Information We Collect
When you use our Site, we may collect and use personally identifiable information about you, as well as other information. More specifically, when you use our Site, we may collect the following information:
- Information relating to your education, including an educational institution’s student’s name, the name of the student’s parent or other family members, the address of the student or student’s family, personal identifier such as the student’s social security number, student number or biometric record, other indirect identifiers, such as student’s date of birth, place of birth, and mother’s maiden name, other information that, alone or in combination, is linked or linkable to a specific student that would allow a reasonable person in the school community, who does not have personal knowledge of the relevant circumstances, to identify the student with reasonable certainty, or information requested by a person who the educational agency or institution reasonably believes knows the identity of the student to whom the education record relates, as well as other personally identifiable information about other customers or employees, including, but not limited to, Social Security number, driver’s license number or state-issue identification card number, or financial account number, credit card number, or debit card number with or without any required security code, access code, personal identification number or password, that would permit access to an individual’s financial account.
- Information that you provide directly to us by filling in forms on our Site, including your name, email address, street address, telephone number, or other information.
- Information provided to us when you communicate with us for any reason, including information you provide in emails you send us.
If our online proctoring services are used, your webcam and computer screen may be monitored, viewed, recorded, and/or audited to ensure the integrity of the exams, including by Examity, proctors, and university and/or test sanctioning body staff. This means that you and your immediate surroundings, and anything else within range of your webcam or viewable on your computer screen, may be monitored, viewed, recorded, and/or audited during your exam.
A “cookie” is a small computer file that is sent to your computer when you visit a website. When you visit the website again, the cookie allows that site to recognize your browser. Cookies may store user preferences and other information. You can reset your browser to refuse all cookies or to indicate when a cookie is being sent. Keep in mind, however, that some website features or services may not function properly without cookies.
A pixel tag is a type of technology placed on a website or within the body of an email for the purpose of tracking activity on websites, or when emails are opened or accessed, and is often used in combination with cookies.
“Do Not Track” Requests
Examity’s Site currently does not respond to “do not track” or similar signals.
Use of Your Information
We use the information we collect from you primarily to enable us to provide our services in the best possible manner, including our online proctoring and exam integrity services. In addition, your information may be used for the following purposes:
- To provide you, including via your email address, with information relating to our services;
- To administer our Site, including by monitoring and analyzing our Site traffic and usage patterns.
We use commercially suitable physical, electronic, and managerial procedures to safeguard and secure the information we collect. These procedures include, but are not limited to, firewalls, encryption, intrusion detection, and Site monitoring. We also limit access to any personally identifiable information we receive to staff who need access to that information in order to do their jobs. However, no data protection procedures are entirely infallible. As a result, while we strive to protect your personally identifiable information, we cannot guarantee that it will be 100% secure. Your transmission of your data to our Site thus is done entirely at your own risk.
Sharing Your Information
We may share your personal information as follows:
Generally: We may share your personal information with trusted third parties or our affiliates to assist us in providing our service, including by acting on our behalf to process credit card payments, and provide customer assistance. Such third parties have access to personal information as needed to perform their functions, but they are not allowed to use it for other purposes. We do not sell or rent personal information collected through Examity’s Site to anyone.
Other Circumstances: We may disclose your personal information to third parties if we are involved in a merger, acquisition, or sale of any or all of our business and/or our assets to a third party, or if we have a good faith belief that disclosure is necessary to:
- Comply with applicable laws, regulations, legal process (such as a subpoena), or enforceable government request;
- Enforce applicable Terms of Service, including investigation of potential violations of such Terms, or to detect, prevent, or otherwise address fraud, security, or technical issues; and/or
- Protect against harm to the rights, property, or safety of Examity, our users, or the public as required or permitted by law.
- Comply with Student Privacy Pledge that allows parental access to, and correction of errors in, their children’s information when users under 18 years of age interact with our system.
Third Party Websites and Social Media Features
Examity’s Site may contain links to other sites, including those of third parties or business partners. While we seek to link only to sites that share our high standards and respect for privacy, we cannot be responsible for the privacy practices other websites use. By accessing other third party websites or applications through our Site, you are consenting to the terms and privacy policies of those websites. It is possible that other parties may collect personally identifiable information about your online activities over time and across different web sites when you use Examity’s Site.
Examity’s Site is hosted and operated in the United States (“US”). By using the Site, you are consenting to the transfer of your personal information to the US. If you are accessing the Site from outside the US, please be advised that US law may not offer the same privacy protections as the law of your jurisdiction. However, Examity honors its commitment to EU-U.S. and Swiss-U.S. Privacy Shield Frameworks.
Review and Correction of Your Information
You may review and edit the information Examity collected about you at any time by contacting us at the address below.
California Privacy Rights
California law allows California residents to ask companies with whom they have an established business relationship to provide certain information about the companies’ sharing of personal information with third parties for direct marketing purposes. Examity does not share any California consumer personal information with third parties for marketing purposes without consent.
California customers who wish to request further information about our compliance with this law or have questions or concerns about our privacy practices may contact us using the contact information set forth below.
34 Main Street Natick, MA 01760
Examity Privacy Shield Note
Examity, Inc. is a leading online proctoring firm and consumer privacy is one of the most important tenets of our business. This policy outlines our privacy principles that are consistent with our process and align with the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks defined in https://www.privacyshield.gov.
Examity, Inc. (“Examity”) may receive, maintain, or transmit personal information (“PI”) (as defined below) in its course of business.
PI includes, but is not limited to, an educational institution’s student’s name, the name of the student’s parent or other family members, the address of the student or student’s family, personal identifier such as the student’s social security number, student number or biometric record, other indirect identifiers, such as student’s date of birth, place of birth, and mother’s maiden name, other information that, alone or in combination, is linked or linkable to a specific student that would allow a reasonable person in the school community, who does not have personal knowledge of the relevant circumstances, to identify the student with reasonable certainty, or information requested by a person who the educational agency or institution reasonably believes knows the identity of the student to whom the education record relates, as well as well as other personally identifiable information about other customers or employees, including, but not limited to, Social Security number, driver’s license number or state-issue identification card number, or financial account number, credit card number, or debit card number with or without any required security code, access code, personal identification number or password, that would permit access to an individual’s financial account.
No third-party rights are intended to be created by this Policy. Examity reserves the right to amend or change this Policy at any time (and even retroactively) without notice to the extent that this Policy establishes requirements and obligations above and beyond those required by the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks.
Examity informs individuals about the purpose for which it collects and uses information about them, how to contact the organization with inquiries or complaints, the choices and means Examity offers individuals for limiting its use and disclosure, and how it is secured. This notice is provided in a clear and conspicuous language when individuals are first asked to provide personal information while creating their profiles.
Examity does not intend to disclose customer’s personal information with a third party or use the collected information for a purpose that is incompatible with the purpose(s) for which this information was originally collected. If Examity wishes to disclose personal information collected to a third party, appropriate notice and choice will be issued to the individuals for whom the personal information pertains to.
III. Onward Transfer
Examity will ensure that all the onward transfers of personal information if any occur, will only be made to an organization that adheres to Privacy Shield principles or is subject to the EU Directive or another adequacy finding. Examity uses an SSAE certified datacenter that adheres to the EU-U.S. Privacy Shield Framework to manage and process data for its daily operations.
Examity understands the need for security of personal data and has taken adequate measures to protect it from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. Additional information on Examity’s security handling is available in Examity’s security policy which can be availed by contacting Examity.
- Data Integrity
Examity ensures that individuals have access to the personal data they have provided to Examity. Individuals will be able to correct, amend, or delete that information where it is inaccurate, except where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in the case in question, or where the rights of persons other than the individual would be violated. Examity employs role based permissions to ensure adequate access and security is provided to the stored personal information.
Examity provides recourse mechanisms to individuals to assure compliance with the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks. Examity’s internal recourse and dispute resolution mechanism is comprehensive and provides a readily available, affordable and transparent way to address privacy concerns of individuals. Individuals with concerns or complaints regarding their privacy can reach out to our support team via phone, email and chat.
VIII. Dispute Resolution Mechanism
Examity will cooperate and comply with the European Data Protection Authorities and the Swiss Federal Data Protection & Information Commissioner (FDPIC) to avail dispute resolution mechanisms for individuals to whom the data relate. Examity shall cooperate with the DPAs in the investigation and resolution of complaints brought under the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks and will comply with any advice given by the DPAs where the DPAs take the view that Examity needs to take specific action to comply with the Privacy Shield Principles, including remedial or compensatory measures for the benefit of individuals affected by any non-compliance with the Principles.
- Yearly Assessment
Examity’s privacy policies and procedures shall be documented, reviewed yearly, and updated as necessary in response to environmental or operational changes affecting privacy of Examity’s PI. The yearly review of documentation will be handled by the CTO’s office and duly signed off by senior management. In addition to the internal review, Examity shall establish its yearly assessment to comply with the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks. All employees of Examity are expected to go through the data security training during on boarding process, and require an annual retraining and confirmation of successful completion to continue their job duties.
- Privacy Shield Contact Point
The executive management of Examity shall serve as the contact point for Privacy Shield related information requests, assessment and discussions.
 A “biometric record” is a record of one or more measurable biological or behavioral characteristics that can be used for automated recognition of an individual, such as fingerprints, retina and iris patterns, voiceprints, DNA sequence, facial characteristics, and handwriting.