We take the privacy of your information very seriously.
ScanMyEssay is a website belonging to All Answers Limited, a UK registered company (No. 4964706) and registered data controller (No. Z1821391). We can be contacted using the details given at the bottom of this page.
What we do with your data
We will never sell your personal data for any reason, though sometimes it will be necessary to transfer your data to a third party to be processed. Your data is processed for certain specific reasons:
When you create an account with us, we collect your username and password so that you can log in to our website. We also gather your name and email address for billing purposes and so that we can contact you with important information about your account.
When using our free scanning service, you should not upload any files which contain personal data. If we become aware of any such files, they will be removed immediately.
In order to establish the facts in case of a legal dispute, we archive anything that might be relevant to the negotiation or performance of a contract (for example, records of payments you have made). Access to this archived data is strictly controlled so that only a few privileged employees can see it, and it is only ever used for the specific purpose of supporting a legal case. Some of this data may be shared with our legal counsel in the unlikely event of a dispute.
By law, you have a number of rights available to you when you give us your personal data. You can ask for access to any of your personal data that we hold, you can ask us to correct any inaccuracies in your personal data, you can ask us to delete your personal data where there is no longer any good reason for us to have it, you can object to the processing of your data in some cases and, where you have given consent, you are able to withdraw that consent at any time. Under certain circumstances, such as if the data is material to legal proceedings, you can also ask us to temporarily stop processing your personal data. Where your data is automatically processed, you can also ask for a copy of your data in a machine-readable format.
If you would like to exercise any of your rights listed above, please send your request to our data protection officer at [email protected] After we have received proof of your identity, we will respond to your request within one calendar month.
If you are not happy with how we have handled your personal data, you have the right to lodge a complaint with the Information Commissioner's Office.
How we keep your data safe
We use a variety of technical and organisational measures to make sure your personal data is stored and transmitted securely. For example, we make diligent use of encryption whenever personal data is being transmitted to a third party and we make regular backups in case the original copy of your data is lost. All of our core database functionality, including most of your personal data, is processed using OVH, who are a cloud computing provider. OVH are certified to be ISO 27001 compliant, which is the gold standard in information security, so you can rest assured that your personal data is secure and protected.
If you communicate with us by email over the Internet, you should be aware that the nature of the Internet is such that unencrypted communication may not be secure and may pass through several different countries on route to us. Please do not email us with confidential or sensitive information such as your credit card details. We cannot accept responsibility for unauthorised access to your information that is outside our control.
Data retention policy
We only hold on to your data for as long as we need it to fulfil one of the purposes it was originally collected for, such as to provide a service, to gather feedback or to comply with a legal obligation. This means that retention policies for your data can differ considerably depending on the context and the way it is used. When deciding on a retention policy for any type of data, we use the following criteria:
- How long is the data needed for? - For example, if you have not logged in to your account for several years, we will remove you from our mailing lists.
- What did we say we would do with the data when we collected it? - If the purpose for which we originally collected the data is no longer relevant, there is no need to keep it.
- Do we have a legal obligation to keep the data? - For example, financial information needs to be kept for a minimum amount of time for tax reasons.
- Does holding the data carry an inherent risk? - In the unlikely event of a data breach, we want to ensure that nothing sensitive is stolen. We will therefore have reduced retention periods for data we consider to be sensitive.
However, in general, we securely archive most of your account data after two years of inactivity (see 'Other' above) and then permanently delete all of your personal data after six years of inactivity.
Transfers to countries outside the EEA
Some of the third parties we use to process your data are based in countries which do not have the same standard of data protection laws that EU citizens enjoy. In these cases, we have made sure there are safeguards in place to protect your rights and interests. For example, Survey Monkey and Mailchimp are both located in the United States, but we have made sure that they both comply with the EU-U.S. Privacy Shield Framework, which guarantees the same level of protection.
If you are 13 or under, you must have permission from a parent or guardian before you give us your personal information. If we find that we have received information from you without the appropriate consent, we reserve the right to cancel all transactions and services and remove all personal data that you have supplied. You will be able to re-submit the information when you have the required permission.
Links to other websites
Google Sign In
- Your name
- Your email address
When signing up, this service will request these details from Google to complete our sign-up form. This creates a new Viper account linked directly to your Google account.
If you have already registered a Viper account, you may connect your existing Google account so that you may sign in directly with Google. We will obtain your email address from Google to check against your Viper account email address and link the two together.
You can remove permission for Viper from your Google account from your Viper account any time you wish. You may disconnect Viper from your Google account within the permissions section of your Google Account. If you disconnect your account, we will retain your name and email address, and your account will revert to traditional login.
Google Drive Access
Viper allows you to access your documents stored via Google Drive. When connecting to Google, we will access, store and share some of your personal information in order to provide our services to you. We only obtain the following data from Google, about you:
- Your name
- Your email address
- Access to your Google Drive
When selecting Google Drive, Viper will request authorisation from Google to access your files in order to submit them to be scanned. By connecting your Google account to Viper, the app will be able to view (read) files within your Google Drive storage and upload a copy of the file to the Viper servers for scanning. You will always be asked to confirm which Google account you want to use when accessing your Drive files, after your account has been paired.
You can remove permission for Viper from your Google account from your Viper account any time you wish. You may disconnect Viper from your Google account within the permissions section of your Google Account. If you disconnect your account, we will retain any documents you submitted to Viper for scanning and revoke access to your Google Drive.