Privacy policy

This Privacy Policy outlines how Testlify, Inc. (“Testlify,” “we,” or “us”) and our partners collect, use, and safeguard Personal Data. Our application for compliance with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF is currently under review.

Definitions

Personal data: Information related to an identified or identifiable individual, such as names, email addresses, employment history, and assessment responses.
Sensitive data: Special categories of Personal Data like gender and nationality, collected only with explicit opt-in consent.
Processing: Any operation performed on Personal Data, including collection, recording, organization, storage, adaptation, or alteration

Data collection and use

Personal data

We collect personal data for the following purposes:

Name: For personalizing communications and certificates.
Email address: Used for communication, account verification, and certificate delivery.
Employment history for skill assessment: To assess your professional skills and qualifications.
Responses to assessments and surveys: For skill evaluation and service improvement.
Ip address and location data for proctoring: To enhance security and monitoring during online proctoring.

Automated decision-making

Automated systems may be used to grade assessments based on predefined criteria. You have the right to request human intervention, contest decisions, and understand the logic behind automated decisions.

Legal basis for processing

We process personal data based on:

Obtained consent: Explicit consent is obtained for sensitive data and specific purposes.
Legal obligations: For compliance with legal requirements.
Contractual necessity: To fulfill our contract with you when you use our services.

Cookies and tracking technologies

We use cookies and may collect IP addresses to enhance user experience. For more details, please review our Cookies Policy.

Data transfer and storage

International data transfers

Data may be transferred internationally, utilizing Standard Contractual Clauses (“SCCs”) for transfers to the EU/EEA, to ensure an equivalent level of data protection.

Security measures

We implement robust security measures, such as encryption, to protect Personal Data from unauthorized access, disclosure, alteration, or destruction. More information is available on our Security Measures page.

We do not use customer data to train external models or for any purpose beyond the agreed-upon scope of our services. Any personal data processed by our AI systems is handled in compliance with applicable data protection laws, including GDPR and CCPA where relevant.

Your Rights & Preferences as a Data Subject

Subject to the GDPR and applicable law’s limitations, the rights afforded to you as a data subject are:

Right to be Informed: You have a right to be informed about the manner in which any of your personal data is collected or used which we have endeavored to do by way of this Policy.
Right of Access: You have a right to access the personal data you have provided by requesting us to provide you with the same.
Right to Rectification: You have a right to request us to amend or update your personal data if it is inaccurate or incomplete.
Right to Erasure: You have a right to request us to delete your personal data.
Right to Restrict Processing: You have a right to request us to temporarily or permanently stop processing all or some of your personal data.
Right to Object: You have a right, at any time, to object to our processing of your personal data under certain circumstances. You have an absolute right to object to us processing your personal data for the purposes of direct marketing.
Right to Data Portability: You have a right to request us to provide you with a copy of your personal data in electronic format and you can transmit that personal data for using another third-party’s product/service.
Right Not to be Subject to Automated Decision-Making: You have a right to not be subject to a decision based solely on automated decision making, including profiling.

In case you want to exercise the rights set out above you can email us at [email protected].

Third-party links

Our website may contain links to third-party sites. We are not responsible for their privacy practices. Always review the privacy policies of external sites.

Data retention

Data is retained for its intended purpose or as required by law. For specific concerns about data retention, please contact us.

Children’s privacy

We do not knowingly collect or solicit Personal Data from individuals under 18. If such data is discovered, it will be promptly deleted.

Enforcement and verification

The U.S. Federal Trade Commission oversees our compliance with data privacy laws. For more information, visit our Security Practices page.

Dispute resolution

For data privacy disputes, we offer an independent recourse mechanism in line with EU-U.S. DPF guidelines.

Data protection officer

We’ve designated a Data Protection Officer (DPO) to oversee our data protection strategy. For inquiries, please contact our DPO.

Subprocessors

Third parties, known as subprocessors, are utilized for specific functions and services. You can find a list of these subprocessors and their roles on our Data Management page.

Data breach notification

In the event of a data breach involving Personal Data, affected individuals and authorities will be notified within 72 hours, as required by law.

Employee data

Details on the collection and processing of employee data are covered in our Employee Data Policy.

Consent records

Records of obtained consent for data processing are securely stored, as required by law.

Your Rights Under California Consumer Privacy Act (CCPA)

Testlify Inc., complies with CCPA by giving you the five privacy rights for California consumers:

The right to know about the personal information a business collects about them and how it is used and shared.
You have a right to be informed about the manner in which any of your personal data is collected or used which we have endeavored to do by way of this Policy.
The right to delete personal information collected from them.
Testlify Inc., gives you the right to request us to delete your personal data.
The right to opt-out of the sale of their personal information.
The right to non-discrimination for exercising their CCPA rights.

Testlify Inc., does not sell any data of any of its users/customers/leads. Testlify Inc., assures no discrimination against consumers exercising their right of privacy under CCPA.

Testlify Inc., assures that it will not ask for waiver of privacy rights from California consumers. In case you want to exercise the rights set out above you can email us at [email protected].

Complaints

To address concerns about data handling, you can lodge a complaint with the relevant regulatory authority or use our independent recourse mechanism. Where such data is not being used by us to render Services to you, we shall explicitly seek your consent for using the same. You can choose to withdraw this consent at any time, by mailing to us at [email protected]. More details are available on our Security Practices page.

Changes to this policy

We review this policy annually and will notify you of changes via email or website notifications.

Governing law

This policy is governed by U.S. federal law.

User responsibilities

Users are responsible for maintaining the confidentiality of their login information and are obligated to immediately report any unauthorized account activity.