OningEdu
OningEdu

Privacy Policy

Last updated: 28 June 2026

This Privacy Policy describes how Oning Media Solutions Private Limited ("OningEdu", "we", "us", or "our") collects, uses, stores, and protects your personal information when you use our platform at oningedu.com and all associated sub-domains (aiprofessor.oningedu.com, aiteacher.oningedu.com, aitutor.oningedu.com, aimentor.oningedu.com).

1. Information We Collect

1.1 Account Information: When you register, we collect your name, email address, phone number, role (student, teacher, parent, admin), and institutional affiliation.

1.2 Student Information: For students, we may collect class level, section, board (CBSE/ICSE/State Board), batch information, and academic data such as concept mastery scores, learning streaks, and worksheet performance.

1.3 Usage Data: We collect data about how you interact with the platform — messages sent to AI, voice chat duration, textbook queries, worksheets attempted, login times, and feature usage.

1.4 AI Conversation Data: All conversations between students and AI (text and voice) are logged for quality assurance, safety monitoring, and educational improvement. For K-12 students, conversations are monitored through our safety filter system.

1.5 Device Information: We collect device type, browser type, IP address, and general location (city/state level) for security and analytics purposes.

1.6 Payment Information: If applicable, payment details are processed through our third-party payment gateway (Razorpay). We do not store credit card numbers or bank account details on our servers.

2. How We Use Your Information

2.1 To provide and personalise the learning experience — AI responses, concept mastery tracking, adaptive worksheets, and personalised recommendations.

2.2 To ensure student safety — monitoring conversations for inappropriate content, blocking harmful interactions, and maintaining a safe learning environment especially for K-12 students.

2.3 To generate academic reports — for students, parents, teachers, and institutional administrators.

2.4 To communicate with you — service updates, feature announcements, and educational content.

2.5 To improve our platform — analysing usage patterns, AI response quality, and feature engagement to build a better product.

2.6 To comply with legal obligations — responding to legal requests, preventing fraud, and maintaining platform security.

3. Data Sharing

3.1 With Your Institution: If you are a student, teacher, or parent associated with an institution on our platform, your usage data and academic progress may be visible to your institution's administrators as part of their admin dashboard.

3.2 With Parents: For K-12 students, parents with linked accounts can view their child's usage data, learning progress, and safety reports through the parent dashboard.

3.3 With AI Providers: Your messages are sent to AI service providers (currently OpenAI and Sarvam AI) for processing. These providers process the data according to their own privacy policies and data processing agreements. We do NOT send your real name or personally identifiable information to AI providers — only the message content and educational context.

3.4 We do NOT sell your personal data to any third party. We do NOT use your data for advertising. We do NOT share student data with any entity outside your institution's ecosystem.

4. Data Storage & Security

4.1 Your data is stored on Supabase infrastructure with servers located in Mumbai, India (ap-south-1 region).

4.2 All data is encrypted in transit (TLS 1.2+) and at rest (AES-256).

4.3 Access to student data is controlled through Row Level Security (RLS) policies — students can only see their own data, teachers can see their class data, parents can see their child's data, and admins can see their institution's data.

4.4 We implement regular security audits, access logging, and anomaly detection to protect your data.

5. Children's Privacy (K-12 Students)

5.1 We take children's privacy extremely seriously. For students under 18 years of age:

  • All AI conversations are monitored through our safety filter
  • Inappropriate content is automatically blocked and logged
  • Parents have full visibility into their child's platform activity
  • We collect only the minimum data necessary for educational purposes
  • We do not display targeted advertisements to any user, especially minors
  • Institutions can configure safety strictness levels (Low/Medium/High/Maximum)

5.2 Parental consent: For students under 18, account creation is managed by their institution. Parents can request access to their child's data at any time.

6. Your Rights

6.1 Access: You can request a copy of all personal data we hold about you.

6.2 Correction: You can update your personal information through your profile settings or by contacting us.

6.3 Deletion: You can request deletion of your account and all associated data. We will process deletion requests within 30 days, subject to legal retention requirements.

6.4 Data Portability: You can request your data in a machine-readable format (JSON/CSV).

6.5 Opt-out: You can opt out of non-essential communications at any time.

7. Data Retention

7.1 Account data is retained for as long as your account is active.

7.2 AI conversation logs are retained for a period configured by your institution (default: 12 months), after which they are automatically deleted.

7.3 Academic records (mastery scores, streaks, worksheet results) are retained for the duration of the student's enrolment.

7.4 After account deletion, we retain anonymised, aggregated data for analytics purposes only.

8. Cookies

8.1 We use essential cookies for authentication and session management.

8.2 We use analytics cookies (privacy-friendly, no third-party trackers) to understand platform usage.

8.3 We do NOT use advertising cookies or tracking pixels.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of significant changes via email and in-app notification. Continued use of the platform after changes constitutes acceptance.

10. Compliance

This policy is designed to comply with:

  • Information Technology Act, 2000 (India)
  • Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011
  • Digital Personal Data Protection Act, 2023 (DPDPA) — India
  • Children's Online Privacy Protection guidelines as applicable in India

11. Contact Us

For privacy-related queries, data access requests, or complaints:

Privacy Officer
Oning Media Solutions Private Limited
Email: privacy@oningedu.com
Phone: [placeholder]
Address: [placeholder]

12. Grievance Officer

In accordance with the Information Technology Act, 2000 and rules made thereunder:

Name: [Placeholder — Grievance Officer Name]
Email: grievance@oningedu.com
Phone: [placeholder]

Grievances will be addressed within 15 working days of receipt.