Legal
How we protect institute and student data.
Education data is sensitive: it follows a student through their life. We take that responsibility seriously. This page is a plain-language summary of how Edudron’s platform is engineered, hosted, and operated. Institute customers can request our full security questionnaire and SOC 2 Type I report under NDA.
In transit: all traffic is encrypted with TLS 1.3. We enforce HSTS with a 1-year max-age. Legacy TLS 1.0/1.1 are disabled.
At rest: all databases, object storage, and backups are encrypted using AES-256 with keys managed in Azure Key Vault. Each tenant has a distinct data-encryption key derived from the master key, so a key compromise is bounded.
Edudron is multi-tenant but isolates customer data by clientId at every layer:
clientId, enforced by middleware before business logic runs.Institute Pro customers can opt for a dedicated Azure subscription with hard infrastructure-level isolation.
Role-based access control (RBAC) is enforced server-side. Built-in roles: admin, registrar, faculty coordinator, faculty, student, guest, employer. Custom roles available on Institute Pro. Every privileged action emits an audit-log event.
Employee access to production is governed by:
Every event of consequence — enrolment, role change, certificate issuance, data export, login, failed login — is logged with the actor’s identity, timestamp, source IP, and tenant. Logs are write-once, retained for 13 months, and exportable as CSV by tenant admins.
All production workloads run on Microsoft Azure in the Central India (Pune) region with active failover to South India (Chennai). We use Azure SQL, Blob Storage, Service Bus, and AKS. No production data leaves India.
Fee collection is processed via Razorpay, which is PCI DSS Level 1 compliant. Edudron’s servers never see full card numbers, CVVs, or banking credentials.
AI features use Azure OpenAI deployed in Azure’s India regions. Prompts and completions are not used to train OpenAI’s or Microsoft’s foundation models. We retain prompt logs for 30 days for abuse detection, then delete them.
Databases are backed up every 6 hours with 35-day retention. Object storage is geo-redundant within India. RPO: 6 hours. RTO: 4 hours. We perform a tabletop disaster-recovery exercise every quarter.
Static and dependency scanning on every pull request. Weekly external network scans. Annual third-party penetration test (next: October 2026). Critical vulnerabilities are patched within 7 days; high within 14.
Our on-call rotation acknowledges Sev-1 incidents within 15 minutes. Customers on Institute Pro receive a phone call from a named engineer for Sev-1 events. Post-mortems for any customer-affecting incident are published within 5 business days at status.edudron.com.
To report a security issue, write to security@edudron.com with our PGP-encrypted form. We commit to acknowledging reports within 24 hours and providing a fix or update within 14 days. We do not pursue legal action against good-faith researchers acting within our responsible-disclosure policy.
Write to security@edudron.com. Our team responds in English and Hindi.