Skip to content
Mark My Tests
Security & privacy

Pupil work is pupil work. We treat it that way.

EU-region processing, no training on your scripts, clear deletion rules, and a privacy notice you can read in a sitting. This page summarises the posture — the Privacy notice has the full detail.

Where it lives

EU-region processing

Scripts, schemes and generated marks are stored and processed in EU-region infrastructure, with Supabase-managed encryption at rest and TLS in transit.

Who sees it

Row-level tenant isolation

Postgres Row Level Security means signed-in users only see their organisation’s data. Guest marking sessions use scoped tokens until you claim them into an account.

Training

Not used to train foundation models

We call Google Vertex AI under enterprise-style configuration: customer content submitted to the marking API is not used to train Google’s public foundation models.

Deletion

Scripts deleted within 7 days

Uploaded scripts are removed within 7 days of processing, or sooner on explicit erasure. Guest drafts that never start marking are removed after 24 hours of inactivity.

The path your data takes

Five stops, all mapped.

01
Upload
Files move over TLS to EU-region object storage. The browser does not mark — the pipeline runs on trusted workers.
02
Prepare
Scripts are deskewed and, where needed, cropped per question so the marker only sees the relevant page region.
03
Mark
Per-question marking against your scheme on Vertex AI. Your files never leave the workers handling your tenant.
04
Store
Provider-managed encryption at rest. Row-level access. Sentry receives redacted error events only.
05
Delete
Session, class or account erasure purges from hot storage immediately; backups follow standard retention windows.
Where we meet procurement

Practical baselines, not marketing badges.

UK GDPR
Design aim
DfE data protection
Alignment planned
Infrastructure
Supabase (EU) + Vertex AI
Marking compute
No browser inference

Formal certifications (e.g. Cyber Essentials, ISO 27001) are not currently in place. When that changes, we'll note the exact certificate and date here.

What IT usually asks for

Request via your data protection lead.

Privacy notice, security overview, subprocessor list and any custom Data Processing Agreement are issued through your organisation's data protection lead — contact us and we will route it there. Public downloads for these will appear once the beta cohort closes.

Our promise

We will not change how pupil work is used without telling you in plain words first. Policy drift lives in release notes; changes you should care about live in email.

Try a run on your own paper. Your scripts; your judgement.

The security posture only matters once you've seen it do a real mock. Standard scripts from £0.30.