ExamCram
Back to home

Privacy Policy

Last updated: May 20, 2026

1. Introduction

ExamCram (“we”, “our”, or “us”) operates examcram.ai. This Privacy Policy explains what information we collect when you use our platform, how we use it, and your rights regarding your data. By using ExamCram you agree to the practices described here.

2. Information We Collect

Account information — When you register we collect your name, email address, and a hashed password.

Payment information — Billing details (card number, expiry, CVV) are collected and processed directly by Stripe. We only store the last four digits of your card and your Stripe customer ID — we never see or store full card data.

Usage data — Which exams you attempt, question responses, scores, session durations, and mastery progress.

Technical data — IP address, browser type, device identifiers, and pages visited, collected automatically via server logs and analytics cookies.

3. How We Use Your Information

We use the information we collect to:

  • Create and manage your account and authenticate you securely.
  • Deliver the practice exam service, track your progress, and personalise your experience.
  • Process payments and manage subscriptions.
  • Send transactional emails (purchase receipts, password resets, account notifications).
  • Improve the platform by analysing aggregate usage patterns.
  • Detect and prevent fraudulent or abusive activity.
  • Comply with legal obligations.

We do not sell your personal data to third parties.

4. Sharing and Third Parties

We share data only with the following service providers, under strict contractual obligations:

  • AWS (Amazon Web Services) — Cloud infrastructure, database storage, and user authentication via Amazon Cognito.
  • Stripe — Payment processing. Stripe's privacy policy governs their handling of payment data.
  • Analytics providers — Aggregate, anonymised usage statistics to understand platform performance.

We may disclose data if required by law, court order, or to protect the safety of users or the public.

5. Cookies

We use cookies and similar technologies to keep you signed in, remember preferences, and understand how users navigate the platform. See our Cookie Policy for full details and opt-out instructions.

6. Data Retention

We retain your account data for as long as your account is active. If you delete your account we will delete or anonymise your personal data within 90 days, except where retention is required by law (e.g. financial records which are kept for 7 years).

7. Security

We implement industry-standard security measures including TLS encryption in transit, encryption at rest in AWS DynamoDB, IAM least-privilege access controls, and regular security reviews. No method of transmission over the internet is 100% secure; we cannot guarantee absolute security.

8. Children

ExamCram is not directed at children under 13. We do not knowingly collect personal data from children. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

9. Your Rights

Depending on your jurisdiction you may have the right to access, correct, delete, or export your personal data, and to object to or restrict certain processing. To exercise any of these rights, email us at support@examcram.ai. We will respond within 30 days.

10. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes by email or by posting a prominent notice on the site. Continued use after the effective date constitutes acceptance of the revised policy.

11. Contact

Questions or concerns? Contact our Privacy team at support@examcram.ai or write to:

ExamCram

support@examcram.ai