Privacy Policy

Dianoia ("we," "our," or "us") is committed to protecting the privacy and security of all users of our educational technology platform. This Privacy Policy applies to all users including administrators, principals, teachers, students, parents, and visitors to our platform. This policy describes how we collect, use, store, and protect personal information in connection with our comprehensive school management system, learning management platform, and related services. By accessing or using Dianoia, you acknowledge that you have read and understood this Privacy Policy.

Account Information: • Name, email address, phone number, and profile photo • School or institution affiliation • User role (Administrator, Principal, Teacher, Student, Parent) • Username and encrypted password • Professional credentials (for educators and administrators) Educational Data: • Course enrollment and attendance records • Assignment submissions and grades • Test scores and assessment results • Learning progress and performance metrics • Exercise completion data and quiz responses • Student work samples and portfolios Communication Data: • Messages sent through our integrated chat system • Email communications within the platform • Video conference participation records • Comments on assignments and course materials • Parent-teacher communication logs Usage Information: • Login dates and times • Pages and features accessed • Content viewed and downloaded • Device information (browser type, operating system) • IP address and general location data • Session duration and interaction patterns Payment Information (if applicable): • Billing name and address • Payment card information (processed securely through third-party providers) • Transaction history and purchase records • Subscription and enrollment status Content and Materials: • Uploaded documents, images, audio, and video files • Created exercises and assessments • Whiteboard sessions and recordings • Custom course materials and lesson plans

Educational Services: • Provide access to courses, lessons, and learning materials • Track student progress and generate performance reports • Enable teachers to create, grade, and manage assignments • Facilitate communication between students, teachers, and parents • Generate automated exercises and vocabulary builders • Support interactive learning through multimedia content Platform Management: • Authenticate users and maintain secure accounts • Manage school profiles and institutional settings • Enable role-based access controls for different user types • Support school cloning and multi-institution management • Process enrollments and course registrations Communication: • Send important notifications about assignments and grades • Deliver system updates and platform announcements • Enable video conferencing and real-time collaboration • Facilitate parent-teacher conferences and meetings • Send calendar reminders and schedule notifications Assessment and Analytics: • Generate comprehensive grade reports and transcripts • Provide insights into learning patterns and progress • Create analytics dashboards for administrators • Track resource usage and platform performance • Identify areas where students may need additional support Payment Processing: • Process course purchases and subscription payments • Manage access to premium features and content • Handle refunds and billing inquiries • Support e-commerce transactions for educational programs Platform Improvement: • Analyze usage patterns to improve user experience • Develop new features based on user needs • Optimize platform performance and reliability • Conduct research to enhance educational outcomes • Test and refine automated content generation tools

Within Your School or Institution: • Teachers can access information about their students' performance • Parents can view their children's grades, assignments, and progress • Administrators can access school-wide data for management purposes • Language Directors can review curriculum and program effectiveness Service Providers: We share information with trusted third-party providers who assist us in: • Cloud hosting and data storage services • Payment processing (Stripe, PayPal) • Email delivery and communication services • Video conferencing infrastructure • Analytics and performance monitoring • Customer support and technical assistance Legal Requirements: We may disclose information when required to: • Comply with applicable laws, regulations, or legal processes • Respond to lawful requests from public authorities • Protect the rights, property, or safety of Dianoia, our users, or the public • Enforce our Terms of Service and other agreements • Detect, prevent, or address fraud or security issues Business Transfers: In the event of a merger, acquisition, reorganization, or sale of assets, user information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our platform of any such change in ownership. With Your Consent: We may share information for any other purpose with your explicit consent or at your direction. We Never: • Sell your personal information to third parties • Share student data with advertisers • Use student information for marketing purposes • Disclose educational records without proper authorization

Technical Safeguards: • End-to-end encryption for sensitive data transmission • Secure Socket Layer (SSL/TLS) encryption for all connections • Encrypted storage of passwords using industry-standard hashing • Regular security patches and system updates • Secure backup systems with redundancy • Firewall protection and intrusion detection systems Access Controls: • Role-based access restrictions • Multi-factor authentication options • Automatic session timeout after periods of inactivity • Secure password requirements and policies • Limited employee access to personal data • Audit logs of system access and data modifications Organizational Measures: • Regular security training for all staff members • Data protection impact assessments • Incident response procedures • Third-party security audits and penetration testing • Compliance with industry best practices and standards • Designated data protection officers Data Retention: • Active account data is retained while your account is active • Educational records are retained in accordance with applicable laws • Deleted data is permanently removed from our systems within 90 days • Backup copies are securely destroyed according to our retention schedule • You can request deletion of your data at any time While we implement robust security measures, no system is completely secure. We encourage users to maintain strong passwords and report any suspicious activity immediately.

Dianoia takes the privacy of children very seriously and complies with applicable laws including the Children's Online Privacy Protection Act (COPPA) and the Family Educational Rights and Privacy Act (FERPA). Parental Consent: • We obtain verifiable parental consent before collecting personal information from children under 13 • Parents can review their child's personal information • Parents can request deletion of their child's information • Parents receive notifications about their child's account activity Student Data Protection: • Student educational records are protected under FERPA • We only collect information necessary for educational purposes • Student data is never used for advertising or marketing • Teachers and administrators have limited access based on legitimate educational interest • We maintain detailed records of who accesses student information Parent Rights: • Access and review all information collected about your child • Request corrections to inaccurate information • Delete your child's account and associated data • Opt out of certain data collection practices • Receive notifications about significant changes to data practices For questions about children's privacy, please contact us at privacy@dianoia.com with "Student Privacy" in the subject line.

Our platform operates globally and may process data in various countries. We ensure that all international transfers comply with applicable data protection laws. GDPR Rights (for EU Users): If you are located in the European Economic Area (EEA), you have the following rights: • Right to access your personal data • Right to rectification of inaccurate data • Right to erasure ("right to be forgotten") • Right to restrict processing • Right to data portability • Right to object to processing • Right to withdraw consent • Right to lodge a complaint with a supervisory authority Legal Basis for Processing: We process personal data based on: • Contract performance (providing educational services) • Legitimate interests (platform improvement, security) • Legal obligations (compliance with education laws) • Consent (marketing communications, optional features) Data Transfers: • We use Standard Contractual Clauses approved by the European Commission • Our service providers comply with EU data protection standards • We implement appropriate safeguards for all data transfers • Data is stored on secure servers with encryption EU Representative: For GDPR-related inquiries, contact our EU representative at gdpr@dianoia.com

Access and Review: • View all personal information we hold about you • Download your data in a portable format • Request a copy of your educational records • Review your account activity and login history Correction and Updates: • Update your profile information at any time • Correct inaccurate or incomplete data • Modify your communication preferences • Change your password and security settings Deletion and Deactivation: • Request deletion of your personal information • Deactivate your account temporarily • Permanently close your account • Remove specific content or materials Communication Preferences: • Opt out of promotional emails and newsletters • Customize notification settings • Choose how you receive announcements • Unsubscribe from marketing communications Data Export: • Request a machine-readable copy of your data • Export your course materials and content • Download your grade reports and transcripts • Access your communication history To exercise any of these rights, please: 1. Log into your account and visit the Settings page 2. Contact us at privacy@dianoia.com with your request 3. Include your name, email address, and specific request details We will respond to all requests within 30 days and verify your identity before processing requests.

When you purchase courses, subscriptions, or services through Dianoia: Payment Processing: • We use secure third-party payment processors (Stripe, PayPal) • We do not store full credit card numbers on our servers • Payment information is encrypted using industry standards • Transactions are processed through PCI-DSS compliant systems Billing Information: • We collect billing addresses for payment processing • Purchase history is maintained for your records • Receipts are automatically sent to your email • Subscription status and renewal dates are tracked Refunds and Cancellations: • Refund requests are processed according to our refund policy • Subscription cancellations are effective at the end of the billing period • Payment disputes should be directed to privacy@dianoia.com Your payment information is protected by the same security measures as all other personal data on our platform.

We use cookies and similar technologies to enhance your experience: Essential Cookies: • Maintain your login session • Remember your preferences and settings • Ensure platform security and prevent fraud • Enable core platform functionality Analytics Cookies: • Understand how you use our platform • Identify popular features and content • Measure platform performance • Improve user experience based on usage patterns Functional Cookies: • Remember your language preference • Store your customization choices • Enable interactive features • Support video conferencing and collaboration tools Managing Cookies: • You can control cookies through your browser settings • Disabling essential cookies may limit platform functionality • Third-party cookies are subject to providers' privacy policies • We respect "Do Not Track" browser signals where applicable For detailed information about cookies we use, please visit our Cookie Policy page.

Our platform may integrate with or link to third-party services: Integrated Services: • Video conferencing providers • Cloud storage services • Payment processors • Learning content providers • Communication tools Third-Party Links: • Our platform may contain links to external websites • We are not responsible for third-party privacy practices • We encourage you to review their privacy policies • Clicking external links may result in data collection by those sites Educational Content: • Teachers may embed content from third-party educational resources • Video content may be hosted on external platforms • Interactive exercises may use third-party tools • These services have their own privacy policies We carefully vet all third-party integrations to ensure they meet our security and privacy standards.

We retain your information for as long as necessary to provide our services and comply with legal obligations: Active Accounts: • Account information is retained while your account is active • Educational data is available throughout the academic period • Communication records are maintained for your reference • Course materials remain accessible per your subscription After Account Closure: • Personal data is deleted within 90 days of account closure • Educational records may be retained as required by law • Aggregated, anonymized data may be retained for analytics • Backup copies are securely destroyed per retention schedule Legal Requirements: • Financial records retained for 7 years for tax purposes • Educational records retained according to FERPA requirements • Communication logs retained for compliance and security • Legal hold data preserved as required by law You can request early deletion of your data by contacting privacy@dianoia.com

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. Notification of Changes: • Material changes will be notified via email • We will post a notice on our platform homepage • The "Last Updated" date will be revised • You may be asked to review and accept updated terms Your Continued Use: • Continued use of Dianoia after changes constitutes acceptance • You can review the updated policy at any time • If you disagree with changes, you may close your account • Previous versions are available upon request We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: General Privacy Inquiries: Email: privacy@dianoia.com Subject: Privacy Policy Inquiry Data Protection Officer: Email: dpo@dianoia.com Subject: Data Protection Request GDPR/EU Inquiries: Email: gdpr@dianoia.com Subject: GDPR Request Student Privacy (COPPA/FERPA): Email: privacy@dianoia.com Subject: Student Privacy Technical Support: Email: support@dianoia.com Mailing Address: Dianoia Educational Technology [School Management Platform] [Address will be provided upon platform deployment] Response Time: We aim to respond to all privacy inquiries within 30 days. For urgent matters, please indicate "URGENT" in your subject line. Alternative Contact: Phone: +30 6946388489 (Project Lead) Phone: +30 698753041 (Technical Contact) We take all privacy concerns seriously and are committed to working with you to resolve any issues.