ClinAssess
ClinAssess
Home
Back home
Legal

Privacy Policy

Last updated: July 4, 2026 · Governed by the laws of Kenya

On this page
  • 1. Information We Collect
  • 2. How We Use Your Information
  • 3. Your Institution's Role
  • 4. How We Store and Protect Data
  • 5. How We Share Information
  • 6. Data Retention
  • 7. Your Rights
  • 8. Cookies
  • 9. International Data Storage
  • 10. Students and Minors
  • 11. Changes to This Policy
  • 12. Contact Us

This Privacy Policy explains how ClinAssess collects, uses, stores, and protects personal data belonging to students, lecturers, examiners, administrators, and institutions ("Users") when using the Platform. It should be read together with our Terms and Conditions and Cookie Policy.

1. Information We Collect

We collect only the information necessary to operate the Platform on behalf of your Institution:

  • Account information — name, registration/staff number, institutional email, role (student, staff, HOD, admin, super-admin), and Institution.
  • Submission data — clinical histories, case logs, and assessment files you upload, along with the text extracted from them via optical character recognition (OCR) for processing and originality checks.
  • Usage data — sign-in activity, pages viewed, actions taken on submissions, and system logs used for security and troubleshooting.
  • Device and technical data — browser type, IP address, and similar diagnostic information collected automatically.

2. How We Use Your Information

We use collected information to:

  • Authenticate users and enforce role-based access controls.
  • Process, store, and display clinical assessment submissions.
  • Run automated originality checks, including perceptual hashing and text-similarity (Jaccard) comparison against other submissions in your Institution's records.
  • Generate dashboards, reports, and notifications for students, lecturers, and administrators.
  • Maintain platform security, detect abuse, and troubleshoot technical issues.
  • Communicate important service updates.

ClinAssess does not use your data for advertising and does not sell personal data to third parties.

3. Your Institution's Role

ClinAssess acts primarily as a data processor on behalf of your Institution, which determines how student and staff records are used academically (for example, grading and originality review decisions). Some data-handling choices — such as retention periods and who may access particular records — are configured by your Institution's administrators.

4. How We Store and Protect Data

Personal data and submissions are stored in access-controlled systems, including a managed PostgreSQL database and, where configured by an Institution, integrated Google Workspace storage (Drive, Docs, and Sheets) used to organize and archive records. We apply the following safeguards:

  • Encryption of data in transit (HTTPS/TLS) and, where applicable, at rest.
  • Role-based access controls limiting who can view or edit records.
  • Authenticated sessions and audit logging of key actions.
  • Regular backups and restricted administrative access to production systems.

5. How We Share Information

We share personal data only in the following circumstances:

  • With authorized staff at your Institution who require access to perform their role (e.g. lecturers reviewing submissions, HODs approving results, administrators managing accounts).
  • With infrastructure and service providers that help us operate the Platform, such as cloud hosting and application-hosting providers, email delivery services, and Google Workspace (where an Institution uses Drive/Docs/Sheets integration). These providers are bound to handle data only as instructed.
  • When required by law, regulation, or valid legal process.
  • With your consent, or at your Institution's direction.

6. Data Retention

We retain personal data and submissions for as long as necessary to provide the Platform, in line with your Institution's retention policy and applicable academic record-keeping requirements. When an Institution requests deletion of specific records, we will delete them from active systems, subject to a limited period during which the data may still exist in encrypted backups.

7. Your Rights

Depending on your Institution's policies and applicable law, you may have the right to:

  • Request access to the personal data we hold about you.
  • Request correction of inaccurate information.
  • Request deletion of your data, subject to academic record-keeping obligations.
  • Ask how your data has been used, including in originality/duplicate checks.

Requests should generally be made through your Institution's administrator, who can escalate to ClinAssess where needed.

8. Cookies

ClinAssess uses a limited number of cookies necessary to keep you signed in and to remember basic preferences. See our Cookie Policy for full details.

9. International Data Storage

Some infrastructure providers we rely on (including cloud hosting and Google Workspace, where enabled) may store or process data outside your Institution's home country. Where this occurs, we require providers to maintain appropriate security and confidentiality safeguards.

10. Students and Minors

ClinAssess is intended for use by enrolled students, staff, and administrators of participating Institutions. It is not directed at children outside an educational enrollment context, and Institutions are responsible for ensuring appropriate consent and safeguarding where local law requires it for minors.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Material changes will be communicated where appropriate, and the "last updated" date above will be revised.

12. Contact Us

Questions about this Privacy Policy or your personal data can be directed to:

  • Support email: support@clinassess.graundra.com
  • Or through your Institution's ClinAssess administrator.
ClinAssess
About | Privacy Policy | Cookie Policy | Acceptable Use Policy | Academic Integrity Policy | Data Processing Agreement | Terms & Conditions
Student data is processed securely and only for educational purposes in accordance with your institution's policies.
Copyright © ClinAssess. All rights reserved.