Respondus Privacy Policy for Non-Products

This Privacy Policy refers to the use of personal data outside of our products. Our Product Privacy Policy and product-specific privacy statements are available in our Privacy Center.

Last Updated: January 9, 2023
Effective Date: February 8, 2023


Respondus cares about your privacy. For this reason, we collect and use personal data only as it is needed to deliver an exceptional experience with a Respondus website, digital interface or in-person interaction (collectively "Services"), regardless of how you access or use them, including through mobile devices.

This privacy policy is intended to describe what personal data we collect, how and why we use your personal data. This policy applies to information collected from visitors to the Respondus website and any other sites that link to this Privacy Policy (collectively, “Site”), or through other interactions with Respondus. It also describes options we provide that let you exercise your rights over your personal data that we process.

To view the privacy information for each Respondus Product and our Technical Support, please visit our Privacy Center.

If at any time you have questions about our privacy practices or any of your rights described below, you may contact us at [email protected].

What is Personal Data?

Personal data is a name, address, telephone number, email address, identification number, online identifier, or other data collected that could directly or indirectly identify you. This is also known as Personal Information or Personally Identifiable Information (PII).

What Personal Data We Collect

We collect certain information so we can provide the best possible experience when you use our Services.

  • Basic personal details, such as your name and job title;
  • Contact data, such as your telephone number, postal or email address, institution name;
  • Event and webinar registration and attendance data, such as information you provide when you register for any of our Services or events.
  • Marketing data, such as information related to your preferences for receiving communication, subscribing to our publications, newsletters and other content.
  • Communications, such as information you provide when you send us an email, request for information or otherwise correspond with us.
  • Demographic data, such as your geographic region, preferences or interests;
  • Website usage and other technical data, such as details of visits to our websites or information collected through cookies or other online tracking technologies; or,
  • Any other personal information. This may include account related information that is collected in association with your use of our Services, such as account number, purchases, when products renew or expire, and information requests, including notes or details explaining what you asked for and how we responded.

How We Obtain Personal Data

We may collect or receive your personal data in a number of different ways:

  • Where you provide it to us directly, for example corresponding with us via email, through direct interactions with us such as completing a form on our website, or interacting with an account manager or other Respondus staff;
  • Where we monitor interactions with our websites, any marketing information we may send you, or other email communications sent from or received by Respondus;
  • Third party sources, for example where we receive information about you from industry event organizers or third-party agencies who have permission to share your personal information.
  • Publicly available sources. We may, for example, use sources such as LinkedIn to help us keep the contact details that we hold for you accurate and up to date;
  • If you participate in contests and surveys, visit our exhibit at a trade show, attend a training webinar, or otherwise participate in activities we promote that might require us to obtain information about you; or,
  • If you create an account or purchase any of our Products.

The provision of personal data collected is, in some instances, a contractual requirement. Lack of this information, for example the Administrator Contact or Authorized Support Person, will delay the availability of the licensed products for your institution’s use. Without providing personal data for inquiries, webinars or similar Services, we may not be able to respond to your request.

Cookies and similar technologies

Cookies and similar tracking technologies store information about your use of a particular website or service and are typically used to make services more convenient and personalized. Most cookies are "session cookies," which are automatically deleted whenever you leave a website (and end the "session"). Some cookies remain on your computer until they expire or you remove them.

We use cookies and similar tracking technologies on our websites (1) to estimate the number of visitors to the site, (2) to measure general traffic patterns, and (3) to improve and customize your user experience with our Services.

Most browsers permit you to set the browser to accept, reject, or notify you of cookie use. However, some parts of our Services may not function properly if your browser is set to reject cookies. For example, the Administrator Area of uses session cookies to allow a user to navigate from one page to the next without having to login again for each page.

For additional information, and to learn how to manage the technologies we utilize, you can refer to our Cookie Notice, which forms part of this Privacy Policy.

How we use your Personal Data

We strongly believe in both minimizing the personal data we collect and limiting its use and purpose to only: (1) that for which we have been given permission, (2) that which is necessary to deliver the Services you purchase or interact with, or (3) as we might be required or permitted for legal compliance or other lawful purposes.

We collect various information relating to your purchase or use and/or interactions with our Services to deliver, improve, update and enhance the Services we provide you. We use this information to:

  • Provide, operate and maintain the Services, including our Administrator Area or to administer webinars and product demonstrations.
  • Process orders for Respondus 4.0 single user licenses.
  • Process requests for the Respondus Test Bank Network.
  • Improve and optimize the operation and performance of our Services (including our websites and digital interfaces).
  • Diagnose problems with and identify any security risks, errors, or needed enhancements to the Services.
  • Detect and prevent fraud and abuse of our Services and systems.
  • Collect aggregate statistics about use of the Services to monitor trends.
  • Facilitate marketing and business development. We seek to understand and analyze how you use our Services and what products and services are most relevant to you. We may use this information to help us define who is most likely to be interested in the products and services we may promote through advertising.
  • Respond to inquiries and comments.
  • Comply with legal or contractual obligations.
  • For any other purposes about which we notify our customers.

Much of the data collected is aggregated or statistical data about how individuals use our Services, but to the extent that non-product data is itself personal data, or is linked or linkable to personal data, we treat it accordingly.

What are Respondus’ “Legitimate Interests?”

Respondus’ legitimate interests are its business needs balanced against the rights and freedoms of all individuals affected by that need. These incorporate considerations of the risks present in our processing, your likely response to those risks, and what benefits you are likely to receive from our processing.

Personal data entered during interaction with the Respondus website, such as access to the Administrator Area, is processed for our legitimate interests to administer and perform the Services.

We may process your business contact information for direct marketing purposes, based on our legitimate interest in marketing our products and services. For example, we have an interest in making sure our marketing is relevant to you, so we may process your information to send you marketing that is tailored to your interests. This personal data includes information that you provided to Respondus and information provided from third party agencies where you have agreed to such sharing. Our legitimate interests include reviewing the response to our marketing activities, in order to determine the effectiveness of promotional campaigns and advertising.

Our use of cookies is based on our legitimate interest in providing you with the best possible website. Cookie data is processed to analyze how our website is used, both for security and business reasons, using that information to make our service more secure and providing a better user experience. If you object to our processing of cookies for this purpose, refer to our Cookie Notice for instructions on blocking cookies that are not essential for operating the Site.

Our processing of your personal data in response to communications initiated by you is based on our legitimate interest as a business in responding to inquiries or suggestions about our organization and the corresponding benefit you will receive in our response.

How we might share your Personal Data

If you are a California resident, please read our California Resident Privacy Notice here.

We do not sell, rent, or otherwise disclose your personal data to third parties for their marketing and advertising purposes. We may disclose your personal data to partner companies where you have agreed to have that information shared. This disclosure may be required for us to provide you access to our Services, to comply with our legal obligations, to enforce our Terms of Use, to facilitate our marketing activities, or to prevent, detect, mitigate, and investigate fraudulent or illegal activities related to our Services. These companies include, for example, our data hosting provider (AWS), CRM service provider (Salesforce), email service provider (Pardot), and website analytics company (Google Analytics). We minimize the amount of personal data we disclose to what is directly relevant and necessary to accomplish the specified purpose. We do not utilize personal data obtained from product usage for marketing activities, as described in our product privacy policies (found here).

If you use our Services from a country other than the country where our servers are located, your communications with us may result in the transfer of your personal data across international borders. Also, when you call us or initiate contact with a Respondus representative, we may provide you with support from one of our global locations outside your country of origin. In these cases, your personal data is handled according to this Privacy Policy.

We cooperate with government and law enforcement officials and private parties to enforce and comply with the law. We will disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal process (such as subpoena requests), to protect our property and rights or the property and rights of a third party, to protect the safety of the public or any person, or to prevent or stop activity we consider to be illegal or unethical. To the extent we are legally permitted to do so, we will take reasonable steps to notify you in the event that we are required to provide your personal data to third parties as part of a legal process.

Respondus remains responsible for ensuring that third party agents or service providers process your personal data to the standard required by the applicable privacy laws, including the GDPR, unless you direct us to forward it to the third party.

How we might communicate with you

We may contact you directly regarding products or services you have purchased from us, such as may be necessary to deliver transactional or service related communications. We may also contact you regarding products or services when additional information is requested. We may contact you with offers for additional services we think you'll find valuable if you give us consent or where allowed based upon legitimate interests. These contacts may include email, text (SMS) messages, telephone calls, and printed mailings.

Your Data Protection Rights

Under certain circumstances and in accordance with EU, UK or other applicable data protection laws, you may have the following rights:

Your right to be informed – Your right to be informed of how your personal data is collected and used is provided through this policy.

Your right of access - Your right to ask us for copies of your personal data.

Your right to rectification - Your right to ask us to rectify personal data you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.

Your right to erasure – Your right to ask us to erase your personal data in certain circumstances.

Your right to restrict processing – Your right to ask us to restrict the processing of your personal data in certain circumstances.

Your right to object to processing – Your right to object to the processing of your personal data in certain circumstances, and at any time where the processing takes place for the purposes of legitimate interests pursued by us or a third party. Note that the right to object under legitimate interests is absolute for direct marketing, but is not absolute for other processing. We will be allowed to continue to process your personal data if we can demonstrate “compelling legitimate grounds for the processing which override your interests, rights and freedoms” or we need this for the establishment, exercise or defense of legal claims.

Your right to data portability - You have the right to ask that we transfer the personal data you gave us to another organization, or to you, in certain circumstances.

Your right to withdraw consent – You have the right to withdraw previously given consent to process your personal data.

Your right to object to automated processing – You have the right to object to decisions being made with your data solely based on automated decision making or profiling.

You are not required to pay any charge for exercising your rights. If you make a request, we will respond to you as required under the applicable data protection law.

Please note that we may still use any aggregated and/or anonymized personal data that does not identify any individual, and may also retain and use personal data as necessary to comply with our legal obligations.

How Can I Exercise my Data Protection Rights?

To update your subscription preferences or discontinue receiving marketing emails from us, scroll to the bottom of a Respondus email message and select the "Unsubscribe" or "Manage Preferences" link. Follow the instructions from there.

You can also email [email protected] with instructions on your communication preferences; to unsubscribe from promotional and marketing-related email communications, include the word UNSUBSCRIBE in the subject line.

Please note that if you are a current Administrator or Authorized Support Contact for an existing license and you unsubscribe from receiving promotional or marketing communications from us, we will continue to send you transactional or service-related emails.

To exercise your applicable data protection rights, please contact us at [email protected].

How we secure, store and retain your data

At Respondus, we take data security and privacy very seriously. We follow generally accepted security standards to store and protect the personal data we collect, both during transmission and once received and stored, including restricting access to your personal data and the use of encryption where appropriate. We participate in compliance programs that validate our security controls.

Personal data described in this Policy is stored in databases hosted in the USA. We will always protect your personal data in accordance with this Policy whenever it is processed. Respondus does not voluntarily or actively transfer or disclose our customers’ personal data to government or law enforcement authorities. In the event of a request from a government or law enforcement authority, we have procedures and controls in place to make sure that such a request is assessed and challenged to confirm its validity.

We keep your personal data to enable your continued use of the Services, for as long as it is required in order to fulfill the relevant purposes described in this Privacy Policy, as may be required by law (including for tax and accounting purposes), or as otherwise communicated to you. How long we retain specific personal data varies depending on the purpose for its use, and we will delete your personal data in accordance with applicable law.

These might include retention periods:

  • mandated by law, contract or similar obligations applicable to our business operations;
  • for preserving, resolving, defending or enforcing our legal/contractual rights; or
  • as needed to maintain adequate and accurate business and financial records.

Where we process your personal data on the basis of ‘legitimate interests’, we will retain your personal data for so long as the purpose for which it is processed remains active.

Where ‘consent’ is the basis for our lawful processing of your data, we will retain your data so long as both the purpose for which it was collected and your consent are still valid. We will review the status of your consent should the purpose for which the data was collected change and treat non-response to any requests for renewal of consent made by us as if they were your request to withdraw consent. Occasionally, we might identify a legitimate interest in retaining some of your personal data that has been obtained by consent. If we do, we will inform you that we intend to retain it under these conditions and identify the interest specifically.

Whenever possible, information that has been anonymized or aggregated so that it can no longer be used to identify a specific natural person, whether in combination with other information or otherwise will be used.

If you have any questions about the security or retention of your personal data, you can contact us at [email protected].

“Do Not Track” Disclosures

California and Delaware law require Respondus to indicate whether it honors your browser’s “Do Not Track” settings concerning targeted advertising. Respondus adheres to the standards set out in this Policy and does not monitor or respond to Do Not Track browser requests.


We do not knowingly collect or solicit personal information from anyone under the age of 18 via the Site. If you are under 18, please do not attempt to register for the Services or send any personal information about yourself to us. If we learn that we have collected personal data from a child under age 18, we will delete that information as quickly as possible. If you believe that a child under 18 may have provided us their personal data, please contact us at [email protected].

Social Media Platforms

Communication, engagement and actions taken through external social media platforms that this website and its owners participate on are custom to the terms and conditions as well as the privacy policies held with each social media platform respectively. Users are advised to use social media platforms wisely and communicate/engage upon them with due care and caution in regard to their own privacy and personal details. This website nor its owners will ever ask for personal or sensitive information through social media platforms and encourages users wishing to discuss sensitive details to contact them through primary communication channels such as by email. This website may use social sharing links which help share web content directly from web pages to the social media platform in question. Users are advised before using such social sharing links that they do so at their own discretion and note that the social media platform may track and save your request to share a web page respectively through your social media platform account.

Additional Information for Certain Jurisdictions

Please refer to the following links for additional details regarding your privacy rights in the following jurisdictions:

California: California residents have specific rights under the California Consumer Privacy Act (‘CCPA’). For additional information, please refer to the California Resident Privacy Notice, found here.

EU/EEA and UK: If you are a resident of the European Economic Area or the United Kingdom, please refer to the additional information found here.

Changes in our Privacy Policy

We reserve the right to modify this Privacy Policy at any time. If we modify the Privacy Policy, we will post the new version in our Privacy Center. We may include a notice on our home page or any other place that we deem appropriate. If these are material changes, we will may notify you via an email address that you provided. Notification will be made at least thirty (30) days prior to the implementation of the changes.

Contact Us

If you have any questions, concerns or complaints about our Privacy Policy, our practices or our Services, you may contact our Data Privacy Officer by email at [email protected].

If you prefer, you can send correspondence to:

Attn: Privacy Team
8201 164th Ave NE, Suite 200
Redmond, WA 98052

If you are in the European Union or United Kingdom, you may address privacy-related inquiries to our EU / UK representative pursuant to Article 27 GDPR:

Writing to – EDPO at Spaces Rio, Calle Manzanares 4, 28005 Madrid, Spain
Online request form –

Writing to – EDPO UK at 8 Northumberland Avenue, London WC2N 5BY, United Kingdom
Online request form –

We will respond to requests, inquiries or concerns within thirty (30) days, but probably much sooner than that. If you submit a Data Subject Access Request, we will respond according to the applicable data protection law.

You may also lodge a complaint with the data supervisory authority competent for your country or region, if you feel unsatisfied with our treatment of your personal data.

Privacy Policy 010923