# Education Privacy Policy (Sukma)

Effective Date: February 27, 2026

This policy explains how Sukma handles institution-managed session data,
user data, course data, and related session artifacts when a school,
college, or learning organization is the governing party.

## What Data Is Covered

- Session data such as learner, educator, host, and agent conversation records
- Audience query lifecycle records for governed live-session accountability
- Session artifacts such as examples, assessments, whiteboards, and summaries
- User data such as account identity, role assignment, and access history
- Course data used to provide learning context and continuity

## Why the Data Is Used

- To run institution-managed learning sessions
- To enforce role-based access and governance decisions
- To support auditability, review, and incident response

## Institution Control and Ownership

In institution-managed environments, the institution remains the governing
party for student-related records generated in that deployment. Sukma
processes those records under institutional instructions, configured
controls, and contract terms.

## Retention and Deletion

- Configurable retention window: 7 to 90 days (default 30)
- Governed conversation payload content can be redacted after the configured window
- Explicit purge operations can remove governed conversation records, audience queries, examples, assessments, whiteboards, and session summaries
- Metadata audit history can remain available for traceability and review unless the institution requests purge for the selected records

## Accountability and Continuity

Sukma supports continuity through structured records and session summaries
instead of indefinite long-term retention of raw message payloads. Policy
changes, access decisions, and governance actions are recorded for review.

## Scope Boundary

Independent personal accounts are governed by the Sukma Privacy Notice,
not this education policy.