This Privacy Statement explains how and why your personal data is processed by SSESSMENTS, including each of its operating entities, (also referred to as “SSESSMENTS”, “we”, “our” and “us”) when we provide you products and/or services, when you use our websites and other digital platforms, when you supply goods or services to us and when we send you marketing communications.
SSESSMENTS is a "controller" in relation to its use of your personal data. This is a legal
term – it means that we make decisions about how and why we use your personal data and, because of this, we
are responsible for making sure it is used in accordance with applicable data protection laws. The
controller in respect of personal data processed in connection with the www.ssessments.com website (the “Website”) is SSESSMENTS For the
purposes of the other processing activities set out in this Privacy Statement, the
controller will be the relevant SSESSMENTS entity providing you and/or your organization
with products/services (or, in the case of suppliers/vendors, the SSESSMENTS entity receiving
products/services from you) or any website or digital platform or sending you marketing communications.
In this Privacy Statement, when we talk about personal data we mean any information that relates to an identifiable natural person – in this case, you.
The term “process” means any activity relating to personal data, including, by way of example, collection, storage, use, consultation and transmission.
You should read this Privacy Statement so you know what personal data we collect about you, what we do with it and how you can exercise your rights in connection with it. You should also read any other privacy notices that we give you that might apply to our use of your personal data in specific circumstances from time to time.
If you have any questions about this Privacy Statement, please contact email@example.com.
The personal data we process about you broadly falls into five main categories: (i) Contact Information; (ii)
Background and Identity Information; (iii) Customer / Supplier Information; (iv) Marketing Preferences; and
(v) Website Information / Browsing and Device Usage Information. Just because these categories are noted
below, that does not necessarily mean that we will collect all such personal data about you. What we collect
will depend on how you engage with us, and thus the purpose which we have your personal data for.
We collect your personal data from various sources. The table below sets out the different types of personal data that we collect and the sources we collect it from.
Please note that if you do not provide us with your Contact Information we may not be able to provide you with any information you request, and if you do not provide us with your Contact Information, Background and Identity / Regulatory Information or certain Customer / Supplier Information, we may not be able to provide goods or services to you, or work with you as one of our suppliers (as applicable).
We use your personal data for a number of different purposes in connection with your use of the Website, the
provision of services or goods from us to you, or from you to us, your communication or other engagement
with us and the management and administration of our business. We must always have a “lawful basis” (i.e. a
reason prescribed by law) for processing your personal data. The personal data purposes
table below sets out the purposes for which we process the different categories of your
personal data and the corresponding lawful basis for that processing. The purposes applicable to you will
vary according to the relevant SSESSMENTS controller of your personal data (as explained in the
introductory paragraph above). For some processing activities, we consider that more than one lawful basis
may be relevant – depending on the circumstances.
Please note that where our processing of your personal data is either:
necessary for us to comply with a legal obligation; or
necessary for us to take steps, at your request, to potentially enter into a contract with you, or to perform it, and you choose not to provide the relevant personal data to us, we may not be able to enter into or continue our contract or engagement with you.
and you choose not to provide the relevant personal data to us, we may not be able to enter into or continue our contract or engagement with you.
Aggregated / Anonymized Data
We may also convert your personal data into statistical or aggregated form to better protect your privacy, or
so that you are not identified or identifiable from it. Anonymized data cannot be linked back to you. We may
use it to conduct research and analysis, including to produce statistical research and reports. For example,
to help us understand and improve the use of our Website.
We also process certain ‘special categories of personal data’ and/or sensitive personal data (together, “Sensitive Information” – as set out in the table below). This refers to special categories of personal data and information relating to your criminal record where applicable, which we are required to process with more care, according to applicable laws. The Sensitive Information purposes table below sets out the different purposes for which we process Sensitive Information about you and the relevant lawful basis on which we rely for that processing.
The purposes applicable to you will vary according to the relevant SSESSMENTS controller of your personal data (as explained in the introductory paragraph above).
For some processing activities, we consider that more than one legal basis may be relevant – depending on the circumstances. We also have policies in place explaining our procedures for ensuring compliance with applicable laws in connection with the processing of Sensitive Information.
If you are a consumer as defined by the California Consumer Privacy Act of 2018, the personal information collected from you includes information within the below categories of data. These categories also represent the categories of personal information that we have collected over the past 12 months. The source of the information is set forth above in the section titled What types of personal data do we collect and where do we get it from? For information regarding who we disclose your information to, see the section below titled Who we do share your personal data with, and why? We do not sell personal information about you, as defined under California state law. We also have not done so in the last 12 months.
Note that the categories listed below are defined by California state law. Inclusion of a category in the list below indicates only that, depending on the services and products we provide you, we may collect some information within that category. It does not necessarily mean that we collect all information listed in a particular category for all our consumers, nor does it imply that California law applies to you.
We will use your personal data to communicate with you:
in relation to any purchases you make with us;
to administer our relationship with you;
to respond to any questions or complaints that you may have; and
to invite you to take part in market research or request feedback on our products and services.
From time to time and with your opt-in consent (if required), we will provide you with information
about our products, services, promotions and/or offers which may be of interest to you. Such communications
will be sent either by email, text, post or telephone.
If you do not wish to receive such communications, you can refuse to give your consent (where your consent is required) or opt-out at any time by either following the instructions within the communication or by contacting us using the details below.
required), principally to enhance your viewing experience. Not all cookies require consent to be placed on
your device. Essential cookies do not require consent. Non-essential cookies do require
consent. This is governed by e-privacy law. A cookie is a piece of data that our Website automatically
transfers to the hard drive of your PC or mobile device when your browser accesses our Website. Some cookies
and similar technologies maintain personal data. Some do not. You can find out more about this type of
technology through your internet browser.
For cookies where we require consent (whether that requirement comes from privacy or data protection laws) we ask for this consent by a consent capture mechanism included in the banner you see when you first visit our Website. You are asked to take a positive action (such as click to “ACCEPT”, or through the continued use of our website) if you do wish to give your consent.
The system may also use web beacons which are similar but not identical to cookies in the way they operate.
If you are only browsing our website and have not logged in, we will not ask you to directly submit any personal data. However, certain information (which may be personal data) - including computer and connection information, browser type and version, operating system and platform details and the time of accessing the website – will be automatically collected. This information helps us to improve our site and to deliver a better and more personalized service. It helps us:
To estimate our audience size and usage patterns.
To store information about your preferences, so we can customize our site according to your individual interests.
To speed up your searches.
To recognize you when you return to our site.
We occasionally carry out market research and business development. A third party might help us to do this and they may send a cookie or web beacon.
The table below summarizes the different types of cookies we use on the Website, together with their respective purpose and duration (i.e. how long each cookie will remain on your device).
Two types of cookies may be used on the Website - "session cookies" and "persistent cookies". Session cookies are temporary cookies that remain on your device until you leave the Website. A persistent cookie remains on your device for much longer or until you manually delete it (how long the cookie remains on your device will depend on the duration or "lifetime" of the specific cookie and your browser settings).
Cookies used on the Website:
Please note that we do not currently use any targeting/advertising cookies.
If you use different devices to view and access the Website (e.g. your computer, smartphone, tablet, etc.), you will need to ensure that each browser on each device is adjusted to suit your cookie preferences.
Sometimes we share your personal data with third parties where permitted by law, including the
Inside SSESSMENTS’s group:
We are part of the SSESSMENTS group, which includes a number of companies and operations globally. Therefore, we will need to share your personal data with other companies in the SSESSMENTS group for our general business management purposes and, in some cases, to meet our customer needs where providing services across branches/locations and/or for authorisations/approvals with relevant decision makers, reporting and where systems and services are provided on a shared basis. You can find out more about the group and companies in the group here: ssessments.com
Access rights between members of the SSESSMENTS group are limited and granted only on a need to know basis, depending on job functions and roles.
Where any SSESSMENTS group companies process your personal data on our behalf (as our processor), we will make sure that they have appropriate security standards in place to make sure your personal data is protected.
Outside SSESSMENTS’s group:
From time to time we may ask third parties to carry out certain business functions for us, such as the administration of our Website and IT support. These third parties will process your personal data on our behalf (as our processor). We will disclose your personal data to these parties so that they can perform those functions. Before we disclose your personal data to these third parties, we will seek to ensure that they have appropriate security standards in place to protect your personal data. Examples of these third party service providers include our outsourced IT systems software and maintenance, back up, and server hosting providers.
In certain circumstances, we will also disclose your personal data to third parties who will receive it as controllers of your personal data in their own right for the purposes set out above, where the relevant disclosure is in relation to:
services provided to you or us by a third party acting independently to SSESSMENTS but which has a relationship with SSESSMENTS, for example certain payment fraud checking services;
the purchase or sale of our business (or part of it) in connection with a share or asset sale, for which we may disclose or transfer your personal data to the prospective seller or buyer and their advisors; and
the disclosure of your personal data in order to comply with a legal obligation, to enforce a contract or to protect the rights, property or safety of our employees, customers or others.
We have set out below a list of the categories of recipients with whom we are likely to share your personal data:
IT support, website and data hosting providers and administrators;
payment processors in relation to purchases you make with us;
consultants and professional advisors including legal advisors and accountants;
courts, court-appointed persons/entities, receivers and liquidators;
business partners and joint ventures;
governmental departments, statutory and regulatory bodies (including tax authorities).
Since SSESSMENTS operates globally, we will sometimes need to transfer your personal data to recipients
(either internally or externally, as set out above) in jurisdictions other than your own. Some of these
jurisdictions may not provide the same level of protection to your personal data as provided in your
If you are based in Europe and we transfer your personal data outside the European Economic Area, we will only make that transfer if:
that country ensures an adequate level of protection for your personal data;
the recipient or recipient country is subject to an approved certification mechanism or code of conduct with binding and enforceable commitments which amount to appropriate safeguards for your personal data – this includes for example, the EU-US Privacy Shield which enables the secure transfer of personal data to the United States;
we have put in place appropriate safeguards to protect your personal data, such as a contract with the person or entity receiving your personal data which incorporates specific provisions as directed by the European Commission;
the transfer is permitted by applicable laws; or
you explicitly consent to the transfer.
If you would like to see a copy of any relevant safeguards used by us to protect the transfer of your personal data, please contact firstname.lastname@example.org.
We will put in place appropriate security measures to protect your personal data from unlawful or unauthorized processing and accidental loss, destruction or damage.
However please note that, in relation to any personal data you submit to us online, we cannot guarantee the security of data sent to us in this way. Transmission of data over the internet is at your own risk. You are responsible for keeping any passwords you use to access SSESSMENTS platforms safe.
We will only retain your personal data for a limited period of time, and for no longer than is necessary for the purposes for which we are processing it. This will depend on a number of factors, including:
any laws or regulations that we are required to follow;
whether we are in a legal or other type of dispute with each other or any third party;
the type of information that we hold about you; and
whether we are asked by you or a regulatory authority to keep your personal data for a valid reason.
the period of time during which any claims or proceedings can be brought against us or a member of the group to defend against any such claims.
For more information on our data retention practices, please contact email@example.com.
You may access the personal data about you that we store. You may also review or make certain corrections to
the personal data we store about you. You may also request the deletion of personal data about you or object
to its processing. In limited circumstances, you may have data portability rights in relation to certain
personal data we hold about you. These rights are not unlimited and the exercise of these rights, and the
limits upon them, are briefly set out in the table below.
Where our processing of your personal data is based on your consent, you have the right to withdraw your consent at any time. If you do decide to withdraw your consent we will stop processing your personal data for that purpose, unless there is another lawful basis we need to rely on – in which case, we will let you know. Your withdrawal of your consent won’t impact any of our processing up to that point.
Where our processing of your personal data is necessary for our legitimate interests, you can object to this processing at any time. If you do this, we will need to show either a compelling reason why our processing should continue, which overrides your interests, rights and freedoms or that the processing is necessary for us to establish, exercise or defend a legal claim.
Your rights in relation to personal data
Emailing us at firstname.lastname@example.org
We will need to verify your identity before processing your request. In order to verify your identity, we will generally require the matching of sufficient information you provide us to the information we maintain about you in our systems. Although we try to limit the personal information collected in connection with a request, certain requests may require us to obtain additional personal information from you.
In certain jurisdictions, you may be permitted to use an authorized agent to exercise your rights on your behalf. If you are making any of the requests above through an authorized agent, we will request written authorization from you and will seek to verify your identity or we will accept a legal Power of Attorney to the authorized agent. Please be advised that we cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.
In accordance with applicable law, we will not discriminate against you for exercising these rights.
The Website is not targeted at children under the age of 13, and we do not knowingly collect any personal data from children. We will delete any personal information we determine to have been collected from a child or user under the applicable age of consent. If you are a parent or guardian of a child under the relevant digital age of consent and believe he or she has disclosed personal data to us, please contact us at email@example.com.
Some web browsers include a “Do Not Track” feature. This feature lets you tell websites you visit that you do not want to have your online activity tracked. Our sites are not currently configured to respond to those signals.”
We may update this Privacy Statement from time to time to reflect changes to the type of personal data that we process and/or the way in which it is processed. In the event of a material change which effects the processing of your personal data, we will contact you. We also encourage you to check this Privacy Statement on a regular basis.