1. Introduction

Welcome to SchoBase. This Privacy Policy explains how SchoBase ("we", "us", or "our") collects, uses, discloses, and protects your personal information when you use our time series database platform, website, and related services (collectively, the "Services").

By accessing or using the Services, you agree to the terms of this Privacy Policy. If you do not agree with our practices, please do not use the Services.

Contact Information:
Email: privacy@schobase.dev
Address: 123 Tech Boulevard, San Francisco, CA 94107, United States

2. Information We Collect

2.1 Information You Provide

• •Account Information: Name, email address, company name, phone number, billing address
• •Payment Information: Credit card details, billing information (processed by Stripe)
• •Support Communications: Messages, emails, and other communications with our support team
• •Time Series Data: Data you store in SchoBase (sensor readings, telemetry, metrics)

2.2 Information Collected Automatically

• •Usage Data: API calls, query patterns, database operations, feature usage
• •Device Information: IP address, browser type, operating system, device identifiers
• •Cookies and Tracking: Session cookies, analytics cookies (see Section 7)
• •Log Data: Server logs, error logs, performance metrics

3. How We Use Your Information

We use your information for the following purposes:

• •Service Delivery: Provide, operate, and maintain SchoBase services
• •Account Management: Create and manage accounts, process payments, handle subscriptions
• •Customer Support: Respond to inquiries, troubleshoot issues, provide technical support
• •Service Improvement: Analyze usage patterns, improve features, optimize performance
• •Security: Detect fraud, prevent abuse, protect against security threats
• •Communications: Send service updates, security alerts, marketing emails (with consent)
• •Legal Compliance: Comply with legal obligations, enforce our Terms of Service

4. Data Storage and Security

4.1 Data Storage

• •Cloud deployments: Data stored in AWS data centers (US East, US West, EU Central, Asia Pacific)
• •On-premise deployments: Data stored on your infrastructure (you control location)
• •Data retention: As specified in your service plan (default: 90 days)

4.2 Security Measures

• •Encryption at Rest: AES-256-GCM encryption for all stored data
• •Encryption in Transit: TLS 1.3 for all data transmission
• •Access Controls: Role-based access control (RBAC), multi-factor authentication
• •Audit Logging: Comprehensive logging of all data access and modifications
• •Infrastructure: SOC 2 Type II certified infrastructure, regular security audits

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

• •Service Providers: Third-party vendors (e.g., AWS, Stripe) who help us provide the Services
• •Business Transfers: In connection with mergers, acquisitions, or asset sales
• •Legal Requirements: To comply with laws, court orders, or government requests
• •Protection of Rights: To protect our rights, safety, or property, or those of our users
• •With Your Consent: When you explicitly authorize us to share your information

6. Your Rights and Choices

Depending on your location, you may have the following rights:

• •Access: Request a copy of your personal data
• •Correction: Request correction of inaccurate or incomplete data
• •Deletion: Request deletion of your personal data (subject to legal requirements)
• •Data Portability: Receive your data in a structured, machine-readable format
• •Opt-Out: Unsubscribe from marketing emails (link provided in all marketing communications)
• •Objection: Object to processing of your personal data in certain circumstances

To exercise these rights, contact us at privacy@schobase.dev. We will respond within 30 days.

7. Cookies and Tracking

We use cookies and similar tracking technologies to enhance your experience:

• •Essential Cookies: Required for service functionality (authentication, security)
• •Analytics Cookies: Track usage patterns to improve the Services (e.g., Plausible Analytics)
• •Preference Cookies: Remember your settings and preferences

You can control cookies through your browser settings. Note that disabling certain cookies may limit service functionality.

8. Third-Party Services

We use the following third-party services:

• •AWS (Amazon Web Services): Cloud hosting and infrastructure
• •Stripe: Payment processing
• •Clerk: Authentication and user management
• •Plausible Analytics: Privacy-friendly website analytics

Each service has its own privacy policy governing their data practices. We encourage you to review these policies.

9. International Data Transfers

If you are located outside the United States, your information may be transferred to and processed in the United States or other countries where our service providers operate.

We implement appropriate safeguards for international transfers, including:

• •Standard Contractual Clauses (SCCs) approved by the European Commission
• •Data Processing Agreements (DPAs) with all service providers
• •EU-US and Swiss-US Privacy Shield certification (where applicable)

10. Children's Privacy

Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us at privacy@schobase.dev and we will promptly delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• •Posting the updated policy on this page with a new "Last Updated" date
• •Sending an email notification to registered users
• •Displaying a prominent notice on our website

Your continued use of the Services after changes constitute acceptance of the updated policy.

12. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

13. Additional Rights for EU/EEA Residents (GDPR)

If you are located in the European Union or European Economic Area, you have additional rights under the General Data Protection Regulation (GDPR):

• •Right to withdraw consent at any time
• •Right to lodge a complaint with a supervisory authority
• •Right to restriction of processing
• •Legal basis for processing: Contract performance, legitimate interests, consent

14. Additional Rights for California Residents (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• •Right to know what personal information is collected, used, and shared
• •Right to delete personal information (subject to exceptions)
• •Right to opt-out of sale of personal information (we do not sell data)
• •Right to non-discrimination for exercising your rights