Privacy Policy - SUPERVISORSYNC

SupervisorSync ("The Platform", "We", "Our", or "Us") is committed to protecting the privacy, confidentiality, and integrity of personal data processed through the system. This Privacy Policy explains how personal data is collected, used, stored, and protected in compliance with the Nigeria Data Protection Act (NDPA), 2023.

1Scope & Applicability

This Privacy Policy applies to all users of the SupervisorSync platform, including but not limited to: Students, Supervisors, Administrators, and institutional stakeholders who access or use the system.

2Legal Basis For Processing

Personal data is processed under the lawful bases provided by the NDPA, including:

Performance Of A Contractual Or Academic Obligation
Compliance With Legal And Institutional Requirements
Legitimate Interests Of The Institution
User Consent, Where Applicable

3Categories Of Personal Data Collected

The Platform may collect and process the following categories of data:

Full Name
Email Address
Department And Faculty
Matriculation Number (Students)
Staff Identification Details (Supervisors)
User Role (Student, Supervisor, Administrator)
Authentication And Access Credentials (Securely Hashed)
Supervision And Allocation Records
System Activity Logs
Payment Status And References (Where Applicable)

The Platform Does Not Store Banking, Card, Or Sensitive Financial Credentials.

4Purpose Of Data Processing

Collected data is processed strictly for the following purposes:

User Authentication And Authorization
Student–Supervisor Allocation And Management
Academic Supervision Tracking
Administrative Oversight And Reporting
System Security, Auditing, And Performance Improvement
Compliance With Institutional And Regulatory Obligations

5Role-Based Access Control

Access to personal data is governed by strict role-based authorization:

👨‍🎓 Students

May access only their own academic and supervision data.

👨‍🏫 Supervisors

May access data relating only to their assigned students.

👨‍💼 Administrators

May access system-wide data strictly for management purposes.

6Data Security Measures

SupervisorSync implements appropriate technical and organizational measures to protect personal data:

ASP.NET Identity Authentication Framework
Password Hashing And Encryption
Anti-Forgery (CSRF) Protection
Secure Role-Based Authorization
Controlled Administrative Access

7Data Sharing & Disclosure

Personal data is not sold, rented, or disclosed to third parties except:

Where Required By Law Or Regulation
Where Required By Institutional Academic Policy
To Authorized System Administrators Acting Within Their Duties

8Cookies & Session Management

The Platform uses session cookies strictly for authentication, authorization, and security purposes. No advertising or tracking cookies are employed.

9Data Retention

Personal data is retained only for as long as necessary to fulfill academic, administrative, and legal obligations. Data no longer required is securely archived or deleted in accordance with NDPA principles.

10Data Subject Rights

In accordance with the NDPA, users have the right to:

Request Access To Their Personal Data
Request Correction Of Inaccurate Data
Request Restriction Or Deletion Of Data (Subject To Academic Requirements)
Lodge A Complaint With The Institution Or Relevant Data Protection Authority

11Amendments

This Privacy Policy may be updated periodically to reflect legal, regulatory, or system changes. Continued use of the Platform constitutes acceptance of such updates.

12Contact Information

📧 Privacy Enquiries

For privacy-related inquiries, concerns, or data requests, please contact:

System Administrator — SupervisorSync

hello@supervisorsync.com