Privacy Policy
Effective Date: November 11, 2024
ProctorEdu Inc. ("we," "us," "our," or "ProctorEdu") understands that protecting your personal data is important. This Privacy Policy sets out our commitment to protecting the privacy of personal data provided to us, or otherwise collected by us when you visit www.proctoredu.com (the "Site"), use our application (the "App"), contact us, or otherwise use any services offered through or associated with our Site or App (collectively, the "Services") or when otherwise interacting with you.
It is important that you read this Privacy Policy together with any other detailed privacy notices we may provide when we are collecting or processing personal data about you so that you understand our privacy practices in relation to your data.
ProctorEdu processes personal data as both a Data Controller and Data Processor, as those terms are defined in the EU General Data Protection Regulation (GDPR). We are a Data Controller with regard to the client information we collect and process for our own purposes, and we are a Data Processor with regard to all information clients upload to our systems, platforms, or software. End users of our clients should consult the applicable client's privacy policy for information on how they handle your personal data. Clients may request a Data Processing Agreement (DPA) to govern our processing relationship by contacting us at info@proctoredu.com.
1. The Information We Collect
Personal Data is information that relates to an identified or identifiable individual.
We may collect, use, store, and disclose different kinds of personal data about you, which we have listed below:
2. How We Collect Personal Data
We collect personal data in a variety of ways, including:
3. Purposes and Legal Bases for Processing
We collect and process personal data about you only where we have legal bases for doing so under applicable laws. Below is a description of all the ways we plan to use your personal data and the legal bases we rely on:
3.1. To enable you to access and use our Services, including providing you with a login and administering examinations.
4. Our Disclosures of Personal Data to Third Parties
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We may disclose personal data to:
5. Overseas Transfers
Where we disclose personal data to third parties listed above, these parties may store, transfer, or access personal data outside of the European Economic Area (EEA). We ensure that any transfers of personal data outside the EEA are subject to appropriate safeguards as required by the GDPR, such as:
6. Data Retention
We will retain your personal data only as long as necessary to fulfill the purposes we collected it for, including satisfying any legal, accounting, or reporting requirements. The retention period depends on:
7. Your Rights and Controlling Your Personal Data
You have the following rights under data protection laws in relation to your personal data:
If you believe that we have breached your data protection rights, you have the right to make a complaint to a supervisory authority in the European Union country where you live or work, or where the alleged breach occurred. However, we would appreciate the chance to address your concerns before you approach the supervisory authority, so please contact us first.
8. Storage and Security
We are committed to ensuring that your personal data is secure. We have implemented appropriate physical, electronic, and managerial procedures to safeguard and secure the personal data we collect. These measures protect your data from unauthorized access, alteration, disclosure, or destruction.
Please note that no method of transmission over the Internet or electronic storage is completely secure. While we strive to protect your personal data, we cannot guarantee its absolute security.
9. Links to Other Websites
Our Site may contain links to other websites. We do not have control over those websites and are not responsible for the protection and privacy of any personal data you provide while visiting them. These websites are not governed by this Privacy Policy. We encourage you to exercise caution and review the privacy policies applicable to the third-party websites.
10. Amendments
We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review our Privacy Policy periodically to stay informed about how we are protecting your personal data.
11. Contact Information
For any questions or concerns regarding this Privacy Policy or our privacy practices, please contact us at:
It is important that you read this Privacy Policy together with any other detailed privacy notices we may provide when we are collecting or processing personal data about you so that you understand our privacy practices in relation to your data.
ProctorEdu processes personal data as both a Data Controller and Data Processor, as those terms are defined in the EU General Data Protection Regulation (GDPR). We are a Data Controller with regard to the client information we collect and process for our own purposes, and we are a Data Processor with regard to all information clients upload to our systems, platforms, or software. End users of our clients should consult the applicable client's privacy policy for information on how they handle your personal data. Clients may request a Data Processing Agreement (DPA) to govern our processing relationship by contacting us at info@proctoredu.com.
1. The Information We Collect
Personal Data is information that relates to an identified or identifiable individual.
We may collect, use, store, and disclose different kinds of personal data about you, which we have listed below:
- Identity Data: Includes first name, last name, date of birth, identification documents, and photographs.
- Contact Data: Includes email address, postal address, and telephone number.
- Financial Data: Includes payment card details or bank account information collected by our payment processors on our behalf.
- Transaction Data: Includes details about payments to and from you and other details of products and services you have purchased from us.
- Technical and Usage Data: Includes internet protocol (IP) address, login data, browser type and version, time zone setting and location, operating system and platform, and other technology on the devices you use to access our Site and App.
- Profile Data: Includes your username and password, preferences, feedback, and survey responses.
- Interaction Data: Includes information you provide when you participate in interactive features of our Services.
- Marketing and Communications Data: Includes your preferences in receiving marketing from us and our third parties and your communication preferences.
- Biometric Data: Includes facial images and voice recordings used for identification and authentication purposes during proctored examinations.
- Special Categories of Personal Data: Includes information about your health or disability status if you disclose it to us for the purposes of accommodations during examinations.
2. How We Collect Personal Data
We collect personal data in a variety of ways, including:
- Directly: When you register for an account, take an examination, or otherwise interact with our Services.
- From Third Parties: From your educational institution or examination provider when they register you for an exam using our Services.
- Automated Technologies or Interactions: As you interact with our Services, we may automatically collect Technical and Usage Data through cookies and similar technologies.
- From Publicly Available Sources: Where necessary to comply with our legal obligations.
3. Purposes and Legal Bases for Processing
We collect and process personal data about you only where we have legal bases for doing so under applicable laws. Below is a description of all the ways we plan to use your personal data and the legal bases we rely on:
3.1. To enable you to access and use our Services, including providing you with a login and administering examinations.
- Type of Data: Identity Data, Contact Data, Profile Data, Biometric Data
- Legal Basis: Performance of a contract with you; compliance with a legal obligation; consent (for processing biometric data)
- Type of Data: Identity Data, Biometric Data
- Legal Basis: Performance of a contract with you; legitimate interests (to prevent fraud and ensure examination integrity); compliance with a legal obligation; consent (for processing biometric data)
- Type of Data: Identity Data, Contact Data, Profile Data
- Legal Basis: Performance of a contract with you; legitimate interests (to provide support and improve our Services)
- Type of Data: Identity Data, Contact Data, Financial Data, Transaction Data
- Legal Basis: Performance of a contract with you; compliance with a legal obligation; legitimate interests (to recover debts due to us)
- Type of Data: Technical and Usage Data, Profile Data
- Legal Basis: Legitimate interests (to keep our Services updated and relevant, to develop our business)
- Type of Data: Identity Data, Contact Data, Technical and Usage Data, Marketing and Communications Data
- Legal Basis: Consent (where required); legitimate interests (to develop our products/services and grow our business)
- Type of Data: All relevant personal data
- Legal Basis: Compliance with a legal obligation
4. Our Disclosures of Personal Data to Third Parties
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We may disclose personal data to:
- Service Providers: Including cloud service providers like Amazon Web Services (AWS) for hosting and data storage, and payment processors for handling transactions securely.
- Code Repository Platforms: We use GitHub for code hosting and development, ensuring all development is managed in-house.
- Our Employees and Contractors: Who need the information to perform their duties and are subject to confidentiality obligations.
- Regulatory Authorities: Courts, tribunals, and law enforcement agencies as required by law.
- Third Parties in Business Transactions: In the event of a merger, acquisition, or sale of all or a portion of our assets.
5. Overseas Transfers
Where we disclose personal data to third parties listed above, these parties may store, transfer, or access personal data outside of the European Economic Area (EEA). We ensure that any transfers of personal data outside the EEA are subject to appropriate safeguards as required by the GDPR, such as:
- Only transferring personal data to countries that have been deemed to provide an adequate level of data protection.
- Implementing standard contractual clauses approved by the European Commission.
6. Data Retention
We will retain your personal data only as long as necessary to fulfill the purposes we collected it for, including satisfying any legal, accounting, or reporting requirements. The retention period depends on:
- The amount, nature, and sensitivity of the data.
- The potential risk of harm from unauthorized use or disclosure.
- The purposes for which we process your personal data and whether we can achieve those purposes through other means.
- Applicable legal, regulatory, tax, accounting, or other requirements.
7. Your Rights and Controlling Your Personal Data
You have the following rights under data protection laws in relation to your personal data:
- Access: Request access to your personal data.
- Correction: Request correction of incomplete or inaccurate data.
- Erasure: Request deletion of your personal data.
- Restriction: Request restriction of processing your personal data.
- Objection: Object to processing of your personal data where we are relying on legitimate interests.
- Data Portability: Request transfer of your personal data to you or a third party.
- Withdraw Consent: Withdraw consent where we are relying on consent to process your personal data.
If you believe that we have breached your data protection rights, you have the right to make a complaint to a supervisory authority in the European Union country where you live or work, or where the alleged breach occurred. However, we would appreciate the chance to address your concerns before you approach the supervisory authority, so please contact us first.
8. Storage and Security
We are committed to ensuring that your personal data is secure. We have implemented appropriate physical, electronic, and managerial procedures to safeguard and secure the personal data we collect. These measures protect your data from unauthorized access, alteration, disclosure, or destruction.
Please note that no method of transmission over the Internet or electronic storage is completely secure. While we strive to protect your personal data, we cannot guarantee its absolute security.
9. Links to Other Websites
Our Site may contain links to other websites. We do not have control over those websites and are not responsible for the protection and privacy of any personal data you provide while visiting them. These websites are not governed by this Privacy Policy. We encourage you to exercise caution and review the privacy policies applicable to the third-party websites.
10. Amendments
We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review our Privacy Policy periodically to stay informed about how we are protecting your personal data.
11. Contact Information
For any questions or concerns regarding this Privacy Policy or our privacy practices, please contact us at:
- ProctorEdu Inc.
- Email: info@proctoredu.com
- Address: 111 Pier Ave STE 100, Hermosa Beach, CA 90254, United States.
Visit ProctorEdu Trust Centre to learn about our security posture and request access to our security documentation.
