Privacy Notice
Effective date: February 27, 2026
Privacy matters because trust matters. This notice explains how Sukma collects, uses, stores, and protects personal data across independent learner accounts and institution-managed learning workflows.
1. Data We Collect
• User data such as account identity, profile details, login activity, and role events
• Session data such as learner questions, interaction events, and summaries
• Course data such as selected learning context and progress markers
• Operational data such as device details, browser signals, logs, and diagnostics
2. How We Use Data
• To deliver account, session, and course functionality
• To protect the service, detect misuse, and support incident response
• To generate summaries and continuity features that improve learning outcomes
• To meet legal, contractual, and operational obligations
3. Independent Learner Controls
• Manage account settings and optional summary recipients
• Require OTP verification before a recipient becomes active
• Request access, correction, or deletion where legally available
4. Institution-Managed Environments
When Sukma is used under institution governance, the institution controls the relevant records, session artifacts, and related policy decisions. See the Education Privacy Policy and Institution Terms.
5. Sharing and Disclosure
Sukma shares data only with contracted service providers that help us operate the platform, or where disclosure is required by law. We do not sell personal data.
6. Retention
Retention depends on the type of account and the policy context. Institution-managed deployments may apply configurable retention and deletion controls, while personal-account handling follows the privacy and legal requirements that apply to those accounts.
7. Related Policies
8. Contact
If you have privacy questions, contact:
Email: support@sukma.org