Privacy Policy

1. Introduction

Reamind ("we," "our," or "us") is committed to protecting the privacy of our users. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our smart grading platform for tuition centers.

We comply with Malaysia's Personal Data Protection Act 2010 (PDPA) and are committed to handling personal data responsibly and transparently.

2. Information We Collect

2.1 Information You Provide

• Account Information: Name, email address, and password when you create an account
• Center Information: Tuition center name, address, and contact details
• Student Data: Student names, class assignments, test scores, and performance data that you upload
• Payment Information: Billing address and payment details (processed by our secure payment providers)
• Communications: Messages you send to us for support or inquiries

2.2 Information Collected Automatically

• Usage Data: How you interact with our Service, features you use, and actions you take
• Device Information: Browser type, operating system, device type, and unique device identifiers
• Log Data: IP address, access times, pages viewed, and referring URLs
• Error Monitoring: Crash reports and performance data collected via Sentry to diagnose and fix issues
• Cookies: Small data files stored on your device (see Section 7)

3. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our grading and analytics services
• Process your subscription and payments
• Send you important updates about the Service
• Respond to your inquiries and provide customer support
• Analyze usage patterns to enhance user experience
• Detect and prevent fraud, abuse, and security issues
• Comply with legal obligations

4. How We Share Your Information

We do not sell your personal data. We may share your information in the following circumstances:

• Service Providers: Third-party vendors who help us operate our Service (e.g., cloud hosting, payment processing, Sentry for error monitoring)
• Legal Requirements: When required by law, court order, or government request
• Business Transfers: In connection with a merger, acquisition, or sale of assets
• With Your Consent: When you explicitly authorize us to share your information

All service providers are contractually obligated to protect your data and use it only for the services they provide to us.

5. Data Storage and Security

Your data is stored securely using industry-standard cloud infrastructure provided by Google Cloud Platform (Firebase). We implement appropriate technical and organizational measures to protect your data, including:

• Encryption of data in transit and at rest
• Secure authentication mechanisms
• Regular security assessments and updates
• HMAC-signed session cookies (reamind_session) for secure student authentication
• Access controls and audit logging
• Evidence logging for grading and submission events to ensure data integrity
• Backup and disaster recovery procedures

While we strive to protect your data, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.

6. Data Retention

We retain your data for as long as your account is active or as needed to provide you with our services. If you cancel your subscription or delete your account:

• You may request a copy of your data within 30 days
• We will delete your data within 90 days, except where retention is required by law
• Aggregated, anonymized data may be retained for analytics purposes

7. Cookies and Tracking

We use cookies and similar technologies to:

• Essential Cookies: Required for the Service to function (authentication, security)
• Functional Cookies: Remember your preferences and settings
• Analytics Cookies: Help us understand how you use the Service

You can control cookies through your browser settings. Disabling essential cookies may affect your ability to use certain features. For more information, see our Cookie Policy.

8. Your Rights Under PDPA

Under Malaysia's Personal Data Protection Act 2010, you have the right to:

• Access: Request a copy of the personal data we hold about you
• Correction: Request correction of inaccurate or incomplete data
• Withdrawal of Consent: Withdraw your consent for data processing at any time
• Data Portability: Request your data in a commonly used format
• Complaint: Lodge a complaint with the Personal Data Protection Commissioner

To exercise these rights, please contact us at the details provided below. We will respond to your request within 21 days as required by PDPA.

9. Children's Privacy

Our Service is designed for use by tuition centers and educators, not for direct use by children. We do not knowingly collect personal information directly from children under 13 years of age.

Tuition centers using our Service are responsible for obtaining appropriate consent from parents or guardians before uploading student data to the platform.

10. International Data Transfers

Your data may be processed on servers located outside of Malaysia. When we transfer data internationally, we ensure appropriate safeguards are in place to protect your information in accordance with PDPA requirements.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through the Service. The updated policy will be effective upon posting. Your continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us: