Schivi Privacy Policy

Last Modified: October 8, 2024

Thank you for using Schivi! This Privacy Policy describes how and when Schivi collects, uses and shares your information when you use our Services. Schivi receives your information through our various websites, APIs, email notifications, applications, buttons, widgets, ads, and commerce services (the "Services") and from our partners and other third parties. When using any of our Services you consent to the collection, transfer, manipulation, storage, disclosure and other uses of your information as described in this Privacy Policy. Irrespective of which country you reside in or supply information from, you authorize Schivi to use your information in the United States and any other country where Schivi operates.

Information We Collect and Use

Basic Account Information: When you create or reconfigure a Schivi account, you login with your mobile number. Schivi uses this mobile number to create your account and retrieve additional information from schools where your mobile number is registered. This is minimal information that Schivi needs to surface your connections with the school. Your information is not listed publicly on our Services. 

Additional Information: We may use your contact information to send you information about our Services or to market to you. You may unsubscribe by following the instructions contained within the notification or the instructions on our website. We may use your contact information to help others find your Schivi account, including through third-party services and client applications. If you email us, we may keep your message, email address and contact information to respond to your request. If you connect your Schivi account to your account on another service in order to cross-post between Schivi and that service, the other service may send us your registration or profile information on that service and other information that you authorize. This information enables cross-posting and helps us improve the Services. Providing the additional information described in this section is entirely optional.

Profile and Content: When creating an account on Schivi, your profile is considered private, meaning it is not surfaced to anyone else on our Services. Content you create, such as Activities, may be seen by others viewing content within Schivi. Schivi’s top priority is securing who has access to view this content. Each content is visible to only audiences that our members explicitly target through Schivi’s Services. This content is searchable by our members, but Schivi surfaces the content only to the explicit target audience.

Links: Schivi may keep track of how you interact with links across our Services, including our email notifications, third-party services, and client applications, by redirecting clicks or through other means. We do this to help improve our Services, to provide more relevant experiences, and to be able to share to creators content statistics to better assist them in managing their content. 

Telemetry Data: When you use our Services, we may receive information ("Telemetry Data") such as your device information, including operating system version, app version, and device model. We receive Telemetry Data when you interact with our Services, for example, when you open our app, sign into our Services, or interact with our email notifications. We may also receive Telemetry Data when you click on, view or interact with content. Schivi uses Telemetry Data to enhance our product by improving the aggregated information our engineers have when troubleshooting issues on our Services. 

Third-Parties and Affiliates: Schivi uses a variety of third-party services to help provide our Services, such as hosting our various blogs and wikis, and to help us understand and improve the use of our Services, such as Google Analytics. These third-party service providers may collect information sent by your device. 

Safe Keeping Collected Information

We take the protection of your data seriously and have implemented security procedures to safeguard your information. This section outlines the measures we take to protect the data you share with us, including data obtained through Google services.

1. Security Measures

We employ industry-standard security measures to protect the confidentiality and integrity of your data, including Google user data. These measures include:

• Encryption: All data transmitted between our servers and your devices is encrypted using secure protocols (e.g., HTTPS) to prevent unauthorized access or interception during transmission.

• Access Control: We restrict access to your personal data to authorized personnel only, ensuring that only individuals who need access to perform their roles can view or handle sensitive information.

• Data Minimization: We collect and process only the necessary data needed to provide our services, reducing the amount of personal information handled.

2. Protection of Google User Data

We follow best practices to secure any data obtained through your interaction with Google services. Specific safeguards include:

• OAuth 2.0 Authentication: We use Google’s OAuth 2.0 protocol for secure authentication and authorization, ensuring that sensitive tokens and credentials are protected and not exposed to unauthorized parties.

• Token Security: Tokens issued by Google for accessing user data are encrypted and stored securely. We do not store or use refresh tokens beyond their intended purpose, and we periodically review and revoke unused tokens.

• No Unnecessary Data Sharing: We do not share Google user data with third parties unless explicitly required to provide services, comply with the law, or with your consent.

How We Use Collected Information

We use the information we collect to provide our Services to you and make them better, develop new services, and protect Schivi and our members. For example, we may log how often people use two different versions of a service, which can help us understand which version is better.

We also use the information we collect to offer you customized content, including:

• Suggesting school activities that you may want to participate in.

• Showing you the most relevant activities, pertaining to the day of the week, to your prior interaction with the activity, and the priority of the activity by the creator.

We also use the information we collect to:

• Send you updates, newsletters, marketing materials and other information that may be of interest to you. 

• Respond to your questions or comments.

The information we collect may be “personally identifiable” (meaning it can be used to specifically identify you as a unique person) or “non-personally identifiable” (meaning it can’t be used to specifically identify you). We use both types of information, and combinations of both types, as described above. We may use or store information wherever Schivi does business, including countries outside your own.

How and When We Share Information

Limited instances where we may share your personal information include:

• When we have your consent. This includes sharing information with other members of our Services, such as when you want to send someone your Schivi Profile QR code, or when you want to request access to join a school class or group.

• We may employ third party companies or individuals to process personal information on our behalf based on our instructions and in compliance with this Privacy Policy. For example, we may share the credit card information you provide us with the financial service companies that you explicitly agree to use. 

• If we believe that disclosure is reasonably necessary to comply with a law, regulation or legal request; to protect the safety, rights, or property of the public, any person, or Schivi; or to detect, prevent, or otherwise address fraud, security or technical issues.

• We may engage in a merger, acquisition, bankruptcy, dissolution, reorganization, or similar transaction or proceeding that involves the transfer of the information described in this Policy.

Modifying Your Information

If you are a registered user of our Services, we provide you with tools and account settings to access or modify the personal information you provided to us and associated with your account.

Retaining and Deleting Your Information

We will retain your personal information for the length of time needed to fulfill the purposes outlined in this privacy policy unless a longer retention period is required or permitted by law. This includes any third-party data you have authorized for use within Schivi Services, such as Google Calendar, among others. You can delete your personal information, including data linked to third-party services by first deleting your account, and then requesting the deletion by sending an email to support@schivi.com. Confirmation by Schivi personnel is required to complete the deletion process of your personal information.

Our Policy Towards Children Information

Schivi is not directed to children under 13. If you learn that your minor child has provided us with personal information without your consent, please contact us.

Changes to this Policy

We may revise this Privacy Policy from time to time. The most current version of the policy will govern our use of your information and will always be at www.schivi.com. If the changes are significant, we may provide more prominent notice or get your consent as required by law. By continuing to access or use the Services after those changes become effective, you agree to be bound by the revised Privacy Policy.