Security & Compliance

Transparent security practices and comprehensive compliance with global standards

Security Controls

Data Protection

  • DPDP readiness with lawful basis registry
  • GDPR DPA and data processing agreements
  • Regional data residency options (India/EU)
  • Transparent data flows and consent management

Encryption

  • Encryption in transit (TLS 1.3)
  • Encryption at rest (AES-256)
  • Local video encryption
  • Key rotation and management

Access Control

  • Role-based access control (RBAC)
  • Multi-factor authentication (MFA)
  • Single sign-on (SSO) support
  • Audit logs for all access

Infrastructure Security

  • Secure cloud infrastructure
  • Network segmentation
  • DDoS protection
  • Regular security updates

Compliance Certifications

ISO 27001/27701

Roadmap to ISO 27001 (Information Security) and ISO 27701 (Privacy Management) certifications. Regular audits and continuous improvement.

DPDP (India)

Full alignment with Digital Personal Data Protection Act (DPDP) requirements. India data residency options available.

GDPR (EU)

General Data Protection Regulation compliance with data processing agreements and privacy by design principles.

WCAG 2.2 AA

Web Content Accessibility Guidelines compliance. Accessible exam experience for all candidates.

Data Retention

Configurable data retention policies aligned with your requirements:

  • Standard Exams: 90-180 days retention
  • Certification Exams: 7 years (ISO 17024 compliance)
  • Custom Retention: Configurable per client requirements
  • Secure Deletion: Verified deletion procedures after retention period

Privacy by Design

Data Minimization

Collect only necessary data for exam delivery and integrity monitoring.

Tokenized Data

Personal data tokenization where possible to reduce exposure.

Transparent Consent

Clear consent prompts explaining data collection and usage.

Data Subject Rights

Support for data access, rectification, and deletion requests.

Audit & Testing

External VAPT

Regular vulnerability assessment and penetration testing by third-party security firms.

Quarterly DR Drills

Disaster recovery drills conducted quarterly to ensure business continuity.

Security Audits

Regular security audits and compliance reviews.

Accessibility

ProctorEdge is committed to WCAG 2.2 AA accessibility standards:

  • Keyboard navigation support
  • Screen reader compatibility
  • Color contrast compliance
  • Caption support for proctor chat transcripts
  • Accommodation workflows for extra time and assistive tech

Download Security Whitepaper

Get detailed information about our security architecture and compliance practices.

Download Whitepaper Contact Security Team