1. User Identity & Profile Data
This section covers essential information such as names, email addresses, university IDs, roles, and biometric data. These details are used for authenticating users, assigning permissions, and personalising interactions. To secure this sensitive information, sensitive data is encrypted both at rest and in transit, and role-based access controls ensure that only authorised individuals have access. Inactive accounts are deleted after one year, while biometric data is stored as hashed templates rather than raw data to further enhance privacy.
2. Academic Content
Academic content includes student submission documents, module contents and tutor feedback, all of which are fundamental for assessing research quality and supporting AI-driven question generation. Students retain full intellectual property rights, as the platform functions as a secure repository. Data is protected using AES-256 encryption which ensures integrity of stored items.
3. Interaction Data
Interaction data includes audio captured during viva sessions, real-time transcripts, limited session metadata, and, where enabled by the institution, video recordings and related session records. This data is processed solely to provide the Integrevise service, support tutor review, maintain session records, address technical or academic disputes, and ensure the secure operation of the platform; it is not used to train, fine-tune, or improve internal or third-party AI models. Where the platform is deployed through a university, the institution determines the appropriate lawful basis and configuration for any recording features. Integrevise applies data minimisation measures where feasible and deletes interaction data in accordance with the applicable retention schedule, unless a longer period is required by the institution for appeals, investigations, or legal obligations.
4. AI-Generated Data
AI-generated data includes outputs such as question logs, follow-up prompts, analytical feedback, performance metrics, and other system-generated content produced during viva sessions. This information is processed solely to deliver the Integrevise service, support tutor review, and generate performance feedback reports for authorised university staff. Integrevise does not use customer personal data or AI-generated data from viva sessions to train, fine-tune, or improve third-party or internal AI models.
5. Technical Logs
Technical logs record device information, IP addresses, session timestamps, error logs, and API call details. This data is essential for debugging, monitoring security, and optimising performance. To protect privacy, IP addresses are masked and logs are anonymised.
6. Performance & Analytics Data
This category comprises viva grading rubrics, understanding levels, and aggregated performance trends, which are critical for institutional reporting, curriculum improvements, and student support. Analytics data is stripped off Personal Identifiable Information before sharing to admin personals, and access to the analytics dashboards is restricted to authorised administrators.
7. Cross-Cutting Security Measures
Across all data categories, several robust security measures are in place. The platform adheres to data minimisation principles, ensuring that only essential information is collected. Encryption, including end-to-end solutions for live sessions and zero-knowledge storage for sensitive data, prevents unauthorised access. While granular consent workflows may be available in some contexts, in a university-integrated environment, consent protocols are centrally managed by the institution. Regional compliance is ensured by storing data in servers that meet legal requirements (e.g., GDPR in the EU), and audit trails are maintained to log all data access or modification attempts for accountability.