Proctoring Privacy Notice

NUS takes privacy very seriously. Your personal data is well protected and will not be misused.

On this page, we describe what happens to your personal data and how your privacy is safeguarded when you take an examination with remote proctoring.

The general NUS privacy statement can be consulted on the webpage NUS PRIVACY NOTICE.


Why is NUS using remote proctoring?

NUS remote proctoring is facilitated by Zoom and ExamSoft with ExamID/ExamMonitor services.

Remote proctoring is essential to verify the candidate’s identity and to prevent fraud. As mentioned in the NUS Grading Policy & Examination Process, "The University has in place standard operating procedures to ensure that examination processes are conducted with utmost care and attention. Multiple levels of checks are built into the handling of examination answer scripts, marking and processing of marks and grades." Personal data are used in this process. NUS fully endorses the importance of protecting your personal data. We therefore make sure that no more data are processed than are strictly necessary and we ensure that your data are treated with the utmost care. The ultimate aim is that at the end of your studies you will be able to receive a degree that is highly respected.

What personal data are processed?

  1. Proctoring with Zoom

    1. Webcam view of the student

    2. Immediate environment around the student, both live and recorded

  2. Proctoring with ExamID and ExamMonitor

    1. ExamID:

      1. A photograph of the student’s face

    2. ExamMonitor:

      1. Audio and video recording of the student and his/her immediate surroundings

      2. The student’s desktop activities

Who is responsible for the processing of my personal data?

NUS is responsible for processing your data under the terms of the NUS Personal Data Notice for Students.

If you have any questions regarding such remote proctoring, please contact CTLT by visiting our Helpdesk (Zoom) or emailing citbox25@nus.edu.sg (ExamSoft).

For Personal Data specific queries, please contact the Data Protection Office at dpo@nus.edu.sg.

For what purposes will my personal data be processed and on what legal grounds?

Your personal data will be processed for the following purposes:
a. Authentication: During or after the exam, a check will be made to verify that the person doing the exam is actually the student;
b. Fraud check: During or after the exam, a check will be made to ensure that the student has followed the applicable rules and that he/she has not made use of any unauthorized sources (such as crib sheets, chats, browser sessions).

Processing of personal data is only permitted if there are legal grounds for doing so. Under NUS Personal Data Protection Policy & Procedures (Appendix 5: Purpose Limitation),

Staff/Students must only collect, use or disclose personal data for purposes:
(a) that a reasonable person would consider appropriate in the circumstances;
(b) that are necessary for their functions/activities.

Will my data be shared with third parties?

Your personal data will not be disclosed or transferred to third parties without the prior written approval of NUS.

Zoom and ExamSoft have the following party supporting their services, and are part of the agreement with NUS.

  • Amazon Web Services (AWS)

An important exception is the sharing of personal data when it is required under applicable law or in course of any legal proceedings. In that case, the proctoring service and/or NUS must share data with authoritative bodies, for example with law enforcement. This will occur, however, under supervision of NUS Data Protection Office.

How will my personal data be secured?

NUS takes appropriate security measures to protect personal data against unauthorized access, use or disclosure.

Therefore, Zoom and ExamSoft are secured and we also formalized this in the agreement with our partners. Besides, these proctoring services are being assessed by the NUS IT security department, thus following the provisions and requirements set out in the NUS IT Policy Documents. This ensures all personal data is optimally secured. Additionally, Zoom and ExamSoft also monitors whether there are unlawful traffic or activities on their services. In our Personal Data Protection Policy & Procedures (Appendix 10: Protection of Personal Data), you can read more about the type of measures we take.

The management and treatment of all University Data (of which Personal Data forms part) is governed by NUS IT Policy Documents, which include but are not limited to:

  • the NUS Data Management Policy (DMP)

  • the NUS Guidelines on Use Classification and Protection of University Data

  • the NUS IT Security Policy

  • the NUS Cloud Policy

  • the Acceptable Use Policy (AUP) for IT Resources

See Also

Â