Start free trial

MadrasaSIMS Privacy Policy

Effective Date: 04/07/2023
Last Updated: 04/07/2023

1. Introduction

At FlexiSAF UK, we are committed to protecting and respecting your privacy. This General Data Protection Regulation (GDPR) policy outlines how we collect, process, store, and protect your personal data, ensuring compliance with the UK GDPR and Data Protection Act 2018. This policy applies to all data subjects whose personal data is collected by FlexiSAF in the UK.

2. Data We Collect

We collect personal data for various purposes, including but not limited to:

  • Identity Data: Name, job title, and organization.
  • Contact Data: Email address, phone number, and postal address.
  • Technical Data: IP addresses, browser type, and usage data collected via cookies and analytics.
  • Student Data: Data required for student management within our Madrasa SIMS software (e.g., attendance, academic performance).
  • Financial Data: Billing information, payment methods, and transaction details.

We ensure that all personal data is collected lawfully, fairly, and transparently, in accordance with Article 5 of the GDPR.

3. Lawful Basis for Processing Data

We process personal data under the following lawful bases:

  • Consent: Where you have given explicit consent for us to process your personal data.
  • Contractual Obligation: When processing is necessary to fulfil a contract with you (e.g., delivering our services such as Madrasa SIMS).
  • Legitimate Interests: Processing that is in our legitimate interest and not overridden by your privacy rights (e.g., improving our products and services).
  • Legal Obligation: When processing is necessary to comply with a legal obligation.

4. Purpose of Data Collection

We collect and process your personal data for the following purposes:

  • To manage customer relationships and provide our services.
  • To facilitate student management and parent communication via the Madrasa SIMS software.
  • To maintain accurate billing records and facilitate payment transactions.
  • To send you service updates, promotional content (with your consent), and product improvements.
  • To comply with legal obligations such as financial regulations, anti-money laundering laws, and fraud detection.

5. Data Retention

FlexiSAF retains personal data only for as long as is necessary to fulfill the purposes we collected it for, including satisfying any legal, accounting, or reporting requirements.

  • General Data: Retained for the duration of the customer relationship and up to six years post-termination for legal and tax purposes.
  • Student Data: Retained for as long as the customer requires to fulfill their own legal obligations, after which it will be securely deleted.

We will perform periodic reviews of personal data to ensure that it is accurate and up to date, and we will delete or anonymize data that is no longer necessary.

6. Your Data Protection Rights

Under UK GDPR, you have the following rights:

  • Right to Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You can ask us to correct any inaccuracies in your personal data.
  • Right to Erasure: You can request that we delete your personal data, subject to legal obligations.
  • Right to Restriction of Processing: You can request that we limit the way we process your data in certain circumstances.
  • Right to Data Portability: You can request a copy of your data in a structured, commonly used format to transfer it to another provider.
  • Right to Object: You can object to us processing your personal data based on legitimate interests or direct marketing purposes.

To exercise any of these rights, please contact us at [Insert Contact Email]. We will respond to all requests within one month of receipt.

7. How We Protect Your Data

We take the security of your personal data very seriously. To safeguard your data, we employ the following measures:

  • Encryption: Data in transit and at rest is encrypted using industry-standard methods.
  • Access Controls: Only authorized personnel have access to your personal data, with strict access controls and audits in place.
  • Regular Audits: We perform regular audits and security assessments to ensure our systems are compliant with the latest regulations and best practices.
  • Third-Party Vendors: Where we use third-party service providers (e.g., cloud services), we ensure they also comply with GDPR standards.

8. Third-Party Data Sharing

We will never sell your personal data to third parties. However, we may share your data with trusted third-party service providers where necessary, such as:

  • IT and system administration service providers.
  • Legal and accounting professionals.
  • Payment service providers.

All third-party data processors are required to sign data processing agreements to ensure they handle your data in line with UK GDPR requirements.

9. Data Breach Notification

In the unlikely event of a data breach, we have protocols in place to identify, assess, and contain the breach as quickly as possible. If the breach is likely to result in a high risk to the rights and freedoms of individuals, we will notify the UK Information Commissioner’s Office (ICO) within 72 hours, as well as affected individuals, where required.

10. International Data Transfers

If we transfer personal data outside the UK or EEA (European Economic Area), we ensure that the recipient country has adequate data protection laws or that appropriate safeguards, such as Standard Contractual Clauses (SCCs), are in place.

11. Cookies and Tracking

Our website uses cookies and similar technologies to enhance user experience, analyse usage data, and tailor content. For more information on how we use cookies and how you can manage them, please refer to our Cookie Policy.

12. Children's Privacy

We recognise the importance of protecting children’s personal data. Our software is designed for use by madrasahs and educational institutions, and any collection of children’s data is under the control of these institutions. We require that schools or guardians provide consent where applicable.

13. Updates to This Policy

We may update this policy from time to time to reflect changes in regulations, best practices, or our business operations. All updates will be posted on our website, and significant changes will be communicated to data subjects directly.

14. Contact Information

If you have any questions about this GDPR policy or wish to exercise any of your data protection rights, please contact our Data Protection Officer at:

Email: madrasasims@flexisaf.com
Postal Address: 167-169 5th Floor Great Portland Street, London, England, W1W 5PF

If you feel that your data protection rights have been breached, you have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) at www.ico.org.uk.

End of Policy

This policy outlines our commitment to data protection and the specific measures we take to ensure compliance with the GDPR. It also details the rights of individuals and the steps they can take to manage their data with us.

MadrasaSIMS is a product of FlexiSAF Edusoft Limited

info@flexisaf.com

UK:
167-169 Great Portland Street, 5th Floor, London, W1W 5PF

Dubai:
R5 – 011 Cluster R, Retail Level,Jumeirah Lake Towers,Dubai, UAE.

Privacy Policy

Terms and Conditions

Sitemap

© 2025 FlexiSAF. All rights reserved.

Facebook Twitter Youtube Linkedin Instagram