PRIVACY POLICY

Genda Software Incorporated

Effective Date: August 23, 2025

Last Updated: August 23, 2025

1. INTRODUCTION

Genda Software Incorporated ("Genda," "we," "us," or "our") is committed to protecting the privacy and security of our users. This Privacy Policy describes how we collect, use, store, and protect information when you use the Genda educational platform and related services (the "Service").

Company Information:

By using our Service, you consent to the collection and use of information in accordance with this Privacy Policy.

2. INFORMATION WE COLLECT 2.1 Personal Information

We collect minimal personal information necessary for Service provision:

For Individual Subscribers:

  • Username
  • Password (encrypted)
  • Email address

For Institutional Users:

  • Username
  • Password (encrypted)
  • No email address required
2.2 Usage Analytics and Technical Data

We collect non-personally identifiable usage data including:

  • Features accessed and used
  • Time and duration of feature usage
  • Service interaction patterns
  • System performance and error logs
  • Anonymous academic performance data (without personal identifiers)
2.3 Communication Data

We store:

  • Chat logs and interactions between users and the AI tutor
  • User-to-user communications within the platform
  • Support communications with our team
2.4 User-Generated Content

We collect and store:

  • Content uploaded by users to the platform
  • Profile customizations and settings
  • Educational materials and assignments shared by users
2.5 Information We Do NOT Collect

We explicitly do not collect:

  • IP addresses or device identification information
  • Personally identifiable information beyond username and email (for individual users)
  • Sensitive personal data such as race, religion, or health information
  • Location data or geolocation information
  • Financial information (handled by third-party payment processors)
3. HOW WE USE YOUR INFORMATION 3.1 Service Provision

We use collected information to:

  • Provide and maintain the Genda platform
  • Create and manage user accounts
  • Enable AI tutoring and educational features
  • Facilitate user interactions and content sharing
  • Process payments (through third-party processors)
3.2 Service Improvement

We use anonymous, non-personally identifiable data to:

  • Analyze platform usage patterns
  • Improve Service functionality and performance
  • Generate anonymous analytics for platform optimization
  • Conduct educational research (only with institutional permission and as separate instances)
3.3 Communications

We use your information to:

  • Send transactional emails (payment confirmations, verification codes)
  • Provide customer support
  • Send marketing communications (only to users who request them)
  • Notify users of important Service updates or policy changes
3.4 Legal and Safety

We may use information to:

  • Comply with legal obligations
  • Protect the rights and safety of users
  • Prevent fraud or misuse of the Service
  • Enforce our Terms of Service
4. INFORMATION SHARING AND DISCLOSURE 4.1 No Sale of Personal Information

We do not sell, trade, or otherwise transfer personal information to third parties for commercial purposes.

4.2 Third-Party Service Providers

We share limited information with trusted third-party providers:

Amazon Web Services (AWS):

  • Hosts our platform and stores user data
  • Subject to AWS privacy policies and security measures

Stripe:

  • Processes payments for individual subscribers
  • Only receives payment information, not other personal data
  • Subject to Stripe's privacy policy and PCI compliance

Gmail (Google):

  • Used for sending transactional and notification emails
  • Subject to Google's privacy policies
4.3 Educational Institutions

For institutional users:

  • Anonymous student data may be shared with the sponsoring institution
  • Institutions may access usage analytics for their students (without personal identifiers)
  • All institutional data sharing is governed by separate agreements
4.4 Legal Requirements

We may disclose information when required by law:

  • In response to valid legal process (subpoenas, court orders)
  • To protect our rights or the rights of others
  • In emergency situations involving safety concerns
  • To comply with applicable laws and regulations
4.5 Business Transfers

In the event of a merger, acquisition, or sale of assets, user information may be transferred as part of the transaction, subject to the same privacy protections.

5. DATA RETENTION 5.1 Active Accounts

We retain user information for as long as accounts remain active and as necessary to provide our services.

5.2 Account Deletion

When users delete their accounts:

  • Personal information is immediately removed from our systems
  • User-generated content is permanently deleted
  • Chat logs and interaction data are permanently removed
5.3 Institutional Data

When institutions discontinue service:

  • Anonymous student data is retained for one (1) year for research and platform improvement purposes
  • All personally identifiable information is immediately deleted
  • Retention is limited to non-identifying usage patterns and academic performance metrics
5.4 Session Data

Temporary session data is automatically deleted when sessions end.

6. DATA SECURITY 6.1 Security Measures

We implement appropriate technical and organizational measures to protect your information:

  • Encryption of passwords and sensitive data
  • Secure data transmission protocols
  • Access controls and authentication systems
  • Regular security assessments and updates
6.2 Third-Party Security

Our third-party providers (AWS, Stripe, Gmail) maintain industry-standard security measures and compliance certifications.

6.3 Limitations

While we strive to protect your information, no method of transmission or storage is 100% secure. We cannot guarantee absolute security but will notify users of any significant data breaches as required by law.

7. COOKIES AND TRACKING 7.1 No Cookies Policy

Genda does not use cookies or similar tracking technologies on our platform.

7.2 Third-Party Tracking

Some third-party services we use may employ their own tracking mechanisms subject to their respective privacy policies.

8. CHILDREN'S PRIVACY 8.1 All Ages Platform

Our Service is available to users of all ages, including children under 13.

8.2 Parental Consent

We recommend that parents and guardians:

  • Review this Privacy Policy with minor children
  • Provide appropriate supervision of children's use of the Service
  • Contact us with any concerns about their child's privacy
8.3 Minimal Data Collection

Our minimal data collection practices are designed to protect children's privacy by collecting only essential information for Service provision.

8.4 Educational Context

Most minor users access our Service through educational institutions, which provide additional oversight and privacy protections.

9. INTERNATIONAL DATA TRANSFERS 9.1 Global Service

Genda serves users internationally. Your information may be transferred to and processed in countries other than your country of residence.

9.2 Data Protection Standards

We ensure that international data transfers comply with applicable data protection laws and maintain appropriate safeguards.

9.3 Privacy Framework Alignment

We strive to align our practices with major international privacy frameworks including:

  • Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) principles
  • European Union General Data Protection Regulation (GDPR) principles
  • California Consumer Privacy Act (CCPA) principles
  • Other applicable international privacy law principles
10. YOUR PRIVACY RIGHTS 10.1 Access and Control

You have the right to:

  • Access your personal information stored in our systems
  • Update or correct inaccurate personal information
  • Delete your account and associated personal information
  • Export your data and user-generated content
10.2 Communication Preferences

You may:

  • Opt out of marketing communications at any time
  • Continue to receive essential transactional emails
  • Update your communication preferences in your account settings
10.3 Data Portability

Users can export their data and user-generated content through their account settings at any time.

10.4 Additional Rights for International Users

Depending on your location, you may have additional rights under local privacy laws. Where applicable and feasible, we strive to honor such rights including:

  • Right to rectification
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
11. PRIVACY POLICY UPDATES 11.1 Policy Changes

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements.

11.2 Notification of Changes

Material changes will be communicated through:

  • Email notifications (for users who have provided email addresses)
  • Prominent notices on our platform
  • Updates to the "Last Updated" date at the top of this policy
11.3 Continued Use

Your continued use of the Service after policy updates constitutes acceptance of the revised Privacy Policy.

12. CONTACT INFORMATION 12.1 Privacy Inquiries

For questions, concerns, or requests regarding this Privacy Policy or your personal information, contact us at:

Genda Software Incorporated
8 Pebble Beach Court
Brampton, Ontario, Canada
Email: support@genda.cloud Phone: +1 (416) 648-3285

12.2 Data Protection Officer

For privacy-related inquiries, you may also contact our designated privacy officer at: support@genda.cloud

12.3 Response Time

We strive to respond to privacy inquiries within thirty (30) days of receipt, or as may be reasonable under the circumstances.

13. LEGAL BASIS FOR PROCESSING

Where applicable, our basis for processing personal information includes:

13.1 Contract Performance

Processing necessary for the performance of our contract with you (providing the Service).

13.2 Legitimate Interests

Processing for our legitimate business interests, including:

  • Service improvement and platform optimization
  • Fraud prevention and security
  • Customer support and communications
13.3 Consent

Processing based on your explicit consent, including:

  • Marketing communications (where requested)
  • Optional data uses beyond core Service provision
13.4 Legal Obligations

Processing as may be required to comply with legal obligations where applicable.

14. DATA PROCESSING ADDENDUM 14.1 Institutional Agreements

Educational institutions that use our Service may require additional data processing agreements. Such agreements will specify:

  • Data processing purposes and limitations
  • Security requirements and standards
  • Data retention and deletion procedures
  • Compliance with educational privacy regulations
14.2 Research Data Use

When institutions permit anonymous data use for research purposes:

  • All data is de-identified and aggregated
  • Research is conducted separately from operational instances
  • Results are used solely for educational platform improvement
  • No individual student identification is possible

This Privacy Policy is effective as of the date listed above and governs our collection, use, and protection of your personal information in connection with the Genda Service.