Privacy and Cookies.
Information Collection and Use.
You can generally visit our Site without revealing any Personally Identifiable Information about yourself. In order to use the Services, however, we may be required to collect personally identifiable information, such as your name, email address, phone number, and institution ("Personally Identifiable Information"). Additionally, we may invite you to participate in surveys, questionnaires or contests, contact us with questions or comments or provide us with feedback, which due to the nature of some of these activities, may include the collection of "Personally Identifiable Information". Additionally, by accessing the Site or using the Services, we might collect additional data as set forth below in the "Aggregate Information" paragraph.
Note:Proctorio strictly adheres to the Family Education Rights Protection Act of 1974 (FERPA). Refer to the FERPA Policy for more information.
We may use your Personally Identifiable Information to contact you to deliver certain services, news or information related to the Services, verify your authority to use our Services, and improve the content and general administration of the Site and our Services. If you are unwilling to allow your Personally Identifiable Information to be used as described in this Section, you should use the Services.
Note:Under no circumstances will this information be disseminated to third parties for any use.
Secure Exam Proctor Administration: In order to register an institution to use the Proctorio Secure Exam Proctor solution, an administrator account must be created. To register this account, personally identifiable information (such as name, phone number, institution name, and campus email address), must be provided along with information regarding the learning management system (LMS) used by the institution.
Secure Exam Proctor Request for Demo: In order to request a demonstration of the Proctorio Secure Exam Proctor solution, personally identifiable information (such as name, phone number, institution name, and campus email address), must be provided along with information regarding the learning management system (LMS) used by the institution.
Secure Exam Proctor Exam Environment: You can generally utilize the Secure Exam Proctor for taking a proctored examination without revealing any Personally Identifiable Information about yourself. The information collected during the examination process will only be used in an anonymized form for product development. The types of information collected depend on the exam settings and can include video, audio, and websites visited.
Secure Exam Proctor Technical Support: To contact technical support personally identifiable information (such as name, phone number, institution name, and campus email address), may be collected to facilitate the troubleshooting process. Disclosure of such information is considered voluntary and will not be used to create an academic record.
Note:Proctorio’s technical support complies with FERPA and all employees are required to complete FERPA training.
Our Services are not directed to people under 18. If you become aware that your child has provided us with personal information without your consent, please contact us at [email protected] We do not knowingly collect personal information from children under 18. If we become aware that a child under 18 has provided us with personal information, we take steps to remove such information.
Like many websites, we use "cookie" technology to collect additional website usage data and to improve our Services, but we do not require cookies to use the site. A cookie is a small data file that is transferred to your computer's hard disk. Proctorio may use both session cookies and persistent cookies to better understand how you interact with our Services, to monitor aggregate usage by our users and web traffic routing on our Services, and to improve our Services. Most Internet browsers automatically accept cookies. You can instruct your browser, by editing its options, to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit.
Note:Cookies used on this site and by the Services cannot be used to personally identify you.
The Site may track the total number of visitors to our Site, the number of visitors to each page of our Site, browser type, and IP addresses, and we may analyze this data for trends and statistics in the aggregate, but such information will be maintained, used and disclosed in aggregate form only and it will not contain personally identifiable information. We may use such aggregate information to analyze trends, administer the Site, track users' movement, and gather broad demographic information for aggregate use.
Third Party Services.
Proctorio uses a variety of services hosted by third parties to help provide our Services, such as hosting our various blogs, help center, and knowledge bases, and to help us understand the use of our Services. These services may collect information sent by your browser as part of a web page request, such as cookies or your IP request.
Proctorio will store and maintain institutional data for up to 60 days after the termination of the contract, unless otherwise specified. Data destruction will occur in one of two ways according to the institution’s preference: Proctorio will 1) destroy the data, or 2) deliver it to the institution.
Questions regarding data storage, recovery, and deletion should be directed to:
Attn: Data Team
160 Greentree Drive
Dover, DE 19904
Email: [email protected]
We do not disclose your private information except in the limited circumstances described here.
Law and Harm: We may disclose your information if we believe that it is reasonably necessary to comply with a law, regulation or legal request; to protect the safety of any person; to address fraud, security or technical issues; or to protect Proctorio's rights or property.
Links to Third Party Sites.
We employ procedural and technological security measures that are reasonably designed to help protect your Personally Identifiable Information from loss, unauthorized access, disclosure, alteration or destruction, which includes encryption and other security measures to help prevent unauthorized access to your Personally Identifiable Information. The data that you transmit as part of your use of the Services ("Storage Data") is in encrypted form and Proctorio does not have access to your Storage Data in its unencrypted form.
Note:Only authorized users, defined as "School Officials" in the Family Education Rights Protection Act of 1974 (FERPA) will have the ability to decrypt any academic records stored by Proctorio
Proctorio conducts daily security audits including penetration testing and vulnerability assessments. Client institutions or their designated representatives may review security testing results or conduct their own security audit of Proctorio’s data security and storage practices. Written requests for inspection and testing can be made to [email protected]
Data Breach Notification.
Proctorio maintains an information security plan to protect the security, confidentiality, and integrity of Personally Identifiable Information (PII) of users and client institutions. As part of its information security plan, Proctorio will notify affected individuals and institutions of a data security breach without unreasonable delay and in no event later than 72 hours from discovery of the breach. Written notification will be sent by first-class mail to the address on record for the individual or institution.
Written notification will contain:
- A brief description of what occurred with respect to the breach, including, to the extent known, the date of the breach and the date on which the breach was discovered;
- A description of the types of PII that were involved in the breach;
- A description of the steps the affected individual or institution should take to protect against potential harm from the breach;
- A description of what Proctorio is doing to investigate and mitigate the breach and to prevent future breaches; and
- Contact procedures for individuals to ask questions or learn additional information, which will include a toll-free telephone number, an email address, website or postal address.
In the event that Proctorio determines individuals or institutions should be notified urgently of a breach because of possible imminent misuse of unsecured PII, Proctorio may, in addition to providing notice as outlined above, contact the individual or institution by telephone or other means, as appropriate.
EU-U.S. and Swiss-U.S. Privacy Shield Frameworks.
Proctorio, Inc. participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. We are committed to subjecting all personal data received from European Union (EU) member countries and Switzerland, respectively, in reliance on each Privacy Shield Framework, to the Framework’s applicable principles. To learn more about the Privacy Shield Frameworks, and to view our certification, visit the U.S. Department of Commerce’s Privacy Shield site or download this PDF of a Privacy Shield overview.
Under the Privacy Shield frameworks, Proctorio, Inc. is responsible for processing the personal data it receives, under each Privacy Shield Framework, as well as transfers to a third party acting as an agent on its behalf. Proctorio, Inc. complies with the Privacy Shield principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield frameworks, Proctorio, Inc. is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission (for issues pertaining to Privacy Shield). In situations where public authorities make lawful requests for information, such as to meet national security or law enforcement requirements, Proctorio, Inc. may be required to disclose personal data.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based, third-party dispute resolution provider (free of charge) at https://www.jamsadr.com/eu-us-privacy-shield.
As more fully described on the Privacy Shield website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
Effective: July 1, 2013