Inspera AS and subsidiaries (“Inspera”, “we”, “us”, “our”) are committed to protecting and respecting your privacy.
As we provide identity solutions and integration, we also comply with the GÉANT Data Protection Code of Conduct as a requirement for managing identities.
Personal data is information about you that can be used alone, or combined with other information, to identify you personally. Personal data is a broad concept and includes a wide range of information such as name, email address, mailing address, IP addresses and cookie identifiers. Personal data does not include information that has been anonymized so that it does not allow for the identification of a specific individual.
We collect personal data to deliver our Site and Services and provide you with the best experience with Inspera for the following purposes:
We rely upon the following legal basis for processing the personal data we collect from you when providing you with access to the Site and Services:
To the extent we process your personal data for any other purposes, we ask for your consent in advance or require that our partners obtain such consent.
You may give us information about you by filling in forms on our Site or by corresponding with us by phone, email or otherwise. This includes information you provide when you register to use our Site, apps, subscribe to our services, or use our remote proctoring services (“Services”) or newsletter, search for a product, place an order on our Site, participate in discussion boards or other social media functions on our Site, enter a competition, promotion or survey and when you report a problem with our Site or Services. In particular we collect the following information from you:
Inspera does not collect information from or about people under the age of 18.
The Inspera Assessment cloud service (SaaS) collects information about all users including:
The information is collected through the Inspera Assessment web application, client browser and the Inspera Secure Exam Browser.
If you are an existing customer, previous customer or potential customer we collect information relevant for customer relation management and billing purposes. This includes full name, job title or function, organisation, email, phone numbers and company addresses.
The information is collected through email, web forms and other means of communication with Inspera.
In the online recruitment solution, we collect information relevant for any job application. This includes name, email address, date of birth, home address, phone number, profile photo and resume.
The information is collected through the online recruitment solution Homerun used by Inspera.
If you choose to take part in an online test where remote proctoring is used, we may collect the following information, which includes biometric data.a) Pre-Test Identity Checking
Before you start a test, we will match the facial image of the person in front of the camera with an approved form of picture ID. This is to ensure that the person in front of the camera is the person that is registered to complete the test.
The information collected includes biometric data and shall include facial data and anything that can and will be captured by your device’s camera, microphone or whatever is shown on the device screen. This data is stored in audio video recordings which are associated with a unique candidate and session ID.
b) Test Session
During the test we will continue to capture audio and video from your device’s camera and microphone along with a capture of the screen of the device used for the test. The audio and video information collected is stored securely by us until the final grade of your test is awarded. The audio and video recording are not a part of the exam itself and do not influence your grade. The recording is only used to prevent cheating, investigate fraudulent activities and to ensure that the individual taking the exam is the actual registered test person.
The information that is collected includes personal data:
The collection of such information is optional, but necessary if you choose to use our online testing function.
c) Purposes for which we collect Personal Data for Remote Proctoring
All video and audio recordings and biometric data are used for the purposes of:
d) Sharing of Remote Proctoring Data
Where you choose to participate in an online test, we shall monitor you remotely while you participate in a test session.
The video and audio recordings are only used if there is a legitimate suspicion of cheating and the data is only stored by us. We may at any time review recordings if we have any concerns about the integrity of the test session or if concerns are raised by your educational institution who asks us to carry out the online test.
We may disclose information, including the video and audio recording of your test session, which includes special category data, to your educational institution for the purpose of your educational institution verifying that you were the person taking the online test and to check that no test protocols were breached, where the suspicion is justified and after we have reviewed the recording ourselves.
Immediately after your final grade has been awarded, all recordings are automatically deleted, unless there is an ongoing investigation into any recording.
Regarding each of your visits to our Site we may automatically collect the following information:
We may receive information about you if you use any of the other websites we operate or the other services we provide. In this case we will have informed you when we collected that data that it may be shared internally and combined with data collected on this Site.
We are also working closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies) and may receive information about you from them.
We may combine this information with information you give to us and information we collect about you. We may use this information and the combined information for the purposes set out above (depending on the types of information we receive).
We will not sell or rent your personal data to anyone.
The Inspera Assessment cloud service (SaaS) uses technology to support the invigilators in the marking and grading. This includes semi-automated and automated analysis of the submitted exam and is reviewed by the invigilators responsible for the grading before the grade is final.
We will send you marketing emails if you “opt in” to receive marketing emails when registering on our Site, or if you have enquired about, or purchased any of our goods or services.
Please note, if you change your mind about being sent marketing emails you can “opt out” at any time by clicking the “unsubscribe” link at the bottom of any marketing email. Once you “opt out”, you will no longer receive any marketing emails from us. We will continue to communicate with you regarding your service billing and support via email.
We send push notifications from time to time in order to update you about any service updates, events and promotions we may be running. If you no longer wish to receive these communications, please disable these in the settings on your device.
We may share your information with selected third parties including:
We may disclose your information to third parties:
Our Services are global and your information (including personal data) may be stored and processed in any country where we have operations or where we engage service providers, and we may transfer your information to countries outside of your country of residence, which may have data protection rules that are different from those of your country of residence.
The personal data that we collect from you may therefore be transferred to, and stored at, a destination outside the European Economic Area ("EEA") or the UK. It may also be processed by staff operating outside the EEA or UK who work for us or for one of our suppliers or partners. Such staff or subcontractors may be engaged in, among other things, the fulfilment of your order, the processing of your payment details or the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing outside of the EEA or the UK.
Personal data is not transferred to third parties without proper data processing agreements. This includes:
Our Site and Services are accessible via the internet and may potentially be accessed by anyone around the world. Other users may access the Site or Services from outside the EEA or the UK. This means that where you chose to post your data on our Site or within the Services, it could be accessed from anywhere around the world and therefore a transfer of your data outside of the EEA or the UK may be deemed to have occurred. You consent to such transfer of your data for and by way of this purpose.
All personal data is stored with an industry standard encryption and is transferred over a secure channel using HTTPS and SSL between the service and the client.
For detailed information about security in the Inspera Assessment cloud service, please see our cloud security statement.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of the Site or Services, you are responsible for keeping this password confidential. We ask you not to share any password with anyone.
Unfortunately, the transmission of information via the Internet is not completely secure. Although we will endeavour to protect your personal data, we cannot guarantee the security of your data transmitted to our Site or the Services. Any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Our Site and Services may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
You have the right under Data Protection Law, free of charge:
Please contact us by email at firstname.lastname@example.org if you want to exercise any of your rights. We will respond to such queries within 30 days and deal with requests we receive from you, in accordance with the provisions of Data Protection Law.
We usually delete personal data after you have closed your account or ceased using the Services. However we may retain personal data where reasonably necessary to comply with our legal obligations (including law enforcement requests), meet regulatory requirements, maintain security, prevent fraud and abuse, resolve disputes, enforce our legal agreements with your, or to fulfil your request to “unsubscribe” from further messages from us.
We will retain de-personalised information after your account has been closed.
Please note: After you have closed your account or deleted information from your account, any information you have shared with others will remain visible. We do not control data that other users may have copied from the Site or Services. Your profile may continue to be displayed in the services of others (e.g. search engine results) until they refresh their cache.
For all other individuals: contact your local data protection supervisory authority in the country in which you are located.
This Site and the Services (excluding the Inspera Assessment solution) are not intended for children (persons under 18 years of age) and we do not knowingly collect personal data relating to children.
Where you permit a person under the age of 18 (“Child”) to use the Inspera Assessment solution via your login, you are responsible for taking steps to protect that Child’s privacy in accordance with applicable law, including obtaining consent from the Child’s parents or guardian to the collection of personal data of, or from, the Child.
If you have complaints, questions or comments about our privacy practices, please contact us by email at email@example.com or by mail to the following address:
Our Data Protection Officer (DPO) can be contacted at firstname.lastname@example.org.