PRIVACY POLICY
1. GENERAL INFORMATION
American Universities & Colleges Consultant LLC dba Somanoc is a Limited Liability Company located at 1501 SW 59Th Street, Oklahoma City, Oklahoma 73119, USA; hereby referred to as (“Somanoc”, “Company” “we”, “our” or “us”). Somanoc provides competency examination testing services and test preparation resources on the Somanoc website, referred to as (“Website”, “Site”). Somanoc may act as the data controller or a data processor, depending on its relationship to the Data subject. This Privacy Policy (“Policy”) has been adopted and implemented in accordance with the principles set forth herein, to describe our practices regarding the collection and processing of Personal Data about test candidates, clients, contractors, and partners. Somanoc respects privacy and Personal Data and is committed to complying with this Policy and in accordance with Applicable Laws of all jurisdictions in the United States.
This Privacy Policy describes our data protection practices and the types of information that you provide to us; information we may collect automatically in the operation of our websites, web pages, and emails that link to this Privacy Policy (collectively this Site); users of our products and services; people purchasing practice tests, study guides, skills checklist, books, e-books, vouchers and our other products and services available on Somanoc’s Site; and Personal Data (as defined below) that we may receive from test sponsor’s or collect from you on behalf of certification, credentialing, licensure, regulatory, and academic admission test sponsors. This Privacy Policy also applies to individuals who desire to access, manage, publish, and provide their current credential status to their designated and authorized third parties, including employers and background-checking firms. Additionally, this Privacy Policy describes your rights and responsibilities, our rights and responsibilities, how we use the information we collect or receive; with whom we share the information with; the measures we take to protect the security of Personal Data from loss, misuse, unauthorized access, and the choices you can make about providing your Personal Data to us as it relates to your competency certification examination, credentialing, licensure, regulatory, and academic admission testing experience; and how you can contact us. All references to ‘our’, ‘us’, or ‘we’, in this Privacy Policy and within the opt-in notice are deemed to refer to the Somanoc, for purposes of this Privacy Policy. The rights and responsibilities described in our Privacy Policy do not cover third-party websites that may be linked to our website or referred to on this Site. These third-party websites have their own privacy policies, and we encourage you to read and review them.
2. WHAT TYPES OF PERSONAL DATA DO WE COLLECT?
For purposes of this Privacy Policy, “Personal Data” is any information that can be used to identify you or that, when added with other Personal Data, can be linked to you and includes; but is not limited to: personal contact details (names, birth, social security number, street address, email address, phone number, fax number, credit/debit card information, Company, and title). We may also collect or receive the following additional Personal Data at registration or in the testing process, as necessary or appropriate, including, but not limited to: language, date of, test sponsor’s identification number, employment Data, previous examination history, education Data, and source of financing for the test; assessment details, including candidate ID number; credit card information; residence and country of citizenship; signature, photograph, and video recordings, and audio recordings (as permissible by law and only in specific jurisdictions). Additionally, we may handle so-called ‘special categories of Personal Data’ about you, which may be considered sensitive. This includes (i) your race or ethnic origin; (ii) your biometric template where permitted by law; or (iii) medical or health information when requesting a testing session accommodation. Before we collect sensitive Personal Data, we will mark the question(s) as ‘optional’ or require your consent. Such consent may be withdrawn at any time.
3. HOW DOES SOMANOC COLLECT YOUR PERSONAL DATA?
Somanoc mostly collects Personal Data directly from the individual data subject. When a candidate visits Somanoc’s website, or mobile application and registers or takes an exam, we collect the Personal Data. Also, when users use our applications or contact us, we collect transaction information for customer service purposes. However, in other cases, we may receive information from test sponsors or from third-party data suppliers to help us better understand our customers. All Personal Data collected by Somanoc via our mobile applications is protected and processed according to the terms of this Policy. We also offer automatic (“push”) notifications only to those who opt-in to receive such notifications from us. No individual is required to provide location information to Somanoc or to enable push notifications to use any of our mobile applications.
4. COLLECTION OF YOUR PERSONAL DATA
Somanoc collects the following Personal Data depending on your relationship to the Company and Applicable Law for the following purposes: scheduling competency examinations, verifying identity, administering exams, and payments, managing customer service requests, detecting and preventing fraud and misrepresentation by unauthorized candidates, conducting data analytics to maintain the integrity and tampering of the examination and the process, reporting exam results to candidate, schools, certification and licensing agencies, test sponsor, conducting marketing activities, subject to applicable law, supplier management and administration, invoice processing, know-your-supplier due diligence and other legal requirements.
5. LEGAL BASES OF PROCESSING YOUR PERSONAL DATA
Personal Data is generally collected and processed according to the following legal bases:
- Your consent for the collection and processing of special categories of Personal Data.
Your consent, if required by Applicable Law, for cross-border data transfers.
The performance of a contract includes registering and scheduling for a test, administering that test, fraud prevention, and processing the examination results.
For legitimate business purposes such as invoice processing and financial account management, backup purposes to facilitate business continuity, test center management, business planning, contract management, improvement of testing services provided to our customers, proposing related services and products to existing test candidates, website administration, fulfillment, analytics, security and fraud prevention, corporate governance, disaster recovery planning, auditing, and reporting.
Compliance with any legal or regulatory obligations.
6. DISCLOSURE OF YOUR PERSONAL DATA
Personal Data may be shared with other Company affiliates, government agencies, or third parties for legitimate business reasons related to the services provided or as otherwise allowed or required by Applicable Law. The Company may share Personal Data:
Within our group, such as subsidiaries
With our affiliates and authorized test centers.
With business partners such as exam sponsors and service providers to facilitate requests and improve our services
With government authorities and public authorities when necessary or required by the authority.
Biometric data may be disclosed to a third party only:
– For an investigation related to alleged misconduct solely for the purposes of an investigation of cheating, unauthorized testing, or other test candidate misconduct.
– In relation to lawful requests by regulatory, legal, or government agencies with jurisdiction and/or authority to make such requests.
We execute contracts as Applicable Law requires with our third parties to ensure that Personal Data is processed in compliance with this Policy and any other appropriate confidentiality and security measures.
7. STORAGE OF YOUR PERSONAL DATA
Depending on the nature of your relationship with Somanoc and per Applicable Law, we store your Personal Data in our secure cloud infrastructure with servers located in the United States. Somanoc follows a comprehensive Records Management Program and related retention schedule that it adheres to for the retention, storage and destruction of all records created during its business, including those containing Personal Data. We also deploy a Data Management strategy that segregates data based on regionally located data servers. Subject to Applicable Law, our Company will keep your Personal Data for the duration of the processing, for the lesser period of:
Five (5) years from the date of the last service, test, or assessment; or The expiration of the purpose for which the Personal Data was collected; or The laws of the applicable jurisdiction where the Personal Data was collected.
Somanoc will not keep Personal Data longer than necessary. However, Somanoc may retain Personal Data longer if necessary to comply with Applicable Law or if required to protect or exercise its rights.
8. TRANSFERS OF PERSONAL DATA
We will comply with the privacy and data collection laws of the jurisdiction of the individual from whom the information is being collected. Our computer operations are currently based in the United States. The Internet is a global environment. By using this Site and sending information and Personal Data to us electronically, you consent to trans-border and international transmission of any data that you may choose to supply us to any country in the world, including countries without adequate data protection. Information and Personal Data transmissions to this Site and emails sent to us may not be secure. Given the inherent operation and nature of the Internet, all Internet transmissions are done at the user’s own risk. By registering for a test through us, purchasing services or products from our website, or submitting information to one of our credentialing Sites, or, in some cases submitting your Personal Data through another person acting upon your direction and on your behalf, you agree to allow your Personal Data to be transmitted by us to the test sponsor from whom you seek certification, credentialing, licensure, or academic admission or on whose behalf the Somanoc administers the Sites. The test sponsor requires your Personal Data so that (a) Exams can be correctly administered; (b) certification, credentialing, licensure, or academic admission can be processed, granted, and administered; and (c) candidates can receive further information about certification, credentialing, licensure, or academic admission testing. For more information about how the test sponsor may collect and use your Personal Data, we encourage you to review the test sponsor’s privacy policy. To validate the test, user integrity, and security, we may supply audio and videotapes of test candidates in a testing center at a particular time to any test sponsor whose test was being administered at that time in such test center. Where you have chosen to take your test through our online proctoring platform, the audio, and videotapes of your testing session will be supplied to the relevant test sponsor and any of their appointed agents to assist with their management of your test.
10. CALIFORNIA PRIVACY RIGHTS
California Civil Code Section 1798 empowers California residents to ask companies with whom they have an established business relationship to provide certain information about the companies’ sharing of their Personal Data with third parties for direct marketing purposes. Somanoc does not share any California consumer Personal Data with third parties for marketing purposes without consent. If you are an Exam candidate, Somanoc will provide your Personal Data to your Exam sponsor, who may use the information per their privacy policies.
11. PROTECTION OF YOUR PERSONAL DATA
Somanoc implements various security measures, such as technical, physical and administrative safeguards, to protect all Personal Data from security incidents or unauthorized disclosure and, more generally, from a Personal Data Breach. These security measures are recognized as appropriate security standards in the industry and include; access controls, password, encryption, inter alia, strict time limits for erasure, logging mechanisms, and regular security assessments. If a Personal Data Breach potentially impacts your personal data, Somanoc follows its Incident Response Plan and will promptly take appropriate action to mitigate the risks to data subjects. Such measures may include notifying the appropriate Supervisory Authority and the impacted data subjects while providing the relevant details of the incident and mitigation measures as may be mandated under Applicable Laws such as GDPR or PIPL. Somanoc’s Information Security Program is reviewed several times annually by multiple third-party organizations to ensure it meets or exceeds the highest benchmarks available for security and data privacy and protection. In addition, employees and contractors are obligated to promptly report any known or suspected instance of misuse, loss, or unauthorized access.
12. CHANGES TO PRIVACY POLICY
Somanoc reserves the Right to update the terms of this Privacy Policy from time to time. It is your responsibility to visit and review this Privacy Policy periodically to ensure you agree with any changes or updates. We will post our revised privacy notice on our website and update the ‘Revision Date’ to reflect the date of the changes. By continuing to use our website after we post any such changes or updates, you accept the privacy notice as modified.
12. HOW TO CONTACT US
If you have any questions, or concerns about this Privacy Policy or have a request regarding your rights as a data subject, you may email the Somanoc privacy representative at:
Somanoc Privacy Manager
Address:
1501 SW 59Th Street,
Oklahoma City, Oklahoma-73119.
Phone: +1-405-225-7876.
Fax: +1-405-421-9521
Email: info@somanoc.com
Data subjects also have the Right to file a complaint directly with the competent Supervisory Authority in their relevant jurisdiction or may take legal action per Applicable Law.