Privacy Policy

Effective date: September 25, 2025
Company: Scrollwell EduTech LLP (Teacher Foundry)
Address: 9th Floor, Biscomaun Bhawan, StartUp Hub, West Gandhi Maidan, Patna, Bihar 800001
Email / DPO contact: info@teacherfoundry.com

1. Quick summary — here’s the thing

  • We collect the minimum personal data needed to deliver our services (website/LMS setup, course production, certificates, marketing support).

  • We use data to operate the service, bill you, communicate with you, and improve our products.

  • We share data only with service providers or when required by law. We do not sell your personal data.

  • You have rights: access, correction, deletion, portability, objection, and to withdraw consent where applicable. Email info@teacherfoundry.com to start.

2. Scope and who this covers

This policy applies to:

  • Visitors to teacherfoundry.com

  • Clients, course creators and learners who use our Services or buy our packages (Starter, Growth, Pro)

  • People who contact us by email, chat, phone or social media

If you contract with us under a separate agreement or SOW, that agreement may include additional, contract-specific data terms. This Privacy Policy supplements those terms.

3. Definitions (short & practical)

  • Personal Data: any information that identifies you (name, email, phone) or can reasonably identify you.

  • Sensitive Data: highly sensitive categories (we generally do not collect these; see section 6).

  • Processing: collecting, storing, using, sharing, deleting or otherwise handling Personal Data.

  • Controller: Scrollwell EduTech LLP — we decide how and why your Personal Data is processed.

  • Processor: a third-party provider who processes Personal Data on our behalf (payment gateways, hosting, analytics).

4. What data we collect (clear list)

Data you give us directly

  • Name, email, phone, billing address, company/organization name

  • Account username, password (we store a salted hash)

  • Payment metadata (invoices, payment tokens). We do not store full credit card numbers.

  • Project content you upload: course files, videos, images, text, student lists, teacher profile, CV, PPT templates.

  • Communications: emails, support tickets, meeting notes, feedback.

Data collected automatically

  • IP address, device type, browser, operating system, pages visited, session times, error logs, referral source.

  • Cookies and similar technologies (see section 9).

Data from third parties (when you connect them)

  • Payment confirmations from Stripe/Razorpay/PayPal.

  • Content or profile data from Google, YouTube, Canva, Zoom or other apps you connect.

  • Analytics aggregated by Google Analytics and other tools.

Special categories

  • We do not intentionally collect racial, religious, health, biometric or other sensitive personal data. If you submit such data in project materials, we will treat it as normal Personal Data unless you instruct otherwise — but we recommend you do not provide sensitive personal data.

5. Why we collect this data — lawful reasons and purposes

We process Personal Data for these specific purposes:

  1. To provide Services (contractual necessity). Set up websites/LMS, host content, issue certificates, deliver templates and run support.

  2. To process payments and billing (contractual necessity). Create invoices, handle refunds, manage chargebacks.

  3. To communicate (contractual / legitimate interest). Send transactional emails (order confirmations), support replies, security notices.

  4. To improve the product (legitimate interest). Analytics and product development to make the service better and more reliable.

  5. To prevent fraud and enforce security (legitimate interest / legal obligation). Monitor for abuse and protect accounts.

  6. For marketing (consent where required). Email newsletters, promotional offers — only if you opt in where required by local law. You can unsubscribe any time.

  7. Compliance and legal obligations. Respond to lawful requests, tax or audit requirements.

If you are an EU/UK resident, the legal bases are generally contract, legitimate interest, legal obligation or consent (for marketing / non-essential cookies).

6. How we use and limit sensitive or unusual data

  • We avoid collecting sensitive data. If you upload sensitive information as part of course materials or student lists, you are responsible for having lawful basis to share it.

  • If we must process sensitive data for a legitimate reason, we will contact you, document the legal basis, and apply strict safeguards.

7. How we share data (who sees what)

We share Personal Data only in limited ways:

Service providers (processing partners)

We share data with trusted processors who help us operate:

  • Payment processors: Stripe, Razorpay, PayPal (payment processing and fraud checks).

  • Hosting and infrastructure: hosting/CDN providers for websites and media storage.

  • Email and messaging: transactional email services, marketing platforms.

  • Analytics & monitoring: Google Analytics, performance tools.

  • LMS, certificate and plugin vendors used to deliver functionality.

We require these partners to handle data securely and only as instructed by us.

Business transfers

If we sell or restructure the business, Personal Data may be transferred to the buyer. We will require transferees to honor this Privacy Policy.

Legal reasons

We will disclose data when required by law, legal process, or to protect rights, safety or property. We cooperate with lawful requests from authorities.

With your consent

We will share data when you instruct us or explicitly consent (for example: posting a testimonial with your name).

8. Teacher Foundry and affiliate / third-party relationships

  • We recommend and integrate third-party tools (payment gateways, hosting, Canva, YouTube, Zoom, etc.). In some cases we receive referral fees or benefits. We disclose material affiliate relationships in proposals and onboarding.

  • Using an integration may mean the third party receives data. We will explain what is shared before setup. We are not responsible for third-party privacy practices; review their policies.

9. Cookies and tracking — what we use and how to control them

Types of cookies we use

  • Essential / strictly necessary: enable login, session management and secure checkout. Cannot be turned off without breaking key features.

  • Functional: remember preferences (language, UI settings).

  • Analytics: Google Analytics and similar for site performance and product improvement.

  • Marketing: track interest for advertising and campaign measurement.

Cookie table (short)

  • Name / Purpose / Retention

    • session_id — session management — session

    • _ga (Google Analytics) — analytics — 2 years

    • _gid (Google Analytics) — analytics — 24 hours

    • marketing_pixel — advertising measurement — 90 days

(Exact cookie names can vary by provider and are shown on our cookie panel.)

Control and consent

  • On first visit we show a cookie control panel. You can accept all, reject marketing/analytics, or manage preferences.

  • You can also block cookies in your browser, but that may reduce functionality.

10. How long we keep personal data — retention policy

We retain Personal Data only as long as necessary for the purpose collected and to meet legal, tax and accounting obligations. Typical retention periods:

  • Account information and contact details: retained while the account is active and for 3 years after last activity (unless you request deletion).

  • Transaction, billing and tax records: 7 years (to satisfy tax and audit requirements).

  • Project files and deliverables: retained while account is active; archived for up to 3 years after final delivery unless you request earlier deletion or a longer retention is agreed.

  • Cookies and analytics data: per cookie settings (analytics up to 2 years).

  • Support tickets and communications: 3 years.

If you request deletion, we will delete or anonymize data subject to legal hold or minimum retention required by law.

11. Security — how we protect your data (practical measures)

We apply reasonable safeguards:

  • Encryption in transit using TLS for all site traffic and administrative access.

  • Sensitive payment data is processed by PCI-compliant providers (we do not store full card numbers).

  • Passwords are stored as salted hashes; encourage strong passwords and multi-factor authentication where supported.

  • Access controls and role-based permissions for our systems.

  • Regular backups, patching and monitored hosting.

  • Vendor security assessments for major processors.

No system is perfect. If we learn of a security incident affecting your Personal Data, we will investigate, secure systems, and notify affected individuals and regulators where required by law (for example, under GDPR we would notify within 72 hours where applicable).

12. International transfers

Our systems and processors may be located in India and other countries. Transferring data internationally may be necessary to provide services. We use contractual safeguards (standard contractual clauses or equivalent measures) and only transfer to processors that maintain appropriate protections.

13. Your rights — what you can do and how

Rights you may have (depending on local law)

  • Access: receive a copy of your Personal Data we hold.

  • Correction: have incorrect data corrected.

  • Deletion: request deletion of your Personal Data (subject to legal exceptions).

  • Portability: request your data in a structured, machine-readable format.

  • Restriction / objection: request we stop processing your data for certain purposes (e.g., direct marketing).

  • Withdraw consent: where processing is based on consent (e.g., marketing or non-essential cookies).

  • Complain: lodge a complaint with a supervisory authority (see section 15).

How to make a request

Email: info@teacherfoundry.com with subject line Data Request and include:

  • Your full name, email used with us, phone (optional).

  • Type of request (access / correction / deletion / portability / object / withdraw consent).

  • Any supporting details to locate your data (order number, account ID).

We’ll verify your identity to protect your privacy. We aim to respond to verified requests promptly and within the timeframe required by applicable law. If we deny a request, we’ll explain why.

Sample request template (copy-paste)

 

Subject: Data Request — [Access / Delete / Portability / Correction]

Name: [Your full name]
Email: [Email used with Teacher Foundry]
Order / Account ID (if known): [optional]
Request: [Explain what you want = e.g., “Please provide a copy of all Personal Data you hold about me.” or “Please delete my account and all personal data.”]
Signature: [Type your full name for verification]

14. Automated decision-making and profiling

We do not make decisions about you that have legal or similarly significant effects using fully automated profiling. We may use automated analytics to understand product usage and recommend features, but these do not have legal effect and you can request human review.

15. Children and minors

Our Services are not intended for children under 16. We do not knowingly collect Personal Data from children under 16. If you believe we have collected such data, contact info@teacherfoundry.com and we will promptly delete it after verifying your request.

16. Data breaches and notifications

If a breach affects your Personal Data we control, we will:

  • Take immediate steps to contain and investigate the incident.

  • Notify affected users and authorities as required by law and as appropriate to the risk. Where GDPR applies, notification will be made without undue delay and, where feasible, within 72 hours.

17. Links to other sites and third-party content

Our site may link to external sites (partners, payment gateways, content platforms). This Privacy Policy does not apply to those sites. Check their privacy policies before submitting data.

18. Changes to this Privacy Policy

We may update this policy to reflect legal, operational or product changes. Material changes will be posted on teacherfoundry.com with a new Effective Date and, where appropriate, notified to active users. Continued use after an update means you accept the change.

Version history: Effective Sept 25, 2025 (current).

19. How to contact us

For any privacy questions, data requests, security concerns or to report misuse, contact:

Email: info@teacherfoundry.com
Postal: Scrollwell EduTech LLP, 9th Floor, Biscomaun Bhawan, StartUp Hub, West Gandhi Maidan, Patna, Bihar 800001

If you prefer, include “Privacy / Data Request” in the subject line to route your message faster.

20. Additional notes for international users (EU/UK)

If you are in the EU/UK you may have additional rights under GDPR. You can:

  • Request access, rectification, erasure, restriction, portability and to object.

  • Lodge a complaint with an EU supervisory authority (we recommend contacting your local data protection authority).

  • We process under contract, legitimate interests or consent as appropriate and will rely on suitable safeguards for transfers outside the EEA.