School Data Processing Addendum

This Data Processing Addendum is a practical school and student-data agreement framework for TeachX customers. It should be reviewed with legal counsel before signing with schools or districts.

When a school uses TeachX for student data, the school is generally the controller or data fiduciary for that student data, and TeachX acts as a processor or service provider for the permitted educational purpose.

TeachX processes school and student data only to provide the service, secure the platform, troubleshoot, support users, comply with law, and improve reliability using appropriate safeguards.

TeachX will not sell student data, use it for targeted advertising, or knowingly process it outside the school or teacher's documented instructions except where required by law.

TeachX applies access controls, encrypted transport, authentication, logging, payment verification, provider controls, and least-necessary operational access.

Schools and teachers must manage user access, remove inactive users, and avoid uploading unnecessary sensitive data.

TeachX may use subprocessors for hosting, database infrastructure, AI generation, payments, email, analytics, logs, and support. Subprocessors must process data only for permitted service purposes.

Schools may request the current subprocessor list and raise reasonable security or compliance concerns.

TeachX will assist schools with reasonable requests to access, correct, export, restrict, or delete student data where required by applicable law and technically feasible.

At account closure or school request, TeachX will delete or return school-controlled data subject to legal, security, payment, dispute, and backup retention requirements.

Schools using TeachX globally should evaluate GDPR/UK GDPR, India DPDP, COPPA, FERPA, local child-safety rules, data-transfer requirements, and internal school policies before uploading student data.

Compliance requests can be sent to hello@teachx.guru.