Your privacy matters to us. Learn how EDVES collects, uses, and protects your information in compliance with global data protection standards.
For the purposes of applicable data protection laws, the data controller responsible for your personal data is:
EU/UK Representative: For data subjects in the European Union or United Kingdom, our representative can be contacted at hello@edves.net.
EDVES is an Educational Management Information System (E.M.I.S.) and a software service that automates educational processes from enrolment and registration to result computation and publishing. It is a comprehensive Educational Portal system designed to service the information needs of students, their parents, and educators.
This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform. It applies to all users of our services, including students, parents, guardians, educators, school administrators, and institutional staff across all regions where EDVES operates.
This policy is designed to comply with the following regulations:
We collect the following categories of personal data:
With explicit consent or as required for educational purposes, we may process:
Under GDPR and similar regulations, we process your personal data based on the following lawful bases:
| Purpose | Legal Basis |
|---|---|
| Providing educational services | Contract Performance — Necessary to fulfil our service agreement with your school |
| Student enrolment and records management | Contract Performance — Required to deliver educational management services |
| Processing fee payments | Contract Performance — Necessary to complete transactions |
| Compliance with educational regulations | Legal Obligation — Required by education authorities and laws |
| Health and safety records | Legal Obligation — Required for student welfare |
| Marketing communications | Consent — Only with your explicit opt-in consent |
| Processing sensitive data | Explicit Consent — With your clear affirmative agreement |
| Platform improvement and analytics | Legitimate Interest — To improve our services (with balancing test) |
| Security and fraud prevention | Legitimate Interest — To protect users and systems |
Withdrawing Consent: Where we rely on your consent, you have the right to withdraw it at any time. This will not affect the lawfulness of processing based on consent before its withdrawal. To withdraw consent, contact us at hello@edves.net.
We use the collected information for the following purposes:
We do not sell your personal data. We may share your information with the following categories of recipients:
Schools and districts that have contracted with EDVES to provide educational management services. They act as joint data controllers or data controllers with EDVES acting as a data processor.
Third-party vendors who perform services on our behalf, including:
All service providers are bound by data processing agreements requiring them to protect your data and use it only for specified purposes.
We may disclose data to education authorities, examination bodies (WAEC, NECO, etc.), and regulatory agencies as required by law.
We may disclose data when required by law, court order, or to protect our rights, safety, or property.
California Residents (CCPA): We do not "sell" personal information as defined by the CCPA. You have the right to opt-out of any future sales, should our practices change.
EDVES operates globally, and your data may be transferred to and processed in countries outside your country of residence. When we transfer personal data internationally, we implement appropriate safeguards:
Our primary data centres are located in:
You may request information about the specific safeguards applied to your data transfers by contacting our Data Protection Officer.
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law:
| Data Category | Retention Period |
|---|---|
| Student academic records | Permanently (or as required by educational authorities) |
| Attendance records | 7 years after leaving institution |
| Financial/payment records | 7 years (for tax and audit purposes) |
| User account data | Duration of account + 2 years |
| Technical logs | 90 days (rolling) |
| Marketing consent records | Duration of consent + 3 years |
| Support communications | 3 years from resolution |
When retention periods expire, data is securely deleted or anonymised using industry-standard destruction methods.
Depending on your location, you have the following rights regarding your personal data:
Request a copy of the personal data we hold about you, along with information about how we process it.
Request correction of inaccurate or incomplete personal data we hold about you.
Request deletion of your personal data in certain circumstances ("right to be forgotten").
Request that we limit the processing of your personal data in certain circumstances.
Receive your personal data in a structured, machine-readable format and transfer it to another controller.
Object to processing based on legitimate interests, direct marketing, or research/statistical purposes.
Not be subject to decisions based solely on automated processing that significantly affect you.
Withdraw your consent at any time where we rely on consent to process your data.
To exercise any of these rights, please contact us at:
We will respond to your request within 30 days (or 45 days for CCPA requests). We may request proof of identity before processing your request.
You have the right to lodge a complaint with a supervisory authority:
EDVES is an educational platform designed to serve students of all ages. We are committed to protecting the privacy of children and comply with the Children's Online Privacy Protection Act (COPPA) for users under 13 years of age in the United States.
Parents and guardians have the right to:
We collect only the personal information necessary to provide educational services. We do not:
Parents may contact us at hello@edves.net to exercise their rights under COPPA.
For schools in the United States, EDVES operates as a "school official" under the Family Educational Rights and Privacy Act (FERPA). We are contractually bound to:
Schools may designate certain student information as "directory information" that can be disclosed without consent. Parents may opt-out of directory information disclosure by contacting their school.
FERPA requests should be directed to your educational institution. The school, not EDVES, is the custodian of education records under FERPA.
We implement comprehensive technical and organisational measures to protect your personal data:
EDVES uses AI and automated processes to enhance educational outcomes:
We do not make decisions that produce legal or similarly significant effects based solely on automated processing. Where AI influences educational decisions:
In the event of a personal data breach, we follow a strict notification protocol:
If you believe your data has been compromised, contact us immediately at security@edves.net.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.
Continued use of our services after changes become effective constitutes your acceptance of the updated policy. We encourage you to review this policy periodically.
For questions about this Privacy Policy or to exercise your data protection rights:
By using EDVES services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use our services. For educational institutions, your continued use of our platform signifies acceptance on behalf of your institution and its users as authorised representatives.
This Privacy Policy should be read in conjunction with our Terms of Service and Cookie Policy.