ExamNexus AI

Privacy Policy

Last Updated: Monday, 29 June 2026

Welcome to ExamNexus AI!

Thank you for choosing ExamNexus AI. We are committed to making your test preparation journey less stressful, more strategic, and highly successful.

Your privacy and data security are fundamental to our mission. This Privacy Policy explains how we protect, use, and respect your personal information while delivering personalized AI-powered learning experiences. We believe transparency builds trust, and we're committed to being clear about our data practices.

Table of Contents

  • 1. Introduction
  • 2. Information We Collect
  • 3. How We Use Your Information
  • 4. Information Sharing and Disclosure
  • 5. Data Storage, Security and Retention
  • 6. Your Privacy Rights
  • 7. Children's Privacy (COPPA Compliance)
  • 8. New Zealand and International Privacy Compliance
  • 9. Cookies and Tracking Technologies
  • 10. Third-Party Services
  • 11. Data Transfers
  • 12. Privacy Policy Updates
  • 13. Contact Information

1. Introduction

ExamNexus AI ("AIEQUITAS", "we", "us", or "our") is committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, store, and protect your information when you use our AI-powered standardized test preparation platform.

By using our Service, you agree to the collection and use of information in accordance with this Privacy Policy.

2. Information We Collect

2.1 Personal Information

We collect personal information that you voluntarily provide to us when you:

Account Registration:

  • Email address (required for account creation and communication)
  • Password (encrypted and securely stored)
  • Name or username (for personalization)
  • Age or date of birth (for COPPA and GDPR compliance)

Profile Information:

  • Educational background and goals
  • Test preparation preferences
  • Study schedule and availability
  • Target test dates and score goals

Billing Information:

  • Subscription and payment details are collected and processed directly by our payment processor, Stripe
  • We do not store full card numbers on our servers; we retain only limited billing metadata (such as plan, status, and the last four digits of your card) needed to manage your subscription

2.2 Automatically Collected Information

Usage Data:

  • Pages visited and features used
  • Time spent on different sections
  • Click patterns and navigation behavior
  • Device and browser information
  • IP address and general location data

Performance Data:

  • Test scores and question responses
  • Time taken to complete questions and tests
  • Areas of strength and weakness
  • Progress tracking and milestone achievements
  • Study patterns and learning analytics

2.3 AI-Generated Data

Personalized Content:

  • AI-generated practice questions based on your performance
  • Customized study roadmaps and recommendations
  • Adaptive test configurations
  • Performance predictions and analytics

3. How We Use Your Information

3.1 Service Provision

  • Account Management: Creating and maintaining your user account
  • Personalization: Customizing your learning experience and content
  • AI Services: Generating personalized questions, tests, and study plans
  • Performance Tracking: Monitoring progress and providing analytics
  • Communication: Sending important updates, notifications, and support responses

3.2 Service Improvement

  • Platform Enhancement: Improving our AI algorithms and user experience
  • Quality Assurance: Ensuring accuracy and effectiveness of generated content
  • Research and Development: Developing new features and capabilities
  • Analytics: Understanding user behavior and platform performance

4. Information Sharing and Disclosure

4.1 We Do Not Sell Personal Information

We do not sell, rent, or trade your personal information to third parties for commercial purposes.

4.2 Limited Sharing Scenarios

We may share your information only in the following circumstances:

Service Providers:

  • Third-party services that help us operate our platform (hosting, analytics, email)
  • AI service providers for content generation
  • Payment processors (Stripe) for subscription management, which operates globally and may transfer some personal information offshore
  • All service providers are bound by confidentiality agreements

Legal Requirements:

  • When required by law, court order, or government request
  • To protect our rights, property, or safety
  • To prevent fraud or illegal activities
  • In connection with legal proceedings

5. Data Storage, Security and Retention

5.1 Security Measures

We implement appropriate technical and organizational measures to protect your information:

Technical Safeguards:

  • Encryption of data in transit and at rest
  • Secure database storage with access controls
  • Regular security audits and vulnerability assessments
  • Multi-factor authentication for administrative access

Organizational Safeguards:

  • Employee training on data protection and privacy
  • Limited access to personal information on a need-to-know basis
  • Regular review and update of security policies
  • Incident response procedures for data breaches

5.2 Notifiable Data Breaches

If a privacy breach occurs that is likely to cause serious harm, we will notify affected individuals and the relevant supervisory authority (including the Office of the Privacy Commissioner in New Zealand) without undue delay, as required by applicable law.

5.3 Data Retention

  • We retain personal information only for as long as necessary to provide the Service, comply with our legal obligations, resolve disputes, and enforce our agreements.
  • Account and performance data is retained while your account is active and for a reasonable period after closure to allow for reactivation and to meet record-keeping requirements.
  • When information is no longer required, we securely delete or anonymize it.
  • You may request deletion of your personal information at any time (see Section 6), subject to legal retention requirements.

6. Your Privacy Rights

6.1 Access and Control

You have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Update or correct inaccurate personal information
  • Deletion: Request deletion of your personal information (subject to legal requirements)
  • Portability: Receive your data in a structured, machine-readable format
  • Objection: Object to certain types of data processing
  • Restriction: Request limitation of how we process your data

6.2 Account Management

Profile Settings:

  • Update your personal information and preferences
  • Control email notification settings
  • Manage privacy and sharing preferences
  • Download your data and performance history

To exercise any of these rights, contact us using the details in Section 13. We will respond within the timeframe required by applicable law.

7. Children's Privacy (COPPA Compliance)

7.1 Age Restrictions

  • Our Service is not intended for children under 13
  • We do not knowingly collect personal information from children under 13
  • If we discover we have collected information from a child under 13, we will delete it promptly

7.2 Parental Consent

For Users Under 13:

  • Explicit parental consent is required before account creation
  • Parents can review, modify, or delete their child's information
  • Parents receive notifications about their child's account activity

For Users 13-17:

  • Parental permission is recommended but not required
  • Parents can request information about their minor child's account
  • Enhanced privacy protections apply to users under 18

8. New Zealand and International Privacy Compliance

8.1 New Zealand Users

For users in New Zealand, we comply with the New Zealand Privacy Act 2020 and its Information Privacy Principles. Your personal information, including payment processing data handled by Stripe, may be transferred offshore. We ensure that any offshore data transfers are protected by comparable privacy safeguards.

8.2 European Union Users

For users in the European Union, we comply with the General Data Protection Regulation (GDPR):

Legal Basis for Processing:

  • Consent: For marketing communications and optional features
  • Contract: For providing our services and account management
  • Legitimate Interest: For platform improvement and security
  • Legal Obligation: For compliance with applicable laws

Enhanced Rights:

  • Right to withdraw consent at any time
  • Right to data portability
  • Right to lodge a complaint with supervisory authorities
  • Right to object to automated decision-making

8.3 Age of Consent

  • Users under 16 in the EU require parental consent
  • Some EU countries may have different age requirements
  • We verify age and obtain appropriate consent where required

9. Cookies and Tracking Technologies

9.1 How We Use Cookies

We use cookies and similar technologies to operate the platform and improve your experience. The cookies we use fall into the following categories:

  • Strictly Necessary: Required for core functionality such as authentication, secure sessions, and CSRF protection. These cannot be disabled.
  • Functional: Remember your preferences and settings to personalize your experience.
  • Analytics: Help us understand how the platform is used so we can improve performance and usability. Where possible, this data is aggregated and anonymized.

9.2 Managing Cookies

  • You can control or delete cookies through your browser settings.
  • Disabling strictly necessary cookies may prevent parts of the Service (including sign-in) from working correctly.
  • We do not use third-party advertising cookies and we do not sell information collected through cookies.

10. Third-Party Services

10.1 AI Service Providers

  • Used for question generation, explanations and analysis
  • Subject to providers' privacy policies and data handling practices
  • Limited data sharing for specific AI processing purposes

10.2 Other Third-Party Services

Email Services:

  • For sending notifications and communications
  • Subject to email provider's privacy policies
  • Limited to necessary communication data

Analytics Services:

  • For understanding platform usage and performance
  • Data is anonymized and aggregated where possible
  • Used to improve user experience and platform functionality

11. Data Transfers

11.1 International Transfers

  • Your information may be transferred to and processed in countries other than your own
  • We ensure appropriate safeguards are in place for international transfers
  • Transfers comply with applicable privacy laws and regulations

11.2 Safeguards

  • Standard contractual clauses for data transfers
  • Adequacy decisions where applicable
  • Additional security measures for sensitive data

12. Privacy Policy Updates

12.1 Notification of Changes

  • We will notify you of significant changes to this Privacy Policy
  • Notifications will be sent via email or platform announcements
  • Continued use after changes constitutes acceptance of the updated policy

12.2 Review and Updates

  • We regularly review and update this Privacy Policy
  • Changes reflect evolving privacy laws and platform features
  • Previous versions are archived and available upon request

13. Contact Information

13.1 Privacy Questions

For questions about this Privacy Policy, to exercise your privacy rights, or to contact our Privacy Officer:

Privacy Officer: AIEQUITAS Privacy Team
Email: Admin@info.aiequitas.com
Subject Line: Privacy Policy Inquiry
Response Time: We aim to respond within 48 hours

If you are in New Zealand and are not satisfied with our response, you may contact the Office of the Privacy Commissioner at privacy.org.nz.

Effective Date: This Privacy Policy is effective as of Monday, 29 June 2026 and applies to all information collected by ExamNexus AI from that date forward.

Your Consent: By using our Service, you consent to the collection and use of your information as described in this Privacy Policy.