top of page
  • web icons (2)
  • web icons (4)
  • web icons
  • web icons (1)

Privacy Policy

Introduction

MentorMe Foundation (MMF) is a not-for-profit company that empowers children from low-income families through education services. The Apprentice Project (TAP) is an initiative under MMF enabling leadership skills in under-privileged children. MMF is committed to providing educational technology solutions and resources while respecting the privacy of our users.

 

Purpose

The Apprentice Project (TAP) ("we" or "us") is dedicated to protecting the privacy of children who use our educational technology platform ("Platform"). This Student Privacy Policy ("Policy") outlines how we collect, use, and disclose information about students who use the Platform. We are committed to complying with all applicable data privacy regulations, including, Digital Personal Data Protection Act, 2023, The Information Technology Act, 2000 (and amendments)] regarding children's data and student education records (FERPA - Family Educational Rights and Privacy Act). We are committed to safeguarding children's personal data in accordance with these laws, ensuring the highest standards of privacy and data protection.

 

Information We Collect

We collect the following information from students who use the Platform, ensuring compliance with Digital Personal Data Protection Act, 2023 and FERPA:

  • Basic Information: This may include a student's name (with verifiable parental consent) and a unique identifier (not personally identifiable).

  • Student Data: Any information relating to an identified or identifiable student enrolled in MentorMe's and/or The Apprentice Project’s educational programs. This may include, but is not limited to, names, grades, school information, learning progress, and demographic data.

  • Data Subject: The individual student whose personal data is being processed.

  • Data Processing: Any operation performed on student data, including collection, storage, analysis, and sharing.

  • Activity Data: This may include information about a student's progress, such as completed lessons, scores, and time spent on activities. This data is anonymized and does not directly identify the student.

  • Device Information: This may include information about the device a student uses to access the Platform, such as the device type and operating system. This information is used for technical purposes only.

 

  • We will adhere to the principle of data minimization by collecting only the data that is strictly necessary for educational purposes. No unnecessary personal data will be collected, and data will be processed in a manner that is adequate, relevant, and limited to what is necessary.

  • Student data will be processed solely for the purposes for which it was collected. Any new or additional purpose for processing the data will require fresh consent from the parent or guardian.

 

How We Use Information

We use the information we collect from students for the following purposes, all in compliance with FERPA and Digital Personal Data Protection Act, 2023 and IT Act, 2000 :

  • To provide and improve the Platform, including personalizing the learning experience for each student, but without revealing personally identifiable information.

  • To assess student progress and provide indirect feedback (e.g., overall class performance or progress reports without student names).

  • To communicate with parents or guardians about their child's progress (with verifiable parental consent). This communication will not include personally identifiable information from other students.

  • To comply with legal requirements, including reporting to educational institutions as authorized by a parent or guardian.

 

We will never:

  • Sell or share student information with third-party advertisers.

  • Use student information for any marketing purposes.

 

Parental Consent

  • We obtain verifiable parental consent before collecting or using any personal information from students. This may involve a written consent form, a monitored online process, or another method that provides a documented record of parental permission.

  • We require verifiable parental consent before collecting or processing any personal data from students. Consent will be obtained through secure methods such as multi-factor authentication, online consent forms, or physical signed consent forms, ensuring that all data handling is compliant with legal requirements.

  • Consent obtained for the processing of student data must be free, specific, informed, and unambiguous. We will ensure that all consent forms clearly explain what data is being collected, the purpose of the data collection, and how the data will be used. Consent must be obtained without any pressure or misleading information.

 

Transparency and Communication

We are committed to transparency in our data collection practices. Parents and guardians will be regularly informed about how their child's data is collected, used, and protected. All relevant privacy information will be accessible on our website, with clear instructions on how to exercise their rights under this policy

 

Parents or guardians have the right to:

  • Access their child's information.

  • Request the correction or deletion of their child's information, following FERPA guidelines.

  • Withdraw their consent for us to collect or use their child's information.

 

Data Security

We take appropriate security measures to protect student information from unauthorized access, disclosure, alteration, or destruction. This includes following industry best practices for data encryption and storage. However, no website or internet transmission is completely secure.

 

Procedures for Handling and Disclosing Student Information

  • We will only disclose student education records to authorized personnel who have a legitimate educational interest provided parental consent is present.

  • We will maintain a record of all requests for access to or disclosure of student education records.

  • We will not disclose student education records for marketing purposes, without parental consent.

  • We will comply with all FERPA requirements regarding data retention and disposal.

 

Right to Withdraw Consent:

  • Parents and guardians have the right to withdraw consent at any time. Upon withdrawal of consent, we will cease further processing of the student's data and ensure the secure deletion of any data already collected, in compliance with legal retention requirements.TAP will ensure these rights are respected and facilitated upon a written request mailed to privacy@theapprenticeproject.org

 

Data Breach Notification

In the event of a data breach, we will promptly notify affected parents or guardians, detailing the nature of the breach, the data involved, and the steps being taken to mitigate any potential harm. We will also provide guidance on how parents can protect their child’s data moving forward.

 

Data Breach Notification Procedure

In the event of a data breach that compromises the personal information of students, we will take the following actions:

  1. Immediate Assessment: Upon discovering a potential data breach, we will immediately assess the scope and impact of the breach to understand which data has been compromised.

  2. Containment and Mitigation: We will take all necessary steps to contain the breach and mitigate any further risks. This includes securing our systems, preventing further unauthorized access, and safeguarding data.

  3. Notification of Affected Parties: We will notify the affected parents or guardians as soon as possible, providing them with detailed information about the breach, including:

    • The nature of the breach.

    • The data that was compromised.

    • The steps we are taking to address the situation.

    • Recommendations for the affected parties on how they can protect their child's information moving forward.

  4. Reporting to Authorities: If required, we will report the breach to relevant data protection authorities in compliance with applicable laws and regulations.

  5. Review and Remediation: Following the breach, we will conduct a thorough review of our security measures and take corrective actions to prevent future breaches. This may include updating our security practices and improving our incident response plan.

 

Grievance Redressal Mechanism:

  • We have established a grievance redressal mechanism to address any concerns or complaints related to the processing of student data. Parents and guardians can contact our Data Protection Officer (DPO) directly to report any issues, and we will respond within a specified time frame."

 

Changes to this Policy

We may update this Policy from time to time. We will notify parents or guardians of any changes by posting the updated Policy on our website and consent will be taken each time the policy is revised.

 

Policy Updates and Parental Notification

We may update this Policy periodically to reflect changes in our practices, legal requirements, or for other operational, legal, or regulatory reasons. Any significant updates will be clearly communicated to parents or guardians. We will notify you of these changes by posting the revised Policy on our website, along with a summary of the key modifications. Additionally, we will seek

 

renewed consent from parents or guardians whenever substantial revisions are made to the Policy, ensuring that your child’s data is handled in accordance with your preferences.

 

Additional Notes:

  • Student data is stored securely and only accessible by authorized personnel with a legitimate educational interest.

  • Parents or guardians can access or request deletion of their child's data through a documented process outlined on our website or by contacting us directly.

  • The Platform does not collect any sensitive information from students (e.g., race, religion, health data) unless explicitly required for specific learning programs and with verifiable parental consent.

  • Sensitive data, including information related to health, biometric data, or other protected categories, will only be collected with explicit parental consent and will be handled with the highest level of security. Such data will be used strictly for the purposes for which it was collected and will not be shared with third parties unless legally required.

  • Student data will be retained only for as long as necessary to fulfill the educational purposes for which it was collected. Upon completion of these purposes or upon request, personal data will be securely deleted in accordance with the retention schedules outlined by Indian data protection laws with respect to children.

 

By adhering to this Student Privacy Policy, MentorMe Foundation demonstrates its commitment to protecting the privacy and well-being of children who use its edtech platform. This fosters trust with parents and guardians while ensuring a safe, secure, and FERPA-compliant learning environment for all students.

 

SIGNED for and on behalf of the Organization

by

Prashant Kumar

Chief Administrative Officer (CAO) & Co-Founder

bottom of page