How MyNORSU Social and MyNORSU LMS handle user information.
This Privacy Policy explains how account data, profile information, social content, LMS records, uploaded media, technical logs, support requests, and advertising-related data may be collected, used, retained, shared, protected, and deleted.
1. Overview
MyNORSU Social provides campus community features such as accounts, profiles, posts, comments, media sharing, groups, messages, announcements, student services, and related engagement tools.
MyNORSU LMS supports class-related workflows such as courses, assignments, submissions, manual scoring, teacher feedback, grades or scores where enabled, and learning activity records.
The correct access sequence is: open the launch page, register or log in through MyNORSU Social first, then access MyNORSU LMS using the same account credentials where enabled.
2. Platform Operator and Scope
| Item | Details |
|---|---|
| Platform operator | CommunityStack |
| Platforms covered | MyNORSU Social, MyNORSU LMS, related launch/download/access pages, support channels, and connected platform services |
| General support | support@communitystack.org |
| Privacy and compliance coordination | jenifer@communitystack.org |
| Primary access page | https://mynorsu.social/start/ |
3. Information We Collect
The platform may collect or process the following categories of information, depending on the features used and the rollout configuration.
| Category | Examples | Purpose |
|---|---|---|
| Account data | Name, email address, authentication ID, login/session information | Account creation, login, support, security, and access management |
| Profile data | Display name, profile photo, role, campus or department details if enabled | User identification inside the platform |
| Social content | Posts, comments, reactions, group activity, messages where enabled | Social app functionality and community interaction |
| Media and files | Photos, videos, profile images, LMS submissions, attachments | Content sharing, class work, and platform features |
| Technical data | Device/browser indicators, timestamps, logs, error reports, IP-related technical records where available | Security, debugging, troubleshooting, abuse prevention, and platform operations |
| Support data | Support emails, screenshots, issue descriptions, account identifiers provided by the user | User assistance, issue tracking, and escalation |
4. LMS Data
MyNORSU LMS may process class-related information where LMS features are enabled. This may include course membership, class records, assignments, uploaded submissions, teacher feedback, manual paper-submission scores, grading information, and related learning activity records.
LMS records may involve academic, administrative, or institutional interests. Deletion or correction of LMS records may therefore require coordination with authorized university or faculty representatives before changes are made.
5. How We Use Information
- To create, authenticate, and manage user accounts.
- To operate MyNORSU Social features, including posts, groups, profiles, media, and communication tools.
- To operate MyNORSU LMS features, including class access, assignments, submissions, scoring, and feedback.
- To provide user support, troubleshoot issues, and respond to registration or access problems.
- To maintain security, detect abuse, investigate suspicious activity, and protect platform integrity.
- To moderate content and enforce platform rules.
- To support the free-use model through advertising where ads are enabled.
- To comply with applicable legal, institutional, operational, or security requirements.
6. Advertising and Monetization
The platform is provided free of charge to students, faculty, staff, and authorized users. Operational costs may be supported through in-app advertisements.
Advertising categories are configured to restrict mature, sensitive, or unsuitable categories and to maintain suitability for a general university audience. Ad delivery may still be handled by third-party advertising providers, whose systems, policies, and privacy practices may apply.
Advertising does not remove the need for data privacy review. The ad-supported model is submitted for review by authorized university offices as part of the rollout assessment.
7. Third-Party Services and Processors
The platform uses third-party services to provide authentication, database, storage, app access, web access, advertising, support, and hosting functions.
| Service / provider | Role | Data possibly processed |
|---|---|---|
| Supabase | Authentication, database, backend services, and storage | Account data, profile data, social content, LMS records, uploaded files and media |
| Google AdMob | In-app advertising | Ad impressions, ad delivery events, ad-related technical identifiers or signals |
| Uptodown / Android distribution pathway | Android app access or download pathway during rollout | Download/access-related data depending on provider systems |
| Web/domain hosting services | Website, launch page, web app, and LMS access | Basic web access data, technical logs, and hosting records depending on configuration |
| Email/support providers | Support, privacy, and compliance communication | Email address, message content, screenshots, attachments, and support history |
9. Data Retention and Deletion
Data is retained only for as long as reasonably necessary for the purpose for which it was collected, platform operation, support, security, legal compliance, academic recordkeeping, moderation, dispute handling, or institutional coordination.
| Data type | General retention approach |
|---|---|
| Account and profile data | Retained while the account remains active, unless deletion is requested and permitted. |
| Social content | Retained while published or until deleted, removed, moderated, or otherwise restricted. |
| LMS records | May be retained for academic, administrative, grading, audit, or institutional purposes. |
| Support records | Retained as needed for issue history, accountability, and follow-up. |
| Logs and security records | Retained as needed for troubleshooting, security review, abuse prevention, and system integrity. |
| Backups | Deleted data may remain temporarily in backups until routine overwrite or deletion cycles occur. |
10. Account Deletion Requests
Users may request account deletion by emailing support@communitystack.org with the subject line Account Deletion Request.
The request should include the registered email address, full name, and a clear statement that the user is requesting account deletion. Support may request verification before processing the request.
Deletion may not immediately remove every record. Some data may be retained where necessary for security, fraud prevention, support history, moderation, legal compliance, LMS academic records, institutional requirements, backups, or audit logs.
11. Security
The platform uses reasonable technical and organizational safeguards appropriate to the current rollout, including authenticated login, secure web access where configured, database access controls where configured, limited administrative access, support escalation, and technical logs for troubleshooting and security review.
No online platform can guarantee absolute security. Users are responsible for protecting their passwords, devices, and account access.
12. User Rights
Users may contact support to request access, correction, deletion, restriction, or review of certain personal information, subject to applicable law, technical feasibility, identity verification, academic recordkeeping, institutional requirements, and legitimate retention needs.
Privacy and compliance-related requests may be directed to jenifer@communitystack.org.
13. Compliance Review Notice
The platform, including its ad-supported model and user data handling, may be subject to review by NORSU Legal Counsel, the Data Protection Officer, and authorized university offices.
This policy is not a legal certification, legal opinion, or final institutional compliance determination. Final publication wording, rollout approval, and required adjustments remain subject to NORSU review.
14. Changes to This Policy
This Privacy Policy may be updated from time to time. Updated versions will be posted on this page with a revised “Last updated” date.
15. Contact Information
General support: support@communitystack.org
Privacy and compliance coordination: jenifer@communitystack.org
Website: https://mynorsu.social