Privacy Policy for

Effective Date: June 28, 2025

This Privacy Policy describes how ("we," "us," or "our") collects, uses, and discloses information, including personal data and sensitive third-party credentials, when you use our SaaS platform (the "Service").
We understand the sensitive nature of the information you entrust to us, particularly your Certiport credentials. We are committed to protecting your privacy and handling your data with the utmost care and security.

1. What Information We Collect

We collect information to provide and improve our Service. The types of information we collect include:

  • Information You Provide Directly to Us:
    • Account Information: When you register for an account, we collect your name, email address, and password.
    • Certiport Credentials: To enable our Service's core functionality, you will provide us with your Certiport username and password. We handle these credentials with specific security measures detailed below.
    • Communication Data: If you contact us for support, feedback, or inquiries, we collect the content of your communications.
    • Billing Information: If you subscribe to a paid plan, our third-party payment processor may collect your billing details (e.g., credit card information). We do not store full payment card details on our servers.
  • Information We Collect Automatically:
    • Usage Data: We collect information about how you interact with our Service, such as the features you use, the actions you take (e.g., session creation, confirmation, cancellation requests), the time and duration of your activities, and error logs.
    • Technical Data: We collect information about the device and software you use to access our Service, including your IP address, browser type, operating system, and unique device identifiers.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • To Provide and Operate the Service:
    • To log into your Certiport CATC account on your behalf using the credentials you provide.
    • To perform the actions you initiate, such as listing available sessions, bulk creating, single creating, confirming, or canceling sessions.
    • To display information from your Certiport CATC account to you within our Service.
    • To manage your user account and provide access to our platform.
  • To Manage Certiport Credentials:
    • For Non-Batch Functionality (Interactive Use): When you are actively using our Service for single-session operations, your Certiport credentials are securely stored in your active user session. These credentials are used only to facilitate real-time interactions with the Certiport CATC system as initiated by you.
    • For Batch Functionality (Background Tasks): When you initiate a batch operation, a temporary set of credentials derived from your provided Certiport credentials is created. These temporary credentials are used exclusively to trigger and execute the background task. Once the job is completed, these temporary credentials are automatically logged out of the Certiport CATC system and immediately wiped from our system's cache, ensuring they are not persistently stored.
  • To Improve and Optimize Our Service: To understand how users interact with our Service, analyze usage patterns, and identify areas for improvement. To develop new features and functionalities.
  • For Security and Fraud Prevention: To protect the security and integrity of our Service and your data. To detect and prevent fraudulent or unauthorized activity.
  • To Communicate with You: To provide customer support, respond to your inquiries, and troubleshoot issues. To send you service-related announcements, technical notices, updates, and administrative messages.
  • To Comply with Legal Obligations: To meet legal or regulatory requirements, respond to lawful requests, and enforce our terms and conditions.

3. How We Share Your Information

We are committed to keeping your information private. We do not sell, rent, or trade your personal data, especially your Certiport credentials, with third parties for their marketing purposes. We may share your information only in the following limited circumstances:

  • With Certiport/CATC (as per your instructions): The core functionality of our Service requires us to use your Certiport credentials to log into your Certiport CATC account on your behalf to perform the actions you request. This is the explicit purpose for which you provide us with these credentials.
  • With Service Providers: We may share certain information (excluding your Certiport credentials) with third-party vendors and service providers who perform services on our behalf, such as:
    • Cloud hosting providers (e.g., AWS, Google Cloud, Azure) for data storage and infrastructure.
    • Analytics providers (e.g., Google Analytics) to help us understand service usage.
    • Payment processors (e.g., Stripe, PayPal) to handle billing.
    These service providers are contractually obligated to protect your information and are prohibited from using it for any purpose other than providing services to us.
  • For Legal Reasons: We may disclose your information if required to do so by law or in the good faith belief that such action is necessary to:
    • Comply with a legal obligation.
    • Protect and defend our rights or property.
    • Prevent or investigate possible wrongdoing in connection with the Service.
    • Protect the personal safety of users of the Service or the public.
  • Business Transfers: In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our Service of any such change in ownership or control of your personal information.

4. Certiport Credential Management and Security

We implement robust security measures to protect your Certiport credentials:

  • Encryption: Credentials are encrypted both in transit (using SSL/TLS) and at rest (when stored in active sessions).
  • Limited Access: Access to systems that handle credentials is strictly controlled and limited to authorized personnel on a need-to-know basis.
  • Temporary Usage: As described in Section 2, for batch operations, credentials are used only for the duration of the task, then immediately wiped from cache.
  • No Persistent Storage for Batch: Your Certiport credentials are NOT persistently stored on our servers for batch processing beyond the immediate task execution.
  • Industry Best Practices: We strive to follow industry best practices for data security to protect against unauthorized access, disclosure, alteration, or destruction of your information.

Your Responsibility: You are responsible for maintaining the confidentiality of your own Certiport account, including the credentials you provide to us, and for all activities that occur under your Certiport account. You are also responsible for ensuring that you have the necessary rights and permissions from Certiport to allow our Service to access and perform actions on your behalf.

5. Data Retention

We retain your personal information only for as long as necessary to provide you with our Service and for legitimate and essential business purposes, such as maintaining the performance of the Service, complying with our legal obligations, and resolving disputes.

  • Certiport Credentials: As detailed above, credentials for batch operations are temporary and wiped immediately after use. For interactive sessions, they are retained only for the duration of your active session.
  • Account Data: Your account information is retained as long as your account is active. If you delete your account, we will delete your data within a reasonable timeframe, unless legal obligations require us to retain it for a longer period.
  • Usage Data: We may retain anonymized or aggregated usage data for analytical purposes indefinitely to improve our Service, but this data will not identify you personally.

6. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Right to Access: You have the right to request copies of your personal data we hold.
  • Right to Rectification: You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
  • Right to Erasure (Right to be Forgotten): You have the right to request that we erase your personal data under certain conditions.
  • Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data under certain conditions.
  • Right to Object to Processing: You have the right to object to our processing of your personal data under certain conditions.
  • Right to Data Portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

To exercise any of these rights, please contact us using the contact details provided in Section 8. We will respond to your request in accordance with applicable data protection laws.

7. International Data Transfers

If you are located in [e.g., the European Economic Area (EEA)], your information may be transferred to, and processed in, countries other than the country in which you are resident, including the United States, where our servers are located. These countries may have data protection laws that are different from the laws of your country.

We implement appropriate safeguards to ensure that your personal information remains protected when transferred internationally, in accordance with applicable data protection laws. These safeguards may include reliance on Standard Contractual Clauses approved by the European Commission or other legal mechanisms providing an adequate level of protection.

8. Changes to This Privacy Policy

We may update our Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Effective Date" at the top of this policy. We encourage you to review this Privacy Policy periodically for any changes.

9. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at: