• Education
  • Exam Services


Swiss-U.S. Privacy Shield Framework: Active

Original Certification Date: 12/10/2019
Next Certification Due Date: 12/9/2020
Data Collected: NON-HR

EU-U.S. Privacy Shield Framework: Active

Original Certification Date: 12/10/2019
Next Certification Due Date: 12/9/2020
Data Collected: NON-HR

Purpose of Data Collection

Caveon, LLC ("Caveon" or "we" or "our" or "us") collects Personal Data from Customers when they purchase Caveon's products, register with Caveon's website, log-in to their account, complete surveys, request information from us, or otherwise communicate with us. The Personal Data that we collect may vary based on the Customer's interaction with our website and request for services. As a general matter, Caveon collects the following types of Personal Data from its Customers: contact information, including, a contact person's name, work email address, work mailing address, work telephone number, title, and company name. When Customers use our services online, we will collect their IP address and browser type. We may associate IP address and browser type with a specific customer. We also may collect Personal Data from persons who contact us through our website to request additional information; in such a situation, we would collect contact information (as discussed above) and any other information that the person chooses to submit through our website. For certain products, Caveon serves as a service provider to its Customers. In our capacity as a service provider, we will receive, store, and/or process Personal Data owned and/or controlled by our Customers, including information about their employees, clients, customers, agents, examinees or other individuals. In such cases, we are acting as a data processor and will process the Personal Data on behalf of and under the direction of each particular Customer. The information that we collect from our Customers in this capacity is used for managing transactions, reporting, invoicing, renewals, other operations related to providing services to the Customer, and as otherwise requested by the Customer. Caveon uses Personal Data that it collects directly from its Customers and Customers' customers indirectly in its role as a service provider for the following business purposes, without limitation: (1) maintaining and supporting its products, delivering and providing the requested products/services, and complying with its contractual obligations related thereto (including managing transactions, reporting, invoices, renewals, and other operations related to providing services to a Customer); (2) satisfying governmental reporting, tax, and other requirements (e.g., import/export); (3) storing and processing data, including Personal Data, in computer databases and servers located in the United States; (4) verifying identity (e.g., for online access to accounts); (5) as requested by the Customer; (6) for other business-related purposes permitted or required under applicable local law and regulation; and (7) as otherwise required by law. Except as otherwise provided in Caveon’s Privacy Policy or in a contract with a customer, Caveon discloses Personal Data only to Third Parties who reasonably need to know such data. Such recipients must agree to abide by confidentiality obligations. All Third Parties receiving personal information must have a written confidentiality agreement in place between Customer and Third Party and Caveon and Third Party that meets or exceeds Privacy Shield standards. Caveon may provide Personal Data to Third Parties that act as agents, consultants, contractors and Sub-processors to perform tasks on behalf of and under our instructions. Such Third Parties must agree to use such Personal Data only for the purposes for which they have been engaged by Caveon and they must either: (1) comply with the Privacy Shield principles or another mechanism permitted by the applicable European data protection law(s) for transfers and processing of Personal Data; or (2) agree to provide adequate protections for the Personal Data that are no less protective than those in Caveon's Privacy Policy. Caveon also may disclose Personal Data for other purposes or to other Third Parties when a Data Subject has consented to or requested such disclosure.

Privacy Policy

Non-HR Data


Caveon Privacy Policy including Privacy Shield Policy

Effective Date: 11/22/2019

Verification Method


Dispute Resolution

Questions or Complaints?

If you have a question or complaint regarding the covered data, please contact Caveon, LLC at:

Marc Weinstein
Chief Privacy Officer
Caveon, LLC
6905 South 1300 E #468
Midvale, Utah 84047

Privacy Shield organizations must respond within 45 days of receiving a complaint.

If you have not received a timely or satisfactory response from Caveon, LLC to your question or complaint, please contact the independent recourse mechanism listed below


Appropriate statutory body with jurisdiction to investigate any claims against Caveon, LLC regarding possible unfair or deceptive practices and violations of laws or regulations covering privacy Federal Trade Commission