Nezam
Book a demo
Data protection

Privacy policy

How Nezam collects, uses and protects personal data, including the data of learners and their families, in line with applicable data-protection law.

This privacy policy describes how personal data is collected, used, kept and protected in connection with the Nezam website and software, in line with applicable data-protection law. It covers in particular the data of learners, their legal guardians and teachers.

Data controller

For the data entered as part of running an educational organisation, the data controller is the client organisation (community school, language institute) that uses Nezam. Nezam®, the publisher of the service whose details appear in the legal notice, acts as a data processor on the instructions of the organisation.

Data collected

Depending on the features used, Nezam may process the following categories of data:

  • Legal guardians and teachers: surname, first name, email, phone, login credentials, language of communication.
  • Learners: civil status, gender, level, group, administrative documents, authorisations (photo, leaving alone), absences, lateness and behaviour.
  • Educational tracking: attendance, grades by sub-skill, averages, comments, report cards, homework.
  • Enrolments and payments: enrolment sessions, amounts, instalments, payment statuses and payment methods used.
  • Communication: messages, announcements, session comments and notifications.
  • Technical data: connection logs and identifiers required for push notifications.

Nezam does not collect data beyond what is necessary to run the educational and administrative side of the organisation.

Purposes of processing

Data is processed for the following purposes:

  1. Managing enrolments, re-enrolments and the waiting list.
  2. Tracking attendance, grades and report cards.
  3. Collecting and tracking payments.
  4. Communicating with families (messages, announcements, notifications of absence, lateness or behaviour).
  5. Allowing legal guardians and students to follow the schooling through the mobile app.
  6. Ensuring the security, maintenance and improvement of the service.

Legal basis

Depending on the processing concerned, the legal basis is one of the following:

  • The performance of a contract or pre-contractual measures (enrolment, payment, delivery of the service).
  • Compliance with a legal obligation (accounting obligations, document retention).
  • The legitimate interest of the organisation in ensuring the smooth running of its educational activity.
  • Consent, in particular for specific authorisations (photo, leaving alone) and certain communications.

Data of learners and families

Data concerning learners, who may be minors, is given particular attention. It is entered and managed by the educational organisation as part of the teaching relationship. The required consents (photo authorisations, leaving alone, mandatory documents) are collected and kept in the learner's record. The mobile app for families gives read access to the child's tracking as well as to a messaging feature.

Retention periods

Data is kept for as long as necessary for the purposes described, then archived or deleted in accordance with the applicable legal retention periods: schooling and tracking data is kept for the duration of the teaching relationship, billing and payment data is kept in line with accounting obligations, and accounts and login credentials are deleted after the end of the relationship.

Recipients and processors

Data is accessible to the organisation's authorised staff (management, teachers) and, for the tracking of their child, to legal guardians. It may be processed by the technical providers strictly necessary to run the service (hosting, sending notifications), bound by contractual commitments that comply with data-protection law. The list of these processors is kept up to date and can be provided to client organisations on request. No personal data is ever resold or transferred for commercial purposes.

Hosting and security

Data is hosted in Europe. Technical and organisational measures are in place to protect the data against loss, unauthorised access or disclosure: encryption of data in transit and at rest, two-factor authentication (2FA), role-based access control, logging and automatic backups.

Your rights

You have the following rights over your personal data:

  • Right of access: obtain a copy of the data concerning you.
  • Right of rectification: correct inaccurate data.
  • Right to erasure: request deletion, subject to legal obligations.
  • Right to restriction and right to object to processing.
  • Right to portability of your data.
  • Right to withdraw your consent at any time, for processing based on it.

To exercise these rights, first contact the educational organisation acting as data controller. You also have the right to lodge a complaint with the competent data-protection authority.

Data protection

For any question about the protection of your data, you can write to contact@nezam.fr. Your request will be forwarded, where relevant, to the organisation acting as data controller.

Cookies

The website may use cookies or trackers necessary for its operation and, where applicable, for audience measurement. Non-essential cookies are only placed with your consent, which you can withdraw at any time.

Changes

This policy may be updated to reflect changes in the service or in regulations. The applicable version is the one published on the website on the date you consult it.

Contact

For any question about the protection of your data, write to contact@nezam.fr or contact the Nezam team on WhatsApp at +33 6 84 86 52 73.

Frequently asked questions

What personal data does Nezam collect?

Nezam collects the data needed to run an educational organisation: identity and contact details of legal guardians and teachers, learners’ civil status, attendance, grades, homework, administrative documents, payments and messages exchanged. No data is collected without a defined purpose.

Is learner data protected?

Yes. Data relating to learners and their families is processed under the responsibility of the educational organisation, as part of the teaching relationship and its legal obligations. Nezam acts as a data processor and applies technical and organisational security measures: hosting in Europe, encryption of data in transit and at rest, automatic backups and two-factor authentication.

What are my rights over my data?

You have the rights of access, rectification, erasure, restriction, objection and portability provided for by data protection law. You can exercise them with the organisation concerned or by writing to contact@nezam.fr.

How long is data kept?

Data is kept for as long as necessary for the purposes for which it was collected, then archived or deleted in accordance with the applicable legal retention periods (schooling, accounting, legal obligations).

Is my data shared with third parties?

Your data is only shared with the technical providers strictly necessary to run the service (hosting, sending notifications) and with the authorities where the law requires it. No data is ever resold or transferred for commercial purposes.

Ready to simplify how you run your organisation?

Book a 20-minute demo. No card, no commitment.

Book a demo
  • No commitment
  • Money-back guarantee
  • GDPR-compliant
  • Hosted in your country