Privacy Policy for Student Tech Usher

Last updated: September 19, 2025

1. Introduction

At Student Tech Usher, we are committed to protecting and respecting your privacy. This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal data when you visit our platform, in compliance with Regulation (EU) 2016/679 (General Data Protection Regulation - GDPR).

2. Scope of this Policy

This Policy applies to the processing of personal data of:

  • Students using the platform for academic planning and communication;
  • Academic Advisors interacting with students for guidance and evaluation;
  • Institutional Administrators managing user roles and academic programs.

3. Data Controller

The data controller is:

Student Tech Usher

[Postal Address]

admin@stuplanning.com

[Phone Number]

For data protection matters, please contact our Data Protection Officer at: [DPO Email]

4. Categories of Personal Data Collected

Depending on your role, we may process the following data:

For Students:

Name, contact details, academic records, course enrollments, login credentials, communications with advisors.

For Advisors:

Name, institutional role, contact details, student notes, meeting schedules.

For Admins:

User role management data, institutional settings, system access logs.

5. Legal Basis for Processing

We process your personal data under the following legal bases (Article 6 GDPR):

  • Performance of a contract (e.g., providing educational services) – Art. 6(1)(b);
  • Legal obligation (e.g., academic records retention) – Art. 6(1)(c);
  • Legitimate interests (e.g., ensuring platform security, analytics) – Art. 6(1)(f);
  • Consent for optional features like newsletter subscriptions – Art. 6(1)(a).

6. Purpose of Data Processing

We use your data to:

  • Facilitate academic planning and communication;
  • Enable access to educational tools and resources;
  • Monitor usage and improve platform functionality;
  • Comply with legal and institutional obligations.

7. Data Sharing and Transfers

Data may be shared with:

  • Authorized institutional staff;
  • IT service providers under strict data protection agreements;
  • Regulators or authorities if required by law.

We do not transfer personal data outside the EEA unless adequate safeguards are in place in line with Chapter V of the GDPR.

8. Data Retention

We retain personal data only as long as necessary to fulfill the purposes outlined or as required by law. Retention periods vary by data category and user role.

9. Your Data Protection Rights

You have the following rights under GDPR:

  • Right of access (Art. 15);
  • Right to rectification (Art. 16);
  • Right to erasure ("right to be forgotten") (Art. 17);
  • Right to restriction of processing (Art. 18);
  • Right to data portability (Art. 20);
  • Right to object (Art. 21);
  • Right to lodge a complaint with a supervisory authority.

To exercise your rights, please contact [DPO Email].

10. Cookies and Tracking Technologies

Our website uses cookies and similar technologies in accordance with the ePrivacy Directive and Article 5(3) thereof. You can manage your preferences via our Cookie Settings Page.

11. Automated Decision-Making

We do not engage in automated decision-making, including profiling, that produces legal effects concerning you.

12. Changes to This Policy

We may update this Privacy Policy from time to time. The most recent version will always be posted on our website with the effective date.

If you have any questions about this Privacy Policy or our data practices, please contact us at the information provided above.