MonitorExam

Trust & Compliance Center

MonitorExam is built on trust. Access our complete security, privacy, and compliance documentation.

Privacy PolicySecurity

Built on Trust

AI-Assisted Human Review

AI detects anomalies, but humans make final decisions on exam integrity

Enterprise Security

TLS encryption, secure infrastructure, audit logging, and access controls

Privacy by Design

Minimal data collection, institutional control, and transparent processing

Compliance Ready

GDPR principles, OWASP controls, and ISO 27001-aligned practices

Compliance Resources

Security & Infrastructure

Security Whitepaper

Comprehensive security architecture, infrastructure controls, and implementation details.

Read more

Incident Response Policy

Our procedures for detecting, managing, and responding to security incidents.

Read more

Privacy & Data

Privacy Policy

How we collect, use, and protect personal information and examination data.

Read more

Data Processing Agreement

Controller and processor roles, data categories, and processing safeguards.

Read more

Data Retention Policy

Retention schedules by data type and institutional configuration options.

Read more

AI & Transparency

AI Usage Policy

AI capabilities, human oversight, transparency mechanisms, and responsible use guidelines.

Read more

Compliance

Subprocessor List

Complete listing of third-party vendors, their purposes, and data access.

Read more

Frequently Asked Questions

How does MonitorExam protect candidate privacy?

We implement encryption in transit and at rest, role-based access controls, audit logging, and institutional data retention controls. Candidates consent to monitoring before exams begin.

Is my data safe with MonitorExam?

Yes. We use enterprise-grade cloud infrastructure with segmented environments, redundancy, DDoS mitigation, and continuous security monitoring. Our incident response policy ensures rapid detection and remediation.

What third-party vendors does MonitorExam use?

We work with trusted providers like AWS for hosting, Cloudflare for CDN security, and specialized AI providers. All subprocessors are vetted and listed at monitorexam.com/subprocessors.

Does MonitorExam make automated disciplinary decisions?

No. AI systems generate alerts to assist human reviewers, but MonitorExam never autonomously fails candidates or applies disciplinary actions. Institutions control final decisions.

How long do you retain examination data?

Retention periods are configurable by institution based on your requirements and applicable law. Backup systems follow our infrastructure retention schedules.

Is MonitorExam compliant with GDPR and other regulations?

We operate with GDPR principles, OWASP guidance, and ISO 27001-aligned controls. We support international data transfers with contractual safeguards and are working toward formal certifications.

Security or Compliance Questions?

Our security and compliance team is ready to help. Reach out with any questions about our practices, certifications, or requirements.

Security Concerns

security@monitorexam.com

Compliance & Privacy

privacy@monitorexam.com