Updated for current platform features

Privacy Policy

Transparent data practices for exams, proctoring, AI-assisted authoring, and coding evaluation.

HTTPS encryption

Disclosed monitoring

Role-based access

Private platform

Information we collect

Account information

When you register or sign in, we collect your name, email address, role (student, educator, or developer), and password hash for email-based accounts. Students may sign in with Google OAuth, in which case we receive your Google profile name and email.

Exam & session data

During exams we store answers (MCQ selections, descriptive text, and code submissions), timestamps, session status, autosave checkpoints, and grading results. Educators can view responses for exams they manage.

Monitoring & integrity logs

When proctoring is enabled, we log session events such as tab switches, window blur/focus, fullscreen exit, inactivity, and violation scores. These logs support fair assessment and educator review — not general browsing surveillance.

Device & technical data

We collect browser type, device capabilities, and connection metadata needed to run exams, request camera/microphone permissions, and execute code in a sandbox. We do not access unrelated files on your device.

Camera, microphone & proctoring

Permission-based access

Before some exams, students may be asked to allow camera and/or microphone access in the browser. This verifies that proctoring hardware is available and may show a local preview during the session.

Deterrent preview (not recording)

SafeExam's deterrent camera shows a live preview in the student's browser to encourage compliance. By default this stream is not uploaded or permanently recorded unless your institution configures additional recording as part of a custom deployment.

What we do not do

We do not monitor personal files, unrelated applications, or browsing outside the exam session. Monitoring is limited to the exam window and events explicitly logged to your session.

AI question generation (educators)

Question Intelligence Engine (QIE)

Educators may use AI-assisted tools to generate MCQ and coding questions. Prompts (subject, difficulty, counts) are sent to configured third-party AI providers (e.g. via OpenRouter). Generated content is stored in our database for review before publishing.

Educator review required

AI-generated questions are drafts. Educators must review, edit, and approve content before it is used in live exams. Do not publish exam content that your institution has not verified.

Optional explanations

MCQ explanations may be generated on demand in a separate step. This reduces bulk token usage and keeps educator control over final wording.

How we use data

Delivering exams

Data is used to authenticate users, run timed sessions, autosave answers, grade submissions (including sandboxed code execution), and produce results for educators.

Academic integrity

Monitoring logs help educators detect suspicious behavior and maintain fair assessments. Institutions decide how to act on flagged sessions.

Product improvement

Aggregated, non-exam usage metrics may help us improve reliability and UX. We do not sell personal exam content to advertisers.

Coding submissions & execution

Sandboxed judging

Student code is transmitted to our backend and run in an isolated execution environment (e.g. Judge0) against test cases. Source code is retained with the exam attempt for grading and educator review.

Retention

Coding submissions follow the same retention rules as other exam responses, subject to your institution's policies.

Security

Encryption & access

Traffic is encrypted in transit (HTTPS/TLS). Passwords are stored hashed. Role-based access limits who can view exams, responses, and monitoring data.

Session security

Exam sessions use server-validated tokens. Critical actions (start, submit, monitoring events) are verified on the backend, not trusted from the browser alone.

Third-party services

Google OAuth

Optional student sign-in via Google. Google shares basic profile fields needed to create your account; we do not receive your Google password or unrelated Google data.

AI providers

When educators use AI generation, prompts are processed by configured model providers (e.g. OpenRouter and underlying model hosts). Review your institution's AI policy before use.

Infrastructure

We use cloud hosting and managed database services to operate the platform. Providers process data under our instructions for storage and delivery.

Data retention

Exam responses

Retained according to institutional needs and exam configuration. Educators and admins may export or delete data per their organization's policy.

Monitoring logs

Session events are retained for integrity review and educator dashboards. Retention periods may be configured by deployment; contact your institution for specifics.

Account deletion

You may request account deletion by contacting support. Some records may be kept where required for academic or legal obligations.

Your rights

Access & correction

You may request a copy of personal data we hold or correction of inaccurate account information via [email protected].

Institutional control

If your institution manages your account, data requests may need to be coordinated with your school or college admin.

Complaints

Contact [email protected] if you believe your data was mishandled. You may also lodge a complaint with your local data protection authority where applicable.

Privacy questions or data requests?

Our team can help with access, correction, or deletion requests.

Last updated: 2026-05-25. Applies to https://safexam.in and affiliated deployments. See also our Terms of Service.

Institutions

Affordable secure exams for your campus

We built SafeExam because our own club couldn't pay enterprise prices. Talk to us about institutional onboarding, custom deployments, or partnership opportunities for your college or organization.

MCQ · Coding · Mixed examsLive monitoring & proctoringAI-assisted question authoring