Socratease, Inc., doing business as AutoProctor
Last Updated: May 19, 2026 (v3.0)
Socratease, Inc., doing business as AutoProctor ("AutoProctor," "we," "us," or "our") respects the privacy of its users ("User," "your," or "you"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our product AutoProctor (the "Platform") through our website at www.autoproctor.co (the "Website") or AutoProctor's mobile application (the "App").
AutoProctor is SOC 2 Type 2 certified and GDPR compliant.
Visit our Trust Center for details on our security practices and compliance certifications.
WE DO NOT SELL YOUR PERSONAL INFORMATION, NOR DO WE INTEND TO DO SO. Candidate data is used exclusively for providing the proctoring service. It is never used for AI training, marketing, advertising, or product improvement.
Important: AutoProctor is a data processor, not a data controller, for exam and proctoring data.
The examiner or testing institution that creates the test is the data controller. They configure what data is collected and are responsible for obtaining consent from candidates. If you are a candidate and wish to request access to, correction of, or deletion of your exam data, please contact the examiner who administered your test. See Our Role for details.
Who this policy covers
AutoProctor is used by three types of users:
This policy applies to all three. Where a section applies differently, it is noted.
Where candidates are under the age of majority in their jurisdiction, it is the responsibility of the examiner or testing institution to ensure compliance with applicable age-related laws and regulations, including obtaining any required parental or guardian consent before allowing such candidates to use AutoProctor.
The capitalized terms have the same meaning as ascribed in our Terms of Service as applicable, unless otherwise noted here.
Please read this Privacy Policy carefully. By accessing or using our Website, App, and Platform, you agree to accept the terms contained in this Privacy Policy. If you do not agree, please do not access or use our Website, App, or Platform.
If you have any questions, please contact us at .
AutoProctor serves two roles depending on the type of data:
At registration: We collect your name and email address. We use Google and Microsoft SSO or email one-time code authentication; there is no password stored by AutoProctor. SDK/API customers may not require any candidate registration at all.
During a proctored exam session, AutoProctor uses the following data feeds (if enabled by the examiner): webcam, microphone, screen share, and auxiliary device (phone camera). From these feeds, AutoProctor captures:
Candidates are shown exactly which monitoring features are enabled before the test begins.
Technical metadata: We collect your IP address, browser type, and operating system version (user agent). We do not collect GPS coordinates.
Financial information: We do not collect or store credit card or bank information. Payments are handled by Stripe, a third-party payment processor.
We collect personal information in the following ways:
We also collect information automatically when you navigate our Platform:
For Examiners (account holders):
For Candidates (test-takers):
Candidate data is never used for marketing, advertising, AI training, or product improvement.
Cookies are small pieces of text used to store information on web browsers. We use cookies on our Website and App to compile aggregate data about site traffic and interactions, and to allow trusted third-party services that track this information on our behalf.
We use CookieYes, a consent management platform, to manage your cookie preferences. You can set your browser to refuse all or some browser cookies, but this may affect your user experience.
We may include or offer third-party products or services on our Platform. These third-party sites have separate and independent privacy policies. We have no responsibility or liability for the content and activities of linked sites. Contact us at with any feedback.
We take the security of your data seriously. Our measures include:
All information you provide is stored on secure servers behind firewalls. The safety and security of your information also depends on you. Please keep your login credentials confidential and do not share access to your account with anyone.
Breach Notification: In the event of a personal data breach, we will notify affected users within seventy-two (72) hours via email and/or our Platform notification system. We will also notify relevant data protection authorities as required by applicable law (including GDPR, PIPEDA, and other applicable regulations).
All data is stored in the United States on Amazon Web Services (AWS) infrastructure. All storage and processing infrastructure is located in the US.
When you take a proctored exam, evidence data (screenshots, photos, audio recordings, and videos if enabled) is stored securely in the cloud. The evidence collection window and data stored during your session are determined by the monitoring features your examiner has enabled. You can see exactly what is being collected before you begin the test.
We categorize the data we collect and apply different retention periods:
| Data Type | Retention Period |
|---|---|
| Evidence data (screenshots, photos, audio, video): AutoProctor platform | Maximum 3 months |
| Evidence data (screenshots, photos, audio, video): SDK / API customers | Maximum 6 months |
| Session metadata (event logs, Trust Scores, timestamps) | Retained indefinitely (contains no PII) |
| Account data (email, name, test records) | Retained while the account is active |
Session metadata consists of event types and timestamps (e.g., "tab switch at 12:24 PM") and does not contain personally identifiable information. Evidence data (the screenshots, photos, audio recordings, and video files) is the only category subject to automatic deletion.
We may share your Personal Information in the following circumstances:
To Examiners: We disclose exam session information to the examiner (data controller) who created the test. This includes trust scores, screenshots, photos, audio recordings, candidate email, IP address, and browser/OS information. The examiner configures what monitoring features are enabled, and candidates see this on the consent screen before the test.
To Sub-processors: We share data with service providers who assist us in operating our Platform, as listed in the Third-Party Service Providers section. These parties are required to protect your information.
Legal Requirements: We will disclose personal information (i) to comply with court orders, laws, or legal processes, (ii) to enforce our Terms of Service, (iii) to protect the rights, property, or safety of AutoProctor, our customers, or others, and (iv) for fraud protection and credit risk reduction.
We do not sell, trade, rent, or otherwise transfer personal information to others. We do not provide non-personally identifiable visitor information for marketing purposes.
Tracking and Advertising: You can set your browser to refuse some or all browser cookies, but if you disable or refuse cookies, some parts of our Website may not be accessible or function properly.
AutoProctor uses automated processing to generate a Trust Score based on behavioral signals observed during a proctored exam, including face presence, tab switching, and screen activity.
This section supplements the information above and applies to users who are residents of or visitors from the European Economic Area (EEA), the United Kingdom, or Switzerland.
Data Location and Transfers: We are headquartered in the United States. All data is stored and processed on US-based infrastructure. By using our Platform, you consent to the transfer of your Personal Information to the US for processing.
Transfer Mechanism: We rely on the EU Standard Contractual Clauses (Commission Implementing Decision (EU) 2021/914) for the transfer of Personal Data from the EEA to the United States. If there is any conflict between this Privacy Policy and your rights under the Standard Contractual Clauses, the Standard Contractual Clauses will govern. Full terms are available in our Data Processing Agreement (DPA), which is available upon request at .
Our EU GDPR Representative:
Rickert Rechtsanwaltsgesellschaft mbH
— Socratease —
Colmantstraße 15
53115 Bonn, Germany
Your Rights: If you are a resident of or visitor to Europe, you have the following rights with respect to your Personal Information:
To exercise any of these rights, contact us at or write to us at Socratease, Inc., 16192 Coastal Highway, Lewes, Delaware 19958, United States. We will respond within thirty (30) days.
This section supplements the information above and applies to users who reside in Canada. We comply with the Personal Information Protection and Electronic Documents Act ("PIPEDA") and any terms defined in PIPEDA have the same meaning when used here.
This section applies to California residents under the California Consumer Privacy Act ("CCPA") and the California Privacy Rights Act ("CPRA").
AutoProctor does not sell your personal information. We do not sell, trade, or otherwise transfer personal information to third parties for monetary or other valuable consideration.
As a California resident, you have the following rights:
To exercise these rights, email or write to Socratease, Inc., 16192 Coastal Highway, Lewes, Delaware 19958, United States.
SOPIPA (Student Online Personal Information Protection Act): Under SOPIPA, we do not use any personally identifiable information of candidates under 18 collected while using our Platform to send them marketing or targeted advertising. All collected PII is used only to provide, maintain, and support the Platform.
FERPA (Family Educational Rights and Privacy Act): We handle all student data in compliance with FERPA regulations. Educational records such as course names, assessment grades, and proctored exam recordings are given heightened protection. To make a request to inspect, review, or amend an education record, email .
PPRA (Protection of Pupil Rights Act): AutoProctor does not administer or conduct surveys or evaluations that elicit information on any of the eight protected categories of the PPRA.
COPPA (Children's Online Privacy Protection Act): COPPA applies to the collection of personal information from children under 13. We are committed to COPPA compliance. We only collect as much information about a child as is reasonably necessary for participation in an activity, and we do not condition participation on the disclosure of more information than is reasonably necessary. Contact for more details.
Marketing and promotional emails are sent only to examiners (account holders), never to candidates. Candidates receive only transactional communications related to their tests.
All marketing emails include an unsubscribe option. If you wish to opt out, follow the instructions at the bottom of any email or contact us at .
AutoProctor uses the following third-party service providers:
| Provider | Contact |
|---|---|
| Amazon Web Services Inc. |
aws.amazon.com/contact-us 410 Terry Avenue North, Seattle, WA 98109, US |
| Stripe, Inc. |
info@stripe.com 510 Townsend St, San Francisco, CA 94103, US |
|
about.google/contact-google 1600 Amphitheatre Parkway, Mountain View, CA 94043, US |
|
| CookieYes |
cookieyes.com CookieYes Limited, UK |
| Sentry |
sentry.io Functional Software, Inc., San Francisco, CA, US |
| Sprinto |
sprinto.com Sprinto, Bengaluru, India |
If you have any questions about our third-party service providers, email .
AutoProctor reserves the right to change or modify this Privacy Policy at any time. Modifications shall be binding upon your acceptance of the modified Privacy Policy. We will inform you about modifications via email, on our Website, App, or Platform, or by comparable means within a reasonable time period. Your continued use of our Website, App, or Platform shall constitute your consent to such changes.
To ask questions or comment about this Privacy Policy and our privacy practices, please contact our Privacy Officer:
Jayanth Neelakanta
Email:
Socratease, Inc.
16192 Coastal Highway,
Lewes, Delaware 19958, United States
By using our Website, App, or Platform, you agree to the practices described in this Privacy Policy and the terms set forth in our Terms of Service. If you do not agree, please do not use our Website, App, or Platform.
Because AutoProctor is a proctoring service, we understand that users and organizations have heightened concerns about how data is collected, stored, and protected. Below are answers to the most common questions we receive.
AutoProctor captures screenshots, photos, audio recordings, and (if enabled) videos from the webcam, microphone, screen share, and auxiliary device feeds. The examiner configures which monitoring features are active for each test, and the candidate sees exactly what is being monitored before the test begins.
All data is stored in the United States on Amazon Web Services (AWS) infrastructure.
Evidence files (screenshots, photos, audio recordings, and videos if enabled) are retained for a maximum of 3 months for AutoProctor platform users, or 6 months for SDK/API customers. Session metadata (event logs, Trust Scores) is retained indefinitely as it contains no personally identifiable information. Account data is retained while the account is active.
No. Candidate data is used exclusively for providing the proctoring service. It is never used for AI model training, product analytics, marketing, advertising, or any purpose other than delivering the service to the examiner.
By default, no. AutoProctor uses behavioral anomaly detection. It monitors for the presence of a face, tab switching, screen activity, and similar behavioral signals. However, if the examiner enables the ID card verification feature, AutoProctor performs a one-time facial comparison between the candidate's live camera image and their uploaded ID card photo to verify identity. This is configured by the examiner and disclosed to the candidate before the test begins.
The Trust Score is an advisory metric generated from behavioral signals during a proctored session. It is not a binding or final decision. The examiner reviews the evidence and the Trust Score, and makes the final determination on exam integrity. No decisions with legal or significant effects are made solely by automated means.
The examiner who created the test can access all evidence, trust scores, and metadata for their candidates. AutoProctor support staff may access data for troubleshooting when requested. Data is never shared with other examiners or third parties.
Yes. Contact . For exam data, we may need to verify with the examiner (data controller) before processing the request, as they may need the data for assessment verification.
Yes. Our DPA, which includes Standard Contractual Clauses, is available upon request at .
AutoProctor is SOC 2 Type 2 certified and GDPR compliant. For full details on our security posture and compliance certifications, visit our Trust Center.
All data is stored in the United States. For EU users, we rely on the 2021 Standard Contractual Clauses (Commission Implementing Decision (EU) 2021/914) as our legal basis for data transfers. Our EU GDPR representative is Rickert Rechtsanwaltsgesellschaft mbH in Bonn, Germany.
Evidence files (screenshots, photos, audio, video) are deleted according to the retention schedule (3 months for platform, 6 months for SDK). Account records and session metadata are retained. Contact to request full account deletion.
Under GDPR, you have the right to access, rectification, erasure, portability, restriction of processing, objection, and withdrawal of consent. Contact or our EU representative at . Our DPA is available on request. We respond within 30 days. See Section 12 for full details.