DoteVentures Private Limited

Classess is the AI-powered teaching and learning platform, trusted by over 2,000 schools globally. This Trust Vault provides a transparent view of our data protection program, with clear documentation of our privacy and security practices, third-party certifications, and compliance with global standards & regional regulations.

To access sensitive documents, please click the "Login/Get Access" button at the top of the page and complete the request form.

Resources

  • Classess® AI Privacy & Security Pack: Comprehensive documentation outlining AI data privacy, ethical use of learning analytics, model transparency, and responsible application of generative AI features across all Classess® products.
  • Classess® Privacy & Security Policy: General policy covering privacy, compliance, and user data protection practices across institutions, students, and educators.
  • Classess® Accessibility Statement: Statement affirming Classess®' commitment to accessibility and inclusive design for learners of all abilities and linguistic backgrounds.

Legal

  • Data Subject Access Request (DSAR): Allows individuals and institutions to request access, correction, or deletion of their personal or institutional data managed by Classess®.
  • DSAR Assistance Form: Supports institutional administrators when exercising data subjects' rights for students, teachers, and staff under their account hierarchy.
  • Data Processing Agreement (DPA – Global):Upholds compliance with the DPDP Act, 2023, and IT Data Protection Rules to ensure responsible handling of personal data in India.

Corporate Security

  • Security Operations Center: 24/7 monitoring to detect, investigate, and respond to threats across all Classess® cloud services and connected applications.
  • Mobile Device Management (MDM): Security policies enforcing data protection and access control on teacher or admin devices used for Classess® operations.
  • Single Sign-On (SSO): Unified authentication across Classess®, Vidya, LearnEng, and Feenance using OAuth 2.0, Apple,Microsoft and Google Workspace Education integration.

Endpoint Security

  • DNS Filtering: Protects all Classess® endpoints from malicious or phishing domains.
  • Threat Detection: Continuous monitoring of devices and servers to identify potential intrusions and abnormal behaviors.
  • Disk Encryption: Enforces full-disk encryption ensuring confidentiality even in the event of device loss or theft.

SSL Security

  • SSL/TLS Certification: All Classess® environments are rated 'A' by independent SSL evaluators, ensuring strong encryption, HTTPS enforcement, and secure key management.

Access Control

  • Password Security: Enforced password complexity, rotation, and brute-force protection across all portals.
  • Role-Based Access Control (RBAC): Tiered permissions ensuring users only access what is required for their roles.
  • Logging & Audit Trails: Comprehensive activity logs for transparency, accountability, and incident investigation.

Network Security

  • Virtual Private Cloud (VPC): Segmented network ensuring secure data separation and internal traffic control.
  • Spoofing Protection: Automated systems detect and block IP/DNS spoofing attempts.
  • Traffic Filtering: Firewalls and smart traffic management for inbound and outbound requests.

Infrastructure

  • Recovery Point Objective (RPO): Defines maximum acceptable data loss (≤15 minutes) in the event of outage or failure.
  • Recovery Time Objective (RTO): System recovery target within 30 minutes for critical services.
  • Auto-Scaling & Redundancy: Cloud auto-scaling across multiple data centers to maintain uptime and load balance.

App Security

  • Credential Management: Secure rotation of credentials, API tokens, and integration keys.
  • Code Analysis: Static and dynamic scanning of all Classess® builds for vulnerabilities before deployment.
  • Web Application Firewall (WAF): Layered protection from injection attacks, XSS, and other web threats.

Data Security

  • Automated Backups: Hourly encrypted backups for continuity and rapid disaster recovery.
  • Data Erasure Protocols: Secure deletion procedures compliant with India’s DPDP Act, 2023 and IT Data Protection Rules.
  • Physical Security: Tier-III and Tier-IV data centers equipped with biometric access and surveillance.

Product Security

  • AI Safeguards: Embedded data anonymization and differential privacy layers in Classess® AI models.
  • Access Governance: Centralized permissions for VidyaGPT, AutoCheck, Feenance, and Pulse dashboards.
  • Unified SSO: Single identity verification mechanism across all connected Classess® products.

Policies

  • Password Policy: Defines password strength and rotation standards.
  • BYOD Policy: Guidelines for personal device access to Classess® networks and apps.
  • Data Classification Policy: Framework categorizing institutional, student, and personal data by sensitivity.