Data Security & Privacy

Your privacy and data security are our top priorities. Learn how we protect your information.

Our Commitment to Security

At Quizinger, we understand that you trust us with sensitive educational materials and personal information. We take this responsibility seriously and have implemented industry-standard security measures to protect your data.

Data Encryption

In Transit

All data transmitted between your device and our servers is encrypted using TLS 1.3 (Transport Layer Security). This ensures that:

  • Your uploaded files cannot be intercepted during transmission
  • Your login credentials are protected
  • All API communications are secure
  • Your generated quizzes are transmitted safely

At Rest

Data stored on our servers is encrypted using AES-256 encryption. This military-grade encryption ensures that even if unauthorized access were to occur, your data would remain unreadable.

File Handling & Automatic Deletion

Upload Process

When you upload a file (PDF, image, etc.) to Quizinger:

  1. The file is encrypted immediately upon upload
  2. It's processed in memory whenever possible
  3. Temporary storage (if needed) is encrypted
  4. The file is never accessible to unauthorized parties

Automatic Deletion

We do not permanently store your uploaded files. Here's our deletion policy:

  • PDFs and Images: Automatically deleted within 1 hour of upload
  • Temporary Processing Files: Deleted immediately after quiz generation
  • Extracted Text: Kept only for quiz generation, then deleted
  • Generated Quizzes: Stored in your account until you delete them

You Control Your Data

You have complete control over your generated quizzes:

  • View your quizzes anytime in your dashboard
  • Edit or modify generated content
  • Delete quizzes permanently at any time
  • Export your data in multiple formats

Third-Party AI Services

OpenAI & Google Gemini

Quizinger uses AI services from OpenAI and Google to generate quiz questions. Here's how we protect your content:

Data Minimization

  • We send only necessary text content to AI services
  • Personal information is removed before processing
  • Sensitive data is redacted automatically

Third-Party Commitments

  • OpenAI: Does not use API data to train models
  • Google: Processes data according to their strict privacy policies
  • Both services are GDPR and SOC 2 compliant
  • Data is not shared with other third parties

Account Security

Password Protection

  • Passwords are hashed using bcrypt with salt
  • We never store plain-text passwords
  • Password reset links expire after 1 hour
  • Account lockout after failed login attempts

Authentication

  • Secure session management
  • OAuth2 authentication for Google sign-in
  • Email verification for new accounts
  • Automatic logout after inactivity

Infrastructure Security

Server Security

Our infrastructure is hosted on secure, enterprise-grade servers with:

  • Regular security patches and updates
  • Firewall protection
  • DDoS mitigation
  • Intrusion detection systems
  • 24/7 monitoring

Database Security

  • Encrypted database connections
  • Regular automated backups
  • Access controls and authentication
  • SQL injection prevention

Privacy Principles

Data Minimization

We collect only the data necessary to provide our service:

  • Email address (for account management)
  • Name (optional, for personalization)
  • Payment information (processed by Stripe, not stored by us)
  • Generated quizzes (stored in your account)
  • Usage analytics (anonymized)

No Selling of Data

We will never sell your data to third parties. Your trust is more valuable than any potential revenue from selling data.

Limited Data Sharing

We share data only with:

  • AI Services: For quiz generation (text content only)
  • Payment Processor: Stripe (for payment processing only)
  • Analytics: Anonymized usage data for service improvement
  • Legal Requirements: When required by law

GDPR Compliance

We comply with the General Data Protection Regulation (GDPR). You have the right to:

  • Access: Request a copy of your data
  • Rectification: Correct inaccurate data
  • Erasure: Request deletion of your data
  • Portability: Export your data
  • Object: Opt out of certain data processing

To exercise these rights, contact us at admin@gensheet.ai.

Children's Privacy

Quizinger is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us immediately.

Data Breach Protocol

In the unlikely event of a data breach:

  1. We will notify affected users within 72 hours
  2. Relevant authorities will be notified as required by law
  3. We will take immediate steps to secure systems
  4. A full investigation will be conducted
  5. Results and remediation steps will be communicated transparently

Security Best Practices for Users

Protect Your Account

  • Use a strong, unique password
  • Don't share your login credentials
  • Log out on shared devices
  • Enable two-factor authentication (when available)

Protect Your Content

  • Don't upload files containing sensitive personal information
  • Review generated quizzes before sharing publicly
  • Delete quizzes you no longer need
  • Be cautious when sharing quiz links

Transparency & Trust

Regular Security Audits

We conduct regular security audits and assessments to ensure our systems remain secure. This includes:

  • Quarterly security reviews
  • Penetration testing
  • Code security scans
  • Third-party security assessments

Open Communication

We believe in transparent communication about security:

  • Security updates are communicated clearly
  • Privacy policy changes are announced in advance
  • User questions are answered promptly
  • Security concerns are taken seriously

Certifications & Compliance

Quizinger is committed to maintaining the highest security standards. We are working toward:

  • SOC 2 Type II certification
  • ISO 27001 compliance
  • COPPA compliance (for educational use)
  • FERPA compliance (for educational institutions)

Contact Us About Security

Have questions or concerns about data security?

Updates to This Page

We may update this Data Security page periodically to reflect changes in our practices or for other operational, legal, or regulatory reasons. Check this page regularly for updates.

Last updated: January 15, 2024