This Privacy Policy describes how Scifyx Tech Private Limited ("we", "us", or "our") collects, uses, and protects information in connection with the RoamEase platform — including the RoamEase student app, ManageEase warden portal, and SecureEase security app.
1. Who We Are
Scifyx Tech Private Limited is a technology company registered in India. We operate the RoamEase hostel management platform, which is licensed to educational institutions (referred to as "institutions" or "tenants") to manage student hostel operations.
Our registered address: Bengaluru, Karnataka, India.
Contact: support@scifyx.com · +91 7892857456
In the context of data protection, Scifyx Tech acts as a data processor on behalf of the institution (data controller) for student and staff data. For platform-level operational data, Scifyx Tech acts as the data controller.
2. Information We Collect
We collect information in the following categories:
2.1 Student Information (provided by institution)
- Full name, date of birth, gender
- Phone number and email address
- Registration ID / USN / Roll number
- College name, course, batch, and academic year
- Hostel name, room number, floor, ward
- Blood group
- Profile photograph and student signature
- Parent / guardian names, phone numbers, and email addresses
2.2 Leave and Activity Data
- Leave applications: dates, duration, destination, mode of transport, reason
- Approval status and timestamps for each workflow step
- QR code scan records: exit time and entry time
- Location data (only when SOS is triggered by the student)
2.3 Manager and Staff Information
- Name, phone number, email, gender, date of birth
- Assigned role and hostel access permissions
2.4 Device and Usage Data
- Device token for push notifications (FCM token)
- App version, operating system
- Login timestamps and session data
2.5 Complaints, Announcements, and Other Module Data
- Complaint descriptions, categories, photos
- Announcements created by managers
- Visitor records (name, phone, purpose, photo)
- Vehicle registration numbers
- Blood request records
3. How We Use Your Information
We use the information we collect to:
- Operate the RoamEase platform and provide services to the institution
- Process and track leave and outpass applications
- Enable dynamic approval workflows (student → parent → warden)
- Generate and verify QR codes at security checkpoints
- Send push notifications and WhatsApp messages for leave approvals, rejections, and alerts
- Transmit live location to authorised personnel when SOS is triggered
- Maintain audit logs for institutional accountability
- Enable complaint tracking and resolution
- Provide mess management data (anonymised headcount)
- Send announcements and notices to relevant student groups
- Improve platform performance and fix technical issues
We do not use student data for advertising, marketing, or any purpose beyond operating the platform for your institution.
4. How We Share Your Information
We do not sell, rent, or trade your personal information. We share data only in the following circumstances:
4.1 Within the Platform
- Student leave data is shared with the student's assigned warden and relevant approval-chain participants (parent, warden)
- Managers see only data from their assigned hostels (enforced by RBAC)
- Security personnel see only QR verification data
4.2 With the Institution
- The institution (tenant) has access to all data for its students and staff
- The institution is responsible for its own data policies toward students
4.3 Service Providers
- Cloud hosting: Amazon Web Services (AWS Lightsail / EC2) — for data storage and compute
- Push notifications: Firebase Cloud Messaging (Google) — for app notifications
- WhatsApp messaging: Meta (WhatsApp Business API) — for parent approval links only
- File storage: Amazon S3 — for photos, documents, and QR codes
All service providers are contractually bound to process data only as directed and to maintain appropriate security measures.
4.4 Legal Requirements
We may disclose information if required by Indian law, court order, or government authority.
5. Data Storage and Security
All data is stored on servers hosted in India (AWS Mumbai region) or as otherwise agreed with the institution.
We implement the following security measures:
- JWT-based authentication with server-side token validation
- Strict multi-tenant isolation — each institution's data is completely separated
- Role-based access control (RBAC) enforced at the API level
- HTTPS / TLS encryption for all data in transit
- Encrypted storage for sensitive fields
- Regular security reviews and code audits
- Soft-delete and audit history on all operational records
Despite these measures, no system is 100% secure. We encourage institutions to maintain strong password practices and report any suspected breaches to support@scifyx.com immediately.
6. Data Retention
- Active student data is retained for the duration of the academic year and archived thereafter
- Leave records and audit logs are retained for a minimum of 3 years for institutional accountability
- SOS location data is retained for 90 days, then permanently deleted
- Deleted accounts (soft-deleted): data is retained for 30 days before permanent deletion
- Institutions may request complete data deletion upon contract termination
7. Your Rights
Depending on your role, you may have the following rights regarding your personal data:
- Access: Request a copy of the personal data we hold about you
- Correction: Request correction of inaccurate data
- Deletion: Request deletion of your account and associated data (subject to retention requirements)
- Portability: Request your data in a machine-readable format
- Objection: Object to certain types of processing
Students should first contact their institution's warden or administrator for data requests. For platform-level requests, contact us at support@scifyx.com.
8. Children's Privacy
RoamEase is used by college students, some of whom may be under 18 years of age. Student data is collected and processed solely at the direction of the educational institution, which acts as the data controller and is responsible for obtaining appropriate consents from students and parents.
We do not knowingly collect personal data from minors directly — all data is provided by and through the institution's onboarding process.
Parent / guardian phone numbers are collected to enable WhatsApp-based leave approval, which is a core safety feature of the platform.
9. Cookies and Tracking
The roamease.in website (this marketing site) uses minimal cookies:
- No advertising or third-party tracking cookies
- Basic analytics may be used to understand page traffic (anonymised)
The ManageEase web portal uses session cookies required for authentication. These are strictly necessary cookies and cannot be disabled.
Mobile apps (RoamEase, SecureEase) do not use browser cookies.
10. Third-Party Services
The platform integrates with the following third-party services:
- WhatsApp (Meta): Used exclusively for parent approval notifications. Meta's privacy policy applies to WhatsApp messages.
- Firebase (Google): Used for push notifications. Google's privacy policy applies.
- Amazon Web Services: Used for cloud infrastructure and file storage.
- Google Fonts: Used on this website for typography. Google may collect anonymous usage data.
We are not responsible for the privacy practices of these third parties and encourage you to review their respective privacy policies.
11. Changes to This Policy
We may update this Privacy Policy from time to time. When we make significant changes, we will:
- Update the "Last updated" date at the top of this page
- Notify institutions via email at least 14 days before changes take effect
- Post a notice in the ManageEase dashboard
Continued use of the platform after the effective date constitutes acceptance of the updated policy.
12. Contact Us
For any questions, concerns, or requests regarding this Privacy Policy or your data:
We will respond to all privacy-related requests within 7 business days.