ALTIN ERP is operated by ALTIN Digital Systems (“ALTIN”, “we”, “us”). This policy explains how we handle personal data when schools use ALTIN ERP. We take this seriously, particularly because our platform handles information about children.
1. Our role
ALTIN ERP is a platform that schools use to run their operations. For most personal data in the system — students, parents or guardians, and staff — the school is the Data Fiduciary (it decides what is collected and why), and ALTIN acts as a Data Processor, processing that data only on the school’s instructions to provide the service. For our own account and billing relationship with the school, we act as the fiduciary.
2. Information we process
On behalf of schools, this can include:
- Student, parent/guardian, and staff details (names and contact details, and any IDs the school chooses to provide);
- Attendance, fees and payments, academic records, communications, and transport or safety information;
For our relationship with the school: account and contact details, and billing information. Automatically: basic technical and usage logs needed to run and secure the service.
3. How we use data
We use personal data solely to provide, maintain, secure, and improve ALTIN ERP for the school; to process payments; to send service-related communications; and to meet legal obligations. We do not sell personal data, and we never use student data for advertising.
4. Children’s data
Much of the data we process concerns children. We process it only on the instructions of the school and in line with applicable law, including India’s Digital Personal Data Protection Act, 2023. Obtaining any consent required from parents or guardians is handled by the school as the Data Fiduciary; we support schools in meeting those obligations.
5. Sharing and sub-processors
We share data only with service providers who help us operate the platform, under contract and only as needed:
- Payment processing — Razorpay;
- SMS — MSG91; Email — Resend;
- Cloud hosting and database infrastructure providers.
We do not sell or rent personal data to anyone.
6. Where data is processed
Our cloud infrastructure may process and store data on servers located outside India, including in Singapore. Where data is transferred across borders, we take steps to protect it consistent with applicable law.
7. Security
We use reasonable technical and organisational measures — including access controls, encryption in transit, tenant isolation, and audit logging — to protect personal data. No system is perfectly secure, and we continue to strengthen our safeguards.
8. Retention
We retain personal data for as long as the school’s account is active and as needed to provide the service, then delete or anonymise it within a reasonable period, unless a longer period is required by law.
9. Your rights
Under the DPDP Act, data principals have rights to access, correct, and erase their personal data, and to grievance redressal. Because schools control most data in ALTIN ERP, requests are usually made through your school; you may also contact us and we will assist the school in responding.
10. Grievance Officer
For privacy questions or complaints, contact our Grievance Officer: [ name / role ], ALTIN Digital Systems — hello@altinerp.com. We aim to acknowledge and address grievances within the timelines required by law.
11. Changes
We may update this policy from time to time. We will post the updated version here with a revised date.
12. Contact
ALTIN Digital Systems — hello@altinerp.com — altinerp.com.