Legal

Privacy policy

Effective date: 20 May 2026 · Last updated: 20 May 2026

Draft notice: This page is intended as an outline you can refine with legal counsel before production use. If you have institution-specific wording, data-processing agreements, or regional requirements, send them—this document should be tailored accordingly.

1. Who we are

This policy describes how Scandence (“we,” “our,” or “us”) handles personal information when you visit our marketing website, interact with demos or contact forms, or use hosted Scandence services provided to your institution (“Services”). Your organization may operate as an independent controller for certain student and staff data—we process some information on behalf of institutions under their instructions.

2. Information we collect

  • Account & profile data: identifiers issued or approved by your institution (such as usernames or email addresses), role, faculty or student identifiers, and similar fields needed to authenticate and authorize use of the Services.
  • Operational & usage data: activity timestamps, attendance and academic records submitted in the product, device/application diagnostics, approximate location derived from networks where relevant to security, and similar metadata needed to run and secure the Services.
  • Communication data: messages you send to us (support, contact forms, procurement), including your contact details you include in those communications.
  • Technical data: IP address, browser and device type, language preferences, cookie or similar IDs where used, as described below.

3. How we use information

Depending on context, we use information to:

  • Provide, maintain, personalize, and improve the Services
  • Authenticate users and enforce institution policies where configured
  • Detect, investigate, and help prevent misuse, fraud, and security incidents
  • Respond to lawful requests from institutions or authorities where required
  • Analyze aggregated or de-identified metrics to guide product reliability and roadmap
  • Communicate administrative notices, onboarding, and substantive responses to inquiries you initiate

4. Legal bases

Where GDPR or comparable laws apply, we rely on appropriate bases—such as performance of a contract with your institution, legitimate interests (for example securing our platform, provided those interests are not overridden by your rights), and consent where we ask for it clearly (for optional marketing analytics on the public site).

5. Sharing and subprocessors

We share information with service providers who process it on our instructions (hosting, observability, transactional email). We may disclose information if required by law or to protect the rights and safety of users or the Services. Institutional administrators may export or interconnect data pursuant to agreements and product settings.

6. Security & retention

We maintain administrative, technical, and organizational measures designed to protect information. Retention depends on contractual requirements, backups, auditing, legal obligations, and product functionality; your institution may impose additional deletion or archiving rules where supported.

7. Cookies and similar technologies

Our marketing site may use strictly necessary cookies and, if you configure analytics identifiers, measurement cookies or similar to understand traffic patterns. Hosted applications rely on authentication tokens or session storage as typical for SaaS dashboards.

8. Children’s privacy

Scandence is generally contracted by educational institutions serving their learners and staff. Institutional accounts should not be provisioned contrary to regional child-protection requirements. Parents or guardians with questions should contact their school or campus administrator first.

9. International transfers

If data moves across borders, we use appropriate safeguards (such as standard contractual clauses) where legally required. Details belong in institutional agreements and DPIAs.

10. Your rights

Depending on jurisdiction, individuals may request access, correction, deletion, restriction, export, or objection relating to certain processing. Institutions often serve as primary contact—reach your campus privacy office or administrator where applicable; you may also contact us directly and we will route or fulfill requests consistent with contracts and applicable law.

11. Updates

When we materially change how we collect or use personal information, we post an updated effective date here and may provide additional notices as required by law or contracts.

12. Contact

For privacy inquiries: info@scandence.com.

Also see our Terms & Conditions for rules governing access to hosted Services.