1. Who we are
Edulexa, Inc. is a Delaware C-corp with operations in San Francisco, New York, and Bengaluru. We are the data processor for personal data submitted via our APIs and the data controller for marketing site visitors.
2. What we collect
We collect minimum-necessary personal data: contact details (work email, name, company), API usage telemetry (request counts, latency, error rates), and customer-submitted data processed on behalf of our customers.
3. How we use it
To provide and improve the Edulexa platform, to invoice customers, to respond to support requests, and to send transactional emails. We never sell personal data.
4. Legal basis (GDPR)
Performance of contract (Art. 6(1)(b)), legitimate interests (Art. 6(1)(f)) for product improvement, and explicit consent for marketing communications.
5. International transfers
We rely on EU Standard Contractual Clauses (2021 controller-to-processor module) for any data leaving the EEA. Customer data is region-pinned by default.
6. Your rights
Access, rectification, erasure, restriction, portability, and objection. Email privacy@edulexa.com and we respond within 30 days.
7. Retention
Account data retained for the life of the contract plus 90 days. Logs retained for 13 months. Customer-submitted PII retained per the DPA.
8. Contact
Data Protection Officer: dpo@edulexa.com. Mailing address: 548 Market St, PMB 81234, San Francisco, CA 94104.