Privacy Policy | Kounet - Cloud‑based. Teacher‑centered. Powered by Kounet.

1

Information We Collect

1.1 Information You Provide

We collect information you directly provide when using Kounet, including:

Account Information: Name, email address, phone number, organization name, and password when you create an account.
Student Data: Names, contact details, enrollment information, and other details you enter about students.
Attendance Records: Class attendance data, timestamps, and related notes.
Financial Information: Payment records, fee structures, and transaction history within the platform.
Communication Data: Messages and inquiries sent through our contact forms or support channels.

1.2 Information Collected Automatically

When you access Kounet, we may automatically collect:

Device Information: Browser type, operating system, device type, and unique device identifiers.
Usage Data: Pages visited, features used, time spent on the platform, and interaction patterns.
Log Data: IP address, access times, and referring URLs.
Cookies: Small data files stored on your device to enhance your experience and remember your preferences.

2

How We Use Your Information

We use the collected information to:

Provide, maintain, and improve Kounet services
Process and manage student enrollments, attendance, and payments
Send important notifications about your account or service updates
Respond to your inquiries and provide customer support
Analyze usage patterns to enhance user experience
Ensure platform security and prevent fraud
Comply with legal obligations

3

Data Storage and Security

We implement industry-standard security measures to protect your data:

Encryption: All data is encrypted in transit using SSL/TLS and at rest using AES-256 encryption.
Access Controls: Strict access controls ensure only authorized personnel can access sensitive data.
Regular Backups: Automated backups protect against data loss.
Secure Infrastructure: Our servers are hosted in secure, certified data centers.

While we strive to protect your information, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security but are committed to maintaining the highest standards.

4

Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

With Your Consent: When you explicitly authorize us to share your information.
Service Providers: With trusted third-party vendors who assist in operating our platform (e.g., hosting, analytics), bound by confidentiality agreements.
Legal Requirements: When required by law, court order, or government request.
Business Transfers: In connection with a merger, acquisition, or sale of assets, with prior notice.
Protection: To protect the rights, property, or safety of Kounet, our users, or the public.

5

Data Retention

We retain your data for as long as your account is active or as needed to provide services. After account termination:

Account data is retained for up to 90 days before permanent deletion
Backup copies may persist for up to 180 days
Anonymized analytics data may be retained indefinitely
Legal or compliance records are retained as required by law

You may request earlier deletion of your data by contacting us.

6

Your Rights

Depending on your location, you may have the following rights:

Access: Request a copy of the personal data we hold about you.
Correction: Request correction of inaccurate or incomplete data.
Deletion: Request deletion of your personal data, subject to legal obligations.
Data Portability: Request your data in a structured, machine-readable format.
Withdrawal of Consent: Withdraw consent for data processing where applicable.
Objection: Object to certain types of data processing.

To exercise these rights, please contact us at [email protected].

7

Children's Privacy

Kounet is designed for use by educational institutions and educators. We recognize that student data may include information about minors. We take additional precautions:

Student data is only accessible to authorized institution administrators and educators
We do not knowingly collect personal information directly from children under 13
Parents or guardians may request access to or deletion of their child's information through the educational institution
We comply with applicable laws regarding children's data protection

8

Cookies and Tracking

We use cookies and similar technologies to:

Keep you signed in to your account
Remember your preferences and settings
Understand how you use our platform
Improve our services based on usage patterns

You can control cookies through your browser settings. Note that disabling cookies may affect platform functionality.

9

Third-Party Services

Kounet may integrate with or contain links to third-party services. We are not responsible for the privacy practices of these services. We encourage you to review their privacy policies before providing any information.

10

International Data Transfers

Your data may be transferred to and processed in countries other than your own. In accordance with the Transfer Limitation Obligation under Brunei Darussalam's draft Personal Data Protection Order (PDPO), we will not transfer personal data to a country or territory outside Brunei Darussalam unless we ensure that the transferred data is accorded a standard of protection comparable to that under the PDPO. We ensure appropriate safeguards are in place for such transfers, including standard contractual clauses where applicable.

11

Data Protection Under Brunei Darussalam Law

Kounet is operated by everBetter Innovations, based in Brunei Darussalam. Our data protection practices are aligned with the principles set out in Brunei Darussalam's draft Personal Data Protection Order (PDPO), as developed by the Authority for Info-communications Technology Industry of Brunei Darussalam (AITI). We are committed to complying with the PDPO upon its enactment and enforcement.

The PDPO is a draft framework under public consultation. We follow its principles today so we're already aligned when the order is enacted.

11.1 Data Protection Obligations

In accordance with the PDPO framework, we uphold the following Data Protection Obligations:

Accountability Obligation: We have designated a responsible person to ensure compliance with data protection requirements and have developed policies and practices to meet our obligations, including a process to receive and address complaints.
Consent Obligation: We obtain your consent before collecting, using, or disclosing your personal data, unless otherwise required or authorised by law. Your consent may be express (e.g., checking an acknowledgment box) or deemed (e.g., voluntarily providing data for a specific purpose).
Purpose Limitation Obligation: We collect, use, and disclose your personal data only for purposes that a reasonable person would consider appropriate in the circumstances, and for which you have been notified.
Notification Obligation: We inform you of the purposes for which your personal data is being collected, used, or disclosed on or before the point of collection.
Access and Correction Obligation: You have the right to request access to your personal data in our possession and to request corrections of any errors or omissions.
Accuracy Obligation: We make reasonable efforts to ensure that personal data collected is accurate and complete, particularly when it is likely to be used to make decisions affecting you.
Protection Obligation: We protect personal data in our possession by making reasonable security arrangements to prevent unauthorised access, collection, use, disclosure, copying, modification, or disposal.
Retention Limitation Obligation: We cease to retain personal data, or remove the means by which it can be associated with you, as soon as it is reasonable to assume the data is no longer needed for the purpose for which it was collected and is no longer necessary for legal or business purposes.
Transfer Limitation Obligation: We do not transfer personal data outside Brunei Darussalam unless the recipient jurisdiction provides a comparable standard of protection.
Data Breach Notification Obligation: In the event of a data breach that is likely to result in significant harm, we will notify the relevant authority and affected individuals as soon as practicable, and in any case no later than 3 calendar days after assessment.

11.2 Your Rights Under the PDPO

Under the PDPO framework, you have the following rights:

Right to Withdraw Consent: You may withdraw your consent for the collection, use, or disclosure of your personal data at any time by giving us reasonable notice. We will inform you of the likely consequences of withdrawal.
Right to Request Access: You may request access to your personal data that is in our possession or under our control, as well as information about how it has been used or disclosed within the past year.
Right to Request Correction: You may request the correction of any error or omission in your personal data.
Right to Data Portability: You may request that your personal data be transmitted to another organisation under certain circumstances.

To exercise any of these rights, please contact us at [email protected]. We will respond within 30 days of receiving your request.

11.3 Processing of Minors' Data

As an education management platform, Kounet may process personal data relating to minors (students). In accordance with the PDPO, for young children who are unable to give consent, we require that consent be obtained from the child's parent or legal guardian. Educational institutions using Kounet are responsible for ensuring that appropriate parental or guardian consent has been obtained before entering student data into the platform.

11.4 Regulatory Compliance

This privacy policy is designed to comply with the data protection principles outlined in:

The Public Consultation Paper on Personal Data Protection for the Private Sector in Brunei Darussalam (AITI, 20 May 2021)
The Response to Feedback on the Public Consultation Paper on Personal Data Protection for the Private Sector in Brunei Darussalam (AITI, 3 December 2021)
The APEC Privacy Framework and Cross-Border Privacy Rules System

We will update this policy as necessary to reflect the final enacted provisions of the PDPO and any subsequent regulations or advisory guidelines issued by AITI.

12

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by:

Posting the updated policy on our website
Updating the "Last updated" date
Sending an email notification for material changes

Your continued use of Kounet after changes constitutes acceptance of the updated policy.

13

Contact Us

If you have questions about this Privacy Policy or our data practices, reach out — we aim to respond within 30 days.

Email

[email protected]

+673 834 1420