Privacy Policy | ELPIS

Privacy Protection Policy

We apply a data-minimization approach to our operations. Our internal process is designed to reduce unnecessary collection, limit temporary retention, and use technical and organizational safeguards to protect communications and operational records.

We do more than make promises

We protect your privacy through advanced technology and carefully designed systems.

Minimal collection We aim not to collect identity-related information unless necessary.
Temporary retention Contact details and communication records are kept only as needed for operations.
Post-service deletion Temporary records are intended to be removed after the service lifecycle ends.
Contents
1. Information We Do Not Intend to Collect 2. Secure Data Storage and Transmission 3. Transmission & Infrastructure Safeguards 4. Data Deletion After Service Completion 5. UUID-Based Warranty Support 6. References
1

Information We Do Not Intend to Collect

We avoid collecting “test-taker identity” information during the service process. This approach is part of our broader privacy and data-minimization framework.

This may include, without limitation:

  • Identification documents
  • Exam registration information with ETS or other agencies
  • Registration account credentials
  • University application details
  • Other comparable categories of highly sensitive personal information
2

Secure Data Storage and Transmission

Protected by Secure Swedish Server Infrastructure

Regarding network transmission, ELPIS's backbone servers are hosted in Sweden. Regardless of the method clients use to connect, any data exchanged between the client's terminal and ELPIS's backbone servers is protected by the EU's General Data Protection Regulation (GDPR) [1], which legally prohibits any individual, enterprise, organization, or government from accessing the data of communicating parties.

Sweden, one of the world's foremost advocates for personal privacy, provides an additional layer of protection beyond the GDPR. The country has implemented the Data Protection Act (2018:218) [2] and the Data Protection Ordinance (2018:219) [3] as complementary legislation to the GDPR. As a result, any interception of data packets sent to Sweden is strictly prohibited by law. The anonymity of both our clients and ourselves remains fully protected.

3

Transmission & Infrastructure Safeguards

ELPIS's robust infrastructure leverages a multi-hop, Tor-like network architecture [4], ensuring that all data packets remain fully anonymous and heavily encrypted—even when traversing public internet routers. Consequently, even in extreme scenarios—such as comprehensive monitoring of local inbound and outbound traffic, a third-party compromise of your router, or a key leakage on a non-TPM-equipped device—any intercepted communication between you and ELPIS remains secured by AES-256 ciphertext [5]. This level of protection ensures that transmitted data cannot be deciphered by any organization, commercial entity, or government agency.

4

Data Deletion After Service Completion

Upon service completion, ELPIS permanently erases all temporary client contact information (including Telegram, WhatsApp, and WeChat), communication logs, and residual data. On the client side, the shred command [6] is executed to overwrite data with a pass of zeros followed by five passes of random data, ensuring it remains unrecoverable.

On the ELPIS infrastructure, Tails [7] serves as the operating system for temporary data storage; all information is automatically destroyed upon system shutdown. For every operational session, ELPIS assigns a temporary Tails instance to each operator, which is fully decommissioned and its resources reclaimed immediately after use.

UUID-Based Warranty Support

Given these rigorous privacy protocols and data-erasure mechanisms—where all client information, including contact details, is permanently deleted—how does ELPIS maintain quality assurance?

ELPIS issues a UUID (Universally Unique Identifier) to the client. In our database, this UUID is stored exclusively with its corresponding service date; a query will only confirm that "a session with UUID XXXX occurred on [Date]."

Regardless of the communication channel used—whether Xiaohongshu, Telegram, Signal, or WeChat—we provide after-sales support solely upon the presentation of a valid UUID.

Please note the following security constraints:

  • Loss of UUID: If a client loses their UUID, ELPIS cannot retrieve any records or provide further assistance.
  • Unauthorized Disclosure: If a UUID is disclosed to others, any holder may impersonate the client to claim services.

    • Since the UUID is our only means of authentication, it is the client's sole responsibility to ensure it is kept secure and confidential.

7

References

  • [1] European Union. Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR).
  • [2] Government of Sweden. Act containing supplementary provisions to the EU General Data Protection Regulation (SFS 2018:218).
  • [3] Government of Sweden. Data Protection Ordinance (SFS 2018:219).
  • [4] Tor Project. Overview.
  • [5] National Institute of Standards and Technology. FIPS 197: Advanced Encryption Standard (AES).
  • [6] GNU Coreutils Manual. shred: Remove files more securely.
  • [7] The Tails Project. Tails OS.