Privacy Policy
How "we" (Provsy) collect, process, and protect your personal and educational data. We commit to transparency and security by design.
Information We Collect
Account
Name, email, institution, and role.
Uploaded Content
Study materials and assessment artifacts you provide.
Generated Content
Assessment items, marking schemes, metadata produced by the system.
Usage Metrics
Feature interactions, event timestamps, performance telemetry.
Technical
IP, device/browser fingerprint (hash truncated), OS family for security posture.
How We Use Information
Service Operation
Authenticate users, render workspaces, process generation tasks.
Quality & Validation
Improve item accuracy via aggregated non-personal performance signals.
Support & Communication
Send incident, security, and material change notices.
Security Monitoring
Detect anomalous access or abuse patterns.
Data Security
Encryption
TLS 1.2+ in transit; provider-managed encryption at rest.
Access Control
Principle of least privilege with quarterly entitlement reviews.
Segmentation
Logical separation of tenant data with enforced access boundaries.
Monitoring
Continuous logging, anomaly detection, and automated alert triage.
Incident Response
Documented runbooks; user notification on material impact.
Your Rights
Access
Request a structured export of personal data.
Rectification
Correct inaccurate profile information.
Deletion
Request erasure; core logs may persist for security & audit obligations.
Portability
Receive machine-readable exports where technically feasible.
Data Retention
Active Use
Data retained while institutional engagement is active.
Assessment Artifacts
Retained indefinitely unless asked to be removed by the creator.
Backups
Encrypted backups rotate on a rolling schedule (≤ 35 days).
Anonymized Analytics
Aggregated metrics may be stored indefinitely without identifiers.
Questions about privacy?
Contact our Data Protection Officer for any clarifications or rights requests.