EXAMITY, Inc.

Examity, Inc. (“Examity”) is committed to protecting the privacy and security of the data of its clients, associates, and website visitors.  We want you to understand how we collect and use information through our services and from our website (collectively, “Site”) so you can interact with Examity with confidence.  By using Examity’s Site you accept and agree to the practices this Privacy Policy describes.

Information We Collect
When you use our Site, we may collect and use personally identifiable information about you, as well as other information.  More specifically, when you use our Site, we may collect the following information:

  • Information relating to your education, including an educational institution’s student’s name, the name of the student’s parent or other family members, the address of the student or student’s family, personal identifier such as the student number or biometric record[1], other indirect identifiers, such as student’s date of birth, other information that, alone or in combination, is linked or linkable to a specific student that would allow a reasonable person in the school community, who does not have personal knowledge of the relevant circumstances, to identify the student with reasonable certainty, or information requested by a person who the educational agency or institution reasonably believes knows the identity of the student to whom the education record relates, as well as other personally identifiable information about other customers or employees, including, but not limited to, driver’s license number or state-issued identification card number, or financial account number, credit card number, or debit card number with or without any required security code, access code, personal identification number or password, that would permit access to an individual’s financial account.
  • Details of your visits to our Site and the resources that you access, including, but not limited to, traffic data, location data, weblogs and other communication data, including your IP address, browser type, the date and time you accessed or left the Site, and which pages you viewed. Some parts of our Site use cookies, pixel tags (also known as “web beacons”), and other technologies to collect this information about your general internet usage.  See the section below called “How We Use Cookies and Pixel Tags” to learn more.
  • Information that you provide directly to us by filling in forms on our Site, including your name, email address, street address, telephone number, or other information.
  • Information provided to us when you communicate with us for any reason, including information you provide in emails you send us.
    If our online proctoring services are used, your webcam and computer screen may be monitored, viewed, recorded, and/or audited to ensure the integrity of the exams, including by Examity, proctors, and university and/or test sanctioning body staff.  This means that you and your immediate surroundings, and anything else within range of your webcam or viewable on your computer screen, may be monitored, viewed, recorded, and/or audited during your exam.

How We Use Cookies and Pixel Tags
A “cookie” is a small computer file that is sent to your computer when you visit a website. When you visit the website again, the cookie allows that site to recognize your browser. Cookies may store user preferences and other information. You can reset your browser to refuse all cookies or to indicate when a cookie is being sent.  Keep in mind, however, that some website features or services may not function properly without cookies.

A pixel tag is a type of technology placed on a website or within the body of an email for the purpose of tracking activity on websites, or when emails are opened or accessed, and is often used in combination with cookies.

While we use cookies and pixel tags, we do not track our users across websites or over time.

“Do Not Track” Requests
Examity’s Site currently does not respond to “do not track” or similar signals.

Use of Your Information
We use the information we collect from you primarily to enable us to provide our services in the best possible manner, including our online proctoring and exam integrity services.  In addition, your information may be used for the following purposes:

  • To provide you, including via your email address, with information relating to our services;
  • To administer our Site, including by monitoring and analyzing our Site traffic and usage patterns.

Security
We use commercially suitable physical, electronic, and managerial procedures to safeguard and secure the information we collect. These procedures include, but are not limited to, firewalls, encryption, intrusion detection, and Site monitoring.  We also limit access to any personally identifiable information we receive to staff who need access to that information in order to do their jobs.  However, no data protection procedures are entirely infallible. As a result, while we strive to protect your personally identifiable information, we cannot guarantee that it will be 100% secure.  Your transmission of your data to our Site thus is done entirely at your own risk.

Sharing Your Information
We may share your personal information as follows:
Generally: We may share your personal information with trusted third parties or our affiliates to assist us in providing our service, including by acting on our behalf to process credit card payments, and provide customer assistance. Such third parties have access to personal information as needed to perform their functions, but they are not allowed to use it for other purposes.  We do not sell or rent personal information collected through Examity’s Site to anyone.

Other Circumstances:  We may disclose your personal information to third parties if we are involved in a merger, acquisition, or sale of any or all of our business and/or our assets to a third party, or if we have a good faith belief that disclosure is necessary to:

  • Comply with applicable laws, regulations, legal process (such as a subpoena), or lawful requests by public authorities, including to meet national security or law enforcement requirements;
  • Enforce applicable Terms of Service, including investigation of potential violations of such Terms, or to detect, prevent, or otherwise address fraud, security, or technical issues; and/or
  • Protect against harm to the rights, property, or safety of Examity, our users, or the public as required or permitted by law.
  • Comply with Student Privacy Pledge that allows parental access to, and correction of errors in, their children’s information when users under 18 years of age interact with our system.

Third Party Websites and Social Media Features
Examity’s Site may contain links to other sites, including those of third parties or business partners.  While we seek to link only to sites that share our high standards and respect for privacy, we cannot be responsible for the privacy practices other websites use.  By accessing other third party websites or applications through our Site, you are consenting to the terms and privacy policies of those websites.  It is possible that other parties may collect personally identifiable information about your online activities over time and across different web sites when you use Examity’s Site.

Our website includes social media features, such as the Facebook “Like” button.  These features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the feature to function properly.  Social media features are either hosted by a third party or hosted directly on our Site.  Your interactions with these features are governed by the privacy policy of the entity providing them.

Review and Correction of Your Information
You may review and edit the information Examity collected about you at any time by contacting us at the address below.

California Privacy Rights
California law allows California residents to ask companies with whom they have an established business relationship to provide certain information about the companies’ sharing of personal information with third parties for direct marketing purposes.  Examity does not share any California consumer personal information with third parties for marketing purposes without consent. California customers who wish to request further information about our compliance with this law or have questions or concerns about our privacy practices may contact us using the contact information set forth below.

Visitors from the European Union and European Economic Area
Examity’s Site is hosted and operated in the United States (“US”).  By using the Site, you are consenting to the transfer of your personal information to the US.  If you are accessing the Site from outside the US, please be advised that US law may not offer the same privacy protections as the law of your jurisdiction.

Examity is a leading online proctoring firm and consumer privacy is one of the most important tenets of our business. Examity complies with the EU-US Privacy Shield Framework, as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. Examity’s participation in the Privacy Shield is part of compliance with the EU General Data Protection Regulation 2016/679 (“GDPR”). Examity has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our Certification please visit https://www.privacyshield.gov.

Examity may receive, maintain, or transmit personal information (“PI”) (as defined below) in its course of business.

PI includes, but is not limited to, an educational institution’s student’s name, the name of the student’s parent or other family members, the address of the student or student’s family, personal identifier such as the student number or biometric record, other indirect identifiers, such as student’s date of birth, other information that, alone or in combination, is linked or linkable to a specific student that would allow a reasonable person in the school community, who does not have personal knowledge of the relevant circumstances, to identify the student with reasonable certainty, or information requested by a person who the educational agency or institution reasonably believes knows the identity of the student to whom the education record relates, as well as other personally identifiable information about other customers or employees, including, but not limited to, driver’s license number or state-issued identification card number, or financial account number, credit card number, or debit card number with or without any required security code, access code, personal identification number or password, that would permit access to an individual’s financial account.

1. Notice
Examity informs individuals about the purpose for which it collects and uses information about them, how to contact the organization with inquiries or complaints, the choices and means Examity offers individuals for limiting its use and disclosure, and how it is secured. This notice is provided in a clear and conspicuous language when individuals are first asked to provide personal information while creating their profiles.

2. Choice
Examity does not intend to disclose customer’s personal information with a third party or use the collected information for a purpose that is incompatible with the purpose(s) for which this information was originally collected. If Examity wishes to disclose personal information collected to a third party, appropriate notice and choice will be issued to the individuals for whom the personal information pertains to.

3. Security
Examity understands the need for security of personal data and has taken adequate measures to protect it from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. Examity uses an SSAE certified datacenter that adheres to the EU-US Privacy Shield Framework to manage and process data for its daily operations. Additional information on Examity’s security handling is available in Examity’s security policy which can be availed by contacting Examity.

4. Data Integrity
Personal information collected by Examity is relevant for the purpose for which it is to be used. Examity does not process or use personal information in a way that is incompatible with the purpose for which it has been collected or subsequently authorized by the individual. Examity’s staff are thoroughly briefed on using personal data in a manner consistent with Examity’s privacy policy before granting access to personal information

5. Access, Correction, and Deletion
Examity ensures that individuals have access to the personal data they have provided to Examity. Individuals will be able to correct, amend, or delete that information, except where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in the case in question, where the rights of persons other than the individual would be violated, or as otherwise permitted by the GDPR. Examity employs role-based permissions to ensure adequate access and security is provided to the stored personal information.

6. Onward Transfer
Examity is responsible for taking all reasonable steps to protect data transferred to third parties. Examity requires such third parties to enter into contracts ensuring that your data is only processed for the limited and specified purposes consistent with your authorization. We require that the third-party recipients provide the same level of protection as reflected in the EU-US Privacy Shield principles as well as the GDPR and will take all reasonable and appropriate steps to ensure that the third-party recipient effectively processes the personal information. Upon request, we will provide a summary or a representative copy of the relevant privacy provisions of our contract with the third-party recipient.

7. Enforcement
Examity provides recourse mechanisms to individuals to assure compliance with the EU-US Privacy Shield Framework. Examity’s internal recourse and dispute resolution mechanism is comprehensive and provides a readily available, affordable and transparent way to address privacy concerns of individuals. Examity acknowledges the possibility, under certain conditions, for individuals to invoke binding arbitration. Individuals with concerns or complaints regarding their privacy can reach out to our support team via phone, email and chat.

8. Dispute Resolution Mechanism
Examity is subject to the investigatory and enforcement powers of the Federal Trade Commission and will cooperate with the European Data Protection Authorities (“DPAs”) to avail dispute resolution mechanisms for individuals to whom the data relate. Examity shall cooperate with the DPAs in the investigation and resolution of complaints brought under the EU-US Privacy Shield Framework and will comply with any advice given by the DPAs where the DPAs take the view that Examity needs to take specific action to comply with the Privacy Shield Principles, including remedial or compensatory measures for the benefit of individuals affected by any non-compliance with the Principles.

9. Training
Examity’s privacy policies and procedures shall be documented, reviewed yearly, and updated as necessary in response to environmental or operational changes affecting privacy of Examity’s PI. The yearly review of documentation will be handled by the CTO’s office and duly signed off by senior management. In addition to the internal review, Examity shall establish its security training to comply with the EU-US Privacy Shield Framework. All employees of Examity receive a copy of Examity’s data security policies and procedures during on-boarding process and are expected to read and fully comply with these policies and procedures when performing their job duties.

10. Privacy Shield and GDPR Contact Point
The Chief Technology Officer of Examity shall serve as the contact point for Privacy Shield and GDPR related information requests, assessment and discussions.

Privacy Policy Updates
This Privacy Policy was last updated on July 27, 2018.

We update the Privacy Policy from time to time, so please review it regularly.  If we materially change our Privacy Policy, we will notify you by contacting you through your user account e-mail address or by posting a notice on our Site and request new consent. If Examity wishes to disclose personal information collected to a third party, appropriate notice and choice will be issued to the individuals for whom the personal information pertains to. Your continued use of the Site will be deemed your agreement that your information may be used in accordance with the new policy.  If you do not agree with the changes, then you should stop using the Site and notify us that you do not want your information used in accordance with the changes.

Contacting Us
We welcome any questions, comments, or complaints you may have regarding this Privacy Policy.  Please do not hesitate to contact us at:
Examity®
153 Needham Street
Newton, MA 02464
Info@Examity.com or support@Examity.com
855-Examity (855-392-6489)

 

[1] A “biometric record” is a record of one or more measurable biological or behavioral characteristics that can be used for automated recognition of an individual, such as fingerprints, retina and iris patterns, voiceprints, DNA sequence, facial characteristics, and handwriting.