Privacy Policy
We are committed to protecting your privacy and ensuring the security of your personal information across our global educational network.
Introduction
World Assessment Council ("WAC," "we," "us," or "our") is a global non-profit organization headquartered in Boston, Massachusetts, dedicated to advancing the future of learning, upskilling, and assessments worldwide. We serve over 4,000 universities, 200,000 educators, 350,000 learning enthusiasts, and 2 million students across 96 countries.
This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, participate in our programs, or engage with our educational platform. We are committed to protecting your privacy in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant international privacy regulations.
Our Commitment: As an educational organization, we understand the importance of data privacy, especially when handling information from educators, students, and academic institutions. We adhere to the highest standards of data protection and transparency.
Information We Collect
Information You Provide Directly
We collect information that you voluntarily provide when you register for an account, enroll in our programs, submit inquiries, or engage with our services:
- Account Information: Name, email address, password, institution affiliation, and professional role
- Professional Information: Educational background, certifications, areas of expertise, and career history
- Institutional Data: University or organization name, department, and administrative details
- Communication Data: Messages, feedback, and correspondence with our team
- Payment Information: Billing address and payment method details (processed securely through third-party providers)
Information Collected Automatically
When you access our website or services, we automatically collect certain information:
| Data Type | Description | Purpose |
|---|---|---|
| Device Information | Browser type, operating system, device identifiers | Service optimization |
| Usage Data | Pages visited, features used, time spent | Platform improvement |
| Location Data | Country, region, time zone | Localized content delivery |
| Log Data | IP address, access times, referring URLs | Security & analytics |
Information from Third Parties
We may receive information about you from partner institutions, educational platforms, and identity verification services when you authorize such sharing or when required for program enrollment.
How We Use Your Information
We use the information we collect for the following purposes:
- Service Delivery: To provide, maintain, and improve our educational programs, assessments, and platform features
- Personalization: To customize your learning experience and recommend relevant resources based on your interests and goals
- Communication: To send program updates, newsletters, event invitations, and respond to your inquiries
- Analytics: To understand usage patterns, measure program effectiveness, and enhance our offerings
- Security: To protect against unauthorized access, fraud, and maintain the integrity of our platform
- Compliance: To fulfill legal obligations, accreditation requirements, and contractual commitments
- Research: To conduct educational research and develop insights that advance learning methodologies (with appropriate anonymization)
Legal Basis: We process your personal data based on consent, contractual necessity, legitimate interests, and legal obligations, depending on the specific processing activity.
Information Sharing & Disclosure
We do not sell your personal information. We may share your information in the following circumstances:
- Partner Institutions: With universities and educational organizations that you are affiliated with or have enrolled through
- Service Providers: With trusted vendors who assist in operating our platform, processing payments, and delivering services (under strict confidentiality agreements)
- Accreditation Bodies: With relevant educational accreditation organizations as required for program certification
- Legal Requirements: When required by law, legal process, or to protect the rights, property, and safety of WAC, our users, or the public
- Business Transfers: In connection with any merger, acquisition, or sale of assets, with appropriate safeguards for your data
Data Security
We implement comprehensive security measures to protect your personal information:
- Encryption: All data transmitted to and from our platform is encrypted using TLS/SSL protocols
- Access Controls: Strict role-based access controls limit who can access personal data within our organization
- Infrastructure Security: Our systems are hosted on secure, SOC 2 compliant infrastructure with regular security audits
- Employee Training: All staff receive regular training on data protection and security best practices
- Incident Response: We maintain detailed incident response procedures to address any potential data breaches promptly
While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We encourage you to use strong passwords and protect your account credentials.
International Data Transfers
As a global organization operating across 96 countries, we may transfer your personal information to countries other than your country of residence. When we do so, we ensure appropriate safeguards are in place:
- Standard Contractual Clauses approved by relevant data protection authorities
- Adequacy decisions for transfers to countries with recognized data protection standards
- Binding Corporate Rules for intra-organizational transfers
- Your explicit consent for specific transfers where required
Your Privacy Rights
Depending on your location, you may have the following rights regarding your personal information:
- Access: Request a copy of the personal data we hold about you
- Rectification: Request correction of inaccurate or incomplete data
- Erasure: Request deletion of your personal data under certain circumstances
- Portability: Receive your data in a structured, machine-readable format
- Restriction: Request limitation of processing under specific conditions
- Objection: Object to processing based on legitimate interests or for direct marketing
- Withdraw Consent: Withdraw previously given consent at any time
To exercise these rights, please contact our Privacy Team using the information provided below. We will respond to your request within 30 days.
Children's Privacy
Our services are primarily designed for educational professionals, higher education students, and adult learners. We do not knowingly collect personal information from children under 16 years of age without verifiable parental consent.
If we become aware that we have collected personal information from a child under 16 without appropriate consent, we will take steps to delete that information promptly. If you believe we may have collected information from a child, please contact us immediately.
Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will:
- Update the "Last Updated" date at the top of this policy
- Notify registered users via email for significant changes
- Post a prominent notice on our website
We encourage you to review this policy periodically to stay informed about how we protect your information.
Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our Privacy Team:
Privacy & Data Protection Team
We're here to help with any privacy-related questions or concerns.