Assessmate

Privacy Policy

Effective Date: June 6, 2026·Last Updated: June 6, 2026

PLEASE READ THIS PRIVACY POLICY CAREFULLY BEFORE USING ASSESSMATEAI.

Assessmate ("we," "us," or "our") is operated by Abdul Aziz Shah, doing business as Zenen Digital. We are committed to protecting your personal information and being fully transparent about how we collect, use, store, and share your data. This Privacy Policy applies to all users — whether individuals, educators, students, or businesses — who access our AI-powered quiz and assessment generation service at https://assessmateai.com.

By using the Service, you agree to the practices described in this Policy. If you do not agree, please do not use the Service.

1. Overview and Scope

This Policy explains:

  1. What categories of personal information we collect and how;
  2. How and why we use your personal information;
  3. The third-party partners and processors we work with;
  4. How long we retain your data and when we delete it;
  5. The security measures we have in place to protect your data;
  6. Your legal rights regarding your personal information;
  7. How we comply with applicable data protection laws, including the EU General Data Protection Regulation (GDPR), the UK GDPR, the California Consumer Privacy Act (CCPA/CPRA), and India's Digital Personal Data Protection Act (DPDPA).

This Policy applies globally to all users of the Service, regardless of location.

2. Information We Collect

2.1 Information You Provide Directly

When you register for or use the Service, you may provide us with:

  1. Account Information: Your name, email address, and any other details you voluntarily provide during registration or profile setup.
  2. Uploaded Content: PDFs, Word documents, images, URLs, text, audio, and any other files or content you upload to the Service for quiz or assessment generation ("Uploaded Content"). We use Uploaded Content solely to generate assessments for you.
  3. Support and Communications: Information you share when contacting us through our contact form or other support channels, including descriptions of issues and any attachments you provide.
  4. Marketing Preferences: Your preferences regarding marketing or product update communications, if you opt in during sign-up.

2.2 Information Collected Automatically

When you access or use the Service, we may automatically collect:

  1. Device and Connection Information: Your IP address, browser type and version, operating system, device type, device identifiers, and internet service provider.
  2. Usage and Interaction Data: Information about how you interact with the Service, including pages visited, features used, quiz generation frequency, session duration, and error logs. This data helps us understand how users engage with the Service and identify areas for improvement.
  3. Cookies and Similar Technologies: We use essential cookies to maintain your login session and ensure the Service functions correctly. We may also use analytics cookies to understand usage patterns. See Section 8 (Cookies) for more detail.

2.3 Data Generated Through AI Processing

When you upload content for quiz generation:

  1. Input Files: Original uploaded files (e.g., PDFs, images) are used exclusively to extract text for quiz generation.
  2. File Deletion: Original uploaded files are automatically and permanently deleted from our servers immediately after text extraction is complete. We do not retain your raw uploaded files.
  3. Extracted Text: The text extracted from your files is securely stored in our database to facilitate quiz generation and related service features. This extracted text is not used for any purpose beyond what is described in this Policy and is not shared with third parties except as set out in Section 5.
  4. Generated Outputs: Quizzes and assessments generated by our AI are stored in your account for your access and use.

2.4 Payment Information

All payment-related information (credit/debit card numbers, billing addresses, etc.) is collected directly by Paddle, our Merchant of Record. We do not collect, process, or store your full payment card details. We receive only limited, non-sensitive transaction information from Paddle (such as your name, subscription plan, and payment status) to manage your account and subscription.

3. How We Use Your Information

We process your personal information only for specific, legitimate purposes. These include:

3.1 Service Delivery

  • To create, manage, and maintain your account;
  • To process your uploaded content and generate AI-powered quizzes and assessments;
  • To deliver the features and functionality of the Service;
  • To verify your identity and authenticate your access;
  • To communicate with you about your account, subscription, or support requests.

3.2 Service Improvement and Research

  • To analyze usage patterns and improve the performance, reliability, and features of the Service;
  • To diagnose and fix technical issues;
  • To develop new features and improve AI model outputs.

We will not use your Uploaded Content to train our AI models without your explicit consent.

3.3 Billing and Subscription Management

  • To manage your subscription and coordinate with Paddle regarding your billing status and plan;
  • To send you billing-related notifications (e.g., renewal reminders, receipts, and payment failure alerts) via email.

3.4 Legal Compliance and Safety

  • To comply with applicable laws, regulations, and legal processes;
  • To enforce these Terms of Service and our other policies;
  • To detect, prevent, and respond to fraud, abuse, security incidents, and other harmful or prohibited activities;
  • To protect the rights, property, and safety of us, our users, and the public.

3.5 Communications and Marketing

If you have opted in, we may send you product updates, newsletters, and promotional communications about the Service. You may opt out at any time via your account settings or by using the unsubscribe link in any marketing email.

5. Sharing Your Information

We do not sell your personal information to third parties. We do not rent or trade your personal data. We may share your information only in the following limited circumstances:

5.1 Service Providers and Data Processors

We work with a small number of trusted third-party service providers who process data on our behalf in order to operate the Service:

  1. Paddle (paddle.com): Our Merchant of Record for all payment processing. Paddle processes your billing information under its own Privacy Policy (paddle.com/legal/privacy).
  2. Cloud Infrastructure Providers: We use cloud hosting and infrastructure services to store data and operate the platform. These providers have no independent right to use your data except to perform services for us.
  3. Analytics Providers: We may use analytics tools such as Google Analytics to understand aggregate usage trends. These tools may collect anonymized or pseudonymized usage data.
  4. AI Model Providers: Our Service relies on third-party AI model APIs to process your extracted text and generate quiz content. Uploaded content is submitted to these providers solely for the purpose of generating your outputs. We select providers that maintain appropriate data protection standards.

All our data processors are bound by data processing agreements requiring them to protect your data in accordance with applicable law.

5.2 Legal Requirements

We may disclose your information if required to do so by law, court order, or governmental authority, or if we believe in good faith that disclosure is necessary to: (a) comply with a legal obligation; (b) protect and defend our rights or property; (c) prevent or investigate possible wrongdoing in connection with the Service; or (d) protect the personal safety of users or the public.

5.3 Business Transfers

If we are involved in a merger, acquisition, asset sale, or transfer of business, your personal information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on the Service before your data is transferred and becomes subject to a different privacy policy.

5.4 Aggregated or Anonymized Data

We may share aggregated or anonymized data that does not identify you personally with third parties for research, analysis, or other purposes.

6. Data Retention and Deletion

6.1 We retain your personal information for as long as your account is active or as necessary to provide you with the Service.

6.2 Specific retention periods:

  1. Uploaded Files: Original uploaded files are deleted immediately after text extraction (typically within seconds).
  2. Extracted Text: Retained for the duration of your account to support ongoing quiz generation. Deleted within 30 days of account closure.
  3. Account Information: Retained for the life of your account and for a reasonable period thereafter (typically up to 12 months) for legal, audit, and dispute-resolution purposes.
  4. Generated Quizzes: Stored in your account until you delete them or your account is closed.
  5. Payment Records: Transaction records are retained by Paddle in accordance with Paddle's policies and applicable tax/accounting laws.

6.3 You may request deletion of your account and personal data at any time by contacting us via our contact form at https://assessmateai.com/contact. We will process your request within 30 days, subject to any data we are required to retain by law.

7. Data Security

7.1 We implement industry-standard technical and organizational measures to protect your personal information against unauthorized access, loss, alteration, disclosure, or destruction. These measures include:

  1. Encryption of data in transit using TLS/HTTPS;
  2. Encryption of sensitive data at rest;
  3. Access controls limiting who can access personal data internally;
  4. Regular review of security practices and infrastructure.

7.2 While we take security seriously and apply reasonable precautions, no method of data transmission or storage over the internet is completely secure. We cannot guarantee the absolute security of your data.

7.3 In the event of a personal data breach that is likely to result in high risk to your rights and freedoms, we will notify affected users and, where required, the relevant supervisory authorities in accordance with applicable law.

8. Cookies

8.1 We use cookies and similar technologies on the Service. A cookie is a small text file stored in your browser that helps us recognize you and provide certain features.

8.2 Types of cookies we use:

  1. Strictly Necessary Cookies: Essential for the Service to function. These enable login persistence, session management, and security features. The Service cannot function properly without these. These are placed without requiring your consent.
  2. Analytics Cookies: Used to understand how users interact with the Service (e.g., pages visited, features used). These are placed only with your consent where required by applicable law (e.g., for users in the EU, we will display a cookie consent banner).

8.3 You can control and manage cookies through your browser settings. Note that disabling certain cookies may affect the functionality of the Service.

9. Your Rights and Choices

9.1 Rights for All Users

Regardless of your location, you have the right to:

  1. Access: Request a copy of the personal information we hold about you.
  2. Correction: Request that we correct inaccurate or incomplete personal information.
  3. Deletion: Request deletion of your personal information, subject to certain exceptions (e.g., legal retention requirements).
  4. Opt-Out of Marketing: Unsubscribe from marketing emails at any time via the unsubscribe link in any such email or via our contact form.

9.2 Additional Rights for EU/EEA/UK Users (GDPR)

In addition to the above, if you are located in the EEA or UK, you have the right to:

  1. Restriction: Request that we restrict processing of your personal data in certain circumstances;
  2. Portability: Receive your personal data in a structured, commonly used, machine-readable format and transmit it to another controller;
  3. Objection: Object to processing based on our legitimate interests, including for direct marketing;
  4. Withdraw Consent: Where we rely on consent, withdraw it at any time without affecting prior lawful processing;
  5. Lodge a Complaint: Lodge a complaint with your local data protection supervisory authority. A list of EU supervisory authorities is available at edpb.europa.eu.

9.3 Additional Rights for California Residents (CCPA/CPRA)

If you are a California resident, you have the right to:

  1. Know: Request disclosure of the categories and specific pieces of personal information we have collected about you and the purposes for which it was used;
  2. Delete: Request deletion of personal information we hold about you, subject to certain exceptions;
  3. Correct: Request correction of inaccurate personal information;
  4. Opt-Out of Sale or Sharing: We do not sell or share your personal information as defined under CCPA/CPRA;
  5. Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

To exercise any of these rights, please contact us via our contact form at https://assessmateai.com/contact. We will respond to verifiable requests within the timeframes required by applicable law (typically 30 days, with possible extension for complex requests).

10. International Data Transfers

10.1 We operate globally, which means your personal information may be transferred to and processed in countries other than your country of residence, including countries that may not have the same data protection laws as your home jurisdiction.

10.2 For transfers of personal data from the European Economic Area or the United Kingdom to countries not recognized as providing an adequate level of data protection, we rely on appropriate safeguards, such as Standard Contractual Clauses (SCCs) approved by the European Commission or UK ICO, as applicable.

10.3 By using the Service, you consent to the international transfer of your data as described in this Policy.

11. Children's Privacy

11.1 The Service is not directed to children under 13 years of age (or under 16 in certain jurisdictions, including the EU). We do not knowingly collect personal information from children below the applicable minimum age without verifiable parental or guardian consent.

11.2 If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately via our contact form. We will promptly investigate and delete such data where required.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. When we make changes, we will update the "Last Updated" date at the top of this Policy. For material changes, we will notify you by email or by posting a prominent notice on the Service before the changes take effect. Your continued use of the Service after the effective date of any updated Policy constitutes your acceptance of the changes.

14. Contact Us

If you have any questions, concerns, or requests relating to this Privacy Policy or how we handle your personal data, please contact us:

Assessmate is operated by Abdul Aziz Shah, doing business as Zenen Digital.