Privacy Policy

1. Overview

OET Live (“we”, “us”, “the app”) is an AI-assisted Occupational English Test (OET) Speaking practice tool built for migrating healthcare professionals. This policy describes what we collect, how we use it, who we share it with, and the controls you have over your data.

OET Live is not affiliated with, endorsed by, or sponsored by Cambridge Boxhill Language Assessment or any official OET body. The OET name and rubric are referenced for educational comparison only. Scores produced by the app are an AI-generated estimate intended to support practice; they are not official OET scores. See our Terms of Service for the full disclaimer.

Operator: OET Live. Contact: [email protected].

2. What data we collect

2.1 Account data

• Sign-in identity. When you sign in with Google, Apple, or Microsoft via OAuth, we receive your name, email address, and OAuth provider user id. We do not request access to your Gmail, Drive, Calendar, contacts, or any other Google scope beyond openid email profile.
• Email/password sign-up. If you sign up directly we store your email and a hashed password (Better Auth, Argon2id).
• Email verification token. A short-lived token to confirm you own the email address.

2.2 Profile preferences

• OET profession track (e.g. Medicine, Nursing, Pharmacy, …)
• Target country and recognising organisation (e.g. AHPRA, NMC, NCSBN)
• Target exam date, target score, practice cadence
• Reminder time, study-reminder + countdown notification preferences
• Avatar choice and the optional photo you upload to your profile
• Calibration consent (whether you allow your audio to inform model accuracy)

2.3 Practice data

• Audio recordings of your role-play attempts, captured from your device microphone only (the AI patient's voice is not recorded).
• Transcripts generated from those recordings by an automated speech-to-text service.
• Scores from automated assessment (the 9 OET communication criteria, overall 0–500 score, OET band) and per-task cue verdicts.
• Pronunciation reports including per-word pronunciation scores and speech-rate metrics.

2.4 Technical data

• Approximate device type and OS for crash diagnostics
• Authenticated session cookies and tokens
• Server access logs (IP address, timestamp, request URL) retained for 30 days

We do not collect: precise GPS location, browsing history, contacts, social-graph data, or any health-record data outside what you record during a practice session.

3. How we use the data

• Run the practice service: generate AI patient responses, score role-plays, surface feedback, recommend next cases.
• Send transactional emails (sign-in verification, password reset, support replies). We do not send marketing emails without an explicit opt-in.
• Compute your personal “weak area” profile to target the recommender at your bottom-2 criteria.
• Debug crashes and operational issues. Server logs are scoped to minimum-needed fields.
• Aggregate, fully de-identified usage counts (e.g. “how many sessions did users complete this week”) to help us improve the product.

We do not: sell your data, share it with advertising networks, or use OAuth-provided Google data for any purpose beyond authenticating you into the app.

4. Third-party services

To run the service we send certain data to the following processors:

• Cloud-hosted AI inference provider. Receives your practice audio (for transcription) and transcript text (for scoring and AI patient response). Stored according to the provider's data processing terms; not used to train general-purpose models when called under our enterprise configuration.
• Cloud-hosted pronunciation assessment service. Receives a compressed copy of your practice audio for syllable-level pronunciation scoring. Stored according to the provider's data processing terms; not used for model training.
• Encrypted object storage provider (EU region). Stores your encrypted audio files so you can replay them in the Feedback screen.
• Transactional email service (our self-hosted mail server). Sends verification, password reset, and support emails.
• Authentication service (self-hosted on our servers). Handles authentication tokens, sessions, and password hashing on the same infrastructure as the rest of the service.

We do not use Google Analytics, Facebook Pixel, advertising SDKs, or any third-party analytics tools.

5. Data retention

• Account profile: retained while your account is active.
• Practice recordings, transcripts, scores: retained while your account is active so you can replay sessions and track progress.
• Server access logs: 30 days, then auto-rotated.
• Account deletion (in-app): when you delete your account from Profile → Privacy → Delete account, we immediately close the account: you are signed out, the account becomes unusable, your email address is obfuscated so it cannot be used to sign back in or recover the prior account, and all active sessions are revoked. Re-registering with the same email address creates a fresh, independent account with no access to prior recordings, transcripts, scores, or profile data.
• Practice recordings retained after in-app deletion: the raw audio, transcripts, and anonymized score records may be retained on our servers solely to improve scoring accuracy for future users. These records are detached from your identity (your name, email, profile, and any unsent reminders are scrubbed within 24 hours) and cannot be re-associated with you. If you require full erasure of this anonymized practice data (e.g. under GDPR / UK-GDPR / PIPEDA), see Section 6.
• Full erasure on request: email [email protected] with subject “Erasure request” and we will hard-delete all practice content (including anonymized audio and transcripts) within 30 days.
• Billing & fraud-prevention records required by law may be retained even after deletion.

6. Your rights and controls

• Export. Profile → Privacy → Export my data downloads a complete JSON archive of your profile, sessions, scores, and transcripts, plus 24-hour signed URLs for your audio recordings.
• Delete. Profile → Privacy → Delete account. The account is closed immediately, you are signed out, and the email is obfuscated so the account cannot be recovered or re-used to access prior data. See Section 5 for what is retained anonymized and how to request full erasure.
• Email verification + password reset are available from the sign-in screen.
• Calibration opt-out. Profile → Privacy →Help improve scoring toggles whether your audio is included in our internal scoring-accuracy review process. Default: opt-in.
• EU/UK/CA users. You also have the GDPR/UK-GDPR/PIPEDA rights to access, rectify, port, restrict, object, and complain to a supervisory authority. Email [email protected] with “Privacy request” in the subject line.

7. Children

OET Live is intended for adults preparing for the OET. We do not knowingly collect data from anyone under 16. If you believe a minor has signed up, email us and we will erase the account.

8. Security

• TLS 1.3 in transit; server-managed encryption at rest.
• Audio is stored in Cloudflare R2 with server-side AES-256 encryption.
• Passwords are hashed with Argon2id; we cannot see them in plaintext.
• OAuth tokens are stored in iOS Secure Enclave (Keychain) on your device.
• Access to production systems is restricted to operators with hardware security keys.

No system is perfectly secure. If you discover a vulnerability please email [email protected].

9. International transfers

Our infrastructure is hosted primarily in Germany. Some processors operate in the United States and other regions. Where required by law, transfers are covered by the EU Standard Contractual Clauses or equivalent safeguards.

10. Changes to this policy

We'll post the updated text here and update the effective date. Material changes (new categories of data collected, new processors, new purposes) will be announced by in-app notification and, where required, by email.

11. Contact

Questions, complaints, or data subject requests: [email protected]. We respond within one business day.