Is TestInvite software GDPR compliant?

As a frequent service provider to entities and persons living within the European Union (EU), TestInvite regularly provides its services under the umbrella of GDPR.

Created by Mustafa Ekim / January, 2023

As a frequent service provider to entities and persons living within the European Union (EU), TestInvite regularly provides its services under the umbrella of GDPR.

What is GDPR? 

The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information from individuals who live in the EU.

What are the key principles of GDPR? 

  • Lawfulness, fairness and transparency
    • Purpose limitation
      • Data minimisation
        • Accuracy
          • Storage limitation
            • Integrity and confidentiality (security)
              • Accountability

                TestInvite’s GDPR Status

                GDPR defines Data Controllers as an entity that determines the purposes for which and the means by which personal data is processed. Data Controllers decide ‘what’ data will be collected, 'why' and 'how' the collected personal data should be processed. The Data Processor processes personal data only on behalf of the Data Controller.

                TestInvite generally collects personal data from exam participants on behalf of its customers for purpose of providing exam-related services. In such cases, the customer will be the “Data Controller” of the applicable personal data, and TestInvite is the “Data Processor”.

                Protection of Personal Data

                TestInvite takes reasonable precautions to keep personal data entrusted with it, safe, secure and confidential. It never sells personal data.

                In addition, TestInvite has the below security measures in place for the protection of personal data shared with it.

                Physical Security

                TestInvite uses cloud services for their operations. The physical facilities where TestInvite is located requires an RFID chip to gain access.

                Information Access

                Employees have only access to data contained in business applications on a 'need-to-know' basis. Privileged users are granted on a 'need-to-access' basis.

                Endpoint Security

                TestInvite uses Sophos for end-point security and protection against viruses and ransomware. All devices are encrypted with a remote swipe enabled should the device be lost or stolen.

                Disclosure to Third Parties

                TestInvite discloses personal data to third parties only under very limited circumstances. For example, it may do so to the extent required by law or regulation or as requested by a court or regulatory authority in connection with law enforcement. As a part of its operations TestInvite may also provide personal data to its third-party service providers. All such partners are required by law and/or contractual requirements to keep the disclosed data confidential and secure.

                Please refer to TestInvite’s privacy policy for further information. 

                Author

                Mustafa Ekim

                Mustafa Ekim, founder of TestInvite and QuizCV, brings nearly a decade of expertise in building online assessment platforms for custom, secure tests.
                Go Back
                Talk to a representative
                Figure out if TestInvite is a good match for your organization