Your data is not a product.
Student records, fee data, and parent contacts are sensitive. Here's exactly how we protect them.
Per-Tenant Data Isolation
Each school's data lives in a completely separate database partition. A bug in school A cannot ever expose school B's data. This is enforced at the database level, not just in application code.
- Separate DB partitions per school
- No shared tables between tenants
- Verified by automated security tests
Field-Level Encryption
Sensitive fields (student CNIC, parent contact, medical records) are encrypted at the field level with AES-256. Even if someone accessed the raw database, they could not read these values.
- AES-256 field encryption
- Encryption keys rotated quarterly
- Encrypted at rest and in transit
Biometric Consent Controls
Face recognition is an optional module. It cannot be enabled without explicit written consent from parents. Biometric data is stored as mathematical vectors only, never raw photos.
- Opt-in only, off by default
- Parent consent form required
- Raw photos never stored
Data Retention & Right to Deletion
On account cancellation, you receive a full data export within 24 hours. All data is purged from our servers within 90 days. We do not sell data to third parties. Ever.
- Full export within 24h on cancellation
- Purged within 90 days
- No data selling, ever
Pakistan-Hosted Infrastructure
All data is stored on servers physically located in Pakistan. We do not use data centres outside Pakistan for primary storage. This keeps your school data under Pakistani jurisdiction.
- Servers physically located in Pakistan
- No primary data outside Pakistan
- 99.9% uptime SLA
Independent Security Review
We commission an annual penetration test from an independent security firm. The report summary is available to Pro plan customers on request.
- Annual pen test
- Report available on request (Pro plan)
- Findings tracked to closure
Questions about our security practices?
Our team is happy to walk you through our security model in detail.
Talk to our team