User Data Policy

Zero third-party data sharing

Student and institutional data is not sold, shared, rented, or transferred to third parties.

100% self-hosted infrastructure

The AI Suite runs on private, self-hosted infrastructure controlled by Lyrabyte Technologies.

Session data cleared on exit

Most modules can run in session-based mode where active memory is cleared when the session ends.

Full institutional control

Institutions can configure storage, retention, authentication, chat history, access control, and integration behaviour.

Lyrabyte Technologies built the AI Suite with one core commitment: student data stays where it belongs.

The AI Suite runs on private, self-hosted infrastructure. No student query, generated output, or personal detail is sent to external AI providers such as OpenAI, Google, Anthropic, or similar third-party model providers. Institutions have configurable control over data handling, storage, access, and retention.

Who this policy covers

• Students using the platform
• Teachers using the platform
• Administrators using the platform
• Institutions deploying the AI Suite as a standalone product
• Institutions integrating the AI Suite into an existing app, LMS, or platform

Standalone product

Institutions without an existing platform can deploy the AI Suite as a complete, self-contained product for students and teachers.

Integration into existing app

Institutions with an existing app or LMS can embed the AI Suite directly into that experience. No separate student app is required if integration is preferred.

Private, self-hosted AI

The AI Suite runs on custom fine-tuned models inside Lyrabyte's own infrastructure. Student data, queries, and generated outputs are not sent to OpenAI, Google, Anthropic, or external AI providers.

No external AI APIs for student processing

Academic AI processing happens inside Lyrabyte's contained environment under terms agreed with the institution.

Contained processing

All computation happens within secure servers controlled by Lyrabyte Technologies.

Institutional visibility

Institutions can understand and configure what data exists, how it is handled, and what retention rules apply.

What we collect

• Login credentials · Email or username with hashed password. Plaintext passwords are never stored.
• Session tokens · Temporary tokens that expire on logout or timeout.
• Chat history · Only stored if the institution enables chat history. Stored chat history is encrypted at rest.

What we never collect

• Biometric data
• Location data
• Device identifiers for tracking
• Browsing history outside the platform
• Demographic profiling data
• Advertising data
• Marketing network data
• Data for training external AI models

Authentication flexibility

Institutions can choose email and password, username and password, or SSO through an existing identity provider.

Most AI Suite modules can run in session-based mode. Data is processed in real time and is not written to permanent storage. When the student closes the session, active memory is cleared automatically.

Modules commonly suitable for session-based processing

• Notebook AI
• AI Code Lab
• Question Paper tools
• JEE and NEET practice
• Quiz and revision tools
• Document generation

Session lifecycle

• Student opens a module.
• AI processes the request in real time.
• Student exports or downloads the output if needed.
• Session ends.
• Active memory is cleared.

When chat history is enabled

• Stored in encrypted form at rest
• Accessible only to the owning student by default
• Not visible to teachers or administrators by default
• Never used to train external AI models
• Decryption occurs only for the owning student's access

When chat history is disabled

Chat follows session-based processing. When the student exits, the conversation is cleared from active memory with zero retention.

Institution toggle

Institutions can disable chat history entirely through configuration.

Privacy-first mode (recommended default)

• No persistent storage for most module activity
• Session-based processing
• Data cleared automatically on exit
• Zero retention after session ends
• Maximum student privacy protection

Managed storage mode (optional)

• Selected data stored with encryption
• Access controlled by institution policy
• Custom retention and deletion schedules
• Configurable auto-delete rules
• Audit trail for compliance

Generated content such as notes, question papers, code, practice sets, summaries, reports, and documents can be exported and downloaded directly. Students and institutions are not required to store outputs in cloud storage unless the institution chooses a managed storage configuration.

Your data, your property

All data belongs to the institution and its authorised users. Lyrabyte does not claim ownership over student-generated content, institutional content, or outputs.

Account removal

When a student is removed, associated data can be deleted immediately or retained for a custom period based on institution policy.

No indefinite retention

Lyrabyte does not hold data beyond its intended purpose or beyond terms agreed with the institution.

Embeds into your app

If the institution already has a student-facing app or LMS, the AI Suite can be integrated directly into it.

Same privacy guarantees

The same privacy protections apply whether students access the AI Suite as a standalone product or through an existing platform.

No forced data exchange

The AI Suite does not automatically read from or write to an institution's existing platform. Any data exchange is explicitly configured, documented, and approved by the institution.

Institution stays in control

The institution defines how the AI Suite connects, what data flows, and under what terms.

• Encryption at rest · Stored data, including enabled chat history, is encrypted at rest.
• Encryption in transit · All data transfers use secure protocols.
• Access control · Only authorised users can access their permitted data.
• Session expiry · Tokens automatically expire on logout or timeout.
• Audit logging · Administrative access can be logged for compliance visibility.
• Security reviews · Regular vulnerability reviews and security maintenance are part of the operating process.
• Isolated infrastructure · Systems are designed to avoid shared exposure with external AI services.
• Zero external AI exposure · Student data does not traverse external AI provider networks.

Lyrabyte Technologies does not sell, share, rent, or transfer student or institutional data to third parties.

No advertising data

Student data is not sent to ad networks or marketing firms.

No external AI training

Student data is not used to train external AI models.

Depending on institution configuration and applicable policy, students may request:

• Access to stored data
• Correction of inaccurate information
• Deletion of data
• Export of data in standard format
• Explanation of how data is used

Questions about this policy should be directed to the institution's designated data administrator, who can coordinate with Lyrabyte Technologies.

This policy may be updated to reflect platform changes or legal requirements. Institutions will be notified of material changes before they take effect.