Privacy policy
What information aioexamhelper collects, why we collect it, how we look after it, and the rights you have over it
1. Who we are
aioexamhelper is an exam revision platform operated by an individual sole trader based in the United Kingdom. When this policy says we, our or aioexamhelper, that is who we mean.
The data controller for the personal information described here is aioexamhelper. You can reach us at [email protected] for anything relating to this policy or to your data.
2. What we collect
Account information
When you create an account we store a username and a hashed password. We never see your password in plain text. The password is salted and hashed by our authentication provider before it reaches our database.
You can optionally provide an email address at sign up so you can recover your account if you forget your password. If you do not give us an email, we will have no way to send you a reset link, but we will not block you from using the platform.
Content you submit
The platform's core feature is sending the answers you write to a large language model so it can grade them against an official mark scheme. When you submit an answer for marking, that answer plus the relevant mark scheme are sent to our AI provider and the response is sent back to your browser.
We do not currently store your essays or your AI tutor conversations on our servers. They live only in your browser's local storage so you can come back to them later. If we change this in future we will update this policy and tell account holders before we begin storing content server side.
Usage information
Our hosting provider keeps standard server logs to detect abuse and keep the service running. These include the IP address of requests, the time of the request, and the URL requested. We do not run any analytics, advertising or tracking pixels on the site.
Payment information
If and when we introduce paid plans, payments will be processed by a third-party payment provider. We will never store your card number or full card details on our servers — only a token referencing your payment method, plus your subscription status. This policy will be updated when paid plans go live.
3. Why we process it, and on what legal basis
Under UK GDPR we have to tell you both why we process your data and the lawful basis we rely on for doing it.
- To provide the service — we process your account info, the content you submit, and your usage of the platform because you have entered into a contract with us to provide it. Lawful basis: contract performance.
- To keep the platform secure and prevent abuse — we look at server logs and authentication events to detect things like credential stuffing or automated scraping. Lawful basis: legitimate interests.
- To answer your questions and respond to requests — if you email us, we will use the contact details and the contents of your message to reply and (where relevant) to keep a record. Lawful basis: legitimate interests.
- To comply with legal obligations — we may need to retain or disclose information where a UK law or court order requires it. Lawful basis: legal obligation.
5. How long we keep it
- Account info stays for as long as your account is active. If you delete your account, we delete the underlying record within 30 days.
- Content you submit for AI grading is not retained server side at all. The request is forwarded to the AI provider, the response is sent back, and the request is not stored.
- Server logs are retained by our hosting provider for up to 30 days for abuse detection and debugging, then automatically deleted.
- Support emails are kept for as long as is reasonable to maintain the conversation and any follow-up, generally up to 2 years.
6. How we keep it safe
We use TLS in transit and at rest where supported by our providers. Passwords are hashed using industry-standard algorithms by our authentication provider before they reach our database. Access to production systems is restricted to the operator of aioexamhelper and protected by strong authentication.
No system is perfectly secure. If we ever become aware of a personal data breach that is likely to risk your rights and freedoms, we will notify the UK Information Commissioner's Office within 72 hours and notify affected users where appropriate, in line with UK GDPR.
7. Your rights under UK GDPR
You have a number of rights over your personal data, exercisable free of charge:
- Access — ask us for a copy of the personal data we hold about you
- Rectification — ask us to correct anything that is wrong or out of date
- Erasure — ask us to delete your account and the data associated with it
- Restriction — ask us to limit how we use your data while a query is resolved
- Portability — ask us to provide your data in a structured, commonly-used machine-readable format
- Objection — object to processing we do on the basis of legitimate interests
- Withdraw consent — where we rely on your consent for something specific, you can withdraw it at any time
To exercise any of these rights, email [email protected]. We aim to respond within 30 days. If you are not happy with our response, you have the right to complain to the UK Information Commissioner's Office at ico.org.uk.
9. Children's data
aioexamhelper is aimed at A-level and IAL students, typically aged 16 and over. We do not knowingly create accounts for children under the age of 13. If you believe a child under 13 has created an account on our platform, email us at [email protected] and we will delete it.
For school deployments, the school is responsible for obtaining any appropriate parental consent before pupils sign in.
10. Changes to this policy
We may update this policy from time to time, for example when we add new features or change subprocessors. The "Last updated" date at the top of the page will always reflect the most recent change. Where a change is material — for example, if we begin storing content server side, or change how we share data — we will give account holders advance notice by email or via an in-app banner.
11. Contact
For privacy questions or to exercise any of the rights described above: [email protected]
For general support: [email protected]
For school enquiries: [email protected]