Privacy Policy
protoquiz.com). The standalone consumer iOS application is covered by a separate consumer privacy policy. This Policy is a disclosure of our practices; the contractual relationship between Customer and ProtoQuiz is governed by the MSA or B2B Terms of Service.
1. Information We Collect
Account & Authentication Information
When you sign in via Google OAuth, we receive: your email address, display name, profile photo URL, and a unique Google user identifier. We do not receive or store your Google password.
Organization & Role Information
For each user, we store the organization identifier (e.g., highland), assigned role (user, supervisor, training officer, admin, developer), certification level (e.g., EMT, Paramedic), and access status (pending, approved, rejected).
Usage & Performance Data
Quiz attempts, scenario responses, leaderboard scores, flashcard progress, page visits, and time spent in various parts of the Platform. This data is tagged with your organization identifier and user identifier to enable per-org leaderboards and analytics.
Technical Data
Browser type, device type, IP address (recorded transiently for security and abuse prevention; not used for tracking across sites), and crash/error reports. Page-view pings and error reports are sent to our observability backend (api.protoquiz.com) and may include a session identifier, the visited URL, browser user agent, and the organization identifier.
Customer-Uploaded Content
Protocol PDFs, quiz templates, and other content uploaded by an Organization's administrators. We treat this content as the property of the uploading Organization and use it only to provide the Platform to that Organization.
What We Do NOT Collect
- Patient information. ProtoQuiz is a training tool, not a clinical documentation system. Do not upload patient charts, protected health information (PHI), or any patient-identifying clinical data.
- Payment card data. Billing is handled by Stripe; we never see your card or bank account numbers.
- Location. We do not collect GPS or precise location data.
- Microphone, camera, or contacts. The Platform does not request these permissions.
2. How We Use Information
We use the information we collect to:
- provide, maintain, and improve the Platform;
- authenticate users and enforce organization-scoped access controls;
- generate per-user and per-organization analytics, leaderboards, and compliance reports;
- diagnose errors, prevent abuse, and ensure platform security;
- communicate with you about service updates, billing, and support;
- comply with legal obligations and respond to lawful requests.
We do not use your data to train external AI models, sell your data to third parties, or display third-party advertising in the Platform.
AI processing of protocol content. The Platform uses third-party large-language-model ("LLM") services — currently Google AI (Gemini) — to generate quiz questions, scenario branches, drug-comparison summaries, and similar study content from Customer-uploaded protocol PDFs. Protocol content is sent to the LLM provider only for the purpose of generating that content, under provider terms that prohibit training the provider's models on Customer Content (Google AI / Vertex AI no-training contract). Generated content is stored under the Customer's Organization. We do not send User personal information (email, name, photo) to the LLM provider as part of content generation.
4. Subprocessors
We rely on the following trusted subprocessors to deliver the Platform:
- Google Cloud / Firebase
- Authentication (OAuth), database (Firestore), file hosting, and web hosting. Region: United States. Purpose: storing user accounts, quiz attempts, organization data, and Customer Content.
- Vercel, Inc.
- Backend API hosting (
api.protoquiz.com) and billing infrastructure (billing.protoquiz.com). Region: United States. Purpose: serving requests, processing webhooks, and routing observability telemetry. - Cloudflare, Inc.
- DNS, email routing for
*@protoquiz.comaddresses, and edge protection. Region: Global edge network. - Stripe, Inc.
- Payment processing, invoicing, and ACH bank-transfer collection. Region: United States. Purpose: handling fees from Organizations. Stripe is PCI-DSS Level 1 certified.
- Brevo (Sendinblue)
- Transactional email delivery (invoices, password reset, system notifications). Region: European Union with US data residency option.
- Discord, Inc.
- Internal operational alerts sent via webhook from our backend. Discord receives summarized event data (e.g., "new sign-up at south-metro"); user-identifying information is minimized.
- Google AI / Vertex AI (Gemini)
- Large-language-model content generation: quiz questions, scenario branches, drug-comparison summaries, and related study content derived from Customer-uploaded protocols. Region: United States. No-training contract: Google does not train its foundation models on Customer Content submitted through these APIs.
- Documenso, Inc.
- Contract e-signature workflow for Master Services Agreement and Order Form execution. Processes the signing party's name, email address, and applied signature image. Region: United States.
An up-to-date list of subprocessors is maintained at this URL. We will notify Customers of new subprocessors at least thirty (30) days before they begin processing Customer data, except in emergencies where a substitution is necessary to maintain service continuity.
5. Data Retention
We retain user account data and quiz history for as long as the Organization maintains an active subscription. After an Organization's subscription ends, we retain Customer Content for up to ninety (90) days to allow export, after which it may be deleted from production systems.
Aggregated, de-identified analytics may be retained indefinitely. Backup snapshots may persist for up to thirty (30) days after deletion before being purged from backup storage.
You may request earlier deletion by emailing [email protected], subject to our legal obligations to retain certain records (e.g., financial records for tax purposes).
6. Security
We implement administrative, technical, and physical safeguards designed to protect user information, including:
- Encryption in transit (TLS 1.2+) for all connections to the Platform;
- Encryption at rest provided by Google Cloud and Vercel for all stored data;
- Organization-scoped Firestore security rules that prevent cross-tenant data access;
- Role-based access controls within Organizations;
- Strict access controls on production systems for ProtoQuiz personnel;
- Automated error monitoring and security alerting.
No system is perfectly secure. If you discover a security vulnerability, please email [email protected] and we will respond promptly.
7. Your Rights & Choices
Depending on your jurisdiction, you may have the following rights regarding your personal information:
- Access: Request a copy of the personal information we hold about you.
- Correction: Ask us to correct inaccurate information.
- Deletion: Ask us to delete your information, subject to legal retention requirements.
- Portability: Receive your data in a machine-readable format.
- Opt-out: Of marketing communications (transactional emails like invoices and security alerts cannot be opted out of without canceling the subscription).
To exercise these rights, contact [email protected]. We will respond within thirty (30) days. For Users associated with an Organization, requests may need to be coordinated with your Organization's administrator since they control access to the tenant.
8. HIPAA & Clinical Data
If you believe PHI has been inadvertently uploaded to the Platform, contact [email protected] immediately so we can assist with removal. We may also scan or sample uploaded content for indicators of PHI and may reject, quarantine, or remove such uploads and notify the uploading administrator.
9. Children's Privacy
The Platform is intended for use by licensed or aspiring emergency medical professionals and is not directed to children under 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected such information, we will delete it promptly.
10. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be posted at protoquiz.com/b2b/privacy with an updated effective date and, for active Customers, notice will be sent to the billing contact email at least thirty (30) days before the changes take effect.
11. Contact
Privacy questions, data requests, and security disclosures should be directed to:
Teach Me to Live LLC, d/b/a ProtoQuiz
Attn: Privacy
1500 N Grant St #10764, Denver, CO 80203
Email: [email protected]
Legal: [email protected]