ASAMAN
Contact Us

Terms & Conditions

Clear guidelines that define how Asaman works and protects its users.

Global Privacy Policy

Effective Date: Oct 28th, 2025

This Privacy Policy explains how Asaman Technologies Ltd. collects, uses, stores, shares, and protects personal data when schools, staff, parents, and students access or use Asaman’s platform, mobile apps, and related services.

We are committed to handling all data in a lawful, secure, and transparent manner.

  • Who We Are

    • Asaman Technologies Ltd. is a global EdTech provider headquartered in the United States with regional operations in Asia. We operate secure, cloud-based activity-management systems that international and bilingual schools use worldwide. For all purposes of applicable data-protection law:

    • Definitions
      • The Asaman acts as the Data Controller, determining what data are collected and how they are used.
      • The School is the Data Processor, responsible for processing data according to Asaman’s instructions.
      • For questions or concerns, please get in touch with us at:
      • Email: support@asaman.net
      • Website: www.asaman.net

  • What Data We Collect

    CategoryExamplesCollected From
    School InformationSchool name, contact emails, billing address, subscription detailsSchool administrators
    Staff DataName, role, email address, login credentialsSchool administrators / users
    Parent DataName, email, phone (optional), student associationParents via school invitation
    Student DataName, grade, class, schedule, activity enrolment, attendance recordsProvided by the school
    System DataIP address, device ID, browser type, usage logs, crash reportsAutomatically via platform
    Payment DataTransaction IDs, timestamps, payment status (never card numbers)Through secure payment processors
  • How We Use Your Data

    • We process data solely to deliver and improve our services:

    • Managing registrations, activities, attendance, and schedules
    • Providing technical support and customer assistance
    • Generating anonymized statistics for school reporting
    • Processing authorized payments
    • Maintaining platform security, logs, and fraud prevention
    • Sending system notifications or operational emails
    • Complying with legal obligations and school instructions

  • 4. Standard Retention Periods

    RegionLegal Basis
    European Union / EEAProcessing under GDPR Art. 6 (1)(b) – performance of a contract; Art 6 (1)(f) – legitimate interests; Art. 6 (1)(c) - legal obligations
    Singapore / Hong Kong / Asia-PacificConsent under PDPA / local law; contractual necessity
    United StatesFERPA / COPPA compliance through school consent
    Mainland ChinaPersonal Information Protection Law (PIPL) – processing limited to educational management and with parental consent obtained by the school
  • Data Hosting And Transfers
    • Data are hosted regionally:
      • Mainland China Schools: Alibaba Cloud (Beijing / Hangzhou)
      • Asia-Pacific / EU / US Schools: AWS or Azure nearest to the School’s region
    • Cross-border transfers occur only with the School’s written authorization.
    • Transfers are protected using Standard Contractual Clauses (SCCs) or other approved mechanisms.
  • Data Security Measures

    • We maintain technical and organizational controls aligned with ISO/IEC 27001 and SOC II principles:

    • Encryption in transit (TLS 1.3) and at rest (AES-256)
    • Role-based access control and multi-factor authentication
    • Daily encrypted backups are stored regionally
    • Logging and intrusion detection systems
    • Annual penetration testing and internal security reviews

  • 7. Data Retention

    All rights, title, and interest in the Service, including software, documentation, and trademarks, remain the exclusive property of Asaman Technologies Ltd. The School retains ownership of its own data.

    CategoryRetention PeriodAction After Expiry
    Active school dataFor the duration of contractContinues under school direction
    Archived data (post-termination)Up to 12 monthsSecure deletion after verification
    System logs / backups90 days rollingAutomatic purge after cycle
  • Data Sharing And Sub-Processors

    • Schools or users can request data deletion at any time. We will process requests within 30 days, ensuring all data is securely deleted or anonymized.

    • We share data only with vetted service providers necessary to operate the platform (e.g., hosting, email, payment, analytics).
    • All sub-processors are bound by written agreements requiring confidentiality and security controls.
    • No sub-processor may access data for any purpose other than delivering contracted services.
  • Your Rights

    • Depending on your jurisdiction, you may:

    • Request access to personal data held about you
    • Request correction or deletion of inaccurate data
    • Request restriction or portability where applicable
    • Withdraw consent (where processing is consent-based)
    • Object to processing in specific circumstances
  • Children's Privacy

    • Asaman does not collect data directly from minors. All student accounts are created and managed by their schools, which are responsible for obtaining verifiable parental consent in accordance with COPPA, FERPA, or PIPL.

  • Data Breach Response

    • In the unlikely event of a personal-data breach:

    • Asaman will notify affected Schools without undue delay once confirmed.
    • We will provide details of the breach, mitigation steps, and recovery actions.
    • Schools will inform parents or authorities where required by law.
  • International Transfers Outside The EU/EEA

    • For schools subject to GDPR, Asaman relies on Standard Contractual Clauses (SCCs) approved by the European Commission, supplemented by organizational and technical safeguards.

  • Changes To This Policy

    • We may update this Policy periodically. The “Effective Date” above indicates the latest version. Significant changes will be communicated to subscribing Schools at least 14 days before they take effect.

  • Contact Information
  • Appendix A – Mainland China Data Processing Statement (PIPL Compliance)
    • Purpose of ProcessingFor users located in Mainland China, Asaman processes personal information solely to provide the educational services subscribed to by the School, including registration, scheduling, communication, and payment support.
    • Data Hosting and LocalizationAll data from China-based schools is stored on Alibaba Cloud servers in mainland China. No cross-border transfer occurs without the School’s written approval.
    • Legal Basis and ConsentProcessing is based on PIPL Articles 13 & 14 (contractual necessity and school-obtained consent). The School is responsible for collecting, storing, and documenting parental consent.
    • Data Subject Rights (China)Individuals may request:
      • Access or correction of their data
      • Deletion of data under lawful circumstances
      • Withdrawal of consent
    • Security MeasuresAsaman applies the same global controls described above, as well as any supplementary requirements under China’s Cybersecurity Law and Data Security Law.
    • Contact in China
      • Email: support@asaman.net
      • Regional Operations: Beijing, PRC (Administrative Support Only)
  • Commitment Statement

    • Asaman Technologies Ltd. upholds the highest standards of data privacy and security. Our mission is to empower schools worldwide with technology that respects the rights of every learner, educator, and family.