Privacy Policy

Your privacy is important to us

Last Updated: April 17, 2026

Quick Summary: We collect and use your information to provide AssessX services, improve our AI models, and ensure academic integrity. We never sell your data and protect it with industry-standard security measures.

1. Introduction

Welcome to the AssessX Privacy Policy. This policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered examination platform. Please read this policy carefully.

2. Information We Collect

2.1 Personal Information

We collect the following personal information:

  • Account Information: Name, email address, phone number, role (student/instructor)
  • Profile Information: Profile picture, bio, educational institution
  • Authentication Data: Password (encrypted), login history, session data

2.2 Academic Information

  • Exam Content: Questions, answers, submissions, grades
  • Course Data: Course enrollments, assignments, progress
  • Performance Data: Scores, feedback, analytics

2.3 Technical Information

  • Device Information: IP address, browser type, operating system
  • Usage Data: Pages visited, features used, time spent
  • Log Data: Error logs, access logs, security logs

2.4 Anti-Cheating Data

When anti-cheating features are enabled, we may collect:

  • Screen recording during exams
  • Webcam images (if proctoring is enabled)
  • Browser activity and tab switching
  • Keystroke patterns and timing data

3. How We Use Your Information

3.1 Service Delivery

  • Create and manage your account
  • Facilitate exam taking and grading
  • Provide AI-powered feedback and assessment
  • Generate analytics and reports
  • Communicate about your account and activities

3.2 AI Model Training

We use anonymized exam data to improve our AI grading models. Personal identifiers are removed before data is used for training purposes.

3.3 Academic Integrity

  • Detect and prevent cheating
  • Verify student identity
  • Monitor exam sessions for irregularities
  • Maintain exam security and fairness

3.4 Service Improvement

  • Analyze usage patterns to improve features
  • Troubleshoot technical issues
  • Develop new features and functionality
  • Enhance user experience

4. How We Share Your Information

4.1 With Educational Institutions

If you are using AssessX through an educational institution, we share relevant academic data (grades, submissions, performance) with authorized instructors and administrators.

4.2 Service Providers

We share data with trusted third-party service providers who help us operate the platform:

  • Cloud hosting providers (DigitalOcean, Cloudflare)
  • AI/ML service providers (OpenAI, Anthropic)
  • Email service providers
  • Analytics providers

4.3 Legal Requirements

We may disclose information if required by law, court order, or governmental authority, or to protect our rights, property, or safety.

4.4 What We Don't Share

  • We NEVER sell your personal data
  • We don't share your data with advertisers
  • We don't use your data for unrelated marketing

5. Data Security

5.1 Security Measures

We implement industry-standard security measures including:

  • Encryption: All data transmitted using TLS/SSL encryption
  • Password Security: Passwords are hashed and salted using bcrypt
  • Access Controls: Role-based access with least privilege principle
  • Monitoring: 24/7 security monitoring and intrusion detection
  • Regular Audits: Periodic security assessments and penetration testing

5.2 Data Storage

Your data is stored on secure servers with regular backups. We use reputable cloud providers with industry-leading security certifications.

6. Your Rights and Choices

6.1 Access and Correction

You have the right to access and update your personal information through your account settings or by contacting us.

6.2 Data Deletion

You can request deletion of your account and personal data. Please see our Account Deletion Policy for details. Note that some data may be retained for legal or administrative purposes.

6.3 Data Portability

You can request a copy of your data in a machine-readable format.

6.4 Opt-Out Options

  • Unsubscribe from marketing emails via the unsubscribe link
  • Disable certain tracking features in your account settings
  • Request to opt-out of AI model training (may limit functionality)

7. Cookies and Tracking

7.1 Cookies We Use

  • Essential Cookies: Required for authentication and core functionality
  • Analytics Cookies: Help us understand how users interact with the platform
  • Preference Cookies: Remember your settings and preferences

7.2 Managing Cookies

You can control cookies through your browser settings. Note that disabling essential cookies may affect platform functionality.

8. Children's Privacy

AssessX may be used by students of all ages through educational institutions. When used by children under 13 (or applicable age in your jurisdiction), we comply with COPPA and similar regulations. Parental consent is obtained through the educational institution.

9. International Data Transfers

Your data may be processed in countries outside your residence. We ensure appropriate safeguards are in place for international transfers, including:

  • Standard Contractual Clauses (SCCs)
  • Data Processing Agreements
  • Compliance with GDPR, CCPA, and other privacy regulations

10. Data Retention

We retain your data for as long as necessary to:

  • Provide services to you
  • Comply with legal obligations
  • Resolve disputes and enforce agreements

Typical Retention Periods:

  • Active accounts: Duration of account + 1 year
  • Academic records: Per institutional requirements (typically 5-7 years)
  • Log data: 90 days to 2 years
  • Backup data: 30 days

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via:

  • Email notification
  • In-app notification
  • Notice on our website

Your continued use of AssessX after changes constitutes acceptance of the updated policy.

12. Privacy by Design

We build privacy into our platform from the ground up:

  • Data minimization: We only collect what we need
  • Purpose limitation: Data is used only for stated purposes
  • Transparency: Clear communication about data practices
  • User control: Easy-to-use privacy settings and controls

13. Third-Party Services

13.1 AI Services

We use AI services (OpenAI, Anthropic) for AI-powered grading and feedback. These providers' data usage policies apply to the processing of exam content. We anonymize submissions before sending them to AI services.

13.2 Analytics

We may use analytics services to understand platform usage. These services have their own privacy policies.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices:

15. Regional Privacy Rights

15.1 European Union (GDPR)

If you are in the EU, you have additional rights including:

  • Right to be forgotten
  • Right to data portability
  • Right to object to processing
  • Right to lodge a complaint with a supervisory authority

15.2 California (CCPA)

California residents have the right to:

  • Know what personal information is collected
  • Know whether personal information is sold or disclosed
  • Opt-out of the sale of personal information
  • Request deletion of personal information
  • Not be discriminated against for exercising privacy rights

Your privacy matters to us. If you have any questions or concerns, please don't hesitate to reach out.