Repetitio ("we", "our", or "us") is committed to protecting the privacy and security of
our users ("you" or "user"). This Privacy Policy explains how we collect, use, and
safeguard your personal data when you use our application, in compliance with the
General Data Protection Regulation (GDPR) and other applicable privacy laws. By
accessing or using our web application, you agree to the practices described in this
Privacy Policy.
Data Controller and Data Protection Officer
Repetitio is the data controller responsible for the personal data processed through
our web application. For any inquiries or concerns regarding your data, you can
contact our Data Protection Officer (DPO) at:
Users have the option to use the application anonymously without creating an account. In this mode:
Data is stored locally on the device and is not synchronized with cloud services.
Users cannot communicate with other users, including teachers and guardians.
Users cannot generate personal QR codes.
User Registration
Students:
Students may register using their email address or continue to use the app anonymously.
Registered students can optionally provide their name and surname to help teachers and guardians identify them. If not provided, a unique ID will be used.
The application collects input data such as photos, PDFs, PPTs, DOCs, and user preferences (e.g., themes, fonts, accessibility settings) to enhance the user experience.
Teachers and Guardians:
Registration with an email address is required for teachers and guardians.
Teachers and guardians can add students to their classrooms or dashboards via QR codes, facilitating the management and tracking of student performance.
Purposes of Data Collection and Processing
Enhancing User Experience: Collecting user preferences and input data to customize and improve application functionality.
User Identification: Helping teachers and guardians identify students through optional name and surname input.
Educational Tracking: Facilitating the management and tracking of student performance and study sessions.
Security and Compliance: Ensuring the application’s security and compliance with legal obligations.
Data Storage
User preferences, questions, answers, and metrics are stored locally to ensure data accessibility and optimal application performance.
Aggregated coarse metrics for added students are available to guardians and teachers to monitor educational outcomes.
Study session data and quiz participation information are stored locally within the respective applications.
Data Sharing
Data is shared between students, teachers, and guardians through QR codes and local storage synchronization, ensuring secure and efficient data transfer.
Metrics and answers are shared to provide insights into student performance, supporting targeted educational interventions.
Legal Basis for Processing Personal Data
We process personal data based on the following legal grounds:
Consent: You have given clear consent for us to process your personal data for specific purposes.
Contract: Processing is necessary for the performance of a contract with you, or because you have asked us to take specific steps before entering into a contract.
Legal Obligation: Processing is necessary for compliance with a legal obligation.
Legitimate Interests: Processing is necessary for our legitimate interests or those of a third party, provided your data protection rights do not override those interests.
User Identification
To assist teachers and guardians in identifying students, students may optionally
provide their names. If no name is provided, a unique ID will be displayed. This
approach balances privacy with the need for effective identification in educational
settings, helping to personalize the learning experience and accurately track
progress.
Parental Consent
For children under the age of 16, parental consent is required for certain activities
and data processing. For children under 13, specific restrictions apply, and parental
consent is mandatory as per regulations like the Children's Online Privacy Protection
Act (COPPA) in the United States. Our application includes mechanisms to obtain
and verify parental consent as needed. For detailed guidelines on youth safety, refer
to our community guidelines.
Unified Application Platform
Our application provides distinct login modes for students, teachers, and guardians
within a single platform. This differentiation is represented separately in the data flow
for clarity. Each user type has access to functionalities tailored to their specific roles
and requirements.
Data Subject Rights
Under the GDPR, users have the following rights regarding their personal data:
Right to Access: You have the right to request copies of your personal data. We may charge a small fee for this service.
Right to Rectification: You have the right to request correction of any inaccurate information. You also have the right to request that we complete information you believe is incomplete.
Right to Erasure: You have the right to request that we erase your personal data, under certain conditions. This is also known as the "right to be forgotten."
Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data, under certain conditions. This means we can store the data but not use it.
Right to Data Portability: You have the right to request that we transfer the data we have collected to another organization, or directly to you, under certain conditions. This applies to data we process by automated means and which you have provided to us based on consent or contract.
Right to Object: You have the right to object to our processing of your personal data, under certain conditions. This includes the right to object to processing your data for direct marketing purposes.
Rights Related to Automated Decision Making and Profiling: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
To exercise any of these rights, please contact our Data Protection Officer at
[email protected]. We will respond to your request within one month, as required
by the GDPR.
Security Measures
We implement robust security measures to protect against unauthorized access,
alteration, disclosure, or destruction of personal data. These measures include, but
are not limited to:
Encryption: Data is encrypted both in transit and at rest to ensure confidentiality.
Access Controls: Access to personal data is restricted to authorized personnel only, based on role and necessity.
Regular Security Assessments: We conduct regular security audits and vulnerability assessments to identify and mitigate potential risks.
Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which
it was collected, including for the purposes of satisfying any legal, accounting, or
reporting requirements. The criteria used to determine our retention periods include:
The nature and sensitivity of the data.
The potential risk of harm from unauthorized use or disclosure.
The purposes for which we process the data and whether we can achieve those purposes through other means.
Applicable legal requirements.
International Data Transfers
Repeticio operates globally and may transfer your personal data to countries outside
of your home country. When we transfer data across borders, we ensure appropriate
safeguards are in place to protect your data in compliance with the GDPR. These
safeguards may include:
Standard Contractual Clauses (SCCs): Contractual clauses approved by the European Commission to ensure adequate protection for personal data transferred outside the EEA.
Binding Corporate Rules (BCRs): Internal rules adopted by multinational companies to allow intra-organizational transfers of personal data across borders in compliance with the GDPR.
Changes to This Privacy Policy
We may periodically update this Privacy Policy to reflect changes in our practices,
legal requirements, or other operational reasons. We will notify users of significant
changes through the application or other appropriate channels. Continued use of the
application after such changes have been made will constitute your acceptance of
the updated Privacy Policy.
Contact Information
For any questions or concerns about this Privacy Policy or our data practices, please
contact our Data Protection Officer at:
By using our application, you consent to the data practices described in this policy.
Repeticio is committed to protecting your privacy and ensuring a secure and
educational environment for all users.
