in countries other than the country in which the School is located. These countries may have data protection laws that differ from your jurisdiction.
By using Scholaris, you consent to such transfers. We ensure appropriate safeguards are in place to protect your information during international transfers, including contractual protections with our service providers where required.
13. CONTACT US
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Email: support@scholarishq.com
WhatsApp: ++23 481 690 92228
For data subject requests (access, correction, deletion), include "Privacy Request" in the subject line and provide sufficient information to verify your identity and describe your request.
14. CHANGES TO THIS POLICY
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by posting the updated policy within the app and notifying School administrators by email. Your continued use of the Service after changes take effect constitutes acceptance of the revised policy.
15. SCHOOL RESPONSIBILITY AND DATA PROCESSING
As the entity that determines how personal data of your students and staff is processed through Scholaris, your School acts as a data controller (or equivalent under applicable law) for School data. Your responsibilities include:
- Obtaining necessary consents and providing required privacy notices to students, parents, and staff, including specific consent for any special category data such as health information or religious beliefs
- Ensuring data entered into Scholaris is accurate and lawfully obtained
- Responding to data subject requests from your school community
- Implementing appropriate internal security measures and access controls
- Complying with applicable education and data protection laws, including the Nigeria Data Protection Regulation (NDPR) and any sector-specific obligations
- Maintaining appropriate data retention and deletion schedules
We act as a data processor for School data, processing it only on your instructions and in accordance with this Privacy Policy. A formal Data Processing Agreement (DPA), which sets out the specific terms of our data processing relationship as required under applicable law, is available upon request. Please contact us at support@scholarishq.com to request a DPA. Your School's continued use of the Service constitutes agreement to the data processing terms described in this Privacy Policy.
16. SUPPLEMENTAL REGIONAL PROVISIONS
For California Residents (CCPA):
We do not "sell" personal information as defined by the California Consumer Privacy Act. We process personal information solely as a service provider to Schools.
For EU/UK Residents (GDPR):
Where GDPR applies, we process personal information based on legitimate interests, contract performance, legal obligations, and consent where appropriate. You have the right to lodge a complaint with your local data protection authority.
For Nigerian Residents (NDPR):
We comply with the Nigeria Data Protection Regulation 2023 and its implementing guidelines. We process personal data only with appropriate legal basis and have appointed a Data Protection Officer as required. Schools subject to the NDPR are encouraged to contact us to obtain a Data Processing Agreement.
By using Scholaris, you acknowledge that you have read and understood this Privacy Policy and agree to our collection, use, and sharing of your information as described herein.
1. INTRODUCTION
At Scholaris ("we," "our," or "us"), we take your privacy seriously. This Privacy Policy explains how we collect, use, store, and protect information when you use the Scholaris mobile application and related services (collectively, the "Service").
Scholaris is a school management platform used by educational institutions ("Schools") to manage student records, staff information, academic data, attendance, and communications. This policy applies to all users of the Service, including School Owners, Administrators, Teachers, Parents, and Students.
2. INFORMATION WE COLLECT
2.1 Account Information
When you register for or are invited to use Scholaris, we collect:
- Full name
- Email address
- Phone number
- Password (stored in encrypted form, never in plain text)
- Role (Owner, Admin, Teacher, Parent)
- School affiliation and membership(s)
A single user account may be affiliated with more than one School, each with a different role. Your profile information is associated with every School you belong to.
2.2 School Data
Schools input and manage various types of data through the Service, including:
Student Records:
- Name, date of birth, gender, nationality
- Admission number and class assignment
- Guardian email address and phone number
- Home address, emergency contact, and next-of-kin details (name, relationship, phone number)
- Blood group, height, weight, and medical alerts (free-form health notes entered by the School)
- Academic performance and attendance records
- Fee balance and payment history
- Profile photograph (where provided)
Staff Records:
- Teacher and administrator name, email address, phone number, gender
- Religion and state of origin (as entered by the School)
- Class and subject assignments
- Attendance and punctuality records
- Lesson plans submitted for review
Academic and Operational Data:
- Class schedules, subject assignments, grades, and assessments
- Fee structures, payment records, and outstanding balances
- School bank account details (bank name, account name, account number, and account type) used for fee payment reconciliation
- School QR code used for attendance verification
Communication Records:
- Messages and notifications sent through the platform between School staff and parents
2.3 Data Collected Automatically
When you use the Service, we and our cloud infrastructure provider may collect limited technical data at the infrastructure level, including:
- Device type and operating system
- Network-level access logs (IP address, connection timestamps)
- App feature usage patterns used to improve the Service
We do not use third-party analytics SDKs or crash reporting services within the app. No behavioural tracking or advertising data is collected.
2.4 Data Stored Locally on Your Device
The app stores certain information in unencrypted local storage on your device, including your current role, active School context, and app preferences (such as language selection and display settings). No sensitive personal data beyond role and School context is stored locally.
3. SPECIAL CATEGORY DATA
Certain data we process is classified as sensitive or "special category" under applicable data protection laws:
- Health data: Student medical alerts, blood group, height, and weight constitute health data relating to minors. Schools are responsible for obtaining appropriate parental or guardian consent before entering this information.
- Religious beliefs and ethnic/regional origin: Teacher profiles may include religion and state of origin fields. This data is collected solely for the School's internal HR and administrative purposes and is processed only on the School's instruction.
We do not use special category data for any purpose beyond providing the Service to the School that collected it.
4. HOW WE USE YOUR INFORMATION
We use the information we collect to:
- Provide, operate, and maintain the Scholaris Service
- Authenticate users and control access to School data
- Enable Schools to manage student records, attendance, and academic data
- Facilitate communication between School staff and parents
- Track and report on fee payments and outstanding balances
- Generate reports and summaries for School administrators and owners
- Send notifications (attendance alerts, fee reminders, School announcements)
- Deliver invite and password-reset emails via our email delivery service
- Provide technical support and respond to inquiries
- Improve the Service and develop new features
- Comply with legal obligations and protect against fraud or unauthorised access
5. HOW WE SHARE YOUR INFORMATION
5.1 Within Your School
Data entered into Scholaris is accessible only within your School, according to each user's role:
- School Owners and Administrators can access all School data
- Teachers can access data for their assigned classes and students only
- Parents can access their own child's records only
Access is enforced at the infrastructure level, meaning users cannot access data outside their authorised scope.
5.2 Service Providers
We use the following third-party service providers to operate Scholaris:
- Cloud infrastructure provider: We use a secure cloud database and authentication service for data storage, user authentication, and backend processing. Your data is stored on their servers with appropriate security safeguards.
- Email delivery provider: We use a transactional email service to deliver invitation emails and password-reset emails on our behalf. This provider receives the recipient's email address and the content of those emails.
- Payment infrastructure: For Schools using integrated fee management, payment records are processed through the platform. No payment card data is collected or stored by Scholaris.
All service providers are contractually obligated to process your information only as necessary to deliver their services and are bound by confidentiality obligations.
5.3 Legal Requirements
We may disclose information if required by law or in response to valid requests from public authorities (such as court orders or regulatory bodies). We may also disclose information to protect our legal rights, investigate fraud, or respond to emergencies involving safety.
5.4 Business Transfers
If Scholaris is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your information.
6. DEVICE PERMISSIONS
Scholaris requests the following device permissions:
- Biometric authentication (Face ID, Touch ID, fingerprint): Used solely as an optional app lock feature. All biometric matching is performed locally by your device's operating system. No biometric data, templates, or identifiers are ever transmitted to or stored by Scholaris.
- Camera: Used to scan QR codes for student and staff attendance verification. Camera access is requested only when this feature is actively used.
- Internet and network access: Required for all core app functionality.
7. DATA STORAGE AND SECURITY
7.1 Where Your Data is Stored
School data is stored on secure cloud infrastructure. Data may be stored in specific geographic regions depending on the configuration of our infrastructure provider. We implement technical safeguards to ensure each School's data is logically isolated and accessible only to authorised users of that School.
7.2 Security Measures
We implement appropriate technical and organisational measures to protect your information:
- Encryption of data in transit (TLS/SSL) and at rest
- Role-based access controls ensuring each user can only access data appropriate to their permissions
- Secure authentication with password hashing and session management
- Access controls enforced at the database level
- Secure backup procedures
No internet-based service can guarantee absolute security. Schools should also implement internal measures such as strong password policies and prompt removal of access for departed staff.
8. DATA RETENTION AND DELETION
8.1 Retention Periods
We retain School data for as long as your School maintains an active Scholaris account and for a reasonable period thereafter to allow for data export. General retention guidelines include:
- Active student and staff records: Retained while the student is enrolled or the staff member is active, and as required by the School's own retention policies
- Graduated or withdrawn student records: Retained in accordance with applicable legal requirements and School policy
- Financial records: Retained as required by applicable tax and accounting laws
8.2 Deletion
When a School terminates its Scholaris subscription:
- We retain data for a grace period (typically 30-90 days) to facilitate export
- After this period, data is securely deleted from our systems
- Anonymised or aggregated data (containing no personal identifiers) may be retained for service improvement purposes
Individual users (such as Parents) cannot directly delete School data. Requests for deletion of personal data should be directed to your School administrator, who acts as the data controller for School-held data. If your School cannot address your request, you may contact us directly.
9. YOUR RIGHTS AND CHOICES
Depending on your location and applicable laws, you may have certain rights regarding your personal information:
9.1 For School Representatives (Owners, Admins, Teachers)
- Access, correct, or update information in your School's account
- Export School data in standard formats (CSV, JSON, PDF)
- Control what data is collected and how it is used within your School
9.2 For Parents
- Access your child's records as visible within the app
- Request correction of inaccurate data from your School administrator
- Request deletion of personal information (subject to legal retention requirements)
- Object to certain processing activities
To exercise these rights, contact your School administrator in the first instance. If your School is unable to address your request, contact us directly using the details in section 13.
10. USER CONSENT AND ACCOUNT SETUP
10.1 School Owners and Direct Registrants
By creating a Scholaris account and continuing to use the Service, you confirm that you have read and agree to this Privacy Policy and our Terms of Service.
10.2 Invited Users (Teachers, Admins, Parents)
When you are invited to Scholaris by a School, you will receive an invitation email. By completing your account setup, including setting your password and confirming your account, you acknowledge that you have read and agree to this Privacy Policy and our Terms of Service. Account setup constitutes your consent to the data practices described in this policy.
11. CHILDREN'S PRIVACY
Scholaris is a platform for Schools and is not directed at children for direct self-registration. Student records relating to minors are entered and managed by the School, not by the students themselves.
Schools are responsible for:
- Obtaining appropriate parental or guardian consent before entering any minor's personal information into the Service, including health data
- Complying with applicable child privacy laws (such as COPPA in the United States, GDPR provisions for children in the EU, or equivalent requirements under the NDPR in Nigeria)
We do not knowingly collect personal information directly from children under 13. If you believe we have inadvertently received such information without appropriate consent, please contact us to arrange for its deletion.
12. INTERNATIONAL DATA TRANSFERS
School data may be transferred to and processed in countries other than the country in which the School is located. These countries may have data protection laws that differ from your jurisdiction.
By using Scholaris, you consent to such transfers. We ensure appropriate safeguards are in place to protect your information during international transfers, including contractual protections with our service providers where required.
13. CONTACT US
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Email: support@scholarishq.com
WhatsApp: ++23 481 690 92228
For data subject requests (access, correction, deletion), include "Privacy Request" in the subject line and provide sufficient information to verify your identity and describe your request.
14. CHANGES TO THIS POLICY
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by posting the updated policy within the app and notifying School administrators by email. Your continued use of the Service after changes take effect constitutes acceptance of the revised policy.
15. SCHOOL RESPONSIBILITY AND DATA PROCESSING
As the entity that determines how personal data of your students and staff is processed through Scholaris, your School acts as a data controller (or equivalent under applicable law) for School data. Your responsibilities include:
- Obtaining necessary consents and providing required privacy notices to students, parents, and staff, including specific consent for any special category data such as health information or religious beliefs
- Ensuring data entered into Scholaris is accurate and lawfully obtained
- Responding to data subject requests from your school community
- Implementing appropriate internal security measures and access controls
- Complying with applicable education and data protection laws, including the Nigeria Data Protection Regulation (NDPR) and any sector-specific obligations
- Maintaining appropriate data retention and deletion schedules
We act as a data processor for School data, processing it only on your instructions and in accordance with this Privacy Policy. A formal Data Processing Agreement (DPA), which sets out the specific terms of our data processing relationship as required under applicable law, is available upon request. Please contact us at support@scholarishq.com to request a DPA. Your School's continued use of the Service constitutes agreement to the data processing terms described in this Privacy Policy.
16. SUPPLEMENTAL REGIONAL PROVISIONS
For California Residents (CCPA):
We do not "sell" personal information as defined by the California Consumer Privacy Act. We process personal information solely as a service provider to Schools.
For EU/UK Residents (GDPR):
Where GDPR applies, we process personal information based on legitimate interests, contract performance, legal obligations, and consent where appropriate. You have the right to lodge a complaint with your local data protection authority.
For Nigerian Residents (NDPR):
We comply with the Nigeria Data Protection Regulation 2023 and its implementing guidelines. We process personal data only with appropriate legal basis and have appointed a Data Protection Officer as required. Schools subject to the NDPR are encouraged to contact us to obtain a Data Processing Agreement.
By using Scholaris, you acknowledge that you have read and understood this Privacy Policy and agree to our collection, use, and sharing of your information as described herein.