Ocoviz was designed around one principle: a school intelligence platform is only as good as the trust placed in it. Here's exactly how we protect student data, who can see what, and how we stay accountable.
Security isn't a feature we bolted on — it shaped how Ocoviz is built, from database architecture to who sees a single attendance record.
All student, teacher, and school data is hosted on servers located within India, in compliance with data localisation expectations for educational institutions.
Data is encrypted both in transit (TLS 1.2+) and at rest. Even in the unlikely event of unauthorised access, raw data remains unreadable.
A class teacher sees their class. A principal sees their school. No one sees more than their role requires — enforced at the system level, not by policy alone.
We do not sell, rent, or share student data with advertisers or third parties. Ocoviz's business model is subscription-based — your data is never the product.
Reporting formats, data retention practices, and consent workflows are designed around CBSE and Indian education board expectations from the ground up.
Automated systems monitor for unusual access patterns and flag anomalies, so issues are caught early — not discovered months later.
From the moment attendance is marked to the moment an insight reaches a teacher — here's exactly what happens to that data.
Data is entered by authorised staff and encrypted immediately at the point of entry.
→The AI engine analyses signals on servers located within Indian borders — never transmitted abroad.
→Insights are routed only to the staff whose role permits viewing that specific student or class.
→Every access event is logged, giving your school a full audit trail on request.
We believe in being transparent about where we are in our compliance journey — not just what's already certified.
Report formats, CCE structures, and assessment terminology built to match CBSE conventions used by your school today.
✓ ImplementedAll production data is hosted within India-based infrastructure, with no cross-border data transfer for processing.
✓ ImplementedActively aligning our consent, retention, and data-subject-rights workflows with India's Digital Personal Data Protection Act requirements.
⏳ In ProgressPursuing formal information security management certification as we scale to additional school groups across India.
⏳ PlannedAccess in Ocoviz is scoped by role — not by default visibility. Here's how it breaks down.
Straight answers to the questions principals and trustees ask us most often.
Our team is happy to walk your IT coordinator or trustees through our architecture in detail — no question is off-limits.