Privacy Policy

This Privacy Policy (“Policy”) describes how Kernex LLC (“Kernex,” “we,” “us,” or “our”), a limited liability company organized under the laws of the State of Michigan with a principal place of business at 325 E. Grand River Avenue, Suite 345, East Lansing, Michigan 48823, collects, uses, discloses, and safeguards personal information in connection with our software-as-a-service platform, websites, and related services (collectively, the “Services”), including without limitation our browser-based integrated development environment (“KernexLab” or “IDE”), automated grading and feedback systems (“KGrader”), academic integrity and plagiarism detection tools (“KernexCheck”), and collaborative help-room and learning management system–integrated features (“HelpRoom” or “Kernex Helproom”). This Policy applies to visitors to our websites (including kernex.org and related domains), to end users of the Services (including students, instructors, teaching assistants, and administrators) whose access is provided or authorized by an educational institution (“Institution”), and to any other natural person whose personal data we process in the course of providing the Services. Where we decide why and how your data is processed, we act as the data controller; for privacy-related requests or questions, use the contact details in Section 11. By accessing or using the Services, you acknowledge that you have read and understood this Policy. If you do not agree with this Policy, you must not access or use the Services. We may change this Policy from time to time; the “Last updated” date reflects the latest version.

1. Information We Collect

We collect information that you provide directly, that we obtain automatically through your use of the Services, and that we receive from Institutions or third-party identity or learning management system (“LMS”) providers.

1.1 Information You Provide. When you register for an account, sign in (including via single sign-on or LMS integration), contact support, or otherwise interact with the Services, we may collect: (a) name and contact information (e.g., email address); (b) institutional affiliation, course, and role (e.g., student, instructor, administrator); (c) identifiers from your learning management system or virtual learning environment (e.g., LTI or course IDs), including where needed to provision access or pass grades back to your LMS; (d) credentials used for authentication; and (e) any other information you voluntarily provide in communications or submissions.

1.2 Information Collected Automatically. When you use the Services, we and our service providers may automatically collect: (a) device and browser information (e.g., type, version, language); (b) IP address and general geographic location; (c) log data (e.g., access times, pages or features used, referring URLs); (d) usage and interaction data (e.g., actions within the IDE, grading workflows, feature usage patterns); and (e) cookies and similar technologies as described in Section 6. We use this data to operate, secure, and improve the Services, to generate aggregated and anonymized analytics, and to comply with our contractual and legal obligations. Our platform may also collect anonymized or pseudonymized telemetry and execution metrics (“Telemetry Data”) to support performance optimization, reliability, and product development; such data is designed to avoid identification of individual users where feasible.

1.3 Code, Submissions, and Academic Data. The Services process code submissions, assignment responses, grading results (including scores and feedback), rubric and assessment configurations, and related academic records (“Academic Data”) as necessary to provide grading, feedback, and academic integrity functionality. Academic Data may be linked to your account and to your Institution’s courses. You keep ownership of the code and content you create; we process it only as needed to run and improve the Services. We may retain and process this data in accordance with our agreements with Institutions, this Policy, and applicable law, including for the purpose of operating and improving our grading and integrity systems (e.g., rubric-aware grading engines, plagiarism detection indices).

1.4 HelpRoom and Collaboration Data. When you use Kernex HelpRoom or similar collaborative features, we may collect and process metadata and logs regarding collaboration sessions (e.g., participants, timing, and interaction flows). This data may be anonymized or aggregated for product improvement and integrity-related analysis, in accordance with our agreements with Institutions and this Policy.

1.5 Information from Institutions and Third Parties. We may receive information about you from your Institution (e.g., course enrollments, roles) or from third-party identity or LMS providers (e.g., LTI or single sign-on) to provision access, sync grades, and support the Services.

2. How We Use Your Information

We use the information we collect to: (a) provide, operate, maintain, and improve the Services; (b) authenticate users and manage accounts; (c) deliver grading, feedback, and academic integrity features, including passing grades and outcomes back to your institution’s learning management system where configured; (d) communicate with you and with Institutions about the Services (e.g., support, security, product updates); (e) comply with legal obligations and our agreements with Institutions; (f) protect the security and integrity of the Services and our systems; (g) develop and improve our products (including via aggregated and anonymized analytics); and (h) as otherwise described at the time of collection or with your consent. We do not use personal information for advertising or marketing unrelated to the Services without your consent. Our processing is based on our contract with you or your institution, our legitimate interests where the law allows, or your consent, as applicable. Some of the information we collect is necessary to provide the Services; if you do not provide it, we may not be able to offer you the Services.

3. Disclosure of Information

We may disclose personal information: (a) to your Institution and to authorized administrators, instructors, or teaching assistants in connection with the provision of the Services and in accordance with our contract with the Institution; (b) to service providers and processors that assist us in hosting, analytics, support, and other operational functions—we use written agreements with these processors that set out the purpose, scope, duration, retention, and security of the processing; (c) to comply with applicable law, regulation, legal process, or governmental request; (d) to enforce our terms and policies, protect our rights or the rights of others, and ensure safety; and (e) in connection with a merger, sale, or other transfer of assets, subject to the same privacy commitments. We do not sell personal information to third parties for monetary or other valuable consideration.

4. Data Retention

We retain personal information for as long as necessary to fulfill the purposes described in this Policy, to comply with our legal and contractual obligations (including agreements with Institutions), and to resolve disputes and enforce our agreements. Retention periods may vary based on the type of data, the nature of the Services, and applicable law. When data is no longer required, we will delete or anonymize it in accordance with our internal policies and applicable law.

5. Security

We implement administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, alteration, disclosure, or destruction. Access to personal data is limited to personnel who need it for their job function. Our measures include access controls, encryption where appropriate, secure development practices, and regular review of our security posture. No method of transmission over the Internet or electronic storage is completely secure; we cannot guarantee absolute security but we strive to protect your information in line with industry standards and our obligations to Institutions.

6. Cookies and Similar Technologies

We and our service providers may use cookies, local storage, and similar technologies to maintain sessions, remember preferences, analyze usage, and secure the Services. You may be able to control certain cookies through your browser settings; disabling some cookies may affect the functionality of the Services.

7. Your Rights and Choices

Depending on your jurisdiction and the role of your Institution, you may have the right to: access your personal information; correct inaccuracies; request deletion or restriction of processing; request data portability; object to certain processing; and withdraw consent where processing is consent-based. To exercise these rights, contact us at support@kernex.org. We may need to verify your identity before we can process certain requests. For accounts managed by an Institution, we may coordinate with the Institution to fulfill requests where appropriate. You may also have the right to lodge a complaint with a data protection or privacy supervisory authority in your jurisdiction. Residents of certain U.S. states may have additional rights under state law; we will honor those rights where applicable.

8. Children’s Privacy

The Services are intended for use by or through educational institutions and are not directed to children under 13 (or other minimum age in their jurisdiction). We do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us at support@kernex.org and we will take steps to delete it.

9. International Transfers

Your information may be processed in the United States or in other countries where our service providers operate. By using the Services, you consent to the transfer of your information to countries that may have different data protection laws. Where required, we implement appropriate safeguards (e.g., standard contractual clauses) for such transfers.

10. Changes to This Policy

We may update this Policy from time to time. We will post the revised Policy on this page and update the “Last updated” date. Material changes may be communicated via the Services or by email where appropriate. Your continued use of the Services after the effective date of changes constitutes acceptance of the updated Policy.

11. Contact Us

For questions about this Policy or our privacy practices, or to submit a request regarding your personal information, contact us at: Kernex LLC, 325 E. Grand River Avenue, Suite 345, East Lansing, Michigan 48823; email: support@kernex.org; website: kernex.org. If you are not satisfied with how we handle your request, you may have the right to lodge a complaint with your local data protection or privacy authority.