← nilesoft.devLast updated: February 17, 2026

MAS Lantern

Privacy Policy

Version 1.0

Last Updated: February 17, 2026 · Effective Date: February 17, 2026

Introduction

MAS Lantern (“we,” “our,” or “us”) is committed to protecting the privacy of students, parents, and school staff. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and web services.

Information We Collect

Information You Provide

  • Account Information: Name, email address, phone number, role (parent/staff)
  • Student Records: Student names, program enrollment, attendance records, dismissal information
  • Communications: Messages sent through our chat system between parents and staff
  • Medical Information: Allergies, medications, medical episodes (for safety purposes)
  • Emergency Contacts: Contact information for authorized pickup and emergencies

Automatically Collected Information

  • Device Information: Device type, operating system, unique device identifiers
  • Usage Data: App interactions, features used, session duration (via Firebase Analytics)
  • Performance Data: Crash reports and app performance metrics (via Firebase Crashlytics)

How We Use Your Information

We use collected information for:

  • School Operations: Managing student enrollment, attendance tracking, dismissal coordination
  • Communication: Facilitating parent-teacher messaging and school announcements
  • Authentication: Securing user accounts and maintaining session security
  • App Improvement: Analyzing usage patterns to improve functionality and user experience
  • Security: Detecting and preventing fraudulent activity or unauthorized access

FERPA Compliance

MAS Lantern complies with the Family Educational Rights and Privacy Act (FERPA). We:

  • Only collect educational records necessary for school operations
  • Limit access to student data based on legitimate educational interest and role
  • Do not sell or share student information with third parties for marketing
  • Maintain comprehensive audit logs of data access
  • Allow parents to review and request corrections to their children's records

Your Rights Under FERPA

As a parent or guardian, you have the right to:

  • Inspect and review your child's education records (request via info@nilesoft.dev)
  • Request amendments to inaccurate or misleading information
  • Consent to disclosures of personally identifiable information (except where FERPA allows disclosure without consent)
  • File a complaint with the U.S. Department of Education if you believe we violated FERPA

To exercise these rights, contact us at info@nilesoft.dev. We will respond within 45 days as required by FERPA.

Service Providers (School Officials)

We use the following service providers who act as “school officials” under FERPA to provide essential services. These providers are contractually prohibited from using student data for their own purposes:

Firebase (Google Cloud)

Services: Analytics, crash reporting, push notifications

Data Shared: Device IDs, app usage data, crash logs (NO personally identifiable student information)

Purpose: Improve app performance and user experience

Certification: Google Cloud is COPPA and FERPA compliant, SOC 2 Type II certified

Data Use: Google does not use student data for advertising or profiling

Stripe

Services: Payment processing

Data Shared: Parent payment information only (NOT student education records)

Purpose: Process tuition and fee payments securely

Certification: PCI-DSS Level 1 certified

Data Use: Stripe does not use data for marketing or other purposes

Railway (Hosting)

Services: Application hosting and database infrastructure

Data Shared: All application data (encrypted at rest and in transit)

Purpose: Secure cloud infrastructure for our application

Certification: SOC 2 Type II certified

Data Use: Railway only processes data per our instructions as a data processor

Important: We do NOT share student education records with third parties for their own purposes. All service providers listed above act solely on our behalf and are subject to strict data protection agreements.

Data Security

We implement industry-standard security measures:

  • Encryption: Data encrypted in transit (HTTPS/TLS 1.3) and at rest (AES-256)
  • Access Controls: Role-based permissions (Admin, Staff, Parent)
  • Authentication: Secure token-based authentication with automatic expiration
  • Audit Logging: Comprehensive logs of all access to student records (retained for 7 years)
  • Monitoring: Continuous security monitoring and regular security audits

Data Retention

We retain your information for as long as:

  • Your account is active
  • Required by law or school policy (typically 5–7 years for educational records)
  • Necessary for legitimate operational purposes

When you delete your account, we will delete or anonymize your data within 30 days, except where legally required to retain records (e.g., financial records, audit logs).

Children's Privacy

MAS Lantern accounts are restricted to adults aged 18 and over. Students do not have accounts — all student data is created and managed by authorized school staff and parents/guardians. We comply with COPPA (Children's Online Privacy Protection Act) and FERPA by:

  • Not allowing minors to create accounts or access the App directly
  • Only collecting student information entered by authorized adults
  • Not collecting more information than necessary for educational purposes
  • Not using student data for advertising, profiling, or behavioral targeting
  • Allowing parents and guardians to review and request deletion of their child's information

Your Data Rights

You have the right to:

  • Access: Request a copy of your personal data
  • Correction: Request correction of inaccurate information
  • Deletion: Request deletion of your account and associated data
  • Portability: Request an export of your data in machine-readable format (JSON/CSV)
  • Opt-Out: Disable analytics tracking in app settings

To exercise these rights, email info@nilesoft.dev with “Data Request” in the subject line.

Data Sharing & Disclosure

We do NOT sell, rent, or trade your personal information.

We may disclose information only in these limited circumstances:

  • With Your Consent: When you explicitly authorize sharing
  • Legal Obligations: When required by law, court order, or legal process
  • Safety & Security: To protect the safety of students, staff, or prevent fraud
  • Service Providers: With providers listed above who act as school officials
  • School Officials: With staff who have legitimate educational interest

International Users

Our services are hosted in the United States. If you access MAS Lantern from outside the U.S., your data will be transferred to and processed in the United States. By using our services, you consent to this transfer.

Changes to This Policy

We may update this Privacy Policy periodically. We will notify users of material changes via:

  • In-app notification
  • Email to registered users
  • Posting updated policy with new “Last Updated” date

Continued use after changes constitutes acceptance of the updated policy.

Contact Us

For privacy questions, data requests, or to exercise your FERPA rights:

Nilesoft LLC

Email: info@nilesoft.dev

Website: https://nilesoft.dev

For FERPA-related complaints, you may also contact:

Family Policy Compliance Office

U.S. Department of Education

400 Maryland Avenue, SW

Washington, DC 20202-8520

Website: https://www2.ed.gov/policy/gen/guid/fpco/ferpa/index.html

© 2026 Nilesoft LLC. All rights reserved. · nilesoft.dev