Privacy Policy

PRIVACY POLICY – EZYLIBRARY

Effective Date: 01-08-2025
Last Updated: 01-08-2025

EzyLibrary (“we”, “our”, “us”) respects user privacy and processes personal data in accordance with applicable Indian laws, including the Digital Personal Data Protection Act, 2023 (DPDP Act). By accessing or using the EzyLibrary platform (“Platform”), you agree to this Privacy Policy.

1. SCOPE AND ROLE CLARIFICATION

EzyLibrary is a technology service provider offering software-as-a-service (SaaS) solutions to library and self-study center owners.

  • Institution owners act as Data Fiduciaries
  • EzyLibrary acts solely as a Data Processor

EzyLibrary does not own, control, or independently collect student data, except as required to provide technical functionality.

2. INFORMATION WE COLLECT

We collect only the minimum information necessary to provide and operate the Platform.

2.1 Library Owner Information

  • Name
  • Email address
  • Phone number
  • Subscription and billing details
  • Payment status and transaction references

2.2 Library Data (Uploaded by Users)

All data listed below is uploaded, managed, and controlled by the library owner:

  • Student names and contact details
  • Desk, shift, and locker allocations
  • Fee records, receipts, and expense data
  • Optional library location data (for location-based features)
  • Optional student photographs for identity verification
  • Optional ID card photographs
  • Optional student device IP address and approximate location for attendance features
  • Optional device identifiers (including MAC address) for smart Wi-Fi or access control within library premises

EzyLibrary does not independently verify or validate this data. EzyLibrary does not require or encourage collection of Aadhaar, biometric data, or government identifiers.

2.3 Payment & Transaction Information

EzyLibrary does not store sensitive payment data such as card numbers, CVV, or banking credentials.

Payments are processed by third-party payment gateways.
Limited transaction references (payment ID, amount, status) may be stored for accounting and support purposes.

2.4 Technical & Usage Data

For security and audit purposes, we may collect:

  • IP address of logged-in devices
  • Browser and device information
  • Login timestamps and session logs

This data is used only for security, fraud prevention, access monitoring, and audit trails.

3. PURPOSE OF DATA PROCESSING

Data is processed based on user consent and contractual necessity to:

  • Provide and maintain the Platform
  • Manage subscriptions and billing
  • Generate reports and receipts
  • Provide technical support
  • Communicate service-related updates
  • Enable optional attendance, device-based, and location-based features
  • Maintain login history and detect suspicious activity
  • Ensure platform security and integrity

4. DATA OWNERSHIP AND USER RESPONSIBILITY

All student, financial, and operational data uploaded to the Platform remains the sole responsibility and control of the library owner.

Library owners are responsible for:

  • Informing students
  • Obtaining valid consent
  • Ensuring accuracy and legality of data
  • Compliance with applicable laws, including those relating to minors, device identifiers, and photographs

EzyLibrary does not assume liability for user-uploaded data.

5. ACCESS TO USER DATA

EzyLibrary does not access, modify, or disclose user data except:

  • When explicitly requested for technical support
  • During setup or data migration upon user request
  • When required by law or lawful government order

6. DATA STORAGE AND SECURITY

EzyLibrary implements reasonable and industry-standard security measures, including:

  • Secure servers
  • Encrypted connections (HTTPS)
  • Role-based access controls
  • Monitoring and audit logs

Certain sensitive data, such as mobile numbers, may be stored in encrypted form.

However, no system is completely secure. EzyLibrary does not guarantee absolute security and shall not be liable for unauthorized access resulting from:

  • Cyberattacks
  • Third-party service failures
  • User negligence
  • Shared credentials or insecure devices

Collected IP addresses, logs, device identifiers, photos, and location data are used strictly for operational and security purposes, not for behavioral profiling or advertising.

7. USER ACCOUNT SECURITY

Library owners are solely responsible for:

  • Maintaining credential confidentiality
  • Controlling staff and student access
  • Securing devices and local networks

EzyLibrary is not liable for misuse, data loss, or breaches caused by:

  • Password sharing
  • Public or shared devices
  • Failure to log out
  • Local Wi-Fi or router misconfiguration

8. DATA SHARING

EzyLibrary does not sell, rent, or trade personal data.

Data may be shared only:

  • With trusted service providers strictly for service delivery
  • When required by law
  • To protect the rights, security, or integrity of the Platform

9. COOKIES AND SESSION MANAGEMENT

Cookies may be used to:

  • Maintain login sessions
  • Improve platform functionality

Disabling cookies may impact certain features.

10. DATA RETENTION

Data is retained:

  • While the account is active
  • For a limited period after termination for legal, accounting, and security obligations

Login logs may be retained longer for audit and fraud prevention. Data is deleted or anonymized thereafter where feasible. Data will not be retained longer than reasonably necessary for the stated purpose.

11. CHILDREN AND STUDENT DATA

EzyLibrary is intended for institution owners only.

Student data is provided by library owners, who are solely responsible for lawful collection, consent, and compliance with child data protection requirements.

12. USER RIGHTS

Users may request:

  • Access to personal data
  • Correction of inaccuracies
  • Deletion of personal data
  • Withdrawal of consent

Requests are subject to legal, contractual, and operational obligations.

13. DATA BREACH HANDLING

In the event of a data breach, EzyLibrary will take reasonable steps to:

  • Investigate
  • Mitigate impact
  • Notify affected users and authorities where required by law

EzyLibrary is not liable for breaches caused by user negligence, insecure devices, shared credentials, or third-party service failures.

14. LIMITATION OF LIABILITY

To the maximum extent permitted by law, EzyLibrary shall not be liable for indirect, incidental, or consequential damages.

Any liability, if established, shall be limited to the subscription fees paid for the relevant period.

15. POLICY UPDATES

This Privacy Policy may be updated from time to time. Continued use of the Platform constitutes acceptance of the updated policy.

16. Data Deletion & Erasure

Users may request deletion of personal data. EzyLibrary will delete or anonymize the data within a reasonable timeframe, subject to legal, accounting, or security obligations. Students may request data deletion through their institution owner, and institution owners may request deletion by contacting management@ezylibrary.in.

16. CONTACT INFORMATION

For privacy-related queries or requests:

📧 management@ezylibrary.in