Data Privacy & Protection

Enterprise-grade security and privacy practices to protect your child's educational data

COPPA Compliant
GDPR Compliant
FERPA Aligned
SOC 2 Type II
AES-256 Encryption

Our Data Protection Commitment

At Logifera, we believe that robust data privacy and security are fundamental to building trust with our users. We implement enterprise-grade security measures to protect your child's educational data throughout its entire lifecycle.

Privacy by Design

Data protection is integrated into every aspect of our platform development, from initial design through deployment and maintenance. We follow the principle of data minimization, collecting only what is necessary for educational purposes.

Core Privacy Principles

  • Transparency: Clear communication about how we collect, use, and protect data
  • Security: Multi-layered protection using industry-best practices
  • Control: You maintain ownership and control over your data
  • Compliance: Adherence to global privacy regulations and standards
  • Ethical Use: Data used solely for educational improvement

Data We Collect

We collect data necessary to provide personalized educational services while maintaining the highest privacy standards.

Educational Data

  • Assessment results and reading performance metrics
  • Exercise completion and progress tracking
  • Learning patterns and intervention responses
  • Handwriting samples (encrypted and anonymized for analysis)

Account Information

  • Parent/guardian contact information
  • Child's basic demographic information (age, grade level)
  • Account preferences and settings

Technical Data

  • Device information for compatibility
  • Usage patterns to improve user experience
  • System performance metrics

Data Minimization

We follow strict data minimization principles - we only collect information essential for providing our educational services and never require unnecessary personal details.

How We Use Data

Your data is used exclusively to enhance educational outcomes and improve our services.

1

Personalized Learning Encrypted

Adapt exercises and content based on individual learning patterns and progress

2

Progress Reporting Secure

Generate detailed progress reports and analytics for parents and educators

3

Service Improvement Anonymized

Use aggregated, anonymized data to enhance platform effectiveness and develop new features

4

Research & Development De-identified

Contribute to educational research using completely de-identified data sets

Data Sharing Limitations

We do not sell your personal data. Limited data sharing occurs only with:

  • Trusted service providers under strict data protection agreements
  • Educational institutions with explicit parental consent
  • Research partners using fully anonymized data sets

Data Security Measures

We employ multiple layers of security to protect your data from unauthorized access, alteration, or destruction.

Encryption Standards

  • Data in Transit: TLS 1.3 encryption for all data transfers
  • Data at Rest: AES-256 encryption for stored data
  • Database Encryption: Field-level encryption for sensitive information
  • Backup Encryption: All backups encrypted with multiple keys

Access Controls

  • Multi-factor authentication for administrative access
  • Role-based access controls with principle of least privilege
  • Regular access reviews and permission audits
  • Comprehensive activity logging and monitoring

Infrastructure Security

  • Enterprise-grade cloud infrastructure with SOC 2 compliance
  • Regular security assessments and penetration testing
  • Continuous vulnerability scanning and patch management
  • DDoS protection and web application firewalls

Data Retention & Deletion

We maintain data only as long as necessary for educational purposes and comply with data minimization principles.

Retention Periods

  • Active Accounts: Data retained while account is active
  • Inactive Accounts: Data anonymized after 24 months of inactivity
  • Assessment Data: Retained for educational progress tracking
  • Backup Data: Encrypted backups maintained for 90 days

Data Deletion

You can request data deletion at any time through your account settings or by contacting our privacy team. Deletion includes:

  • Immediate removal from active systems
  • Scheduled removal from backup systems
  • Confirmation of complete data eradication
  • Option to download data before deletion

Right to be Forgotten

We fully support your right to be forgotten. Upon account deletion request, we permanently remove all personal data from our systems within 30 days.

Your Data Rights

You maintain control over your data with comprehensive rights and access.

Access & Portability

  • View all personal data we store about you and your child
  • Download your data in standardized, machine-readable formats
  • Request data transfer to other educational services

Correction & Restriction

  • Correct inaccurate or incomplete information
  • Restrict processing of certain data categories
  • Object to specific data processing activities

Consent Management

  • Withdraw consent for data processing at any time
  • Modify communication preferences
  • Control data sharing with third parties

Children's Data Protection

We implement enhanced protections for children's data in compliance with COPPA and other regulations.

Parental Controls

  • Verifiable parental consent required for children under 13
  • Parental access to review and manage child's data
  • Ability to modify or delete child's information
  • Option to revoke consent and terminate account

Limited Data Collection

  • Collection limited to educational necessity
  • No behavioral advertising or profiling
  • Strict controls on data retention and usage
  • Enhanced security measures for sensitive data

Student Privacy Pledge

We are signatories to the Student Privacy Pledge, committing to safeguard student data and use it solely for educational purposes.

Regulatory Compliance

We maintain compliance with global data protection regulations and educational privacy standards.

Key Regulations

  • COPPA: Children's Online Privacy Protection Act compliance
  • GDPR: General Data Protection Regulation adherence
  • FERPA: Family Educational Rights and Privacy Act alignment
  • CCPA/CPRA: California Consumer Privacy Act compliance
  • SOC 2: Service Organization Control compliance

Compliance Framework

  • Regular privacy impact assessments
  • Data protection officer oversight
  • Employee privacy training programs
  • Third-party security audits
  • Incident response and breach notification procedures

Certifications & Audits

We undergo regular independent audits and maintain certifications including:

  • SOC 2 Type II certification for security and privacy
  • Annual penetration testing and security assessments
  • Privacy shield framework compliance (where applicable)
  • Regular compliance reviews with legal counsel

Security Infrastructure

Multi-layered protection for your educational data

Encryption

End-to-end encryption using industry-standard protocols to protect data in transit and at rest.

Access Control

Strict role-based access controls, multi-factor authentication, and comprehensive audit logging.

Network Security

Advanced firewalls, intrusion detection systems, and regular security monitoring.

Infrastructure

SOC 2 compliant cloud infrastructure with redundant systems and disaster recovery.

Your Data Rights

Complete control and transparency over your information

Right to Access

View all personal data we store about you and your child

Right to Portability

Download your data in standard formats for transfer

Right to Correction

Update or correct inaccurate information

Right to Deletion

Request complete removal of your data

Right to Restrict

Limit how we process your data

Right to Object

Object to specific data processing activities

Data Privacy FAQs

Common questions about our data protection practices

How is my child's assessment data protected?

All assessment data is encrypted both in transit (using TLS 1.3) and at rest (using AES-256 encryption). Access is strictly limited to authorized personnel through role-based controls, and all access is logged and monitored.

Can I download all the data you have about my child?

Yes, you can request a complete data export through your account settings. We provide data in standardized formats (JSON, CSV) that include all assessment results, progress data, and account information.

How long do you retain our data after we stop using the platform?

For inactive accounts, we begin data anonymization after 24 months of inactivity. You can request immediate account deletion at any time, which initiates complete data removal from all systems within 30 days.

Do you use our data for AI training or research?

We only use fully anonymized and aggregated data for research and AI model improvement. Individual data is never used in research without explicit additional consent, and we never sell or license personal data for these purposes.

What happens if there's a data breach?

We have comprehensive incident response procedures that include immediate investigation, regulatory notification where required, and individual notification to affected users. All data is encrypted, significantly reducing the impact of any potential breach.

Data Protection Questions?

Our dedicated privacy team is available to answer any questions about our data protection practices, help you exercise your rights, or address privacy concerns.

Contact Privacy Team