OSCE Nexus — Privacy Policy

Last updated: 28 May 2026

OSCE Nexus™ ("the App", "we") is an examination-management tool used by accredited medical-education facilities to register candidates and grade OSCE (Objective Structured Clinical Examination) stations. This policy explains what the App collects, why, and how it is protected. The App is intended for authorised examiners and coordinators only — it is not a consumer product and is not directed at children.

Information we process

• Account & sign-in: your username and password are used only to authenticate you. After sign-in, an access token is stored encrypted on your device so you don't have to log in every time.
• Examination data you enter: candidate identifiers, station checklists, scores, and comments that you record while grading. This data belongs to your facility.
• Operational logs: sign-ins and grading actions are recorded in an audit log for exam integrity and accountability.
• Device information: a randomly generated device identifier and basic device model/OS, used to manage your sessions and (optionally) send exam notifications.

Camera

The App uses the camera only to scan a candidate's barcode to identify who you are grading. Images are processed on the device to read the code and are not stored or transmitted.

Biometrics (Face ID / fingerprint)

If you enable it, the App uses your device's built-in biometric unlock to release your saved sign-in. This happens entirely on your device through the operating system. We never receive, see, or store your biometric data, and no facial image or fingerprint ever leaves the device.

How information is used

• To authenticate you and keep you signed in securely.
• To record, sync, and report OSCE grades for your facility.
• To support offline grading and upload your results when a connection is available.
• To maintain an audit trail required for examination governance.

Data storage & security

• Data is transmitted over HTTPS and stored on your facility's secure server.
• Access tokens are kept in the device's encrypted secure storage.
• Access is restricted by role (examiner, coordinator, administrator).

Data sharing

We do not sell your data or share it with advertisers. Examination data is accessible only to authorised staff of your facility. Push notifications, where used, are delivered through Google Firebase Cloud Messaging.

Data retention

Examination records are retained by your facility for as long as required for academic and governance purposes. Deleted records are soft-deleted and may be restored by an administrator. You may request deletion of your account by contacting us below.

Your choices

• You can sign out at any time, which revokes the access token on that device.
• You can decline camera or biometric permissions; the App remains usable (you can type barcodes and sign in with your password).

Contact

For privacy questions or data requests, contact the OSCE Nexus administrator:
Khalaf Almazrouei — CONTACT_EMAIL_HERE