Privacy Policy for ESAMTAC Virtual Lab
This policy applies to the ESAMTAC Virtual Lab on all supported platforms, including the Desktop application (Windows) and the Virtual Reality application (Meta Quest). The ESAMTAC Virtual Lab is developed and maintained by ProtoGen, Inc.
1. The "Zero-Storage" Principle ESAMTAC Virtual Lab is a standalone training application that works in tandem with the ESAMTAC Online course but does not maintain its own database of users. We do not "collect" your personal information in the traditional sense; instead, we process it temporarily in volatile memory (RAM) to facilitate your training session. Once processing is complete, this data is discarded — it is never written to disk or transmitted to any system other than your official course platform.
2. Authentication & Verification To ensure only authorized trainees access the ESAMTAC modules, the app performs a secure "handshake" with your primary learning platform:
- The Source: We use an API connection to the Moodle Learning Management System (hosted on Amazon EC2), which serves as the backend for the ESAMTAC Online course.
- The Data: When you launch the lab, you are prompted to enter your email address. This email is then checked against the ESAMTAC Online course enrollment records via the Moodle API, along with a unique, single-use enrollment token generated by Moodle. This token is not your password and cannot be used to access any other system.
- The Use: This information is used strictly to confirm your enrollment status. It is compared in real-time, held only in volatile memory during verification, and discarded immediately upon completion. No authentication data is stored within the ESAMTAC Virtual Lab's internal systems.
3. Progress Reporting As you complete specific stations or milestones within the ESAMTAC Virtual Lab, the application communicates directly with your Moodle course.
- What is shared: Only your progress status (e.g., "Module 4: Completed") is transmitted back to the Moodle server.
- Purpose: This ensures your certification records and gradebook are updated accurately within your official course of record. All progress data is managed entirely within Moodle — no separate data store is used by the ESAMTAC Virtual Lab.
4. Local Session Management To ensure you can remain logged in and maintain your progress during a single session, the app utilizes a local save state (similar to a "save game" file) on your device.
- This data stays on your device and is never transmitted to ESAMTAC, ProtoGen, or any external server.
- It is used solely to manage your active session so you don't have to re-verify your enrollment token every time you move between lab stations.
- On the Desktop version, this save state is stored in the application's local data directory. On the VR version, it is stored in the Meta Quest's app-local storage sandbox.
- This local save state is cleared automatically upon logout. In the event of an abnormal exit (e.g., a crash or power loss), any residual session data is cleared upon the next application launch.
5. VR-Specific Disclosures (Meta Quest) The VR version of ESAMTAC Virtual Lab runs on Meta Quest hardware. Please be aware of the following:
- Platform Telemetry: Meta may collect device-level telemetry (such as headset usage duration and system performance metrics) at the operating-system level. This data collection is governed by Meta's own Privacy Policy and is outside the control of ESAMTAC or ProtoGen, Inc. We do not have access to this telemetry.
- Sensor Data: While the Meta Quest uses cameras, spatial sensors, and hand-tracking technology to operate, the ESAMTAC Virtual Lab does not record, store, or transmit any environmental, spatial, or biometric data captured by the headset's sensors. Any sensor data used during your session is processed locally by the Meta Quest operating system and is not accessed by our application beyond standard VR input (controller and hand-tracking interactions).
6. Infrastructure and Security
- AWS EC2 Connectivity: While the lab app is standalone, it communicates with the Moodle environment hosted on Amazon EC2. All data in transit between the lab and Moodle is secured using industry-standard TLS 1.2+ encryption.
- No Third-Party Tracking: We do not use advertising cookies, analytics trackers, or third-party profiling tools on any platform. Your technical performance within the lab remains confidential between you and your training provider.
- Incident Response: Although ESAMTAC Virtual Lab does not store user data, in the unlikely event that a security incident affects the data-in-transit window between the lab and the Moodle server, affected users will be notified through their ESAMTAC Online course within 72 hours of discovery.
- Governing Law: This policy is governed by the laws of the United States. Users in states with specific privacy statutes (such as the California Consumer Privacy Act) retain any rights afforded to them under applicable state law.
7. Age Restrictions The ESAMTAC Virtual Lab is intended for use by authorized trainees enrolled in the ESAMTAC Online course. It is not directed at children under the age of 13, and we do not knowingly process information from children under 13. If you believe a child under 13 has accessed the application, please contact us immediately.
8. Your Data Rights Because ESAMTAC Virtual Lab does not store a user database, we do not maintain "user accounts" to delete or modify. Your official student records are held within the Moodle LMS. For any requests regarding data access, rectification, or deletion, please contact your ESAMTAC course administrator or reach our privacy team directly at contact@protogen.com.
9. Changes to This Policy We may update this Privacy Policy from time to time. Material changes will be communicated through the ESAMTAC Online course and reflected in the "Last Updated" date above. Continued use of the ESAMTAC Virtual Lab after changes are posted constitutes acceptance of the revised policy.