Privacy Policy
Effective Date: June 6, 2026·Last Updated: June 6, 2026
PLEASE READ THIS PRIVACY POLICY CAREFULLY BEFORE USING ASSESSMATEAI.
Assessmate ("we," "us," or "our") is operated by Abdul Aziz Shah, doing business as Zenen Digital. We are committed to protecting your personal information and being fully transparent about how we collect, use, store, and share your data. This Privacy Policy applies to all users — whether individuals, educators, students, or businesses — who access our AI-powered quiz and assessment generation service at https://assessmateai.com.
By using the Service, you agree to the practices described in this Policy. If you do not agree, please do not use the Service.
1. Overview and Scope
This Policy explains:
- What categories of personal information we collect and how;
- How and why we use your personal information;
- The third-party partners and processors we work with;
- How long we retain your data and when we delete it;
- The security measures we have in place to protect your data;
- Your legal rights regarding your personal information;
- How we comply with applicable data protection laws, including the EU General Data Protection Regulation (GDPR), the UK GDPR, the California Consumer Privacy Act (CCPA/CPRA), and India's Digital Personal Data Protection Act (DPDPA).
This Policy applies globally to all users of the Service, regardless of location.
2. Information We Collect
2.1 Information You Provide Directly
When you register for or use the Service, you may provide us with:
- Account Information: Your name, email address, and any other details you voluntarily provide during registration or profile setup.
- Uploaded Content: PDFs, Word documents, images, URLs, text, audio, and any other files or content you upload to the Service for quiz or assessment generation ("Uploaded Content"). We use Uploaded Content solely to generate assessments for you.
- Support and Communications: Information you share when contacting us through our contact form or other support channels, including descriptions of issues and any attachments you provide.
- Marketing Preferences: Your preferences regarding marketing or product update communications, if you opt in during sign-up.
2.2 Information Collected Automatically
When you access or use the Service, we may automatically collect:
- Device and Connection Information: Your IP address, browser type and version, operating system, device type, device identifiers, and internet service provider.
- Usage and Interaction Data: Information about how you interact with the Service, including pages visited, features used, quiz generation frequency, session duration, and error logs. This data helps us understand how users engage with the Service and identify areas for improvement.
- Cookies and Similar Technologies: We use essential cookies to maintain your login session and ensure the Service functions correctly. We may also use analytics cookies to understand usage patterns. See Section 8 (Cookies) for more detail.
2.3 Data Generated Through AI Processing
When you upload content for quiz generation:
- Input Files: Original uploaded files (e.g., PDFs, images) are used exclusively to extract text for quiz generation.
- File Deletion: Original uploaded files are automatically and permanently deleted from our servers immediately after text extraction is complete. We do not retain your raw uploaded files.
- Extracted Text: The text extracted from your files is securely stored in our database to facilitate quiz generation and related service features. This extracted text is not used for any purpose beyond what is described in this Policy and is not shared with third parties except as set out in Section 5.
- Generated Outputs: Quizzes and assessments generated by our AI are stored in your account for your access and use.
2.4 Payment Information
All payment-related information (credit/debit card numbers, billing addresses, etc.) is collected directly by Paddle, our Merchant of Record. We do not collect, process, or store your full payment card details. We receive only limited, non-sensitive transaction information from Paddle (such as your name, subscription plan, and payment status) to manage your account and subscription.
3. How We Use Your Information
We process your personal information only for specific, legitimate purposes. These include:
3.1 Service Delivery
- To create, manage, and maintain your account;
- To process your uploaded content and generate AI-powered quizzes and assessments;
- To deliver the features and functionality of the Service;
- To verify your identity and authenticate your access;
- To communicate with you about your account, subscription, or support requests.
3.2 Service Improvement and Research
- To analyze usage patterns and improve the performance, reliability, and features of the Service;
- To diagnose and fix technical issues;
- To develop new features and improve AI model outputs.
We will not use your Uploaded Content to train our AI models without your explicit consent.
3.3 Billing and Subscription Management
- To manage your subscription and coordinate with Paddle regarding your billing status and plan;
- To send you billing-related notifications (e.g., renewal reminders, receipts, and payment failure alerts) via email.
3.4 Legal Compliance and Safety
- To comply with applicable laws, regulations, and legal processes;
- To enforce these Terms of Service and our other policies;
- To detect, prevent, and respond to fraud, abuse, security incidents, and other harmful or prohibited activities;
- To protect the rights, property, and safety of us, our users, and the public.
3.5 Communications and Marketing
If you have opted in, we may send you product updates, newsletters, and promotional communications about the Service. You may opt out at any time via your account settings or by using the unsubscribe link in any marketing email.
4. Legal Basis for Processing (for EU/UK Users)
If you are located in the European Economic Area (EEA) or the United Kingdom, we rely on the following legal bases under the GDPR/UK GDPR:
- Performance of a Contract: Processing necessary to provide you with the Service under these Terms (e.g., account management, quiz generation, subscription management).
- Legitimate Interests: Processing for the purpose of improving the Service, detecting and preventing fraud and abuse, and maintaining the security and integrity of the platform, where these interests are not overridden by your rights.
- Compliance with Legal Obligations: Processing necessary to comply with applicable laws (e.g., tax record-keeping, responding to lawful requests from authorities).
- Consent: Where we rely on your consent (e.g., for marketing communications), you may withdraw consent at any time without affecting the lawfulness of processing before withdrawal.
6. Data Retention and Deletion
6.1 We retain your personal information for as long as your account is active or as necessary to provide you with the Service.
6.2 Specific retention periods:
- Uploaded Files: Original uploaded files are deleted immediately after text extraction (typically within seconds).
- Extracted Text: Retained for the duration of your account to support ongoing quiz generation. Deleted within 30 days of account closure.
- Account Information: Retained for the life of your account and for a reasonable period thereafter (typically up to 12 months) for legal, audit, and dispute-resolution purposes.
- Generated Quizzes: Stored in your account until you delete them or your account is closed.
- Payment Records: Transaction records are retained by Paddle in accordance with Paddle's policies and applicable tax/accounting laws.
6.3 You may request deletion of your account and personal data at any time by contacting us via our contact form at https://assessmateai.com/contact. We will process your request within 30 days, subject to any data we are required to retain by law.
7. Data Security
7.1 We implement industry-standard technical and organizational measures to protect your personal information against unauthorized access, loss, alteration, disclosure, or destruction. These measures include:
- Encryption of data in transit using TLS/HTTPS;
- Encryption of sensitive data at rest;
- Access controls limiting who can access personal data internally;
- Regular review of security practices and infrastructure.
7.2 While we take security seriously and apply reasonable precautions, no method of data transmission or storage over the internet is completely secure. We cannot guarantee the absolute security of your data.
7.3 In the event of a personal data breach that is likely to result in high risk to your rights and freedoms, we will notify affected users and, where required, the relevant supervisory authorities in accordance with applicable law.
9. Your Rights and Choices
9.1 Rights for All Users
Regardless of your location, you have the right to:
- Access: Request a copy of the personal information we hold about you.
- Correction: Request that we correct inaccurate or incomplete personal information.
- Deletion: Request deletion of your personal information, subject to certain exceptions (e.g., legal retention requirements).
- Opt-Out of Marketing: Unsubscribe from marketing emails at any time via the unsubscribe link in any such email or via our contact form.
9.2 Additional Rights for EU/EEA/UK Users (GDPR)
In addition to the above, if you are located in the EEA or UK, you have the right to:
- Restriction: Request that we restrict processing of your personal data in certain circumstances;
- Portability: Receive your personal data in a structured, commonly used, machine-readable format and transmit it to another controller;
- Objection: Object to processing based on our legitimate interests, including for direct marketing;
- Withdraw Consent: Where we rely on consent, withdraw it at any time without affecting prior lawful processing;
- Lodge a Complaint: Lodge a complaint with your local data protection supervisory authority. A list of EU supervisory authorities is available at edpb.europa.eu.
9.3 Additional Rights for California Residents (CCPA/CPRA)
If you are a California resident, you have the right to:
- Know: Request disclosure of the categories and specific pieces of personal information we have collected about you and the purposes for which it was used;
- Delete: Request deletion of personal information we hold about you, subject to certain exceptions;
- Correct: Request correction of inaccurate personal information;
- Opt-Out of Sale or Sharing: We do not sell or share your personal information as defined under CCPA/CPRA;
- Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.
To exercise any of these rights, please contact us via our contact form at https://assessmateai.com/contact. We will respond to verifiable requests within the timeframes required by applicable law (typically 30 days, with possible extension for complex requests).
10. International Data Transfers
10.1 We operate globally, which means your personal information may be transferred to and processed in countries other than your country of residence, including countries that may not have the same data protection laws as your home jurisdiction.
10.2 For transfers of personal data from the European Economic Area or the United Kingdom to countries not recognized as providing an adequate level of data protection, we rely on appropriate safeguards, such as Standard Contractual Clauses (SCCs) approved by the European Commission or UK ICO, as applicable.
10.3 By using the Service, you consent to the international transfer of your data as described in this Policy.
11. Children's Privacy
11.1 The Service is not directed to children under 13 years of age (or under 16 in certain jurisdictions, including the EU). We do not knowingly collect personal information from children below the applicable minimum age without verifiable parental or guardian consent.
11.2 If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately via our contact form. We will promptly investigate and delete such data where required.
12. Third-Party Links and Services
The Service may contain links to or integrations with third-party websites and services. This Policy does not apply to any third-party websites or services. We encourage you to review the privacy policies of any third-party services you access through the Service. We are not responsible for the privacy practices or content of any third party.
13. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. When we make changes, we will update the "Last Updated" date at the top of this Policy. For material changes, we will notify you by email or by posting a prominent notice on the Service before the changes take effect. Your continued use of the Service after the effective date of any updated Policy constitutes your acceptance of the changes.
14. Contact Us
If you have any questions, concerns, or requests relating to this Privacy Policy or how we handle your personal data, please contact us:
- Contact Form: https://assessmateai.com/contact
- Website: https://assessmateai.com
Assessmate is operated by Abdul Aziz Shah, doing business as Zenen Digital.