Draft Privacy Policy

This privacy policy is currently in development and may change as we refine our platform. The final version will be available before our official launch. View development timeline

Privacy Policy

Your privacy is important to us. This policy explains how Q-Academy collects, uses, and protects your personal information.

Last updated: December 22, 2024Effective: December 22, 2024

Table of Contents

Our Commitment to Privacy

Q-Academy is committed to protecting the privacy and security of our users' personal information. As a platform serving students with special needs, their families, educators, and healthcare providers, we understand the sensitive nature of the data we handle and the critical importance of maintaining the highest standards of privacy protection.

This Privacy Policy applies to all services provided by Q-Academy, including our Learning Management System (LMS), Telemedicine platform, Electronic Health Records (EHR) system, and all associated mobile, desktop, and web applications. By using our services, you consent to the collection, use, and disclosure of your personal information as described in this policy.

1

Information We Collect

Personal Information

We collect personal information that you provide directly to us, including:

  • Account Information: Name, email address, phone number, role (student, parent, teacher, doctor), and profile information
  • Student Information: Date of birth, grade level, special needs classifications, emergency contact details
  • Educational Records: Learning progress, activity completion, assessment results, IEP goals and accommodations
  • Health Information: Medical history, diagnoses, medications, therapy progress, consultation notes (HIPAA-protected)
  • Communication Data: Messages, video call recordings (with consent), file uploads, and shared documents

Automatically Collected Information

We automatically collect certain information when you use our services:

  • Usage Data: Pages visited, features used, time spent on platform, user interactions
  • Device Information: IP address, browser type, operating system, device identifiers
  • Location Data: General location information (city/region level) for service optimization
  • Performance Data: Error logs, system performance metrics, accessibility usage patterns

Special Categories of Data

We process special categories of personal data including health information and data concerning minors. This processing is necessary for providing educational and healthcare services and is conducted in accordance with applicable laws including HIPAA, FERPA, and Philippine data protection regulations.

2

How We Use Information

Primary Purposes

Educational Services

  • • Providing personalized learning experiences
  • • Tracking academic progress and achievements
  • • Creating and managing Individual Education Plans (IEPs)
  • • Facilitating teacher-student-family communication

Healthcare Services

  • • Providing telemedicine consultations
  • • Managing electronic health records
  • • Coordinating care between healthcare providers
  • • Monitoring therapy progress and outcomes

Secondary Purposes

We may also use your information for:

  • Platform Improvement: Analyzing usage patterns to enhance user experience and develop new features
  • Security: Detecting and preventing fraud, unauthorized access, and security incidents
  • Communication: Sending service updates, educational resources, and important notifications
  • Compliance: Meeting legal obligations and regulatory requirements
  • Research: Conducting anonymized research to improve special education practices (with explicit consent)

Legal Basis for Processing

We process your personal data based on: (1) your consent, (2) contractual necessity for providing our services, (3) legitimate interests in improving our platform and ensuring security, and (4) legal obligations under healthcare and educational regulations.

3

Information Sharing and Disclosure

Within the Q-Academy Ecosystem

Information is shared among authorized users within the platform according to their roles and permissions:

User RoleAccess LevelInformation Accessible
StudentsOwn Data OnlyPersonal activities, progress, schedules
Parents/GuardiansChild's DataComplete student records, progress reports, health information
TeachersAssigned StudentsEducational records, IEP goals, behavioral notes
Healthcare ProvidersAuthorized PatientsComplete health records, educational progress relevant to care

Third-Party Service Providers

We may share information with trusted third-party service providers who assist us in operating our platform:

  • Cloud Infrastructure: AWS, Azure, or Google Cloud for secure data storage and processing
  • Communication Services: Video conferencing and messaging service providers
  • Analytics Providers: Anonymized data for platform improvement and research
  • Security Services: Cybersecurity firms for threat detection and prevention

All third-party providers are contractually bound to maintain the confidentiality and security of your information and may only use it for the specified purposes.

Legal Disclosures

We may disclose your information when required by law or to protect rights and safety:

  • • In response to valid legal processes (subpoenas, court orders)
  • • To comply with regulatory requirements (Department of Education, Department of Health)
  • • To protect the safety of students, staff, or the public
  • • To investigate potential violations of our terms of service
  • • In connection with business transfers (mergers, acquisitions) with continued privacy protection

We Never Sell Personal Information

Q-Academy does not sell, rent, or trade personal information to third parties for marketing or commercial purposes. Your data is used solely for providing educational and healthcare services.

4

Data Security and Protection

Technical Safeguards

Encryption

AES-256 encryption for data at rest and TLS 1.3 for data in transit

Access Controls

Multi-factor authentication and role-based access permissions

Infrastructure

SOC 2 Type II certified cloud infrastructure with 99.9% uptime

Monitoring

24/7 security monitoring and intrusion detection systems

Audit Logging

Comprehensive audit trails for all data access and modifications

Backups

Automated encrypted backups with geographic redundancy

Compliance Standards

HIPAA

Healthcare Information Portability

FERPA

Educational Privacy

ISO 27001

Information Security

DPA 2012

Philippine Data Privacy

Data Breach Response

In the unlikely event of a data breach, we have established procedures to:

  1. 1. Immediate Response: Contain the breach and assess the scope within 24 hours
  2. 2. Investigation: Conduct thorough investigation to determine cause and extent
  3. 3. Notification: Notify affected users and regulatory authorities within 72 hours as required by law
  4. 4. Remediation: Implement corrective measures and additional security enhancements
  5. 5. Support: Provide affected users with support and resources to protect their information
5

Your Privacy Rights

Access and Control

You have the following rights regarding your personal information:

Right to Access

Request copies of your personal data and information about how it's processed

Right to Correction

Request correction of inaccurate or incomplete personal data

Right to Deletion

Request deletion of your personal data (subject to legal requirements)

Right to Object

Object to processing of your personal data for certain purposes

Right to Portability

Request transfer of your data to another service provider

Right to Restrict

Request limitation of processing under certain circumstances

How to Exercise Your Rights

To exercise any of these rights, you can:

Email us at privacy@q-academy.ph
Call our Privacy Hotline: +63-XXX-XXX-XXXX
Use the privacy controls in your account settings

We will respond to your request within 30 days and may require verification of your identity to protect your personal information.

Special Considerations for Minors

For students under 18 years of age:

  • • Parents or legal guardians may exercise privacy rights on behalf of their child
  • • We require parental consent for certain data processing activities
  • • Students may request access to their own data through their parent or guardian
  • • Enhanced protections apply to all data concerning minors
6

Contact Information

Privacy Officer

Contact Details

privacy@q-academy.ph
+63-XXX-XXX-XXXX
Cagayan de Oro City, Northern Mindanao, Philippines

Response Times

Privacy inquiries:24-48 hours
Data access requests:Up to 30 days
Breach notifications:Within 72 hours

Regulatory Authorities

If you believe your privacy rights have been violated, you may also contact:

National Privacy Commission (Philippines)

Website: privacy.gov.ph | Email: info@privacy.gov.ph

Department of Education (Philippines)

For educational privacy concerns related to student records

Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will:

  • • Post the updated policy on our website with a new "Last Updated" date
  • • Notify users via email or in-app notification for material changes
  • • Provide a summary of key changes for easy understanding
  • • Maintain previous versions for reference and transparency

Your continued use of Q-Academy services after any updates constitutes acceptance of the revised Privacy Policy.

Questions About Your Privacy?

Our privacy team is here to help. Contact us anytime with questions or concerns about how we handle your personal information.

Contact Privacy Team View Terms of Service