CertReady • Practical AI Solutions LLC

Privacy Policy

Effective Date: April 13, 2026

Overview

This Privacy Policy explains how Practical AI Solutions LLC, operating as CertReady (“CertReady,” “we,” “our,” or “us”), collects, uses, and protects information when you use certready.organd our certification training services (the “Service”). It applies to all users of the Service, including students, business accounts, and state regulatory reviewers.

We designed CertReady to collect only the information necessary to deliver the course, issue certificates, and meet the legal reporting requirements of state regulatory agencies. We do not sell your personal information.

Information We Collect

Information you provide

  • Account and profile: first name, middle initial, last name, email address, date of birth, phone number, and mailing address (street, city, state, zip).
  • Language preference: English or Spanish.
  • Course responses: answers to quiz and exam questions, time spent on modules, and completion timestamps.
  • Payment information: processed directly by our payment processor (Stripe). We do not store full card numbers or bank account details on our servers.

Information collected during the proctored final exam

State law requires the final exam to be proctored. When you take the proctored final exam, our proctoring vendor collects and analyzes the following during the exam session only:

  • Webcam video and audio from your device
  • Screen activity (tab switching, application switching, full-screen enforcement)
  • A pre-exam facial photograph for identity verification
  • Random snapshot captures during the session
  • Violation flags (e.g., additional persons visible, voices in the room, attempted tab switches)

This data is used solely to confirm exam integrity. It is stored in US data centers by our proctoring vendor, transmitted over TLS-encrypted connections, and encrypted at rest.

Information collected automatically

  • Device and browser information: browser type and version, operating system, IP address, and general geographic region.
  • Functional cookies and session tokens: used to keep you signed in and to remember your language preference. We do not use advertising or tracking cookies.

How We Use Your Information

  • Deliver the course and track your progress
  • Verify your identity and monitor the proctored final exam
  • Issue and maintain your certificate of completion
  • Report completions to state regulatory agencies as required by law (for example, South Carolina Code §61-3-120)
  • Respond to your questions, support requests, and account-related notifications
  • Detect and prevent fraud, abuse, and violations of our Terms
  • Comply with our legal obligations

We do not use your personal information for advertising, we do not sell it, and we do not share it with third parties for their own marketing purposes.

Who We Share Information With

We share information only with service providers who help us operate the Service and with government agencies as required by law.

  • Supabase — our database, authentication, and storage provider (US-hosted, encrypted).
  • AutoProctor — our primary online proctoring vendor; OctoProctor is identified as a secondary/backup vendor. Proctoring data is stored in US data centers.
  • Stripe — our payment processor. Payment data is sent directly to Stripe; we retain only a transaction reference.
  • ElevenLabs — text-to-speech service used to generate course audio narration. No user personal information is sent.
  • Hosting and content delivery — Vercel (application hosting).
  • State regulatory agencies — certificate completion records are transmitted to the relevant state (e.g., the South Carolina Department of Revenue) as required by law, within the timeframe the agency specifies.
  • Employers with whom you are affiliated — if you are enrolled under an employer account, your completion status and certificate information are visible to that employer’s administrators. Quiz answers and exam responses are not.
  • Law enforcement or regulators — we may disclose information when legally required to do so, such as in response to a valid subpoena, court order, or government investigation.

How Long We Keep Information

State law requires us to retain student training records for at least five (5) years from the date of course completion. Proctoring records and certificate records are subject to the same retention period. Payment records are retained as required by tax and accounting laws.

Information that is not subject to a legal retention requirement is kept only for as long as necessary to provide the Service.

Your Rights

Depending on your state of residence, you may have the following rights regarding your personal information. These rights apply to residents of California (CCPA/CPRA), Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), and other states with similar laws:

  • Right to know what personal information we have collected about you
  • Right to access a copy of that information
  • Right to correct inaccurate information
  • Right to delete personal information, subject to legal retention exceptions (see below)
  • Right to opt out of sale or sharing of personal information (N/A — we do not sell or share for advertising)
  • Right to non-discrimination for exercising your privacy rights
  • Right to limit the use of sensitive personal information

To exercise any of these rights, email us at info@certready.org. We will verify your identity and respond within the timeframe required by applicable law (generally 30–45 days).

Legal retention exception:We cannot delete certificate completion records that state law requires us to keep (for example, the 5-year retention requirement under SC Code §61-3-120). If you request deletion, we will delete information that is not subject to this requirement and explain what we must keep.

Do Not Sell or Share

We do not sell personal information for monetary or other valuable consideration, and we do not share personal information for cross-context behavioral advertising. We honor “Do Not Track” signals where technically feasible.

Security

  • Data transmitted to and from the Service is encrypted with TLS 1.2 or higher.
  • Data stored in our database is encrypted at rest (AES-256).
  • Access to production data is limited to a small number of authorized personnel.
  • Passwords are never stored in plaintext.

No system is perfectly secure. If a data breach affects your information, we will notify you in accordance with applicable state and federal breach-notification laws.

Children

CertReady is intended for adults aged 18 or older. We do not knowingly collect personal information from children under 13, and accounts must affirm age 18+ at signup. If you believe a minor has submitted information to the Service, please contact us and we will delete it.

International Users

CertReady is operated in the United States and is designed for students training in US jurisdictions. If you access the Service from outside the United States, your information will be transferred to and processed in the United States.

Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the Effective Date at the top of this page and, for material changes, we will notify users by email or by a notice on the Service.

Contact Us

Questions, requests, or complaints about this Privacy Policy or our data practices:

Practical AI Solutions LLC (operating as CertReady)
Email: info@certready.org
Website: certready.org

See also our Terms of Service.