This policy explains how Proctor (“we”, “us”) processes personal data on behalf of our customers (universities, certification bodies, and employers — the “Controllers”) and the candidates whose remote examinations our SDK observes.
Data we collect
When a candidate runs the preflight wizard or sits a proctored session, the SDK captures: device + browser metadata, webcam still images, a single ArcFace embedding of the candidate's face for identity continuity, optional continuous webcam + screen recordings, microphone audio when explicitly enabled, and a structured event stream describing browser focus, clipboard activity, and similar integrity signals. Each event is tagged with a per-device fingerprint hash so a reviewer can attribute it to the right device in multi-device sessions.
Legal basis
We process personal data as a Processor on behalf of the Controller. The Controller establishes the lawful basis under Article 6 of the UK GDPR and EU GDPR (typically performance of a contract with the candidate or legitimate interest in maintaining examination integrity). Special-category data (biometric template, face image) is processed under Article 9(2)(g) (substantial public interest in fair assessment) when the Controller relies on that basis, or with explicit consent otherwise.
Retention
The default retention window is 90 days from session start, after which all session media + events are purged by an automated sweeper. Controllers can shorten this in their organisation settings; longer retention requires a written agreement.
Sub-processors
We use a short list of sub-processors (cloud hosting, object storage, transactional email, error tracking) under written data processing agreements. The current list is maintained in our Data Processing Addendum, available on request.
Your rights
Candidates may request access, rectification, erasure, or export of their data by contacting the Controller for the relevant examination. We support the Controller in fulfilling these requests; we cannot fulfil them directly because we do not control the underlying purpose of processing.
Contact
Questions about this policy or our processing practices can be directed to privacy@example.com.
Draft text pending counsel review. This page is operational documentation — it is not yet legal advice and should not be copied into a production tenancy without a lawyer's sign-off.