By accessing or using the SchoolFlow ecosystem, including the mobile application, web portals, and all associated services ("the Service"), you agree to be bound by these terms and conditions. If you do not agree with any part of these terms, you must not use the Service. The Service includes attendance tracking, wallet transactions, library management, student alerts, and all other SchoolFlow features.

Users of the Service, including parents, guardians, students, teachers, and administrators, are responsible for ensuring the accuracy of all information provided. This includes proper use of student cards for attendance tracking, maintaining account security, accurate wallet transactions, and responsible use of library resources. Users must keep their login credentials confidential and report any unauthorized access immediately. Any misuse, fraud, or unauthorized access to the Service is strictly prohibited and may result in account termination and legal action.

SchoolFlow is committed to protecting the privacy of student information. The Service collects and processes data related to student attendance (entry and exit times), academic records, wallet transactions, library borrowing history, and alerts. This data is used solely for educational and administrative purposes, including attendance tracking, financial management, library operations, and parent communication. All data is securely stored using industry-standard encryption and access controls in compliance with applicable data protection laws.

Parents or legal guardians consent to the tracking of their child's entry and exit times through student cards, processing of wallet transactions (top-ups and purchases), library borrowing activities, and receipt of alerts and notifications. This data is used for attendance tracking, financial management, library operations, and communication purposes. Data may be accessible to authorized school staff, administrators, and teachers as necessary for educational and administrative functions.

Users agree to use the Service for lawful and appropriate educational and administrative purposes only. Prohibited activities include: unauthorized access to accounts or systems, fraudulent wallet transactions, manipulation of attendance records, unauthorized library book borrowing, sending spam or malicious content, reverse engineering or attempting to breach security measures, and any activity that disrupts the Service or violates applicable laws. Violations may result in immediate account suspension or termination.

SchoolFlow provides a wallet system for managing student financial transactions, including top-ups and purchases at school facilities. Parents are responsible for monitoring wallet balances and transactions. All transactions are final and non-refundable unless otherwise stated by school policy. SchoolFlow is not responsible for unauthorized transactions resulting from compromised account credentials. Users must report suspicious transactions immediately.

Students may borrow books through the SchoolFlow library system. Borrowers are responsible for returning books on time and in good condition. Late returns may result in fines as determined by school policy. Lost or damaged books must be reported immediately and may require replacement or payment. Library borrowing history is tracked and may be accessible to parents and school administrators.

Users are responsible for maintaining the security of their accounts. SchoolFlow uses OTP (One-Time Password) verification via email for account security and password resets. Users must provide accurate contact information and keep it updated. SchoolFlow is not liable for account breaches resulting from user negligence, such as sharing passwords or failing to secure devices. Two-factor authentication is recommended for enhanced security.

Users may request account deletion at any time. Upon account deletion, SchoolFlow will anonymize sensitive personal data (email, phone, password) while retaining necessary records (names, IDs, creation dates) to maintain data integrity and comply with legal obligations. Transaction history, attendance records, and library borrowing records may be retained for administrative and legal purposes even after account anonymization.

SchoolFlow strives to maintain service availability but does not guarantee uninterrupted access. The Service may be temporarily unavailable due to maintenance, updates, or unforeseen circumstances. SchoolFlow reserves the right to modify, suspend, or discontinue any feature of the Service at any time. Users will be notified of significant changes when possible, but SchoolFlow is not obligated to provide advance notice for all modifications.

All content, features, and functionality of the SchoolFlow Service, including but not limited to software, text, graphics, logos, and user interface designs, are owned by SchoolFlow or its licensors and are protected by copyright, trademark, and other intellectual property laws. Users may not copy, modify, distribute, or create derivative works from any part of the Service without explicit written permission.

SchoolFlow provides the Service "as is" without warranties of any kind. SchoolFlow shall not be liable for any indirect, incidental, special, or consequential damages arising from use of the Service, including but not limited to data loss, transaction errors, or service interruptions. SchoolFlow's total liability shall not exceed the amount paid by the user for the Service in the twelve months preceding the claim.

SchoolFlow reserves the right to modify or update these terms and conditions at any time. Material changes will be communicated to users via email or in-app notifications. Continued use of the Service after such modifications constitutes acceptance of the updated terms. Users are encouraged to review these terms periodically. If you do not agree with the updated terms, you must discontinue use of the Service.

SchoolFlow collects and processes the following information: Parent/Guardian Data: Name, email address, phone number, password (hashed), device information, and account creation date. Student Data: Name, student ID, card ID, attendance records (entry/exit times), wallet balance, transaction history, library borrowing records, and academic alerts. Transaction Data: Purchase records, top-up transactions, amounts, dates, times, and transaction sources. Library Data: Book borrowing history, due dates, return status, and fines. Authentication Data: OTP verification codes (hashed), login attempts, and session information. All information is securely stored and accessible only to authorized school staff and administrators.

SchoolFlow retains data for as long as necessary to provide services and comply with legal obligations. Attendance records are retained for the academic year and may be archived for historical purposes. Transaction data is retained for financial record-keeping and audit purposes. Library borrowing records are retained to track borrowing history and manage fines. When accounts are deleted, sensitive personal data (email, phone, password) is anonymized, while essential records (names, IDs, creation dates) are preserved to maintain data integrity and relationships. OTP verification codes expire automatically and are deleted after use or expiration. Users may request data deletion, subject to legal and administrative requirements.

SchoolFlow employs comprehensive security measures to protect user data: Encryption: Passwords and OTP codes are hashed using secure cryptographic algorithms. Database Security: All database queries use prepared statements to prevent SQL injection attacks. Access Controls: Role-based access control ensures only authorized personnel can access sensitive data. Authentication: OTP verification via email for password resets and sensitive operations. Session Management: Secure session handling with timeout mechanisms. Network Security: HTTPS encryption for all data transmission. Audit Logging: All critical actions are logged for security monitoring. Despite these measures, no system is 100% secure, and users should also take precautions to protect their account credentials.

SchoolFlow does not sell, rent, or share personal data with third parties for marketing purposes. Data may be shared only in the following circumstances: School Systems: Integration with other school management systems for administrative purposes, with strict access controls. Legal Requirements: When required by law, court order, or government regulation. Service Providers: With trusted service providers (e.g., email services for OTP delivery) who are contractually obligated to protect data. With Consent: When explicit consent is provided by the user or parent/guardian. All third-party access is logged and monitored. SchoolFlow maintains data processing agreements with all service providers to ensure data protection standards are met.

Parents or legal guardians have the following rights regarding their child's data: Access: Right to access attendance records, transaction history, library borrowing records, and alerts. Correction: Right to request correction of inaccurate data. Deletion: Right to request account deletion (subject to anonymization as described in Terms). Portability: Right to receive data in a structured format. Objection: Right to object to certain data processing activities. Withdrawal of Consent: Right to withdraw consent for data processing, though this may limit service functionality. All requests should be directed to the school administration or via email to msinnovationlab1@gmail.com. SchoolFlow will respond to requests within 30 days as required by applicable data protection laws.

SchoolFlow is designed for use by parents, guardians, and authorized school personnel to manage student information. Student data is collected and processed only with the consent of parents or legal guardians. SchoolFlow does not knowingly collect personal information directly from children under the age of 13 without parental consent. All student data is managed through parent/guardian accounts, ensuring that parents maintain control over their child's information. If you believe we have collected information from a child without proper consent, please contact us immediately.

SchoolFlow uses session management and authentication tokens to maintain user sessions and ensure secure access. The Service may use cookies or similar technologies to remember user preferences, maintain login sessions, and improve service functionality. These technologies are essential for the Service to function properly. SchoolFlow does not use tracking cookies for advertising or third-party analytics. Users can manage cookie preferences through their browser settings, though disabling cookies may limit Service functionality.

SchoolFlow primarily stores and processes data within the jurisdiction where the school operates. If data is transferred internationally, SchoolFlow ensures that appropriate safeguards are in place to protect personal data in accordance with applicable data protection laws. This may include standard contractual clauses, adequacy decisions, or other legally recognized transfer mechanisms. Users will be notified of any significant changes to data storage locations.

In the event of a data breach that poses a risk to user privacy, SchoolFlow will notify affected users and relevant authorities as required by applicable data protection laws. Notifications will be sent via email to the registered email address within 72 hours of becoming aware of the breach, where feasible. The notification will include information about the nature of the breach, the data affected, potential consequences, and measures taken to address the breach. SchoolFlow maintains incident response procedures to detect, respond to, and mitigate security incidents.

SchoolFlow reserves the right to update this Privacy Policy to reflect changes in our practices, technology, legal requirements, or other factors. Material changes will be communicated to users via email or in-app notifications. The "Last Updated" date at the top of this policy indicates when changes were last made. Users are encouraged to review this policy periodically. Continued use of the Service after policy updates constitutes acceptance of the revised policy. If you do not agree with the updated policy, you must discontinue use of the Service.

For any inquiries, concerns, or requests regarding these Terms and Conditions or Privacy Policy, including data access requests, correction requests, deletion requests, or privacy complaints, please contact SchoolFlow at: Email: msinnovationlab1@gmail.com. We will respond to all inquiries within 30 days as required by applicable data protection laws. For urgent security concerns, please include "URGENT" in the subject line of your email.