This Privacy Policy describes how Cambridge Global School, Madurai ("we", "our", or "the School") collects, uses, and protects information through our suite of mobile applications. This policy applies to all four apps: CGS Teacher App, CGS Student App, CGS Admin App, and CGS Bus Tracking App.
Applications Covered by This Policy
👩🏫 Teacher App
For registered teaching staff to manage attendance, homework, exams & leave.
com.vaailasani.cgs.teacher
🎓 Student App
For enrolled students to view timetables, homework, results & notices.
com.vaailasani.cgs.student
🏫 Admin App
For school administrators to manage staff, students & school operations.
com.vaailasani.cgs.admin
🚌 Bus Tracking
For parents and staff to track real-time school bus location and routes.
com.vaailasani.cgs.bus
Information We Collect
The following table shows what data is collected by each app:
| Data Type | Purpose | Apps |
|---|---|---|
| Mobile phone number | OTP-based login authentication via Firebase Phone Auth | TeacherStudentAdminBus |
| Device fingerprint | Hashed hardware identifier for device-binding security | TeacherAdmin |
| IP address | Captured during key actions for security audit logs | TeacherAdmin |
| App usage activity | Audit trail of all actions (attendance, homework, leave, etc.) | TeacherAdmin |
| FCM push token | Delivering school notifications to your device | TeacherStudentAdminBus |
| Profile information | Name, ID, class/subject assignments provided by school admin | TeacherStudentAdmin |
| Location (GPS) | Real-time bus position for route tracking | Bus |
| Academic records | Attendance, exam marks, homework submitted/assigned | TeacherStudent |
How We Use Your Information
- To verify your identity via OTP and grant app access
- To personalise your experience with your assigned classes, subjects, and schedule
- To maintain a secure audit trail of all staff actions for school administration
- To detect and prevent unauthorised access, rooted devices, and tampered APKs
- To send push notifications for school events, notices, exam results, and bus alerts
- To enable teachers to submit leave, mark attendance, and manage academic activities
- To allow students to view their timetable, results, homework, and school notices
- To provide real-time bus location updates for safety and punctuality
Data Storage & Security
All data is stored securely on Google Firebase (Firestore Database and Firebase Storage), hosted on Google's cloud infrastructure in the Asia Southeast region. The following security measures are implemented:
- AES-256 GCM encryption for all locally stored data on your device
- HTTPS-only communication — cleartext traffic is completely disabled
- APK signature verification to detect and block tampered app versions
- Root and emulator detection to prevent use on compromised devices
- Salted SHA-256 hashing for PIN storage — PINs are never stored in plain text
🔒 All data transmission uses TLS/HTTPS. Firebase servers are GDPR-compliant and governed by Google's Data Processing Agreement.
Data Sharing
We do not sell, rent, or trade your personal information to any third party. Data is shared only with:
- Google Firebase — our cloud provider for authentication, database, storage, and push notifications
- School Administration — audit logs and activity records accessible only to authorised administrators
No advertising networks, data brokers, or external analytics platforms receive your data.
Location Data (Bus Tracking App Only)
The CGS Bus Tracking App collects real-time GPS location data from the device installed on the school bus. This data is used exclusively for:
- Displaying the live bus location to parents and authorised staff
- Estimating arrival times at bus stops
- Safety monitoring during school trips
⚠️ Location data is collected only while the bus is on an active route. It is not collected outside school hours and is not shared with any third parties.
Data Retention
- Teacher & Admin accounts — data retained for the duration of employment. Access revoked immediately upon leaving the school.
- Student accounts — academic records retained for the duration of enrolment plus one year for transcript purposes.
- Audit logs — retained for a minimum of 2 years for compliance purposes.
- Bus location data — retained for 30 days, then automatically deleted.
Your Rights
- Request access to the personal data we hold about you
- Request correction of inaccurate data
- Request deletion of your data (subject to legal and compliance requirements)
- Opt out of biometric authentication at any time in app settings
- Withdraw consent for push notifications through your device settings
To exercise any of these rights, contact the school administration at the details below.
Children's Privacy
The CGS Student App is designed for school-enrolled students, some of whom may be under 18. All student accounts are created and managed by the school administration — students do not self-register. Parent or guardian consent is obtained by the school during the enrolment process. We handle all student data with the highest level of care and in accordance with applicable educational data protection regulations.
Changes to This Policy
We may update this Privacy Policy from time to time. Significant changes will be communicated through an in-app notification. The effective date at the top of this page will always reflect the latest version. Continued use of our apps after changes are posted constitutes your acceptance of the updated policy.
Privacy Questions?
Contact us for data requests or privacy concerns:
Cambridge Global School, Madurai
Email: admin@cambridgeschoolsmadurai.com
Website: www.cambridgeschoolsmadurai.com