Cognitive Lamp Private Limited is committed to safeguarding the confidentiality, integrity and availability of data entrusted to us. Data security is a foundational responsibility and an integral part of how our educational technology platforms are designed, operated and continuously improved.
This policy explains the measures we take to protect personal, educational and institutional data from unauthorised access, misuse, loss, or disclosure.
1. Scope of Protection
This policy applies to:
- Learner data, including children’s data
- Parent and guardian information
- Educator and institutional data
- Assessment, learning analytics and platform usage data
- Business, operational and support-related information
All data is treated as confidential unless explicitly designated otherwise.
2. Security-by-Design Approach
Cognitive Lamp follows a security-by-design and privacy-by-default philosophy:
- Data protection considerations are embedded at the architecture stage
- Systems are designed to minimise data exposure
- Access is granted strictly on a need-to-know basis
Security is treated as a continuous process, not a one-time configuration.
3. Technical Safeguards
We implement appropriate technical measures, which may include:
- Secure hosting environments and network protections
- Encryption of data in transit and, where appropriate, at rest
- Authentication and role-based access controls
- Activity logging and system monitoring
Security controls are reviewed and updated in line with evolving risks.
4. Organisational & Administrative Controls
In addition to technical safeguards, we maintain:
- Restricted internal access to sensitive data
- Confidentiality obligations for employees, contractors and partners
- Training and awareness on data protection responsibilities
- Documented procedures for handling data securely
Only authorised personnel may access sensitive information.
5. Data Confidentiality Principles
We adhere to the following confidentiality principles:
- Data is used strictly for educational, operational, or legal purposes
- Personal and educational data is not disclosed without authorisation
- Aggregated or anonymised data may be used for platform improvement
- Confidentiality is maintained across all user roles and interactions
6. Third-Party & Vendor Security
Where third-party service providers are engaged:
- Providers are selected based on security and reliability standards
- Data sharing is limited to what is strictly necessary
- Contractual confidentiality and data protection obligations apply
We do not permit third parties to use platform data for unauthorised purposes.
7. Data Retention & Secure Disposal
Data is retained only for as long as required to:
- Deliver educational services
- Meet contractual obligations
- Comply with legal or regulatory requirements
When data is no longer required, it is securely deleted or anonymised.
8. Incident Management & Breach Response
Cognitive Lamp maintains procedures to:
- Detect, assess and respond to security incidents
- Contain potential impacts and prevent recurrence
- Notify affected parties and authorities where required by law
We aim to act promptly, responsibly and transparently in the event of a data incident.
9. User Responsibilities
Users are responsible for:
- Maintaining the confidentiality of login credentials
- Using the platform in a secure and responsible manner
- Not attempting unauthorised access or misuse of data
Shared responsibility strengthens overall platform security.
10. Policy Review & Continuous Improvement
This policy is reviewed periodically to reflect:
- Technological developments
- Emerging security threats
- Legal and regulatory updates
Improvements are implemented as part of our ongoing risk management efforts.
11. Contact & Reporting
For questions, concerns, or to report a security issue, please contact:
Data Protection / Security Contact
Cognitive Lamp Private Limited
📧 Email: admin@cognitivelamp.com
Closing Statement
At Cognitive Lamp, data security and confidentiality are essential to maintaining trust with learners, families, educators and institutions. We continuously strengthen our safeguards to ensure that educational data remains protected, respected and responsibly managed.