KAMPSTER PRIVACY POLICY

Last Updated: June 1, 2025

1. INTRODUCTION

Kampster Pte. Ltd. ("Kampster," "we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered Learning Management System, including our website at https://kampster.com and related applications (collectively, the "Service").

Please read this Privacy Policy carefully. By accessing or using our Service, you acknowledge that you have read, understood, and agree to the practices described in this document. If you do not agree with our policies and practices, please do not use our Service.

2. CONTROLLER INFORMATION

Data Controller:

Kampster Pte. Ltd.
68 Circular Road, #02-01, 049422, Singapore
Email: legal@kampster.com
UEN: 202523773R

3. DATA WE COLLECT

We collect several types of information from and about users of our Service:

3.1 Personal Data

Personal data refers to any information that identifies or can be used to identify you directly or indirectly. We may collect the following personal data:

Account Information: Name, email address, username, password, profile picture
Contact Information: Address, phone number, country of residence
Payment Information: Credit card details, billing address, payment history (processed by our payment processor)
Educational Information: Learning history, course progress, completion records, assessment scores
Professional Information: Occupation, employer, professional goals (if provided by you)

3.2 Proctoring and Test Data

When you participate in proctored tests or skill assessments, we collect extensive monitoring data to ensure test integrity:

Visual Data: Real-time photographs and video recordings of you during the test
Audio Data: Audio recordings of your test environment
Behavioral Data: Mouse movements, keyboard clicks, keystroke patterns, and timing
Biometric Data: Facial recognition data, eye movement patterns, and behavioral biometrics
Environmental Data: Screenshots of your screen, browser activity, and application usage during tests
Device Data: Camera and microphone access logs, system information

IMPORTANT: This proctoring data collection occurs ONLY during active test sessions and requires your explicit consent before each test. You will be clearly notified when proctoring is active.

3.3 Usage Data

We automatically collect certain information when you access or use our Service:

Interaction Data: Learning activities, content viewed, features used, time spent on platform
AI Interaction Data: Queries submitted to AI tutors, responses received, feedback provided
Device and Connection Information: IP address, browser type, operating system, device information
Log Data: Access times, pages viewed, features used, crashes, system activity
Location Data: General location information derived from IP address

3.4 Authentication Data

We collect data related to account access and security:

Login Data: Email addresses used for OTP (One-Time Password) authentication
Session Data: Login timestamps, device information, session duration
Security Data: Failed login attempts, suspicious activity patterns

3.5 Cookies and Similar Technologies

We use cookies and similar tracking technologies to collect and store information about your interactions with our Service. For more detailed information about our use of cookies, please see our Cookie Policy.

4. HOW WE COLLECT YOUR DATA

We collect data through various methods:

4.1 Direct Collection

Information you provide when creating an account
Information you provide when subscribing to our Service
Profile information you enter in your account settings
Content you submit when using our AI tutoring features
Consent provided before proctored tests
Responses to surveys or feedback forms
Communications with our customer support team

4.2 Automated Collection

Through cookies and similar tracking technologies
Through server logs and analytics tools
Through AI system interactions and feedback mechanisms
Through proctoring software during tests
When you access our Service through different devices

4.3 Third-Party Sources

Payment processors
Authentication services (if you use third-party sign-in options)
Analytics providers

5. HOW WE USE YOUR DATA

We use your personal data for the following purposes:

5.1 Service Provision and Enhancement

To create and manage your Kampster account
To provide and personalize our educational services
To process payments and manage subscriptions
To deliver appropriate educational content based on your learning patterns
To improve and optimize our Service and AI capabilities
To develop new features, products, and services
To send login OTP codes via email

5.2 AI-Specific Processing

To train and improve our AI tutoring systems using anonymized interaction data
To personalize AI responses to your learning needs
To analyze patterns in AI interactions to enhance educational effectiveness
To develop and refine our educational algorithms
To identify and fix potential issues with AI-generated content

5.3 Proctoring and Test Integrity

To verify your identity during proctored tests
To detect and prevent cheating or unauthorized assistance
To analyze behavioral patterns using facial recognition and behavioral analysis tools
To ensure the integrity and validity of test results
To maintain fair testing conditions for all users

5.4 Communications

To send administrative messages about your account or the Service
To provide customer support and respond to inquiries
To send updates about our Service, including feature updates
To send promotional and marketing communications (with your consent obtained at signup)
To send educational recommendations based on your learning patterns
To send email newsletters and reminders (unless you opt-out in account settings)

5.5 Legal and Security Purposes

To verify your identity and prevent fraud
To enforce our Terms of Service
To protect the security and integrity of our Service
To comply with applicable laws and regulations
To respond to legal requests from public authorities
To establish, exercise, or defend legal claims

6. LEGAL BASES FOR PROCESSING

We process your personal data on the following legal bases:

6.1 Performance of Contract

Processing necessary for the performance of our contract with you to provide the Service.

6.2 Legitimate Interests

Processing necessary for our legitimate interests, provided these interests are not overridden by your rights and freedoms. Our legitimate interests include:

Improving and personalizing our Service
Ensuring the security of our platform
Analyzing user behavior to enhance our AI systems
Marketing our services to existing customers
Maintaining test integrity and preventing fraud

6.3 Consent

Processing based on your specific consent, such as:

Sending marketing communications
Using certain types of cookies
Collecting proctoring data during tests
Processing biometric data for test security

6.4 Legal Obligation

Processing necessary to comply with our legal obligations under Singapore law and applicable international laws.

7. DATA SHARING AND RECIPIENTS

We may share your personal data with the following categories of recipients:

7.1 Service Providers

We share information with third parties that help us operate, provide, improve, and market our Service:

Payment processors
Cloud hosting providers (Cloudflare R2 for storage, PlanetScale for databases)
Analytics providers
Customer support tools
Communication services
Marketing and advertising partners

7.2 Legal Authorities

We may disclose your information where required by law, regulation, or legal process.

7.3 Business Transfers

If Kampster is involved in a merger, acquisition, or sale of all or a portion of its assets, your personal data may be transferred as part of that transaction.

7.4 With Your Consent

We may share your information with third parties when you have given us your consent to do so.

7.5 International Transfers

Your personal data may be transferred to, and processed in, countries other than your country of residence. We ensure that any international transfers comply with applicable data protection laws.

EU Data Storage: We primarily store data in the EU region through our cloud providers to serve our predominantly EU user base. As a Singapore company, some data may be accessed from Singapore for operational purposes.

8. DATA RETENTION

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

Account Data: 2 years after account deletion
Learning Progress: 1 year after account deletion
Proctoring Data: 1 year from test completion date
Billing Records: 7 years for tax and audit compliance
Marketing Data: Until you opt-out or 2 years after account deletion
AI Training Data: Indefinitely in anonymized and aggregated form

When determining retention periods, we consider:

The amount, nature, and sensitivity of the personal data
The potential risk of harm from unauthorized use or disclosure
The purposes for which we process the data
Whether we can achieve those purposes through other means
Applicable legal, accounting, or reporting requirements

9. COOKIES AND TRACKING TECHNOLOGIES

9.1 What Are Cookies

Cookies are small text files that are placed on your device when you visit our website. We use cookies and similar technologies to:

Enable core functionality of our Service
Remember your preferences and settings
Authenticate users and prevent fraud
Analyze how our Service is used
Personalize your experience
Measure the effectiveness of our marketing

9.2 Types of Cookies We Use

Essential Cookies: Required for the operation of our Service
Preference Cookies: Allow us to remember your settings and preferences
Analytics Cookies: Help us understand how visitors interact with our Service
Marketing Cookies: Track your browsing habits to enable us to show advertising which is more likely to be of interest to you

9.3 Your Cookie Choices

You can manage cookies through your browser settings. Most browsers allow you to refuse cookies, accept cookies from specific websites, or delete cookies. However, if you disable cookies, some portions of our Service may not function properly.

10. DATA SECURITY

We have implemented appropriate technical and organizational measures to protect your personal data against unauthorized or unlawful processing, accidental loss, destruction, or damage. These measures include:

Encryption of personal data where appropriate
Regular testing of security systems and processes
Access controls and authentication procedures
Staff training on data protection and security
Regular backups of our systems
Secure data centers with physical security measures
Multi-factor authentication for administrative access

While we strive to protect your personal data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data.

11. AI-SPECIFIC DATA PRACTICES

As an AI-powered Learning Management System, we have specific data practices related to our AI technology:

11.1 AI Training and Improvement

We use anonymized and aggregated user interaction data to train and improve our AI systems
We analyze patterns in AI interactions to enhance educational effectiveness
We may review samples of AI interactions to identify and correct issues
Your personal conversations with AI tutors may be used for system improvements in anonymized form

11.2 AI Content Generation and Limitations

Our AI systems generate personalized educational content and responses
AI-generated content is based on your interactions and learning patterns
IMPORTANT DISCLAIMER: You acknowledge that AI-generated content may contain inaccuracies, errors, or misleading information
NO WARRANTY: We provide no warranty regarding the accuracy, completeness, or reliability of AI-generated content
USER RESPONSIBILITY: You must independently verify any important information provided by our AI systems

11.3 AI Data Processing

AI processing occurs both in real-time (for immediate responses) and retrospectively (for system improvements)
Our AI systems do not make automated decisions that have legal or similarly significant effects on you
Proctoring AI analyzes your behavior and biometric data only during active test sessions

12. YOUR DATA PROTECTION RIGHTS

Depending on your location, you may have the following rights regarding your personal data:

12.1 Access

You have the right to request copies of your personal data.

12.2 Rectification

You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.

12.3 Erasure

You have the right to request that we erase your personal data, under certain conditions.

12.4 Restriction of Processing

You have the right to request that we restrict the processing of your personal data, under certain conditions.

12.5 Data Portability

You have the right to request that we transfer the data we have collected to another organization, or directly to you, under certain conditions.

12.6 Objection

You have the right to object to our processing of your personal data, under certain conditions.

12.7 Automated Decision Making and Profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

12.8 Withdraw Consent

If we rely on your consent to process your personal data, you have the right to withdraw that consent at any time.

12.9 How to Exercise Your Rights

To exercise any of these rights, please contact us at legal@kampster.com. We will respond to your request within 30 days. We may need to verify your identity before responding to your request.

13. CHILDREN'S PRIVACY

Our Service is intended for users aged 13 and above. We do not knowingly collect personal data from children under 13. If you are a parent or guardian and believe that your child under 13 has provided us with personal data, please contact us at legal@kampster.com, and we will take steps to delete such information.

For users between 13 and 18 years old, we recommend parental supervision and involvement in the use of our Service.

14. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. The updated policy will be posted on this page with a revised "Last Updated" date.

For material changes to this Privacy Policy, we will notify you through:

A notice on our website
An email to the address associated with your account
A notification when you access our Service

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

15. DATA PROTECTION OFFICER

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

Email: legal@kampster.com
Postal Address: 68 Circular Road, #02-01, 049422, Singapore

16. COMPLAINTS

If you have a complaint about our use of your personal data or response to your requests, you have the right to lodge a complaint with a supervisory authority. In Singapore, the supervisory authority is:

Personal Data Protection Commission Singapore 10 Pasir Panjang Road, #03-01 Mapletree Business City, Singapore 117438 Website: https://www.pdpc.gov.sg/

EU residents may lodge a complaint with their local data protection authority.

17. CONTACT US

For any questions about this Privacy Policy or our data practices, please contact us at:

General Inquiries: help@kampster.com
Legal Matters: legal@kampster.com
Postal Address: 68 Circular Road, #02-01, 049422, Singapore

By using Kampster, you acknowledge that you have read and understood this Privacy Policy.