EXAMITY, Inc.

Examity is committed to protecting the privacy and security of the data of its clients, associates, and website visitors.  We want you to understand how we collect and use information through our services and from our website (collectively, “Site”) so you can interact with Examity with confidence.  By using Examity’s “Site” you accept and agree to the practices this Privacy Policy describes.

Information We Collect
When you use our Site, we may collect and use personally identifiable information about you, as well as other information.  More specifically, when you use our Site, we may collect the following information:

  • Information relating to your education, including an educational institution’s student’s name, the name of the student’s parent or other family members, the address of the student or student’s family, personal identifier such as the student’s social security number, student number or biometric record, other indirect identifiers, such as student’s date of birth, place of birth, and mother’s maiden name, other information that, alone or in combination, is linked or linkable to a specific student that would allow a reasonable person in the school community, who does not have personal knowledge of the relevant circumstances, to identify the student with reasonable certainty, or information requested by a person who the educational agency or institution reasonably believes knows the identity of the student to whom the education record relates, as well as other personally identifiable information about other customers or employees, including, but not limited to, Social Security number, driver’s license number or state-issue identification card number, or financial account number, credit card number, or debit card number with or without any required security code, access code, personal identification number or password, that would permit access to an individual’s financial account.
  • Details of your visits to our Site and the resources that you access, including, but not limited to, traffic data, location data, weblogs and other communication data, including your IP address, browser type, the date and time you accessed or left the Site, and which pages you viewed. Some parts of our Site use cookies, pixel tags (also known as “web beacons”), and other technologies to collect this information about your general internet usage.  See the section below called “How We Use Cookies and Pixel Tags” to learn more.
  • Information that you provide directly to us by filling in forms on our Site, including your name, email address, street address, telephone number, or other information.
  • Information provided to us when you communicate with us for any reason, including information you provide in emails you send us.

If our online proctoring services are used, your webcam and computer screen may be monitored, viewed, recorded, and/or audited to ensure the integrity of the exams, including by Examity, proctors, and university and/or test sanctioning body staff.  This means that you and your immediate surroundings, and anything else within range of your webcam or viewable on your computer screen, may be monitored, viewed, recorded, and/or audited during your exam.

How We Use Cookies and Pixel Tags
A “cookie” is a small computer file that is sent to your computer when you visit a website. When you visit the website again, the cookie allows that site to recognize your browser. Cookies may store user preferences and other information. You can reset your browser to refuse all cookies or to indicate when a cookie is being sent.  Keep in mind, however, that some website features or services may not function properly without cookies.

A pixel tag is a type of technology placed on a website or within the body of an email for the purpose of tracking activity on websites, or when emails are opened or accessed, and is often used in combination with cookies.

While we use cookies and pixel tags, we do not track our users across websites or over time.

“Do Not Track” Requests
Examity’s Site currently does not respond to “do not track” or similar signals.

Use of Your Information
We use the information we collect from you primarily to enable us to provide our services in the best possible manner, including our online proctoring and exam integrity services.  In addition, your information may be used for the following purposes:

  • To provide you, including via your email address, with information relating to our services;
  • To administer our Site, including by monitoring and analyzing our Site traffic and usage patterns.

Security
We use commercially suitable physical, electronic, and managerial procedures to safeguard and secure the information we collect. These procedures include, but are not limited to, firewalls, encryption, intrusion detection, and Site monitoring.  We also limit access to any personally identifiable information we receive to staff who need access to that information in order to do their jobs.  However, no data protection procedures are entirely infallible. As a result, while we strive to protect your personally identifiable information, we cannot guarantee that it will be 100% secure.  Your transmission of your data to our Site thus is done entirely at your own risk.

Sharing Your Information
We may share your personal information as follows:

Generally: We may share your personal information with trusted third parties or our affiliates to assist us in providing our service, including by acting on our behalf to process credit card payments, and provide customer assistance. Such third parties have access to personal information as needed to perform their functions, but they are not allowed to use it for other purposes.  We do not sell or rent personal information collected through Examity’s Site to anyone.

Other Circumstances:  We may disclose your personal information to third parties if we are involved in a merger, acquisition, or sale of any or all of our business and/or our assets to a third party, or if we have a good faith belief that disclosure is necessary to:

  • Comply with applicable laws, regulations, legal process (such as a subpoena), or enforceable government request;
  • Enforce applicable Terms of Service, including investigation of potential violations of such Terms, or to detect, prevent, or otherwise address fraud, security, or technical issues; and/or
  • Protect against harm to the rights, property, or safety of Examity, our users, or the public as required or permitted by law.
  • Comply with Student Privacy Pledge that allows parental access to, and correction of errors in, their children’s information when users under 18 years of age interact with our system.

Third Party Websites and Social Media Features
Examity’s Site may contain links to other sites, including those of third parties or business partners.  While we seek to link only to sites that share our high standards and respect for privacy, we cannot be responsible for the privacy practices other websites use.  By accessing other third party websites or applications through our Site, you are consenting to the terms and privacy policies of those websites.  It is possible that other parties may collect personally identifiable information about your online activities over time and across different web sites when you use Examity’s Site.

Our website includes social media features, such as the Facebook “Like” button.  These features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the feature to function properly.  Social media features are either hosted by a third party or hosted directly on our Site.  Your interactions with these features are governed by the privacy policy of the entity providing them.

International Visitors
Examity’s Site is hosted and operated in the United States (“US”).  By using the Site, you are consenting to the transfer of your personal information to the US.  If you are accessing the Site from outside the US, please be advised that US law may not offer the same privacy protections as the law of your jurisdiction.  However, Examity honors its commitment to EU-U.S. and Swiss-U.S. Privacy Shield Frameworks.

Review and Correction of Your Information
You may review and edit the information Examity collected about you at any time by contacting us at the address below.

California Privacy Rights
California law allows California residents to ask companies with whom they have an established business relationship to provide certain information about the companies’ sharing of personal information with third parties for direct marketing purposes.  Examity does not share any California consumer personal information with third parties for marketing purposes without consent.

California customers who wish to request further information about our compliance with this law or have questions or concerns about our privacy practices may contact us using the contact information set forth below.

Privacy Policy Updates
This Privacy Policy was last updated on January 25, 2017.

We update the Privacy Policy from time to time, so please review it regularly.  If we materially change our Privacy Policy, we will notify you by contacting you through your user account e-mail address or by posting a notice on our Site and request new consent. If Examity wishes to disclose personal information collected to a third party, appropriate notice and choice will be issued to the individuals for whom the personal information pertains to. Your continued use of the Site will be deemed your agreement that your information may be used in accordance with the new policy.  If you do not agree with the changes, then you should stop using the Site and notify us that you do not want your information used in accordance with the changes.

Contacting Us
We welcome any questions, comments, or complaints you may have regarding this Privacy Policy.  Please do not hesitate to contact us at:

Examity®
34 Main Street Natick, MA 01760
Info@Examity.com
855-Examity (855-392-6489)

 

Examity Privacy Shield Note
Examity, Inc. is a leading online proctoring firm and consumer privacy is one of the most important tenets of our business. This policy outlines our privacy principles that are consistent with our process and align with the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks defined in https://www.privacyshield.gov.

Examity, Inc. (“Examity”) may receive, maintain, or transmit personal information (“PI”) (as defined below) in its course of business.

PI includes, but is not limited to, an educational institution’s student’s name, the name of the student’s parent or other family members, the address of the student or student’s family, personal identifier such as the student’s social security number, student number or biometric record[1], other indirect identifiers, such as student’s date of birth, place of birth, and mother’s maiden name, other information that, alone or in combination, is linked or linkable to a specific student that would allow a reasonable person in the school community, who does not have personal knowledge of the relevant circumstances, to identify the student with reasonable certainty, or information requested by a person who the educational agency or institution reasonably believes knows the identity of the student to whom the education record relates, as well as well as other personally identifiable information about other customers or employees, including, but not limited to, Social Security number, driver’s license number or state-issue identification card number, or financial account number, credit card number, or debit card number with or without any required security code, access code, personal identification number or password, that would permit access to an individual’s financial account.

No third-party rights are intended to be created by this Policy.  Examity reserves the right to amend or change this Policy at any time (and even retroactively) without notice to the extent that this Policy establishes requirements and obligations above and beyond those required by the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks.

  1. Notice
    Examity informs individuals about the purpose for which it collects and uses information about them, how to contact the organization with inquiries or complaints, the choices and means Examity offers individuals for limiting its use and disclosure, and how it is secured. This notice is provided in a clear and conspicuous language when individuals are first asked to provide personal information while creating their profiles.
  2. Choice
    Examity does not intend to disclose customer’s personal information with a third party or use the collected information for a purpose that is incompatible with the purpose(s) for which this information was originally collected. If Examity wishes to disclose personal information collected to a third party, appropriate notice and choice will be issued to the individuals for whom the personal information pertains to.

III. Onward Transfer
Examity will ensure that all the onward transfers of personal information if any occur, will only be made to an organization that adheres to Privacy Shield principles or is subject to the EU Directive or another adequacy finding. Examity uses an SSAE certified datacenter that adheres to the EU-U.S. Privacy Shield Framework to manage and process data for its daily operations.

  1. Security
    Examity understands the need for security of personal data and has taken adequate measures to protect it from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. Additional information on Examity’s security handling is available in Examity’s security policy which can be availed by contacting Examity.
  2. Data Integrity
    Consistent with the Privacy Shield Principles, personal information collected by Examity is relevant for the purpose for which it is to be used. Examity does not process or use personal information in a way that is incompatible with the purpose for which it has been collected or subsequently authorized by the individual. Examity’s staff are briefed and trained on using personal data in a manner consisted with Examity’s privacy policy before granting access to personal information.
  3. Access
    Examity ensures that individuals have access to the personal data they have provided to Examity. Individuals will be able to correct, amend, or delete that information where it is inaccurate, except where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in the case in question, or where the rights of persons other than the individual would be violated. Examity employs role based permissions to ensure adequate access and security is provided to the stored personal information.

VII. Enforcement
Examity provides recourse mechanisms to individuals to assure compliance with the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks. Examity’s internal recourse and dispute resolution mechanism is comprehensive and provides a readily available, affordable and transparent way to address privacy concerns of individuals. Individuals with concerns or complaints regarding their privacy can reach out to our support team via phone, email and chat.

VIII. Dispute Resolution Mechanism
Examity will cooperate and comply with the European Data Protection Authorities and the Swiss Federal Data Protection & Information Commissioner (FDPIC) to avail dispute resolution mechanisms for individuals to whom the data relate. Examity shall cooperate with the DPAs in the investigation and resolution of complaints brought under the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks and will comply with any advice given by the DPAs where the DPAs take the view that Examity needs to take specific action to comply with the Privacy Shield Principles, including remedial or compensatory measures for the benefit of individuals affected by any non-compliance with the Principles.

  1. Yearly Assessment
    Examity’s privacy policies and procedures shall be documented, reviewed yearly, and updated as necessary in response to environmental or operational changes affecting privacy of Examity’s PI. The yearly review of documentation will be handled by the CTO’s office and duly signed off by senior management. In addition to the internal review, Examity shall establish its yearly assessment to comply with the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks. All employees of Examity are expected to go through the data security training during on boarding process, and require an annual retraining and confirmation of successful completion to continue their job duties.
  2. Training
    Examity provides necessary training to its employees and agents to ensure adherence to its privacy policy. Every new employee shall complete a mandatory training on Examity policies, which include privacy policy, within 30 days or joining. A yearly training exercise shall be organized by the CTO to ensure continued education on handling data privacy. An accelerated training schedule may be introduced if the environmental or operational changes necessitate such training on Examity’s privacy policy and procedures.
  3. Privacy Shield Contact Point
    The executive management of Examity shall serve as the contact point for Privacy Shield related information requests, assessment and discussions.

 

 

[1] A “biometric record” is a record of one or more measurable biological or behavioral characteristics that can be used for automated recognition of an individual, such as fingerprints, retina and iris patterns, voiceprints, DNA sequence, facial characteristics, and handwriting.