Privacy Policy

Effective Date: March 30, 2026 · Last Updated: April 17, 2026
FERPA • COPPA • GDPR • NDPR • POPIA • PIPEDA

1. Who We Are

NostaView ("we," "us," "our") is a QR-based photo crowdsourcing platform built for schools and educational institutions. We help school administrators collect photos from students, parents, and community members via simple QR code scans — no app download, no account required for contributors.

We take student privacy seriously. NostaView is built from the ground up to comply with FERPA, COPPA, GDPR, and applicable state and international privacy laws.

US School Districts NostaView operates as a school official under the direct control of your school, with a legitimate educational interest in accessing education records as permitted by FERPA (34 C.F.R. § 99.31(a)(1)). Student photos collected through NostaView are treated as education records under FERPA. We have a dedicated Student Data Privacy Agreement (SDPA) for US districts, and a Compliance Center for district IT and procurement review.

2. Data Controller / Processor Relationship

The fundamental principle Your school is the Data Controller. NostaView is the Data Processor. We only process data per your school's instructions, for the purpose of operating the photo collection Service.
  • Schools (Controllers): Determine which events are created, what photos are collected, who may contribute, and how the collection is used. Schools are responsible for obtaining proper consent from parents/guardians before enabling uploads involving student photos.
  • NostaView (Processor): Processes data solely per school direction. Never uses event photos or student data for advertising, profiling, or commercial purposes.
  • US Schools (FERPA): This relationship is formalized in our Student Data Privacy Agreement (SDPA). US districts may request a countersigned SDPA for procurement records.
  • EU/UK Schools (GDPR): This relationship is formalized in our Data Processing Agreement, which schools operating under GDPR should sign.

3. Data We Collect

School & Administrator Data

  • School name and contact information
  • Administrator names and email addresses
  • Billing information (processed by Stripe; we store only billing metadata, not card numbers)
  • Subscription tier and usage history

Event & Photo Data (Provided by Admins and Contributors)

  • Event names and descriptions (created by administrators)
  • Photos uploaded by administrators or anonymous QR contributors
  • Photo metadata (upload timestamp, file size, image dimensions)
  • Admin moderation actions (approved, rejected, flagged)
Anonymous contributor uploads. Contributors who scan a QR code to upload photos do not need to create an account. No name or email address is collected from anonymous contributors. Only their IP address (for security/fraud prevention) and a temporary session token are logged.

Contributor Data (QR Upload Flow)

  • IP address (for security and abuse prevention — not associated with uploaded photos in public display)
  • Temporary session token (issued at QR scan; not stored beyond the session)
  • Photos uploaded during the session
  • Upload timestamp

Platform Usage Data (Aggregate)

  • Admin login timestamps and session durations
  • Feature usage patterns (aggregate, school-level analytics only)
  • Event and upload counts (used for service improvement, never tied to individual students)

4. Data We Do NOT Collect

Our privacy commitment NostaView is built for schools. We deliberately avoid the tracking and profiling technologies common to consumer platforms.
  • ❌ Biometric facial recognition or facial templates
  • ❌ Behavioral profiling or targeting data for advertising
  • ❌ Health, medical, or sensitive personal information
  • ❌ Browsing history unrelated to NostaView
  • ❌ Individual student engagement or behavior tracking
  • ❌ Geolocation beyond IP address (used for security only)
  • ❌ Third-party advertising cookies or tracking pixels
  • ❌ Social media tracking or cross-site activity

5. How We Use Data

We use collected data for these specific purposes only:

  • Service Delivery: Store and display uploaded photos within events, serve event collection pages to authorized viewers, enable admin review and moderation
  • Account Management: Authenticate school administrator accounts, manage subscriptions, send service emails
  • Aggregate Analytics: Improve the platform using anonymized, school-level usage data
  • Security: Detect fraud, unauthorized access, and abuse; rate-limit anonymous uploads; maintain system integrity
  • Legal Compliance: Respond to valid legal requests, comply with regulatory obligations

We do not use your data for advertising, to train AI models on identifiable student content, or for any purpose beyond what's listed above.

6. Data Sharing

We Never Sell Your Data

NostaView does not sell, rent, or share student data with third parties for commercial purposes. This is a hard commitment, not just a policy preference.

Sub-Processors

We use the following sub-processors to deliver the Service. Each has signed a Data Processing Agreement with us:

VendorFunctionStudent Data?GDPR DPA
Cloudflare R2Photo & media storagePhotos only✅ Signed
RenderApplication hostingInfrastructure only✅ Signed
SendGridTransactional emailSchool email only✅ Signed
StripePayment processingNo student data✅ PCI DSS + GDPR
Google Cloud VisionAI photo analysis (Pro tier only)Photo content only✅ GDPR-compliant

Legal Requests

We may disclose data to comply with a valid subpoena, court order, or legal process. We will notify the affected school before disclosure where legally permitted. For GDPR-covered data, we will challenge overbroad requests.

7. Data Retention & Deletion

Data TypeDuring Subscription / After DowngradePost-Account-DeletionLegal Hold
Event photosFull access (active events); read-only if over plan limits60 days then deletedPer legal requirement
Event collection data & metadataFull access (active events); read-only if over plan limits60 days then deletedPer legal requirement
Admin accountsFull access30 days then deletedPer legal requirement
Anonymous contributor session dataSession duration onlyImmediately purged at session endN/A
Billing recordsRetained7 years (tax compliance)N/A
System logs (IP, security)90 days rollingDeletedPer legal requirement
Backup copiesRetained30 days then securely deletedPer legal requirement
Right to Erasure Schools may request deletion of all data at any time. Administrators can initiate this from the admin dashboard, or email supports@nostaview.com. We complete deletion within 30 days and provide written certification.

8. International Data Transfers

NostaView operates on US infrastructure (Render, Cloudflare). Schools outside the US should be aware:

  • EU/EEA Schools: Transfers are covered by Standard Contractual Clauses (SCCs) with supplementary Schrems II safeguards — AES-256 encryption at rest, TLS 1.2+ in transit. See our DPA for details.
  • UK Schools: UK GDPR-compliant DPA available. UK server option available on request.
  • Nigerian Schools (NDPR): Data of Nigerian residents is protected in accordance with the Nigeria Data Protection Regulation. Breach notifications are made to the NDPC within 72 hours.
  • South African Schools (POPIA): Consent-based processing with lawful basis documentation.
  • Canadian Schools (PIPEDA): Consent required; access and correction rights apply; breach notification per applicable law.

9. Your Rights

Rights for Schools & Parents (All Jurisdictions)

RightTimelineHow to Exercise
Access your data30 daysEmail supports@nostaview.com
Correct inaccurate data30 daysAdmin dashboard or email
Delete your data30 daysAdmin dashboard or email
Export your data30 daysAdmin dashboard (CSV/PDF)
Object to processing30 daysEmail supports@nostaview.com
Withdraw consentImmediateAdmin dashboard settings

Parental Rights (COPPA – Children Under 13)

Parents of students under 13 may:

  • Review personal information collected about their child
  • Request deletion of their child's photos and personal information
  • Revoke consent for future collection

Contact: supports@nostaview.com with subject "Parental COPPA Request."

10. Security

  • Encryption: AES-256 at rest; TLS 1.2+ in transit
  • Data Location: All student data — including photos — stored exclusively on US-based infrastructure (Render, Oregon data center; Cloudflare R2 US region). No international transfers of student data.
  • Access Control: Role-based access (school admin, advisor, contributor); session timeouts; school data isolated by account
  • Photo Moderation: Admin review workflow — school administrators approve, reject, and manage all uploaded photos before the collection is finalized
  • Monitoring: Logging and alerting for suspicious access patterns
  • Breach Response (US Schools): LEA notified within 24 hours of a confirmed or suspected breach involving student data; written incident report within 72 hours
  • Breach Response (GDPR): Schools notified within 24 hours; supervisory authorities notified within 72 hours
  • Audits: Annual security reviews and penetration testing procedures

11. Cookies & Tracking

We use a minimal set of cookies required to operate the platform:

  • Essential cookies: Login sessions, CSRF protection, authentication tokens — required for the platform to function
  • Functional cookies (optional): Remember design preferences
  • Analytics cookies (optional): Aggregate, anonymized usage — no individual student tracking

We do not use Facebook Pixel, Google Analytics on student data, or any advertising or retargeting technology.

See our full Cookie Policy for details including how to manage your preferences.

12. Children's Privacy (COPPA)

NostaView takes special care with student privacy, particularly regarding students under 13:

  • No Account Required: NostaView's contributor upload flow requires no account creation. Contributors scan a QR code and upload directly — we do not collect names or email addresses from QR contributors, minimizing personal data collection from young contributors.
  • Education Records Treatment: Student photos collected through NostaView are treated as education records under FERPA — protected, non-disclosed, and subject to parental access rights.
  • We do not knowingly collect personal information directly from children under 13
  • Admin accounts are for school staff only and require an email address; students do not create admin accounts
  • IP addresses are logged for security purposes only and are not displayed publicly or associated with uploaded photos in any user-facing view
  • If we discover we have collected information directly from a child under 13 without proper school authorization, we will delete it promptly
  • School Exception: Under COPPA (16 C.F.R. § 312.5(b)(1)), schools may consent on behalf of parents for educational activities. NostaView supports this school consent model.

Schools using NostaView are responsible for ensuring they have obtained appropriate parental consent before enabling photo uploads for events involving students under 13. See our Photo Consent Guidance for recommended consent language.

13. Policy Updates

We may update this Privacy Policy when we change our data practices. For material changes, we will:

  • Provide 30 days' notice by email before the change takes effect
  • Display a prominent notice on the platform
  • For significant changes affecting GDPR-covered data: require affirmative re-consent or provide opt-out rights

Previous versions of this policy are available on request.

14. Contact Us

For privacy questions, data requests, or concerns:

  • Privacy inquiries: supports@nostaview.com
  • COPPA parental requests: supports@nostaview.com — Subject: "Parental COPPA Request"
  • Data deletion requests: supports@nostaview.com — Subject: "Data Deletion Request"
  • GDPR/DPA inquiries: supports@nostaview.com — Subject: "GDPR Inquiry"

We aim to respond to all privacy inquiries within 10 business days, and to complete data deletion requests within 30 days.

EU/UK users may also lodge a complaint with their national data protection supervisory authority.