Privacy Policy

Your privacy and data protection rights explained

Last updated:

  1. Information We Collect

    Types of Data Collected

    Personal Data

    While using our Service, we ask you to provide us with certain personally identifiable information that can be used to contact or identify you ("Personal Data"). Personally identifiable information may include, but is not limited to:

    • First name and last name
    • Email address
    • Username
    • School Name and Website URL
    • A photograph of your School ID for verification purposes

    Usage Data

    We may also collect information on how the Service is accessed and used ("Usage Data"). This Usage Data may include information such as your computer's Internet Protocol (IP) address, browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers, and other diagnostic data.

    Tracking & Cookies Data

    We use cookies and similar tracking technologies to track the activity on our Service and we hold certain information. Cookies are files with a small amount of data which may include an anonymous unique identifier. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you will not be able to use our Service. All cookies are strictly necessary for login, session monitoring, and security purposes.

  2. How We Use Your Information

    • To provide and maintain our Service
    • To manage your account and authenticate you as a user
    • To verify your status as an educator
    • To process your subscription payments
    • To notify you about changes to our Service
    • To provide customer support
    • To monitor the usage of our Service to improve it
    • To detect, prevent and address technical issues

  3. How We Share Your Information

    We do not sell your Personal Data. We may share your information with third-party vendors and service providers that perform services for us or on our behalf, including:

    • Clerk: For user authentication and session management.
    • Stripe: For processing subscription payments.
    • Cloudinary: For secure storage of your School ID photo for verification.

    These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose. Some of these providers may be located outside of the UK and the European Economic Area (EEA).

  4. Your Data Protection Rights under GDPR

    If you are a resident of the UK or the European Economic Area (EEA), you have certain data protection rights. We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.

    • The right to access, update or to delete the information we have on you.
    • The right of rectification.
    • The right to object.
    • The right of restriction.
    • The right to data portability.
    • The right to withdraw consent.

    If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please contact us.

  5. Children's Privacy

    Our Service does not address anyone under the age of 16 ("Children"). We do not knowingly collect personally identifiable information from anyone under the age of 16. If you are a parent or guardian and you are aware that your Children has provided us with Personal Data, please contact us.

  6. Contact Us

    If you have any questions about this Privacy Policy, please contact us:

    By email: contact@examalytics.app

  7. Legal Basis for Processing

    We process your personal data on the following legal bases, as required by the UK GDPR and EU GDPR:

    • To perform our contract with you (e.g., to provide the Service and manage your account)
    • To comply with legal obligations
    • With your consent (e.g., for processing your School ID photo)
    • For our legitimate interests (e.g., to improve our Service, prevent fraud, and ensure security), provided these do not override your rights and freedoms

  8. Data Retention

    We retain your personal data only as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. The specific retention periods depend on the type of data and the purpose for which it is processed. Your data is held for as long as your account is active and for no more than 1 year following the cancelation of your subscription.

  9. International Data Transfers

    Some of our service providers are located outside the UK and EEA. When we transfer your personal data internationally, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission or the UK Information Commissioner, or transfers to countries deemed to provide an adequate level of protection.

  10. Data Security

    We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include encryption, access controls, regular security assessments, and staff training.

  11. Automated Decision-Making

    We do not use your personal data for automated decision-making or profiling that produces legal effects or similarly significant effects concerning you.

  12. Your Right to Complain

    If you have concerns about how we handle your personal data, you have the right to lodge a complaint with your local data protection authority. In the UK, this is the Information Commissioner’s Office (ICO): https://ico.org.uk/.

  13. Changes to This Policy

    We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on our website and updating the “Last updated” date at the top of this page. Where required by law, we will seek your consent to such changes.