This Data Processing Addendum (“DPA”) supplements the master agreement between Proctor (“Processor”) and the customer organisation (“Controller”) and reflects the parties' agreement on the processing of personal data in connection with the Service. Capitalised terms not defined here carry the meaning given in the UK GDPR and EU GDPR.
Subject matter + duration
Processor will process personal data for the duration of the Service for the purpose of delivering remote-proctoring + identity continuity functionality on the Controller's behalf.
Nature + purpose
Processing involves collection of candidate device + browser metadata, capture of webcam still images and (where enabled) continuous webcam + screen video, computation of an ArcFace embedding for identity continuity, capture of integrity-event streams, and storage of the resulting artefacts in the dashboard for review by the Controller's proctors.
Data categories + subjects
Personal data: name, email, candidate external identifier, IP address, browser fingerprint, face image, biometric template. Data subjects: candidates sitting examinations administered by the Controller, plus the Controller's own staff who log into the dashboard.
Processor obligations
Processor will: (a) process personal data only on documented instructions from the Controller; (b) ensure that personnel authorised to process the data are bound by confidentiality; (c) implement appropriate technical + organisational measures described in Annex A; (d) assist the Controller in responding to data-subject requests; (e) notify the Controller without undue delay on becoming aware of a personal data breach.
Sub-processors
Processor maintains a list of sub-processors and will provide 30 days' prior notice of any addition. The Controller may object on reasonable grounds; the parties will negotiate in good faith to resolve any such objection.
International transfers
Where personal data is transferred outside the UK or EEA, Processor relies on the UK International Data Transfer Addendum to the EU Standard Contractual Clauses where required.
Deletion + return
On termination, Processor will delete or return the personal data within 60 days as instructed by the Controller, except where retention is required by law.
Draft text pending counsel review. Annex A (technical + organisational measures) and Annex B (current sub-processor list) are issued separately on request.