HomePartner SchoolsContact Us

Privacy Policy

Effective Date: May 2024

1. Important Information and Who We Are

Purpose of This Privacy Policy

This privacy policy aims to give you information on how Addis Astemari collects and processes your personal data through your use of this website, including any data you may provide through this site when you sign up for a newsletter, purchase a product or service, or take part in a competition.

Controller

Addis Astemari is the controller and responsible for your personal data (collectively referred to as "Addis Astemari", "we", "us" or "our" in this privacy policy).

2. The Data We Collect About You

We collect the following kinds of personal data about you:

  • Identity Data includes first name and last name.
  • Contact Data includes email address and telephone numbers.
  • Educational Data includes course enrollments, class schedules, and learning progress.
  • Technical Data includes login information, browser type, and device information.

2.1 Zoom Integration Data

For teachers and administrators who connect their Zoom accounts to our platform, we collect and process:

  • Zoom OAuth Tokens: Access and refresh tokens provided by Zoom during the authorization process.
  • Zoom User IDs: Identifiers of teachers/administrators who connect their Zoom accounts.
  • Zoom Meeting Information: Meeting IDs, join URLs, and passwords for live class sessions.
  • Basic Zoom Profile Data: User Id of connected Zoom users.

We do not collect or store:

  • Zoom meeting recordings or transcripts
  • Attendance or participant data from Zoom meetings
  • Chat messages or other communications within Zoom meetings

3. How We Use Your Personal Data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • To register you as a new customer.
  • To provide educational services and content.
  • To manage your account and relationship with us.
  • To improve our website, products, and services.

3.1 How We Use Zoom Integration Data

We use Zoom integration data specifically for the following educational purposes:

  • To create and schedule Zoom meetings when teachers create live class sessions.
  • To provide students with access to virtual classrooms for their enrolled courses.
  • To allow teachers to manage their class sessions directly through our platform.
  • To maintain the connection between a teacher's Addis Astemari account and their Zoom account.

4. Disclosure of Your Personal Data

We may have to share your personal data with the parties set out below for the purposes set out in paragraph 3 above:

  • Service providers who provide IT and system administration services.
  • Professional advisers including lawyers, bankers, auditors, and insurers who provide consultancy, banking, legal, insurance, and accounting services.
  • Regulators and other authorities who require reporting of processing activities in certain circumstances.

Regarding Zoom integration data, we only share meeting join links with students enrolled in the respective classes. We do not share your Zoom OAuth tokens or other Zoom account details with any third parties.

5. Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered, or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

5.1 Zoom Data Security

Zoom OAuth tokens and related data are stored with encryption at rest in our secure database. We implement the following security measures specifically for Zoom data:

  • Access tokens and refresh tokens are stored encrypted.
  • Database access is strictly limited through role-based access controls.
  • All database backups are also encrypted.
  • Tokens are never logged in application logs or exposed to the frontend.
  • We enforce secure HTTPS connections for all API requests.

6. Data Retention

We will only retain your personal data for as long as reasonably necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. For users that register on our website, we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

6.1 Zoom Data Retention

For Zoom integration data, we follow these retention practices:

  • OAuth Tokens: Stored until the user disconnects their Zoom account or the tokens are revoked.
  • Meeting Information: Retained for the duration of the academic term plus 90 days.
  • Upon account termination, all Zoom tokens and related data are permanently deleted.

7. Your Legal Rights

You have the right to:

  • Request access to your personal data.
  • Request correction of the personal data that we hold about you.
  • Request erasure of your personal data.
  • Object to processing of your personal data.
  • Request restriction of processing your personal data.
  • Request transfer of your personal data.
  • Right to withdraw consent.

For Zoom integration specifically, you can disconnect your Zoom account at any time through your profile settings. Upon disconnection, we will revoke access and remove all stored Zoom tokens from our system.

If you wish to exercise any of the rights set out above, please contact us at liqatech@gmail.com.