Compliance
We place a high value on user privacy, data security, and product accessibility. We are always trying to improve our privacy and data protection compliance procedures and technical measures to guarantee that all of our worldwide users' information is private, safe, and secure. We provide various technology solutions including a white label solution which may be a software that runs on user computers/devices and a web based software. So, we will be tracking, monitoring, reviewing and handling data. We also examine and update our platform on a regular basis to ensure that it is accessible to all potential users. Please continue reading to learn more about our compliance obligations.
We are dedicated to maintaining your privacy and protecting your personal information.
We value privacy and data security and take precautions to protect personal information in line with international privacy and data protection regulations. We strive to provide all of our users with clear explanations about the scope of information we collect, how that information is used, the contexts in which it may be shared, and all other disclosures and rights available under applicable privacy laws, from website visitors to professors to test-takers.
NthEye LLC's compliance with relevant worldwide privacy and data protection regulations is detailed below:
Australia Privacy Act of 1988
The Privacy Act of 1988 is an Australian federal law that governs the handling of personal data. To guarantee openness in its handling of Australian user information, NthEye LLC adheres to the 13 Australian Privacy Principles and other obligations of the Privacy Act.
California Consumer Privacy Act (CCPA)
The CCPA is a California state statute providing privacy protections and rights to residents of California. NthEye LLC complies with the requirements of the CCPA. If you are a California resident user the following are some of the rights we accord you:
1. Creating an account to provide or take an exam
We ask for your name and email address, as well as the testing institution or organization with which you are affiliated, when you register to offer or take a test so that we can manage your account. To authenticate your affiliation with that institution or organization, we communicate this information with your connected testing institution or certification organization.
2. Taking an Exam
You will be required to show your picture identification to the camera prior to the start of the exam in order to validate your identity as a test taker. Your picture identification must meet the certification or testing institution's criteria. We may get the following types of information depending on the picture identification you provide for this process:
Any other personal identifier displayed on your picture identity, such as your name, alias, signature, address, phone number, email address, driver's license or other identification card number, passport number, or any other identifier displayed on your photo identification.
Any other personal information displayed on your photo identification, such as citizenship status, national origin, military status, or veteran status; or any other physical characteristics displayed on your photo identification, such as age, race, color, height, weight, gender, gender identity, or gender expression; or
Any other physical characteristics displayed on your photo identification.
To authenticate your identity, the information from your picture identification will be linked with the image to generate a biometric faceprint. After our third-party service provider does its facial match analysis, your biometric faceprint is destroyed in seconds, and our proctors are simply given a percentage match score to assist them validate your identification. Only the proctor giving your exam, our identity verification service provider, and your certification or testing institution have access to the information required to validate your identity.
In order to validate your identification, certain certification or testing organizations may need us to collect and compare keystroke patterns. This information is solely shared for the purposes of identity verification with our identity verification service providers.
We may be required by your certification or testing institution to record video and audio of your test session. We produce these records to guarantee that the test's integrity meets your institution's criteria. We may utilize these recordings to draw conclusions about patterns of conduct that violate institution testing rules and use them for internal training reasons. The proctor administering your exam will be allowed to see the recording. Your testing institution may also request that your test session be recorded. Test session recordings are never shared with any other third parties or used for any other reason than to maintain the examination process' integrity.
3. Visitors to the website
Visitors to our website provide us with internet activity information and IP addresses so that we may optimize and develop our site and better understand how visitors interact with us online. Our website analytics service providers may have access to this information. This information is never given to a third party for the purpose of marketing or any other reason.
4. NthEye LLC does not sell Personal Information
NthEye LLC has not sold any personal information in the last year. NthEye LLC does not sell personal information to third parties and hence has no real knowledge of children under the age of 16 selling their personal information. Third parties who receive personal information from NthEye LLC are only allowed to use it for the purposes mentioned above and are not allowed to sell or promote products or services to test takers. Residents of California have the option to opt out of having their personal information sold. We do not provide an opt-out option since we do not sell personal information.
5. Right to Be Informed
California residents have the right to request that we disclose the personal information that we have collected, used, or disclosed in the previous twelve (12) months, as well as the categories of sources from which it was collected, our business purposes for collecting their personal information, and the categories of third parties with whom we shared it.
6. The ability to delete
Residents of California have the right to request that any personal information we have collected or retained on them be deleted.
7. Submission of a Request
California citizens or their authorized representatives can file a request to know or a request to remove by: (1) sending an email to (governance@ntheye.com); or (2) writing to (refer to contact information given below). (3) calling 408-718-4217 and providing the aforementioned information; (3) sending an email message that includes your name, email address, phone number, and whether you want to exercise your right to know or right to delete; and (4) sending an email message that includes your name, email address, phone number, and whether you want to exercise your right to know or right to delete.
In order to authenticate your identification, we may ask for additional personal information such as your testing institution. Any personal information you submit to verify your identity will be kept strictly confidential.
8. Nondiscrimination
Residents of California have the right to be treated fairly if they use their CCPA rights. We make no distinction between California citizens who utilize their CCPA privacy rights and those who do not.
Children's Online Privacy Protection Act of 1998 (COPPA)
COPPA is a federal statute in the United States that protects the internet privacy of children under the age of thirteen. Without parental or guardian approval, NthEye LLC does not process information from children under the age of thirteen. In line with relevant law, our Services are only given to children with parental or guardian consent. Please notify us as specified in the "Contact Information" section if you suspect a kid has given their information to NthEye LLC without parental or guardian authorization, so that we can take measures to remove it.
Family Educational Rights and Privacy Act (FERPA)
FERPA is a federal legislation that protects the privacy of kids' educational records in the United States. When employing NthEye LLC services, school partners are able to comply with their FERPA requirements. NthEye LLC additionally employs administrative, physical, and technical safeguards to guarantee that no unauthorized individuals have access to student information that is protected under FERPA.
European General Data Protection Regulation (GDPR)
The GDPR establishes certain standards for enterprises and organizations that provide goods and services to EU citizens. It establishes distinct duties for "controllers" who determine the purpose and means of processing and "processors" who handle personal information at the direction of controllers, and it governs how corporations can acquire, use, and exchange personal data. NthEye LLC is a processor for controlling educational institutions or certifying organizations in the majority of cases. NthEye LLC also takes precautions to secure data transmitted outside of the European Economic Area in line with European legislation.
We rely on alternative adequate safeguards, such as contractual mechanisms set forth in Article 46 of the GDPR or derogations for specific situations set forth in Article 49 of the GDPR, when we transfer information from individuals in the EEA to countries that have not received an adequacy finding under Article 45 of the GDPR. We only collect and transmit personal information to third countries; with your agreement, to fulfill a contract with you, or to establish, exercise, or defend legal rights in the restricted instances where we operate as a controller and depend on a cross-border transfer mechanism under Article 49.
New Zealand Privacy Act 2020
The Privacy Act of 2020 is a federal statute that governs data privacy. To guarantee openness in its collection, management, and use of New Zealand user information, NthEye LLC adheres to the 13 Information Privacy Principles and other obligations of the Privacy Act.
Payment Card Industry Data Security Standard (PCI-DSS)
PCI DSS is an international standard that requires all companies processing, storing, sending, or accessing cardholder data for any of the major payment card brands to have rigorous security measures to safeguard cardholder data. NthEye LLC complies with the current PCI DSS version.
Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA)
PIPEDA is a federal privacy legislation in Canada that governs how organizations must handle personal information when conducting business. To guarantee that Canadian user information is handled fairly, NthEye LLC adheres to the ten Fair Information Principles outlined in PIPEDA.
Student Privacy Pledge Signatory
The K-12 School Service Provider Pledge to Safeguard Student Privacy is an optional pledge for K-12 school service providers who pledge to be responsible stewards of student personal information and to utilize it appropriately. NthEye LLC has signed the pledge and intends to follow through on its promises.
Exam integrity is important to us
Our partners trust us to administer their examinations honestly, ensuring that no test-taker obtains an unfair advantage or misappropriates exam information. To guarantee that our exam integrity measures are balanced with user privacy, we are always trying to enhance our technological and organizational protections.
Contact Information
For any questions, please contact us using the information below:
Nth Eye LLC
Attn: Legal & Compliance Division
740 Garrett Green Way,
Fort Mill, SC 29715
United States of America
+1-408-621-7370
governance@ntheye.com
Effective Date: September 1, 2021