🔐 ACADMIN - PRIVACY POLICY
Future Face Tech Pvt Ltd
Future Face Tech Pvt Ltd (“Company”, “we”, “us”, or “our”) is committed to protecting the privacy and security of the personal data of our users. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Acadmin Educational ERP platform and the website located at https://www.acadmin.in/ (collectively, the “Service”).
This Privacy Policy is drafted in compliance with the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the Digital Personal Data Protection Act, 2023.
Acadmin is an Educational ERP platform and related services offered by Future Face Tech Pvt Ltd (“Company”, “we”, “us”, or “our”). We provide Acadmin to educational institutions to help manage academic and administrative functions such as admissions, attendance, examinations, communication, and fee management.
This Privacy Policy explains how personal data is collected, used, stored, shared, and protected when you access or use Acadmin and/or the website at https://www.acadmin.in/ (collectively, the “Service”).
This Privacy Policy applies to personal data processed through the Service relating to:
● Educational institutions (schools, colleges, universities, coaching institutes or similar entities) that subscribe to or use Acadmin;
● Students;
● Parents/guardians;
● Teachers, staff, administrators, and other authorised users of the institution.
Where Acadmin is deployed by an educational institution, the institution controls how and why personal data is processed in Acadmin. Users should also review the institution’s privacy notices/policies for institution-specific practices.
Acadmin is an Educational Enterprise Resource Planning (ERP) solution provided to educational institutions (schools, colleges, and universities).
● Data Fiduciary: The educational institution using Acadmin is generally the “Data Fiduciary” under the Digital Personal Data Protection Act, 2023 (“DPDP Act”), as it determines the purpose and means of processing personal data on the platform.
● Data Processor: Future Face Tech generally acts as a “Data Processor” (service provider) processing personal data on behalf of and as per the instructions of the educational institution.
In some limited scenarios (for example, if Future Face Tech directly determines the purpose and means of processing for a specific activity), we may act as a Data Fiduciary for that activity. In such cases, this Privacy Policy will apply to our role for that processing.
We collect (or process on behalf of an educational institution) several types of information from and about users of our Service, including:
4.1 Personal Identification Information
● Name, address, phone number, email address, date of birth, gender, photograph, and other identifiers as configured by the institution.
4.2 Academic Data
● Admissions/enrolment details, class/section, grades/marks, examinations, attendance records, timetable, homework/assignments, discipline records, library records (issue/return history), and other academic/administrative records maintained by the institution.
4.3 Financial Data
● Fee structure, invoices/receipts, scholarship/discount information, dues, and fee payment history.
● Where online payments are enabled, payment-related information may be processed through payment gateway providers. We typically do not store full card details; such details are handled by the payment gateway as per their systems and standards.
4.4 Technical Data
● IP address, login timestamps, device identifiers, device type, operating system, browser type, app/website usage data, and log files.
● Cookies and similar technologies (as described in the “Cookies” section below).
4.5 Sensitive Personal Data / Special Categories (as applicable) Certain integrations or institution configurations may result in processing of sensitive personal data or information (“SPDI”) under the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (“SPDI Rules”) and/or sensitive data under the DPDP Act, including:
● Biometric/RFID data (for example, biometric attendance or RFID-enabled access/attendance), if integrated and enabled by the institution;
● Health-related information (if the institution records such information for welfare/safety purposes);
● Any other sensitive information the institution chooses to store in Acadmin.
We recommend institutions minimise collection of sensitive data and enable such features only when necessary and legally permitted.
We process personal data for purposes including:
● Managing academic and administrative operations (admissions, attendance, examinations, results, timetables, homework, library, transport, hostel, etc. as enabled);
● Enabling communication and notifications among the institution, teachers, staff, students, and parents/guardians (including via email/SMS/WhatsApp/push notifications where configured);
● Fee management, invoicing, receipts, reconciliation, and related financial administration;
● Account creation, user authentication, access management and role-based permissions;
● Security and integrity of the Service, including monitoring, logging, fraud prevention, troubleshooting, and incident response;
● Customer support, maintenance, updates, and service improvement;
● Compliance with applicable laws, lawful requests, and regulatory obligations relevant to educational institutions and technology service providers.
We process personal data in accordance with applicable Indian law, including the IT Act and DPDP Act. Depending on the context, our lawful basis includes:
● Consent: Where required, personal data is processed based on consent provided by the Data Principal (or parent/guardian, as applicable) and/or as obtained/managed by the educational institution. Users may withdraw consent as described in this Privacy Policy; however, withdrawal may affect access to or availability of certain features.
● Performance of contract: Processing is necessary to perform our contractual obligations to the educational institution (for example, providing the ERP platform, support, security, and related services).
● Compliance with law: Processing may be necessary to comply with applicable legal obligations or to respond to lawful requests.
We do not sell personal data. We may share or disclose personal data only as needed for the purposes described above, including:
● With the Educational Institution (Data Fiduciary): Data processed on the platform is accessible by authorised users of the respective institution, as configured by the institution’s admins.
● With Service Providers (Sub-processors): We may share data with third-party service providers that support operation of the Service (for example, cloud hosting providers, email/SMS/communication providers, analytics/monitoring tools, and payment gateways), strictly on a need-to-know basis and subject to contractual confidentiality and security obligations.
● With Payment Gateways: If an institution enables online fee payments, payment processing is handled by payment gateway providers. They may process payment-related personal and financial data in accordance with their own privacy policies and applicable law.
● For Legal Obligations / Law Enforcement: We may disclose information where required by law, court order, or governmental request, or where necessary to investigate or prevent illegal activities, security incidents, or fraud, subject to applicable legal requirements.
● Business Transfers: In the event of a merger, acquisition, restructuring, or sale of assets, personal data may be transferred as part of that transaction, subject to applicable law and appropriate safeguards.
We retain personal data only for as long as necessary to provide the Service, meet the purposes described in this Privacy Policy, comply with contractual obligations with the educational institution, and/or comply with applicable law.
Upon termination/expiry of the service agreement with an educational institution, we will delete, return, or de-identify the institution’s data as per contractual terms, subject to reasonable backup retention cycles and legal/regulatory requirements.
We implement reasonable security practices and procedures to protect personal data against unauthorised access, alteration, disclosure, or destruction, in line with applicable law (including the IT Act and SPDI Rules). Our security measures include:
● Encryption of data in transit using SSL/TLS;
● Industry-standard cloud security controls and hardened configurations (as applicable to our hosting environment);
● Role-based access control and least-privilege access practices;
● Secure authentication practices and encrypted passwords;
● Monitoring, logging, and regular security review activities.
No method of transmission or storage is completely secure. While we strive to protect personal data, we cannot guarantee absolute security.
Subject to applicable law (including the DPDP Act) and the institution’s role as Data Fiduciary, users may have rights including:
● Right to Access: Request information about personal data being processed and a summary of processing activities, as applicable.
● Right to Correction: Request correction of inaccurate or incomplete personal data.
● Right to Erasure: Request deletion/erasure of personal data that is no longer necessary for the purposes it was collected, subject to legal and contractual requirements.
● Right to Withdraw Consent: Where processing is based on consent, you may withdraw consent. This may affect the ability to provide some features of the Service.
Because the educational institution typically acts as the Data Fiduciary, requests may need to be routed through the institution’s designated administrator. We will support the institution in responding to valid requests in accordance with applicable law and our contractual obligations.
The Acadmin website and portal use “cookies” and similar technologies to enhance user experience, maintain sessions, improve performance, and analyse usage. Cookies allow us to remember preferences and session information. You may choose to set your web browser to refuse cookies or alert you when cookies are being sent; however, some parts of the Service may not function properly as a result.
Our Service may contain links to third-party websites (for example, educational resources or government portals). We are not responsible for the privacy practices or content of such websites. Please review the privacy policies of those third parties before providing information.
Future Face Tech reserves the right to update this Privacy Policy at any time. When we do, we will revise the “Last Updated” date at the top of this page. We encourage users to review this page periodically for changes.
In accordance with the Information Technology Act, 2000 and applicable rules, and the DPDP Act, you may raise questions, concerns, or grievances regarding this Privacy Policy or processing of personal data by contacting us at:
Grievance Officer / Data Protection Officer (DPO): Data Protection Officer, Future Face Tech Pvt Ltd Email: info@futurefacetech.in Phone: +91 83031 72921
You may be asked to provide sufficient details to identify your account/records and the institution you are associated with, so we can address your request appropriately and securely.
This Privacy Policy shall be governed by and construed in accordance with the laws of India. Courts having jurisdiction in India shall have jurisdiction over matters arising from or relating to this Privacy Policy, subject to applicable law.
If you have any questions about this Privacy Policy or our data practices, please contact us at: Future Face Tech Pvt Ltd Website: https://futurefacetech.in/ Email: info@futurefacetech.in
Contact Us
Future Face Tech Pvt Ltd
📞 +91 83031 72921
🌐 https://futurefacetech.in/