Privacy Policy

Last Updated: January 16, 2025

Introduction

This Privacy Policy explains how Koonection (PTY) Ltd ("Koonection," "we," "us," or "our") collects, uses, and protects personal information in accordance with the Protection of Personal Information Act (POPIA), the General Data Protection Regulation (GDPR), and other applicable laws. Our commitment is to protect your privacy and maintain the security of all personal information we process.

Information Collection and Processing

In the course of providing our educational management services, we collect and process several categories of information:

School Administrator Information

Includes professional contact details, authentication credentials, school affiliations, administrative preferences, and, where applicable, payment and billing information. This information is essential for account management and system administration.

Student Information

Encompasses basic biographical details, academic records, class assignments, health-related information (such as allergies) for safety purposes, emergency contact details, and participation records for various school activities.

Parent Information

Includes contact details, communication preferences, family relationships and student associations, system usage patterns for service improvement, and communication history.

Teacher Information

Comprises professional contact details, teaching assignments, schedules, professional qualifications where provided, and class management preferences.

Purpose of Processing

We process this information to:

  • Deliver and maintain our educational management services.
  • Process secure payments.
  • Provide system notifications and updates.
  • Address support inquiries.
  • Enhance service quality.
  • Meet legal and regulatory obligations.
  • Maintain system security and performance.

Data Storage and Security

Our data storage infrastructure maintains rigorous security standards with primary data storage in the European Union (EU-West region). We implement enterprise-grade security protocols including:

  • Advanced access control systems.
  • Multi-factor authentication for sensitive operations.
  • Real-time security monitoring.
  • Encrypted data transmissions.
  • Regular security assessments to maintain system integrity.
  • Automated patch management.
  • Secure backup systems.
  • Comprehensive disaster recovery protocols.

Data Protection Principles

Our data processing adheres to core principles:

  • Purpose Limitation: We use data solely for stated purposes.
  • Data Minimization: We collect only necessary information.
  • Accuracy: We maintain data correctness through regular updates.
  • Storage Limitation: We retain data only as long as needed.
  • Integrity and Confidentiality: We ensure secure processing.
  • Accountability: We maintain transparent processing practices.

International Data Transfers

For data transfers between regions, we implement appropriate safeguards through comprehensive data transfer agreements and regular compliance monitoring. Where required, we utilize standard contractual clauses and conduct ongoing assessments of data protection standards.

Your Rights

Under applicable data protection laws, you maintain the right to:

  • Access your personal information.
  • Correct inaccurate data.
  • Request data deletion where appropriate.
  • Object to certain processing activities.
  • Request data portability.
  • Lodge complaints with relevant authorities.

Data Retention

We maintain specific retention periods for different data categories:

  • Student Records: Retained for the duration of enrollment plus five years.
  • Financial Records: Kept for seven years as required by law.
  • Communication Logs: Maintained for two years.
  • Inactive Accounts: Retained for one year before deletion.

Security Incident Response

In the event of a security incident, we will:

  • Notify affected parties as required by law.
  • Investigate and document the incident thoroughly.
  • Implement necessary remedial measures.
  • Review and update security protocols.
  • Cooperate with relevant authorities.

Policy Updates

We may update this Privacy Policy periodically. We will notify users of significant changes through email notifications, service announcements, and website updates.

Contact Information

For any privacy-related queries or concerns, please contact us at:

Email: info@koonection.co.za

We respond to all privacy-related inquiries within two business days.

© 2025 Koonection PTY Ltd. All rights reserved.