Welcome to OSCE AI (the “Company,” “we,” “us,” or “our”). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website osce-ai.com (the “Site”) and our web-application app.osce-ai.com (the “App”). By accessing or using our Site and App, you agree to the terms of this Privacy Policy.

If you do not agree with the terms of this Privacy Policy, please do not access the Site.

1. Information We Collect

1.1 Personal Information

We collect personal information that you voluntarily provide when you register on our Site, complete forms, request information about our services, or otherwise communicate with us. This may include:

• Name
• Email address
• Phone number
• Company name (if applicable)
• Login credentials (if you create an account)
• Any other information you choose to provide

1.2 Automatically Collected Information

When you visit or interact with our Site, we may automatically collect certain information about your device and usage, such as:

• Log and Usage Data: This includes information like your Internet Protocol (IP) address, browser type, operating system, the specific pages you visit, and the dates/times of your visits. We use this data to help maintain the security of our Site, analyze site performance, and improve the overall user experience.
• Cookies and Similar Technologies: At this time, we do notuse cookies, web beacons, or other tracking technologies to store information about your preferences or browsing activities. If our practices change in the future, we will update this Privacy Policy accordingly and comply with all relevant laws and regulations.

1.3 Information from Third Parties

We do not obtain any personal information about you from third-party sources at this time. Should this practice change, we will update this Privacy Policy accordingly and comply with all applicable legal requirements.

1.4 Sensitive Information

We generally do not collect sensitive personal information, such as racial or ethnic origin, religious beliefs, sexual orientation, health information, or biometric data. If the need arises to process such information, we will do so in accordance with applicable laws and only with your explicit consent.

1.5 Student Data

We recognize the critical importance of protecting student information. We adhere to guidelines to ensure compliance with theFamily Educational Rights and Privacy Act (FERPA). We donot share any student data with third parties, and we employ robust security measures to safeguard all student information on our systems. Access to student data is strictly limited to authorized personnel, and any handling of student information is conducted in full compliance with all applicable data protection regulations.

2. How We Use Your Information

We use the information we collect for various purposes related to our business operations, as outlined below:

• Providing and Maintaining Our Services
• To create and manage your account
• To process requests and transactions
• To ensure the functionality, security, and integrity of our Site
• Improving User Experience
• To analyze usage patterns and trends in order to optimize our Site's layout, content, and overall user interface
• To personalize content and features based on user preferences
• Communicating with You
• To respond to inquiries, questions, or concerns you may have
• To send administrative information, such as updates to our terms, policies, or other critical information
• To provide marketing or promotional materials (when permitted by law and where you have not opted out)
• Ensuring FERPA and Privacy Compliance (where applicable to student data)
• To handle any student data strictly in accordance with the Family Educational Rights and Privacy Act (FERPA) guidelines
• To maintain appropriate security measures that safeguard student information and comply with all relevant regulations
• Other Lawful Business Purposes
• To perform data analysis, audit, research, or to develop new services
• To aggregate or de-identify your information so it no longer reasonably identifies you, and use it for analytics and benchmarking

3. Cookies and Other Tracking Technologies

At this time, OSCE AI does not use cookies or similar tracking technologies on our Site. We do not place any files or codes on your browser or device to collect information about you or your browsing behavior.

3.1 Future Updates

If our practices change in the future and we begin to use cookies or other tracking technologies, we will update this Privacy Policy accordingly and provide appropriate notice to you, in compliance with relevant laws and regulations.

3.2 Third-Party Integrations

While we do not directly use cookies or tracking technologies, any third-party links, plug-ins, or embedded services on our Site may collect information according to their own policies. Please review the privacy policies of any third-party services you interact with to understand how they use your data.

4. How We Share Your Information

We take your privacy seriously and only share personal information under the circumstances described below:

• Service Providers

We may share information with trusted service providers who assist us in operating our Site or conducting our business. These third parties are authorized to use your information only as necessary to provide services on our behalf (e.g., hosting, data storage, technical support).

• Legal and Regulatory Compliance

We may disclose information if required to do so by law, subpoena, or other legal process, or if we believe in good faith that such action is necessary to:

• Comply with applicable laws or regulations
• Respond to a valid court order, government request, or legal process
• Protect our rights, property, or safety, or that of our users or others
• Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your personal information may be transferred to a successor entity or third party. In such an event, we will make reasonable efforts to ensure the receiving party agrees to protect your information in a manner consistent with this Privacy Policy.

• Aggregate or De-Identified Information

We may share aggregated or de-identified information that does not reasonably identify you as an individual. This data is used for legitimate business purposes, such as analytics, research, or marketing.

• Student Data
• No Sharing Without Legal Requirement: We do not share any personally identifiable student data with third parties unless required by law (e.g., to comply with FERPA or other applicable regulations).
• High Confidentiality: All student information is treated with the highest level of confidentiality and is strictly accessed only by authorized personnel for legitimate educational or administrative purposes.
• De-Identification for Additional Safeguards: Where feasible, student data is de-identified or anonymized to provide an extra layer of protection, preventing it from being linked back to any individual student.
• With Your Consent

Except as described above, we will not share your personal information with third parties without your explicit consent. If we seek to share your data in a manner not covered by this Privacy Policy, we will inform you and give you an opportunity to opt out.

5. Data Retention

• General Retention Period

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy or as required by law. Once we no longer need your information, we will securely delete, destroy, or anonymize it in accordance with our data retention policies.

• Student Data
• Retention Practices: We retain student data only for as long as needed to provide educational or administrative services, or as mandated by relevant regulations (e.g., FERPA).
• Secure Deletion: When student data is no longer required, it is securely deleted or anonymized to prevent any unauthorized access or re-identification.
• Legal and Regulatory Obligations

In certain circumstances, we may be required to retain your personal information for extended periods to comply with legal obligations, resolve disputes, or enforce our agreements. During this time, your information will be safeguarded according to the standards outlined in this Privacy Policy.

• Anonymized or Aggregated Data

We may continue to use anonymized or aggregated data, which does not identify individual users, for analytical or research purposes indefinitely, without further notice to you.

6. Security

• Measures to Protect Your Data

We are committed to safeguarding the personal information in our possession. We implement a variety of technical, administrative, and physical security measures designed to protect your data against unauthorized access, misuse, alteration, or destruction. These measures may include, but are not limited to:

• Encrypted data storage
• Secure servers with controlled access
• Firewalls and intrusion detection systems
• Regular security assessments and system monitoring
• Student Data Confidentiality
• Limited Access: Access to student data is strictly limited to authorized personnel who require it for legitimate educational or administrative purposes.
• FERPA Compliance: We adhere to Family Educational Rights and Privacy Act (FERPA) guidelines to ensure the confidentiality of student records and information.
• Additional Safeguards: Where feasible, we employ data de-identification to further protect student privacy.
• No Security Guarantee

While we strive to protect your personal information using commercially reasonable safeguards, no method of data transmission or storage is 100% secure. Therefore, we cannot guarantee the absolute security of your information, and you share information with us at your own risk.

• Reporting Security Vulnerabilities

If you have reason to believe that your interaction with us is no longer secure, please contact us immediately at the email or phone number provided in the “Contact Us” section. We will investigate and take appropriate corrective action as needed.

7. Your Rights and Choices

• Access and Correction
• Access to Your Information: You may request access to the personal information we hold about you.
• Correction of Inaccuracies: If you believe the information we hold is inaccurate or incomplete, you have the right to request that we update or correct it.
• Deletion Requests
• Right to Erasure: Depending on applicable laws, you may have the right to request that we delete your personal information. We will honor such requests unless we are required to retain certain data for legal or regulatory reasons.
• Withdrawal of Consent
• Consent-Based Processing: If our processing of your personal information relies on your consent, you have the right to withdraw that consent at any time. This withdrawal will not affect the lawfulness of any processing carried out prior to your withdrawal.
• Opting Out of Communications
• Marketing Emails: If you receive marketing or promotional communications from us, you may opt out by following the unsubscribe instructions in those emails or by contacting us directly.
• Administrative Messages: Note that you may not be able to opt out of receiving certain administrative or transactional messages, such as those relating to your account or essential services.
• Student Data Requests
• Parents and Eligible Students: Under FERPA and other applicable laws, parents (or eligible students) have the right to access and request corrections to student records. Please contact us if you need to review or update student information.
• Submitting a Request
• Contact Us: To exercise any of these rights, please contact us using the details provided in the “Contact Us” section below.
• Verification: We may request certain information to verify your identity before processing your request, in order to protect your privacy and maintain security.
• Location-Specific Rights
• Additional Jurisdictions: Depending on your jurisdiction, you may have additional rights under local laws (e.g., GDPR for EU residents, CCPA for California residents). We will comply with all applicable legal requirements in handling your requests.

8. Children's Privacy

• Intended Users: 18 and Older
• Our Site is not intended for use by anyone under the age of 18. We do not knowingly allow individuals under 18 to create accounts or otherwise engage with our services.
• Restricted Accounts
• Accounts on our Site are exclusively reserved for official university faculty and administration. We do not permit student accounts or individual users under 18 to register or access any restricted areas.
• Inadvertent Collection
• Because our Site is not designed for minors, we do not knowingly collect personal information from any individual under the age of 18. If we become aware that we have inadvertently collected information from someone under 18, we will promptly delete that information from our records.
• FERPA Compliance
• While students do not directly access our Site, we may process or store student data on behalf of authorized faculty or administrators. In such cases, we handle student information in strict compliance with the Family Educational Rights and Privacy Act (FERPA) and other applicable education privacy laws.
• We ensure that only authorized personnel can access any student-related information, and that such data is used solely for legitimate educational or administrative purposes.
• Contact Us
• If you believe we have collected personal information from a minor under 18 or have any concerns regarding student data, please contact us immediately using the information provided in the “Contact Us” section. We will take appropriate steps to address the issue and secure the information.

9. Third-Party Websites

• Links to External Sites
• Our Site may include links to third-party websites or services that are not operated by OSCE AI. These links are provided for convenience and informational purposes only.
• No Endorsement or Control
• We do not endorse, monitor, or control the content, policies, or practices of any third-party websites. Once you leave our Site, our Privacy Policy no longer applies. You are responsible for reviewing the privacy policies and terms of use of any external websites you visit.
• Third-Party Integrations
• Our Site may offer integrations or plugins from third-party services (e.g., embedded videos, social media widgets). These features may collect information about your IP address and usage patterns according to their own privacy policies. We encourage you to review the policies of these third-party service providers before interacting with them.
• Security and Data Practices
• We are not responsible for the security measures or data practices employed by third-party sites or services. If you have concerns about how these third parties handle your information, please consult their respective privacy policies or contact them directly.

10. International Data Transfers

• Scope of Data Transfers
• We primarily store and process information within the country where our organization is based. However, if our business operations require transferring data to servers or service providers located in other countries, we will ensure such transfers are conducted in compliance with applicable data protection laws.
• Legal Bases for Transfers
• Adequacy Decisions: Where required by law, we rely on adequacy decisions issued by relevant regulatory authorities, indicating that the destination country's data protection standards are deemed sufficient.
• Standard Contractual Clauses: In the absence of an adequacy decision, we may employ legally approved mechanisms, such as Standard Contractual Clauses or other contractual safeguards, to ensure your personal information receives an adequate level of protection.
• User Rights
• If applicable law grants you certain rights regarding the international transfer of your data (e.g., the right to request details about the transfer's legal basis), you may contact us as provided in the “Contact Us” section. We will respond in accordance with the applicable data protection regulations.
• Safeguards and Security Measures
• We implement reasonable technical, administrative, and physical safeguards to protect personal information during transfers, including encryption and secure file transfer protocols. These measures are in place to help ensure your data remains secure, confidential, and protected against unauthorized access or misuse.
• Updates to Our Practices
• Should our international data transfer practices change, we will update this section of the Privacy Policy accordingly and provide any required notices.

11. Changes to This Privacy Policy

• Periodic Updates
• We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational purposes. When we do, we will revise the “Last Updated” date at the top of this policy.
• Material Changes
• If we make any material changes to how we collect, use, or share your personal information, we will provide more prominent notice (such as a direct email notification if you have an account or a conspicuous notice on our Site) prior to the change becoming effective, in accordance with applicable legal requirements.
• Your Continued Use
• By continuing to use our Site or services after any revisions become effective, you signify your acceptance of the updated Privacy Policy. If you do not agree to the new terms, please discontinue use of our Site and services.
• Keeping Informed
• We encourage you to review this Privacy Policy periodically to stay informed about our privacy practices. If you have any questions or concerns, please contact us using the information in the “Contact Us” section below.

12. Contact Us

If you have any questions, comments, or concerns about this Privacy Policy or our data practices, please contact us at:

OSCE AI

osce.ai.grader@gmail.com

561.354.8108

We will respond to your inquiries in accordance with applicable laws and regulations