EduMaster
Privacy Policy
Last updated: April 7, 2026 ยท Effective immediately
1. Introduction
EduMaster ("the Platform") is a school ERP solution operated by ReachOnPeak ("we", "us", "our"). This Privacy Policy explains how we collect, use, store, and protect information when you use EduMaster.
By using EduMaster, you agree to the terms described in this Privacy Policy.
2. Information We Collect
2.1 School Information
- School name, address, city, state, PIN code
- CBSE affiliation number, UDISE code
- School logo, branding preferences
- Contact email, phone number
2.2 User Information
- Name, email address
- Role (Admin, Teacher, Student, Staff)
- Phone number
- Authentication credentials (encrypted)
2.3 Student Data
- Name, class, section, roll number
- Parent/guardian name and contact details
- Admission details and academic records
- Attendance records
- Fee payment records
- Exam marks and report cards
2.4 Payment Information
- Fee payment records (amounts, dates, methods)
- Razorpay transaction IDs
- Subscription billing history
3. How We Use Your Information
- To provide and maintain the EduMaster platform
- To manage school operations (admissions, attendance, fees, exams)
- To facilitate communication between school, teachers, and parents
- To process subscription payments via Razorpay
- To generate reports and analytics for school administrators
- To improve our platform and fix issues
- To send important service notifications
4. Data Isolation & Multi-Tenancy
๐ Complete School Data Isolation: EduMaster uses a strict multi-tenant architecture. Each school's data is stored in isolated collections under schools/{schoolId}/. This means:
- School A cannot access School B's data โ ever
- Teachers and students can only see data from their own school
- Firestore security rules enforce this isolation at the database level
- Even ReachOnPeak platform admins access school data only for support purposes
5. Third-Party Services
EduMaster uses the following third-party services:
- Google Firebase โ Authentication, database (Firestore), hosting. Firebase Privacy
- Razorpay โ Payment processing for school fees and platform subscriptions. Razorpay Privacy
- Jitsi Meet โ Live video classes. Jitsi Security
- Google Maps โ School location display. Google Privacy
6. Data Storage & Security
- All data is stored in Google Firebase (Cloud Firestore) with encryption at rest and in transit
- User passwords are hashed by Firebase Authentication โ we never store plain-text passwords
- Database access is controlled by Firestore Security Rules requiring authentication
- HTTPS is enforced for all connections
- Regular security audits are performed on access rules
7. Data Retention
We retain school data as long as the school's subscription is active. Upon account termination:
- School administrators can export all data before deletion
- Data is retained for 30 days after account closure for recovery purposes
- After 30 days, all school data is permanently deleted
8. Your Rights
As a user of EduMaster, you have the right to:
- Access โ Request a copy of your school's data (via Export in Settings)
- Correction โ Update incorrect information through the platform
- Deletion โ Request deletion of your school account and all associated data
- Portability โ Export your data in JSON format
9. Children's Privacy
EduMaster handles student data, which may include minors. We do not knowingly collect personal information from children without school/parent consent. Schools are responsible for obtaining necessary parental consent for student data stored in the platform.
10. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Continued use of EduMaster after changes constitutes acceptance of the new policy.
11. Contact Us
ReachOnPeak
Email: support@reachonpeak.com
Website: reachonpeak.com
For data-related requests, please email us with subject line: "EduMaster Data Request โ [School Name]"