Privacy Policy

Last updated: 28 February 2026

Adaptmate, operated by Hyggex Digital Services Private Limited ("Company", "we", "our", "us"), is committed to protecting the privacy and security of all users, including students, teachers, school administrators, and parents. This Privacy Policy describes how we collect, use, store, disclose, and protect personal data when you use the Adaptmate platform ("Service").

By using our Service, you agree to the collection and use of information as described in this policy. If you do not agree, please do not use the Service.

1. Information We Collect

1.1 Information Provided by Schools & Institutions

  • Student names, class, section, roll numbers
  • Teacher and administrator names, designations, and contact details
  • Academic performance data (assessment scores, learning progress)
  • Curriculum and syllabus mapping data

1.2 Information Collected Automatically

  • Device information (browser type, operating system, screen resolution)
  • Usage data (pages viewed, features accessed, session duration)
  • IP address and approximate location (city-level)
  • Cookies and similar tracking technologies

1.3 Information We Do Not Collect

  • Biometric data (fingerprints, facial recognition)
  • Financial information of students or parents
  • Social media credentials or browsing history outside the platform
  • Sensitive personal data as defined under DPDPA 2023 without explicit consent

2. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the Adaptmate platform
  • Generate learning analytics, gap diagnostics, and AI-powered recommendations
  • Personalise lesson plans, homework, and adaptive learning paths
  • Communicate important updates, alerts, and product improvements
  • Ensure platform security, prevent fraud, and enforce our terms
  • Comply with legal and regulatory obligations

3. Legal Basis for Processing (GDPR & DPDPA)

PurposeLegal Basis
Service deliveryContract performance
Analytics & AI recommendationsLegitimate interest
Marketing communicationsConsent
Legal complianceLegal obligation
Student data processingInstitutional consent + parental consent for minors

4. Data Sharing & Disclosure

We do not sell, rent, or trade personal data to any third party. We may share data with:

  • Schools & Institutions: Aggregated and individual student analytics as authorised by the institution
  • Service Providers: Cloud hosting (secured, SOC 2 compliant), analytics platforms used strictly for platform improvement
  • Legal Authorities: When required by law, court order, or government directive under applicable Indian or international law

5. Data Storage & Retention

  • Data is stored on secured cloud infrastructure with encryption at rest and in transit (AES-256, TLS 1.2+)
  • Student academic data is retained for the duration of the school's subscription plus 1 year for continuity
  • Upon contract termination, all identifiable data is deleted within 90 days unless legally required to retain it
  • Anonymised, aggregated data may be retained for research and improvement purposes

6. Data Security

We implement industry-standard security measures including:

  • End-to-end encryption for data in transit
  • AES-256 encryption for data at rest
  • Role-based access control (RBAC)
  • Regular penetration testing and vulnerability assessments
  • Multi-factor authentication for administrative access
  • Automated monitoring and anomaly detection

7. Children's Privacy

Adaptmate processes children's data exclusively through authorised school institutions. We comply with the Protection of Children from Sexual Offences Act (POCSO), 2012, the Right to Education Act, 2009, the Children's Online Privacy Protection Act (COPPA), and GDPR provisions for children's data.

We do not collect data from children directly. All data is provided by the school with appropriate institutional and parental consent. See our Child Safety Policy for full details.

8. Your Rights

Under DPDPA 2023 (India)

  • Right to access personal data
  • Right to correction and erasure
  • Right to nominate (in case of death or incapacity)
  • Right to grievance redressal

Under GDPR (EU/EEA)

  • Right to access, rectification, and erasure
  • Right to data portability
  • Right to restrict processing
  • Right to object to automated decision-making

Under CCPA (California)

  • Right to know what data is collected
  • Right to delete personal information
  • Right to opt-out of data sale (we do not sell data)

9. Cookies

We use essential cookies for authentication and session management. Analytics cookies are used only with consent. You may disable non-essential cookies through your browser settings.

10. International Data Transfers

Data may be processed in jurisdictions outside India. In such cases, we ensure adequate safeguards through Standard Contractual Clauses (SCCs) or equivalent mechanisms compliant with DPDPA and GDPR requirements.

11. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated via email or platform notification at least 30 days before taking effect.

12. Contact Us

For privacy-related queries, data subject requests, or complaints:

  • Data Protection Officer: privacy@adaptmate.com
  • Grievance Officer (DPDPA): grievance@adaptmate.com
  • Registered Office: Hyggex Digital Services Pvt Ltd, India

© 2026 Adaptmate by Hyggex Digital Services Pvt Ltd. All rights reserved.