NATIV TECHNOLOGIES LLC

Security and Data Retention Policy

Last Updated: March 2026

This document outlines the security practices and data management procedures used by NATIV TECHNOLOGIES LLC in operating its school carpool and student dismissal management platform.

---

1. Security Overview

NATIV TECHNOLOGIES LLC is committed to protecting student, parent, and school data through industry-standard security practices. Security measures are designed to prevent unauthorized access, data loss, and misuse of information stored within the platform.

---

2. Data Encryption

All data transmitted between users and the platform is encrypted using secure protocols.

Security protections include:

• HTTPS encryption (TLS) for all platform communications
• encrypted data transmission between servers
• secure API communications
• encrypted authentication tokens

Sensitive account information such as passwords is stored using secure hashing mechanisms.

---

3. Infrastructure Security

The platform is hosted on secure cloud infrastructure providers that maintain industry-standard security controls.

Infrastructure protections include:

• secure cloud hosting environments
• firewalls and network monitoring
• restricted server access
• automated system updates and patching

Infrastructure providers maintain physical and environmental security controls at data centers.

---

4. Access Control

Access to system data is restricted to authorized personnel only.

Security practices include:

• role-based access control
• limited administrative privileges
• secure authentication procedures
• monitoring of administrative activity

Employees and contractors are granted access only when necessary to perform their duties.

---

5. Authentication

User authentication systems are designed to protect accounts from unauthorized access.

Security protections include:

• secure password storage
• login session protection
• access tokens for mobile applications
• optional multi-factor authentication for administrators when available

Users are responsible for maintaining the security of their account credentials.

---

6. System Monitoring and Logging

The platform maintains system logs for security monitoring and operational diagnostics.

Logs may include:

• login attempts
• administrative actions
• system errors
• service usage events

Logs are used to detect suspicious activity and maintain system reliability.

---

7. Data Retention Policy

NATIV TECHNOLOGIES LLC retains platform data only as long as necessary to provide the Services to schools.

Data retention guidelines include:

• active school data is retained while the school maintains an active subscription
• account records are maintained for operational and support purposes
• backups may be retained for system reliability

Upon termination of a school contract:

• schools may request export of their data
• student records may be deleted within 30–60 days after service termination unless retention is required by law.

Backup data may remain in secure archives for a limited period before permanent deletion.

---

8. Backup and Recovery

Regular system backups are performed to maintain platform reliability and support disaster recovery procedures.

Backups are stored securely and are accessible only to authorized system administrators.

---

9. Security Updates

Security procedures may be updated periodically to reflect evolving industry standards and security threats.

Schools may request updated copies of this policy when necessary for compliance or procurement review.