Back to Home
Privacy Policy for E-Z Groups
Effective Date: January 25, 2025
Last Updated: July 8, 2026
1. Introduction
Welcome to E-Z Groups, a product of Smart Records for Information
Technology & Software ("we," "us," "our," or "SRITS"). E-Z Groups is a
comprehensive group management application designed for educational
institutions and organizations to manage courses, groups, members,
supervisors, and evaluations.
This Privacy Policy explains how we collect, use, disclose, and
safeguard your information when you use our E-Z Groups application and
related services. We are committed to protecting your privacy and
ensuring the security of your personal information.
Company Information:
By using E-Z Groups, you agree to the collection and use of information
in accordance with this Privacy Policy. If you do not agree with our
policies and practices, please do not use our application.
2. Information We Collect
2.1 Personal Information
We collect information that identifies, relates to, or could reasonably
be linked to you, including:
-
Account Information: Name, email address, and login
credentials
-
Profile Information: Role (administrator, supervisor,
or member), institution affiliation
-
Profile Photo: An optional profile image you choose
to upload
-
Communication Data: Messages, feedback, and support
requests
2.2 Organizational Information
E-Z Groups is designed for organizational management. We collect and
process:
-
Course/Purpose Data: Course names, settings,
restrictions, and configurations
-
Group Data: Group names, member assignments,
supervisor assignments
-
Membership Data: User assignments to courses and
groups
2.3 Task and Evaluation Information
-
Task Data: Task titles, descriptions, grading
configurations, due dates
-
Evaluation Data: Grades, scores, comments, assessment
criteria results
-
Task Attachments: Images or files you may attach to
tasks or submissions
-
Completion Tracking: Task completion status and
timestamps
2.4 Usage and Technical Information
We automatically collect certain information when you use E-Z Groups:
-
Device Information: Device type, operating system,
browser type, unique device identifiers
-
Usage Data: Features accessed, actions performed,
time spent on platform
-
Log Data: IP address, access times, app version,
error logs
3. How We Use Your Information
3.1 Service Delivery
- Provide and maintain the E-Z Groups platform and its features
- Enable course, group, and member management
- Facilitate task creation and evaluation workflows
- Process and record grades and assessments
-
Enable collaboration between administrators, supervisors, and members
3.2 Service Improvement
- Analyze usage patterns to improve features and user experience
- Develop new functionalities
- Enhance platform performance and reliability
3.3 Communication
- Send service-related notifications and updates
- Provide technical support and respond to inquiries
- Communicate about your account
3.4 Security and Compliance
- Detect, prevent, and address security incidents
- Protect against unauthorized or illegal activity
- Comply with legal obligations
- Enforce terms of service
4. How We Share Your Information
We do not sell your personal information. We may share your information
in the following circumstances:
4.1 Within Your Organization
-
Administrators can view and manage all members, groups, and tasks
within their courses
-
Supervisors can view members assigned to their groups and grade their
tasks
- Members can view their own assignments and grades
4.2 Service Providers
We may share information with third-party vendors who provide:
- Cloud hosting and storage services (AWS)
- Authentication services (AWS Cognito)
- Analytics and performance monitoring
All service providers are contractually bound to maintain
confidentiality and security.
4.3 Legal Requirements
We may disclose information when required by law, including:
- Compliance with legal processes
- Enforcement of our terms and conditions
- Protection of our rights, property, or safety
5. Data Security
We implement comprehensive security measures to protect your
information:
5.1 Technical Safeguards
-
Encryption: Data encrypted in transit (TLS/SSL) and
at rest
-
Access Controls: Role-based access control with
secure authentication via AWS Cognito
-
Secure Infrastructure: Hosted on AWS with
industry-standard security
-
Owner-based Authorization: Data access restricted
based on ownership
5.2 Organizational Safeguards
-
Access Limitations: Strict need-to-know basis for
data access
-
Regular Updates: Security patches and system updates
applied promptly
Note: While we strive to protect your information, no
method of transmission or storage is 100% secure. We cannot guarantee
absolute security.
6. Data Retention
We retain your information for as long as necessary to:
- Provide our services to you
- Comply with legal obligations
- Resolve disputes and enforce agreements
Specific Retention Periods:
-
Account Information: Duration of account activity
plus 1 year after deletion request
-
Evaluation Records: As configured by your institution
or 3 years by default
-
Usage Data: Aggregated data retained indefinitely;
identifiable data for 1 year
-
Backup Data: Maintained for disaster recovery (30-90
days)
7. Your Rights and Choices
Depending on your location, you may have the following rights:
7.1 Access and Portability
- Request access to your personal information
- Receive a copy of your data in a portable format
7.2 Correction and Updates
- Request correction of inaccurate information
- Update your account information
7.3 Account and Data Deletion
Important: Account
Deletion
You have the right to delete your account and associated data, and
you can do this yourself from within the app.
Two self-service options are available in-app:
-
Close your entire account. Go to
Security Settings → Close my account. This immediately
schedules your account for permanent deletion after a
30-day grace period and deactivates the courses
(purposes) you own. During those 30 days you may
cancel the request from the same screen to fully
reactivate your account and restore your owned courses. After the
grace period ends, deletion is permanent.
-
Delete only your data within a specific organization or
course.
If you are a member of a course run by an organization
administrator, you can request deletion of your data in that course
from Security Settings → Delete my data. The course
administrator is notified and reviews the request; if approved, your
data in that course is scheduled for deletion.
You may also email
support@srits.website
(subject "E-Z Groups Account Deletion Request", with your account
email and full name) if you are unable to access the app.
What Happens When Your Account Is Deleted:
-
Your sign-in account is permanently removed and you can no longer
access the application.
-
Your personal profile information (name, email, profile photo) is
anonymized — your name and email are replaced with
non-identifying placeholders and your photo is removed.
-
Your group memberships, supervisor assignments, task submissions,
and grades are erased from our active systems.
What We Retain, and Why:
-
Compliance / audit records. We keep a minimal
record that a deletion took place (dates and the action performed)
to demonstrate that we honoured your request and to defend against
or establish legal claims, as permitted under Article 17(3)(e) GDPR.
These records do not contain your name or email. So
that we can still confirm the record relates to you if you later
raise a dispute, they include a
one-way cryptographic hash
of your email — this cannot be reversed to recover your address and
is used only to verify a match if you provide it.
-
Institutional requirements. If your institution
requires retention of certain records, those may be retained
according to institutional policy.
-
Legal obligations. Data may be retained where
required by law.
-
Aggregated / anonymous data that no longer
identifies you may be retained.
-
Backup systems. Residual copies in encrypted
backups are overwritten on the normal backup rotation (within 90
days).
Processing Time: After the 30-day grace period,
deletion is carried out automatically. Data-deletion requests within a
course are processed after the administrator's approval.
Cannot Be Undone: Once the grace period has ended,
account deletion is permanent and cannot be reversed.
7.4 Restriction and Objection
- Request restriction of processing in certain circumstances
- Object to processing based on legitimate interests
- Opt out of non-essential communications
To Exercise Your Rights: Email us at
support@srits.website.
8. International Data Transfers
Your information may be transferred to and processed in countries other
than your country of residence, including countries where data
protection laws may differ. We ensure appropriate safeguards are in
place for such transfers.
9. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you
of any changes by:
- Posting the new Privacy Policy on this page
- Updating the "Last Updated" date
- Sending notification through the app for material changes
We encourage you to review this Privacy Policy periodically for any
changes.
10. Contact Us
If you have any questions about this Privacy Policy or our data
practices, please contact us:
Acknowledgment
By using E-Z Groups, you acknowledge that you have read and understood
this Privacy Policy and agree to the collection, use, and disclosure
of your information as described herein.