Managira Privacy Policy

Managira is a digital school management and education administration platform operated by ScREAte and its affiliated or authorized service entities, as applicable to the relevant service relationship. This Privacy Policy explains how Managira collects, uses, stores, shares, transfers, and otherwise processes personal data and institutional data in connection with our websites, applications, dashboards, support channels, integrations, and related services.

This Privacy Policy applies to Managira's services provided to individual schools, school groups, organizations, educational networks, ministries, and other authorized institutional customers, as well as to the administrators, teachers, staff members, parents, guardians, students, and other authorized users who access Managira under the direction of those institutions.

By accessing or using Managira, or by submitting information through our services, you acknowledge the practices described in this Privacy Policy, except where a separate agreement, service-specific notice, or applicable law requires otherwise.

1 Scope of This Policy

This Privacy Policy applies to information processed in connection with the operation of Managira's services, including information collected through Managira websites, applications, school dashboards, hub dashboards, communication tools, support channels, onboarding processes, demonstrations, billing flows, public pages, and integrations with third-party services.

This Privacy Policy does not replace any separate agreement between Managira and a school, hub operator, ministry, organization, or other institutional customer. Where Managira processes data on behalf of an institution, that institution may determine the purposes for which the data is collected and used, while Managira processes that data in order to provide the services.

2 Who This Policy Covers

In the course of providing our services, Managira may process information relating to school administrators, teachers, employees, staff members, school owners, board representatives, parents, guardians, students, applicants, website visitors, customer representatives, billing contacts, technical contacts, and other individuals whose information is submitted to or collected through the platform for educational administration and related services.

Because Managira may be used by a single school, a network of schools, a private operator, a faith-based institution, a government body, or another educational oversight entity, the categories of information processed may vary depending on how the customer uses the service.

3 Information We Collect

Managira may collect personal data and institutional data directly from users, from institutional customers, automatically through use of the services, and from approved third-party providers or integrations.

The information we collect may include names, usernames, email addresses, phone numbers, mailing addresses, school affiliation details, account credentials, class assignments, job titles, profile information, and other identifiers needed to create and manage accounts.

We may also collect student and education-related records such as enrollment details, attendance information, grades, assessments, report card data, academic history, guardian relationships, school identification numbers, timetable data, disciplinary records where applicable, and other school-managed records entered into the platform by authorized institutions or users.

We may collect billing and transaction information needed to manage subscriptions, invoices, payments, refunds, renewals, and account standing. Payment transactions may be processed through trusted third-party payment providers rather than directly by Managira.

We may collect communication records when users or customers contact us for support, onboarding, service inquiries, training, account updates, or compliance-related matters.

We may also collect technical, device, and usage information such as IP addresses, browser type, operating system information, device identifiers, session information, error reports, timestamps, security event logs, access records, performance metrics, and similar diagnostic data used to operate and secure the services.

4 Sources of Information

We collect information directly from individuals and institutions when they create accounts, submit records, request demonstrations, contact support, enter into service agreements, configure the platform, use our websites or applications, or otherwise interact with Managira.

We also collect certain information automatically through the operation of our services, including through logs, cookies, similar technologies, and system monitoring tools.

Institutional customers may provide Managira with information concerning their students, staff, parents, guardians, and other authorized users so that the institution can administer its operations through the platform. In such cases, the institution is responsible for ensuring that it has the appropriate authority and legal basis to provide that information and to instruct Managira on how it may be processed where required by law.

We may also receive information from third-party service providers, integration partners, payment processors, infrastructure providers, analytics tools, authentication services, and other vendors that support the delivery, security, and operation of the services.

5 How We Use Information

Managira uses information to provide, operate, maintain, support, secure, and improve its services.

This includes using information to create and manage accounts, authenticate users, deliver school and hub administration features, process attendance and academic records, generate reports, support communication features, administer billing and subscriptions, respond to support requests, monitor service performance, detect and prevent misuse, troubleshoot technical issues, enforce agreements, and improve the functionality, reliability, and security of the platform.

We may also use information to communicate with customers and users regarding account administration, service updates, billing, support, security notices, policy updates, training materials, product changes, and other operational matters related to the services.

Where permitted by law, we may use certain business contact information to provide information about Managira's products, features, services, educational materials, and updates. Recipients may opt out of non-essential marketing communications, but service-related communications will continue where necessary to operate and secure the platform.

6 Legal Grounds for Processing

Where applicable law requires a legal basis for processing personal data, Managira processes personal data on one or more of the following grounds: to perform a contract or take steps prior to entering into a contract; to comply with legal obligations; to pursue legitimate interests in operating, protecting, supporting, and improving the services; with consent where consent is required or appropriate; and as otherwise permitted by applicable law.

Where Managira processes data on behalf of a school or other institution, that institution may be responsible for determining the lawful basis for the collection and primary use of that data, particularly in relation to student records, education records, and institution-managed records.

7 Student Data, Children's Data, and Education Records

Managira is designed for educational administration and may therefore involve the processing of student information and, in some cases, information relating to children. The handling of such information may be subject to specific legal obligations depending on the country, age of the student, type of institution, and nature of the records involved.

Managira processes student and education-related data only for authorized educational, administrative, security, compliance, support, and service-delivery purposes consistent with our agreements and applicable law. Managira does not sell student personal data.

Where Managira is used by a school or other institution, that institution is generally responsible for determining what student information is entered into the platform, what notices are provided, what permissions or authorizations are required, and what rights must be honored under applicable law. Institutions using Managira are responsible for ensuring that they have satisfied the requirements that apply in their jurisdiction before submitting student or children's data to the platform.

Managira is designed to support institutions in handling sensitive educational data responsibly. The security of that data is strongest when customers follow Managira's recommended practices for account management, user permissions, password protection, role-based access, staff training, and lawful data handling.

8 How We Share Information

Managira does not sell personal data or institutional data. We do not disclose such data except as described in this Privacy Policy, as authorized or directed by the relevant institution, as necessary to provide the services, or as required by law.

We may share information with service providers and subprocessors that support the operation of the platform, including providers of cloud hosting, infrastructure, databases, authentication, payment processing, communications, customer support, analytics, monitoring, backup, security, and similar operational services. These providers are engaged to perform services on our behalf and are expected to handle information in accordance with appropriate confidentiality, security, and legal obligations.

We may share information within the ScREAte group of companies and authorized operational entities where necessary for internal administration, service delivery, support, legal compliance, security, billing, and business operations.

We may disclose information where required to comply with law, regulation, court order, lawful process, enforceable governmental request, or where disclosure is reasonably necessary to protect the rights, property, safety, or security of Managira, its customers, its users, or others.

We may disclose or transfer information in connection with a merger, acquisition, financing, reorganization, asset sale, insolvency proceeding, or similar corporate transaction, subject to appropriate safeguards and continuity of applicable privacy commitments.

We may also make information available to the institution using Managira, including authorized school administrators, hub operators, and oversight entities, where such access is part of the intended operation of the services.

9 Third-Party Providers and Service Infrastructure

Managira may rely on third-party providers to support the scale, reliability, security, and functionality of the platform. These providers may include cloud hosting providers, infrastructure providers, database services, payment processors, communications providers, security services, analytics tools, and other vendors used to support the operation of the platform.

Where Managira uses third-party providers, we seek to use providers that support strong standards of confidentiality, integrity, availability, and lawful processing in relation to the services they perform for us. The use of third-party providers does not mean that every service is operated directly by Managira, and third-party providers may have their own terms, legal obligations, and operational responsibilities that apply to the services they provide.

10 International Data Processing and Transfers

Managira may operate across multiple countries and may process information in jurisdictions other than the one in which the information was originally collected. This may occur where our personnel, customers, infrastructure, support functions, service providers, or related operations are located in different countries.

Where applicable law restricts the transfer of personal data across borders, Managira seeks to implement measures appropriate to the nature of the transfer and the legal requirements that apply. At the same time, institutions remain responsible for evaluating the local laws that apply to their own use of Managira, including sector-specific education, public-sector, localization, record-keeping, or retention requirements in their jurisdiction.

11 Data Security

Managira uses administrative, technical, physical, and organizational safeguards designed to protect information against unauthorized or unlawful access, acquisition, disclosure, alteration, misuse, loss, or destruction.

These safeguards may include identity and access management, authentication controls, encryption in transit and at rest, secure infrastructure practices, network protections, logging and monitoring, role-based permissions, controlled administrative access, backup and recovery procedures, vulnerability management, incident response planning, and vendor risk controls.

Managira is built and operated with security-conscious practices intended to help institutions manage sensitive school and student information with confidence. However, no platform, network, or service can guarantee absolute security. For that reason, Managira does not promise that unauthorized access or loss can never occur. Instead, we commit to maintaining and improving reasonable safeguards appropriate to the sensitivity of the information we process.

The effectiveness of these protections also depends in part on how customers use the platform. Schools, organizations, and users are expected to follow Managira's recommended security practices, including safeguarding credentials, assigning permissions carefully, limiting access to authorized personnel, reviewing account activity, and using the platform in accordance with applicable law and institutional policy. When those practices are followed, the platform is positioned to provide a strong and secure environment for educational data.

12 Data Retention

Managira retains information for as long as reasonably necessary for the purposes described in this Privacy Policy, including to provide the services, maintain customer relationships, meet legal and contractual obligations, resolve disputes, enforce agreements, preserve security and audit records, support continuity and disaster recovery, and maintain service reliability.

Retention periods may vary depending on the type of information, the service context, the instructions of the relevant institution, the role Managira plays in relation to the data, contractual requirements, and applicable law.

In some cases, information may remain for a limited period in backups, archives, logs, or security records after it has been deleted from active systems, subject to reasonable retention and lifecycle practices.

Where appropriate and required by law, contract, or institutional instruction, Managira may delete, anonymize, de-identify, or return data at the end of the relevant retention period or service relationship.

13 Rights and Choices

Depending on applicable law and the context in which data is processed, individuals may have rights to request access to personal data, request correction of inaccurate data, request deletion, object to certain processing, request restriction of processing, withdraw consent where processing is based on consent, or request data portability.

Where Managira processes data on behalf of a school, ministry, organization, or other institutional customer, requests relating to student records, staff records, education records, or institution-managed records may need to be directed first to the relevant institution, as that institution may be the party responsible for making decisions about those records under applicable law.

Managira may need to verify identity and authority before responding to certain requests, and some rights may be limited by legal requirements, security obligations, contractual commitments, or the rights of other individuals or institutions.

14 Cookies, Similar Technologies, and Analytics

Managira's websites and services may use cookies, local storage, pixels, SDKs, log files, and similar technologies to authenticate users, maintain sessions, remember preferences, understand how the services are used, improve performance, analyze traffic, detect misuse, support diagnostics, and strengthen platform security.

Some of these technologies are necessary for the operation of the services, while others may be used for analytics, personalization, or communications subject to applicable notice and consent requirements.

Users may be able to control certain cookie or browser settings through their devices or browsers. Disabling some of these technologies may affect the performance or availability of some parts of the services.

15 Marketing Communications

Managira may send operational and service-related communications that are necessary for account management, billing, support, service announcements, security notices, legal notices, policy changes, and other matters directly related to the operation of the platform. These communications are generally not promotional and may continue as long as necessary to administer the services.

Where permitted by law, Managira may also send marketing or informational communications about products, features, educational resources, events, and service updates. Recipients may opt out of non-essential marketing communications through the unsubscribe process provided or by contacting us directly.

16 Confidentiality of Institutional Data

Managira treats school-submitted and institution-submitted data as confidential within the scope of providing the services. We do not use student records, school records, or institution-managed data for unrelated commercial sale.

Access to such data is limited to what is reasonably necessary for service delivery, support, security, compliance, maintenance, and other legitimate operational purposes, or as instructed or authorized by the relevant institution and permitted by law.

17 Changes to This Privacy Policy

Managira may update this Privacy Policy from time to time to reflect changes in the services, legal obligations, operational practices, organizational structure, service providers, or security measures. When material changes are made, we may provide notice through the services, by email, by posting an updated effective date, or by other reasonable means consistent with the nature of the change and applicable law.

Continued use of the services after the effective date of an updated Privacy Policy may constitute acceptance of the updated policy to the extent permitted by law.

18 Contact Information

Questions, requests, and privacy-related inquiries may be directed to:

Managira / ScREAte
Email: info@managira.com

Where Managira enters into separate agreements with schools, organizations, ministries, or public-sector bodies, those agreements may also identify service-specific privacy, legal, or data protection contacts.