Mahsua Technology - Detailed Privacy Policy
Effective Date: October 5, 2025
Last Updated: October 5, 2025
1. Our Commitment and Scope
Mahsua Technology (referred to as "Mahsua," "we," "us," or "our"), a core division of Mahsua India, is committed to our vision of making technology simple, affordable, and accessible while upholding the highest standards of data protection.
This Privacy Policy governs the manner in which we collect, use, maintain, and disclose information collected from clients (schools, businesses, etc.) and end-users (students, parents, and employees) through our digital services, including the Mahsua Result Portal, custom applications, websites, and digital consulting services (collectively, the "Service").
By using any part of our Service, you confirm your understanding and agreement to the terms outlined in this policy.
2. Roles in Data Processing
Understanding the roles is critical, particularly for the Mahsua Result Portal, which handles sensitive educational data:
- Data Controller (Our Client): This is the client organization (e.g., the school or business) that owns the data and decides why and how personal information is processed. They are the first point of contact for all data rights requests.
- Data Processor (Mahsua Technology): We act strictly on behalf of and under the instructions of the Data Controller. Our role is limited to providing the secure platform and tools to process, store, and display the data as directed by the client. We do not use the data for any purpose outside of our client agreement.
3. Information We Collect and Sources
A. Client/Organization Administrative Data
This information is collected directly from the client to establish and manage the service contract.
- Source: Direct communication, registration forms, and contract documents.
- Data Collected: Organization legal name, physical and billing addresses, contact numbers, official email addresses, GST/tax information, and the names/credentials of authorized administrative personnel.
B. End-User (Student/Employee) Sensitive Data
This information is provided to us by the Data Controller (the client) for processing through the Mahsua Result Portal or other custom apps.
- Source: Provided directly by the client organization (school/business) via secure channels.
- Data Collected:
- Personal Identifiers: Full name, date of birth, unique registration/enrollment ID, employee ID, and class/grade.
- Academic/Performance Records: Subject-wise grades, marks, internal assessment results, attendance records, promotion/status history, and related metadata necessary for official documentation.
- Contact Information: Parent/Guardian names, contact numbers, and emails provided by the client for official notifications related to the service.
C. Technical & Usage Data
This information is automatically collected when users interact with our website or applications to ensure system stability and optimize service delivery.
- Source: Automated server logs and tracking mechanisms.
- Data Collected: Internet Protocol (IP) address, browser type and version, device identification, operating system, referrer URLs, pages of our Service visited, the time and date of the visit, and time spent on those pages.
- Cookies: We use cookies to improve user experience, maintain login sessions, and analyze traffic. You can choose to disable cookies via your browser settings, though this may impact certain features of the Service.
4. How We Utilize the Collected Information
We use the data strictly to execute our contractual obligations, maintain security, and enhance the quality of our Service, in line with our "simple technology" commitment.
| Category of Data Use | Purpose |
|---|---|
| Service Delivery & Operation | To securely host, process, and present academic or performance results via the Mahsua Result Portal, ensuring instant and accurate digital delivery as per client instructions. |
| Account & Billing Management | To issue invoices, manage client subscriptions, process payments, and maintain the legal and financial validity of our contracts. |
| System Integrity & Security | To diagnose and resolve technical problems, monitor the system for vulnerabilities, prevent unauthorized access, and protect against malicious activities and fraud. |
| Service Improvement & Analysis | To perform non-personally-identifiable internal research and usage analysis to optimize the functionality, speed, and user interface of our technology solutions. |
| Essential Communication | To send essential administrative messages, technical support information, and security alerts to the authorized client contacts. |
5. Data Security Measures
Mahsua Technology is committed to protecting your data. In line with industry best practices, we implement robust security practices:
- Data Minimization: We only process the data strictly necessary to provide the Service.
- Encryption at Rest and in Transit: All sensitive data is stored using advanced encryption and transmitted over secure protocols (HTTPS/SSL) to prevent interception.
- Access Controls: We enforce the principle of least privilege, meaning access to Personal Data is limited strictly to Mahsua employees who require it to perform their job duties (e.g., technical support and deployment).
- Data Segregation: Client data is logically separated within our systems to ensure data from one client cannot be accessed by another.
However, no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to protect your Personal Data, we cannot guarantee its absolute security.
6. User Responsibility for Data Protection
ATTENTION USERS AND CLIENTS:
While Mahsua Technology takes comprehensive measures to secure the platform and the data entrusted to us, **data security is a shared responsibility.**
Mahsua Technology will not be responsible or held liable for the loss or unauthorized disclosure of any Personal Data resulting from a user's or client's decision to willingly share their login credentials, passwords, enrollment details, or any other authentication information with family members, friends, or any unauthorized third party.
Users are strictly responsible for maintaining the confidentiality of their access credentials and for all activities that occur under their account. Sharing this information compromises the security measures we have put in place and voids our responsibility for any subsequent data leakage or misuse.
7. Disclosure of Information
We do not sell, trade, or rent Personal Data to third parties. We disclose information only as necessary and under strict confidentiality agreements:
- To the Data Controller: All end-user data (student, employee, etc.) is fully accessible to the client organization (the school or business) that provided it.
- To Sub-processors (Vendors): We may use trusted third-party service providers (e.g., cloud hosting, database management) to assist us in operating our Service. These third parties are contractually bound to process data only on our instructions and to maintain confidentiality and security standards equal to or greater than our own.
- Legal Compliance: When required by law, subpoena, or government request to cooperate with legal proceedings or to protect our rights or the safety of others.
8. Data Retention and Your Rights
A. Data Retention
We will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy and as strictly required by the client agreement with the respective organization. Upon termination of a client contract, we adhere to the client’s instructions regarding the secure deletion or return of their data.
B. Exercising Your Rights
To exercise your right to access, rectify, erase, or object to the processing of your Personal Data (especially academic results), you must first directly contact the Data Controller (the school or organization) that provided us with your data. We will fully cooperate with the client to fulfill any verified requests within the legal timelines.
9. Changes to This Privacy Policy
We reserve the right to update this Privacy Policy at any time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date at the top. We encourage you to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.
10. Contact Us
If you have any questions, comments, or concerns regarding this Privacy Policy or our practices, please contact us:
- Email: [Your Professional Mahsua Technology Email Address, e.g., privacy@mahsuatech.com]
- Address: [Mahsua Technology / Mahsua India Business Address]
- Phone: [Your Business Phone Number]