Effective Date: February 20, 2026
Vedang Institute of Technology ("we," "our," or "us"), located in India, operates the Vedang Campus ERP mobile application (the "App"). This Privacy Policy describes in detail how we collect, use, store, share, and protect your personal information when you use our App. By downloading, installing, or using the App, you agree to the practices described in this Privacy Policy.
This policy is provided in compliance with applicable Indian data protection laws, including the Information Technology Act, 2000 and the Digital Personal Data Protection Act, 2023, as well as international best practices.
1. Information We Collect
We collect the following categories of information to operate the App and provide campus services:
1.1 Personal Identification Information
- Full name
- Email address
- Phone number (including WhatsApp number)
- Student registration number or faculty/staff ID
- Date of birth
- Programme, semester, section, and department details
- Profile photograph (if uploaded)
- Parent/guardian name and contact details (for students)
1.2 Academic Information
- Attendance records (daily, subject-wise)
- Examination results (SGPA, CGPA, subject marks)
- Timetable and class schedule data
- Library borrowing history and digital library usage
- Grievance submissions and their resolution status
1.3 Financial Information
- Fee structures and payment amounts
- Payment transaction history and receipts
- Payment status (paid, pending, overdue)
Note: We do not store credit card numbers, debit card numbers, or bank account details. All payment processing is handled by secure third-party payment gateways.
1.4 Location Data
- GPS Location (Foreground Only): The App collects precise GPS location data only when the App is actively in use and only for the following specific purposes:
- Faculty Self-Attendance: Faculty members can mark their daily attendance using GPS geofencing. The App verifies that the faculty member is within the configured campus radius (typically 100 meters) before recording attendance. Location is checked only at the moment of marking attendance and is not continuously tracked.
- Bus Driver Location Sharing: Bus drivers who are actively on duty can share their real-time GPS location so students and staff can track campus bus routes. Location sharing is manually started and stopped by the driver and only occurs during active duty hours.
- We do not collect location data in the background when the App is closed.
- We do not sell or share location data with advertisers or data brokers.
- Location data from bus tracking is ephemeral and is not stored permanently.
1.5 Camera and Media
- Camera Access: The App requests camera access solely for the purpose of scanning QR codes on student ID cards in the library module. Camera data is processed locally on the device and is not transmitted to our servers.
- File Uploads: Users may upload documents such as Excel/CSV files for bulk data import (admin/faculty only) and notice attachments (PDF/image files up to 10MB).
1.6 Device and Technical Information
- Device type, model, and operating system version
- App version number
- Push notification tokens (for delivering notifications)
- General app usage patterns (screens visited, features used)
2. How We Use Your Information
We use the collected information strictly for the following purposes:
| Purpose |
Data Used |
| User authentication and account management |
Name, ID, email, phone, password (encrypted) |
| Displaying academic records |
Attendance, results, timetable |
| Fee management and payment tracking |
Fee structures, payment history |
| Campus notifications and announcements |
Phone number, push notification token |
| Faculty attendance verification |
GPS location (at time of check-in only) |
| Campus bus tracking |
Driver GPS location (during active duty only) |
| Library book and resource management |
Borrowing records, QR scan data |
| Leave management and substitution |
Faculty leave records, substitute assignments |
| Grievance redressal |
Grievance details and status |
| Improving App performance |
Device info, usage patterns (anonymized) |
We do not use your personal data for advertising, profiling, or any purpose unrelated to campus management services.
3. Notifications and Communications
The App may send you notifications through the following channels:
- Push Notifications (In-App): Real-time alerts for new notices, timetable changes, class reminders, and important announcements. You can disable push notifications through your device settings at any time.
- WhatsApp Messages: Class schedule alerts, campus notices, exam schedules, substitution requests, and bulk announcements sent via Twilio's WhatsApp Business API. You may opt out by contacting the institution.
- SMS Messages: Password reset codes, payment receipts, and urgent notifications sent via Twilio SMS. Standard carrier messaging rates may apply.
- Email: Password reset links, payment receipts, and administrative communications sent via SendGrid.
You can manage your notification preferences within the App or by contacting us directly.
4. Data Sharing and Third-Party Services
We do not sell, rent, or trade your personal information to any third party. We share data only with the following service providers who are necessary for the App to function:
| Service Provider |
Purpose |
Data Shared |
| Twilio Inc. |
SMS and WhatsApp message delivery |
Phone number, message content |
| SendGrid (Twilio) |
Email delivery |
Email address, message content |
| Neon (Database hosting) |
Secure data storage |
All app data (encrypted at rest) |
| OpenStreetMap |
Map tile rendering for bus tracking |
No personal data shared; only map tile requests |
All third-party service providers are bound by their own privacy policies and data protection agreements. We may also disclose information if required by law, court order, or government regulation.
5. Data Security
We take the security of your data seriously and implement the following measures:
- Password Encryption: All user passwords are hashed using bcrypt with salt rounds, ensuring passwords cannot be reversed or read even by administrators.
- HTTPS/TLS Encryption: All data transmitted between the App and our servers is encrypted using industry-standard TLS/SSL protocols.
- Database Security: Our database is hosted on Neon (PostgreSQL) with encryption at rest, access controls, and automated backups.
- Session Management: User sessions are managed with secure, httpOnly cookies and session secrets.
- Access Controls: Role-based access control ensures users can only access data relevant to their role (Student, Faculty, Admin, Principal, Librarian, Coordinator, Bus Driver).
While we implement strong security measures, no method of electronic transmission or storage is 100% secure. We encourage users to protect their login credentials and report any suspicious activity.
6. Data Retention
- Student Data: Retained for the duration of enrollment plus a period required for academic record-keeping as mandated by university regulations.
- Faculty/Staff Data: Retained for the duration of employment plus any legally required retention period.
- Payment Records: Retained as required by applicable financial regulations and tax laws.
- Location Data: Faculty attendance location data is stored as part of the attendance record. Bus driver location data is ephemeral and is not stored after the tracking session ends.
- Notification Logs: Retained for up to 12 months for troubleshooting purposes.
- Deleted Accounts: Upon account deletion request, personal data is removed within 30 days, except where retention is required by law or institutional policy.
7. Your Rights
As a user of this App, you have the following rights regarding your personal data:
- Right to Access: You may request a copy of the personal information we hold about you.
- Right to Correction: You may request correction of any inaccurate or incomplete personal information.
- Right to Deletion: You may request deletion of your account and associated personal data, subject to academic record-keeping requirements and legal obligations. To request deletion, visit our Data Deletion page or contact us at the email below.
- Right to Withdraw Consent: You may withdraw consent for optional data processing (such as notifications) at any time without affecting the core functionality of your account.
- Right to Data Portability: You may request your data in a commonly used, machine-readable format.
- Right to Grievance Redressal: You may raise concerns about data handling through the App's grievance system or by contacting us directly.
To exercise any of these rights, please contact us using the information provided below. We will respond to your request within 30 days.
8. Children's Privacy
The Vedang Campus ERP App is designed exclusively for enrolled students and authorized staff of Vedang Institute of Technology. We do not knowingly collect personal information from children under the age of 13. If we discover that we have inadvertently collected data from a child under 13, we will take immediate steps to delete such information. If you believe a child under 13 has provided us with personal information, please contact us immediately.
9. Permissions Summary
The App requests the following device permissions:
| Permission |
Purpose |
When Used |
| Location (Foreground) |
Faculty GPS attendance, Bus tracking |
Only when marking attendance or during active bus duty |
| Camera |
QR code scanning for library |
Only when scanning student ID cards |
| Notifications |
Campus alerts and reminders |
When enabled by the user |
| Internet |
App functionality |
Always (required for App operation) |
| Storage (Read/Write) |
File uploads (bulk data, notices) |
Only when uploading or downloading files |
| Vibration |
Notification alerts |
When notifications are received |
All permissions are requested only when needed and can be managed through your device's settings.
10. Cookies and Local Storage
The App uses the following local storage mechanisms:
- AsyncStorage: Used to store your session information, login state, and user preferences locally on your device for a seamless experience.
- Session Cookies: Used for authentication and maintaining your logged-in state securely.
We do not use tracking cookies or third-party analytics cookies.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes:
- We will update the "Effective Date" at the top of this page.
- We will notify users through an in-app notice or push notification.
- Continued use of the App after changes constitutes acceptance of the updated policy.
We encourage you to review this Privacy Policy periodically.
12. Governing Law
This Privacy Policy is governed by the laws of India, including the Information Technology Act, 2000 and the Digital Personal Data Protection Act, 2023. Any disputes arising under this policy shall be subject to the jurisdiction of the courts in Odisha, India.