Privacy policy

VTEST PRIVACY POLICY

VTEST aims to respect the confidentiality standards relating to the European data protection law entitled General Data Protection Regulation (GDPR). VTEST understands the importance of providing its users with an environment where they feel safe. VTEST policies on user data protection adhere to the highest requirements of European law.

WHO MANAGES THE PROCESSING OF YOUR PERSONAL DATA?

When you use our service through a test center (university, company…), we process your data as a subcontractor. However, if you access our service directly, we are responsible for the processing of your personal data :

VTEST – 115, rue Cardinet, 75831 Paris Cedex 17, France

When you reside in a country outside the European Union, VTEST makes every effort to comply with applicable local legislation.

 

WHAT PERSONAL DATA DO WE PROCESS ?

PERSONAL DATA NECESSARY TO OUR ASSESSMENT PROCESS

In order to assess your skills, we collect and process the following data:

 

•  Your name

•  Your first name

•  Your gender

•  Your date of birth

•  Your email address

•  Your phone number (mobile)

•  Your nationality

•  Your home country

•  Your mother tongue

•  Your photo

•  Your ID

•  Your secure code

•  Your written, audio and video answers

•  Your score report

•  Your official certificate

•  Your navigation environment (IP address, operating system, type of device, date and time of the different evaluation sessions)

For an online proctoring assessment, these data are processed by an advanced artificial intelligence for delivering a result of success or failure.

 

PERSONAL DATA NECESSARY TO GUARANTEE THE VALIDITY OF THE TEST

In order to guarantee the validity of your identity and/or test results, we collect and process the following data:

•  A photo of your identity card

•  Your photo

•  Photos taken at the test center or photos taken online randomly by the service

•  A video taken randomly by the service

•  A voice recording

For an online proctoring assessment, these data are processed by an advanced artificial intelligence to guarantee the absence of fraud. In case of suspicion, a duly authorized human being would review your assessment.

 

TWO POSSIBLE CASES

IF YOU USE OUR SERVICE THROUGH A TEST CENTER

 Your personal data can be collected by one of our authorized test centers. The latter has a legitimate interest in the collection and processing of your data.

When you use our service through a test center, it determines the retention period of your evaluation data.

IF YOU USE OUR SERVICE DIRECTLY

The processing of your evaluation data is necessary for the performance of our service. Concerning your sensitive data, their processing is based on your explicit consent (article 6, GDPR).

We keep your evaluation data for a period of 5 years from the delivery of results.

IN BOTH CASES…

WITH WHOM DO WE SHARE YOUR DATA?

Your evaluation data are transmitted to your test center and our subcontractors. For hosting, we use Amazon’s AWS service which meets European requirements for personal data protection. We also use two other subcontractors, NimeOps and PropelledBy, for the IT management and supervision of our systems. We make sure that they ensure the confidentiality and integrity of your personal data.

PROCESSING OF YOUR SENSITIVE DATA

Concerning your sensitive data (photo of your identity card, photos and video photos taken online randomly, voice recording), we keep them for a maximum of 48 hours as from the delivery of results if no security breach has been detected. In case of suspicion of fraud, we could keep your personal data for a period of 6 months.

Furthermore, we do not transmit these data to anyone, not even your test center.

 

OBJECTIVE OF TRANSPARENCY

VEST makes every effort to ensure the transparency of the processing of your data and updates its privacy policy in the event of changes affecting it. That is why, at each step of the test, you are informed of the data to be collected and you can consult this privacy policy via a hyperlink.

Moreover, when an interview is conducted as part of your assessment, we remind you that it can be shared with your authorized test center or another institution if you gave them your secure code.

VTEST does not ask you to install a plugin and does not access the data stored on your computer. Test fraud prevention is only ensured by access to your browser.

Moreover, VTEST is a member of the professional organization Syntec Numérique and the Association of Test Publishers (ATP), which allows it to implement best practices in online testing and data security. A specific insurance contract also allows VTEST to access IT security expertise and recommendations.

 

ACCESSIBILITY OF VTEST SERVICE TO ALL

VTEST ensures that its service is accessible to people with disabilities. Thus, VTEST provides candidates with an automated Website accessibility solution which is in line with the Americans with Disabilities Act (ADA) and the Web Content Accessibility Guidelines (WCAG).

 

SECURITY AND INTEGRITY OF PERSONAL DATA

VTEST uses appropriate technical and organizational measures to protect your personal data from unauthorized use, access, disclosure, alteration, or destruction. These precautions include physical, electronic, and managerial procedures. VTEST also relies on the Cyber Essential Standards and the Open Web application Security Project (OWASP) to comply with good practices in Information Systems Security.

 

AGE OF CANDIDATES AND PERMISSION OF THE LEGAL REPRESENTATIVE

When you use our service through a test center, it selects the test administration mode ensuring the proportionality of the means to be used to achieve it and taking into account the age of the candidate. If you don’t have the age required by the law of your country to give your consent to the processing of your personal data, the test center verifies that it has obtained the permission of your legal representative.

When you use our service directly, VTEST takes into account the minimum age at which candidates can consent to the processing of their personal data. Your consent is required for the processing of your sensitive data and to give you your results if you reside outside the European Union. In France, the minimum age is fired at 15 years. Thus, if you are under the age of 15, we need to obtain the permission of your legal representative.

 

RESEARCH & DEVELOPMENT

For R&D purposes,  it is in our legitimate interest to keep your score report for a period of 5 years from its delivery. After 5 years, we keep your score report anonymously by deleting all information that would enable us to identify you personally.

 

EMAIL FOR TESTING SERVICES

We may have to send you emails related to the test organization including: test confirmation, available results, score report, and official score report delivery. Moreover, after the test, we may send you an email to conduct a satisfaction survey for which your participation is voluntary. That’s why we keep your name, first name and email address for a period of 2 years, except in the event that you request their erasure earlier. Personal Data provided in survey responses remain strictly confidential and the results of surveys are anonymized.

 

SPECIFIC WEB ACCESS FOR TEST RESULT VERIFICATION

The secure code we give to the candidate in order to log in for the test is the same we add into the official score report and official certificate. It means that anybody with these documents can access the candidate’s test results. It could be the candidate, the authorized test center, an institution or a recruiter if the candidate is providing the file to a third party. VTEST is not displaying the score as public and remains confidential.

 

INTERNATIONAL DATA PROTECTION

When you use our service through a test center that is not located in the European Union and does not have a level of protection equivalent to European standards, we use approved Standard Contractual Clauses to assure adequate protection of your personal data. Pending their update by the European Commission, we adapt these clauses to match our business. You can consult these clauses by clicking: “Contractual clauses”

When you access our service directly and do not reside in the European Union, the transfer of your personal data is based on your explicit consent. This transfer is necessary to communicate your results to you.

 

HOW DO YOU EXERCISE YOUR RIGHTS AND HOW DO YOU CONTACT US?

YOUR RIGHTS

When you use our service through a test center, you can contact it to access your personal data, rectify it, request its deletion, or exercise your right to limit the processing of your data. When we process your data for R&D purposes, you can object to this data processing. We will help your test center to comply with your request. Furthermore, when you access our service without going through a test center, you can contact us directly to exercise your rights. Moreover, you can exercise your right to data portability from your results space. To do so, simply communicate your secure code to the third party of your choice.

 

HOW TO CONTACT US ?

For any question about the processing of your data, you can contact us directly by clicking on: “contact center”

If you feel, after having contacted us, that your rights are not respected, you can address a complaint to the CNIL :

CNIL – 3 Place de Fontenoy – TSA 80715 – 75334 PARIS CEDEX 07 – 01 53 73 22 22 – https://www.cnil.fr/fr/plaintes

Translate »
Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences.