HomeFeaturesSolutionsPricingBlogFAQs
Sign In

Privacy Policy

Last updated: June 20, 2026

LibStack (“we,” “us,” “our”) is owned and operated by Bhavdeep Singh, operating as a sole proprietorship, and provides library management software through the website libstack.in and its associated subdomains (collectively, the “Service”).

This Privacy Policy explains how we collect, use, store, and protect information when schools, colleges, universities (“Institutions”), their staff, students, and parents use LibStack.

1. Information We Collect

From Institutions (Admins / Librarians)

  • Name, email address, phone number
  • Institution name, type, and address
  • Login credentials (encrypted)

From Students (added by Institutions)

  • Name, photograph (for digital library card)
  • Batch / class code, roll number
  • Book borrowing history

From Parents (if linked by Institution)

  • Name, contact number, email (for overdue / fine notifications)

Automatically Collected

  • IP address, browser type, device information
  • Usage data (pages visited, features used) via standard analytics

We do not knowingly collect sensitive personal data (such as financial information, health data, or biometric data) beyond what is listed above.

2. How We Use Your Information

We use collected information to:

  • Provide and operate the library management Service
  • Send overdue alerts, due-date reminders, and fine notifications (via WhatsApp, SMS, or email)
  • Generate reports (including NAAC-ready compliance reports) for the Institution
  • Improve and maintain the Service
  • Respond to support requests
  • Comply with legal obligations

We do not sell student or institutional data to third parties.

3. Who Can Access the Data

  • Institution Admins / Librarians can access their own institution's student records.
  • Parents (if linked) can view only their own child's borrowing / fine information.
  • LibStack staff access data only for support, debugging, or maintenance purposes, on a need-to-know basis.
  • Data is not shared across institutions — each Institution's data is isolated.

4. Data Storage & Security

  • Data is stored on secure cloud infrastructure (Supabase / PostgreSQL, hosted in [specify region, e.g., AWS Mumbai / Singapore]).
  • All data in transit is encrypted via HTTPS / TLS.
  • Passwords are stored in encrypted / hashed form, never in plain text.
  • Access to production data is restricted to authorized personnel only.

5. Data Retention

  • We retain Institution and student data for as long as the Institution's account is active.
  • If an Institution cancels their subscription, we retain data for [30 / 60 / 90] days to allow export, after which it is permanently deleted, unless a longer retention period is required by law.
  • Institutions can request immediate deletion of their data by contacting us.

6. Children's Data (Schools Context)

Since LibStack is used by schools and may involve data of minors (students under 18):

  • We collect student data only as provided by the Institution (school / college), which acts as the data controller for its students.
  • We do not market directly to students or use their data for advertising.
  • Institutions are responsible for obtaining any necessary parental consent required under applicable law before adding student data to LibStack.

7. Your Rights (Under India's Digital Personal Data Protection Act, 2023)

Institutions, students (via their Institution), and parents have the right to:

  • Access the personal data we hold about them
  • Request correction of inaccurate data
  • Request deletion of their data (subject to legal / contractual retention requirements)
  • Withdraw consent for non-essential communications (e.g., marketing emails)

To exercise these rights, contact us at booklibrarymanager@gmail.com.

8. Cookies

We use essential cookies to keep you logged in and remember your preferences. We may use analytics cookies to understand how the Service is used. You can disable cookies in your browser, though some features may not work properly.

9. Third-Party Services We Use

LibStack uses the following third-party services to operate, each with their own privacy policies:

  • Supabase — database and authentication
  • Vercel — website / application hosting
  • Resend — transactional email delivery
  • [WhatsApp Business API provider, if applicable] — notification delivery

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be notified to Institutions via email. Continued use of the Service after changes constitutes acceptance.

11. Contact Us

For any privacy-related questions or requests, email us at booklibrarymanager@gmail.com.