Created by Mustafa Ekim / January, 2023
As a frequent service provider to entities and persons living within the European Union (EU), TestInvite regularly provides its services under the umbrella of GDPR.
The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information from individuals who live in the EU.
GDPR defines Data Controllers as an entity that determines the purposes for which and the means by which personal data is processed. Data Controllers decide ‘what’ data will be collected, 'why' and 'how' the collected personal data should be processed. The Data Processor processes personal data only on behalf of the Data Controller.
TestInvite generally collects personal data from exam participants on behalf of its customers for purpose of providing exam-related services. In such cases, the customer will be the “Data Controller” of the applicable personal data, and TestInvite is the “Data Processor”.
TestInvite takes reasonable precautions to keep personal data entrusted with it, safe, secure and confidential. It never sells personal data.
In addition, TestInvite has the below security measures in place for the protection of personal data shared with it.
TestInvite uses cloud services for their operations. The physical facilities where TestInvite is located requires an RFID chip to gain access.
Employees have only access to data contained in business applications on a 'need-to-know' basis. Privileged users are granted on a 'need-to-access' basis.
TestInvite uses Sophos for end-point security and protection against viruses and ransomware. All devices are encrypted with a remote swipe enabled should the device be lost or stolen.
TestInvite discloses personal data to third parties only under very limited circumstances. For example, it may do so to the extent required by law or regulation or as requested by a court or regulatory authority in connection with law enforcement. As a part of its operations TestInvite may also provide personal data to its third-party service providers. All such partners are required by law and/or contractual requirements to keep the disclosed data confidential and secure.
Please refer to TestInvite’s privacy policy for further information.