Test free of charge

Privacy Policy

This Privacy Policy applies to Testify excluding the website, the “Testify” software and services that display or are linked to this notice.

The protection of your personal data is of particular concern to us. We therefore process your data exclusively on the basis of the statutory provisions (GDPR, TKG 2021). In this data protection information, we inform you about the most important aspects of data processing in the context of our web portal, website and other services.

Collection, use and disclosure of personal data

Testify collects and uses personal information provided by users to use a service in order to provide, operate and improve that service and other Testify products and services.

Testify collects information about your interaction with Testify websites and services. For example, website analytics tools may be used on our websites to retrieve information from your browser. Details of the analytics tools used can be found at the bottom of this site. Furthermore, certain standard information is collected that your browser sends to each website and Testify WebApp you visit, e.g. internet service provider, IP address, browser type and language, access times, hardware used.

The information collected is supplemented by information from other companies. For example, Testify may use services from other companies to roughly derive a geographical area based on your IP address.

You can prevent this by setting up your browser so that no cookies are stored. We have concluded a corresponding contract with the provider for order data processing.

Personal information collected through Testify websites or services may be stored and processed in the EU or in any other country in which Testify, Testify affiliates, subsidiaries or service providers have facilities.

Testify may access or disclose information about you, including the content of your communications, in order to

  1. comply with the law or respond to legal requests or legal proceedings,
  2. protect the rights or property of Testify or our customers, including enforcing our contracts or policies governing your use of the Service; or
  3. act when we believe in good faith that such access or disclosure is necessary to protect the personal safety of Testify employees or customers, or the public.

Testify collects and uses personal information provided by users to use a service in order to provide, operate and improve that service and other Testify products and services.

Security of your information

Testify is committed to protecting the security of your information. We use technical and organizational measures to ensure the security of the Service. This includes a variety of security technologies and procedures to help protect your information from unauthorized access, use or disclosure.

If you have specific questions about information security, please contact datenschutz@testify.io.

Responsible

Testify GmbH

Peter-Behrens-Platz 10, 4020 Linz, AT

datenschutz@testify.io

Data processed by us.

Testify processes data that we receive directly from you, that is automatically collected when you use Testify’s website or visit one of our websites, as well as data collected by Testify through third parties. Please note, however, that this Privacy Policy does not apply to the processing of your data by third parties when you use the integrated third-party services available through our Services. Please visit the websites of these third parties for more information about their privacy practices.

Personal data that Testify receives directly from you:

  • First name / Last name / Company name
  • Contact details such as e-mail address and telephone number

On our website, you have the option of contacting us directly using a contact form. After submitting the contact form, the personal data you have entered will be processed by the controller for the purpose of processing your request on the basis of the consent you have given by submitting the form in accordance with Art. 6 para. 1 lit. a GDPR until revoked.
There is no legal or contractual obligation to provide personal data. The only consequence of not providing it is that you will not be able to submit your request and we will not be able to process it.

You have voluntarily provided us with data about yourself and we process this data on the basis of your consent for the following purposes:

  • Customer support
  • for our own advertising purposes, for example for sending offers, advertising brochures and newsletters (in paper and electronic form), as well as for the purpose of referring to the existing or previous business relationship with the customer.

Right of objection

If your personal data is processed on the basis of legitimate interest, you have the right to object to this processing.

If there are no compelling legitimate grounds for the processing on our part, the processing of your data will be discontinued on the basis of this legal basis.

You also have the right to object to the processing of your personal data for the purpose of direct marketing. If you object, your personal data will no longer be processed for the purpose of direct marketing.

The legality of the data processed prior to the objection is not affected by the objection.

Right of withdrawal

If the data processing is based on your consent, you can revoke this at any time. If you withdraw your consent, we will no longer process your data for the above-mentioned purposes from the time we receive your withdrawal. To withdraw your consent, please change the data protection settings or contact datenschutz@testify.io. Depending on how and for what purpose you have given your consent, we will then be happy to help you.

If you have consented to receiving electronic advertising, you can withdraw your consent by clicking on the unsubscribe link. In this case, processing will be discontinued unless there is another legal basis.

Rights of data subjects

You also have the right to information, correction, deletion and restriction of the processing of personal data.

If the legal basis for the processing of your personal data is your consent or a contract concluded with you, you also have the right to data portability.

You also have the right to lodge a complaint with the supervisory authority. You can find more information about the supervisory authorities in the European Union here.

Please use this form to obtain further information.

Processor.

We use processors for data processing. You can download our data processing agreement here.

We pass on your data to the following recipients:

Webhosting

RAIDBOXES GmbH automatically collects and stores server log files with information that your browser transmits to us when you use the website. This information is

  • Browser type
  • Operating system
  • Referrer URL (previously visited page)
  • Host name (IP address)

RAIDBOXES GmbH cannot assign this data to specific persons. This data is not merged with other data sources. The data is deleted after a statistical evaluation after 7 days at the latest. Further information can be found in the data protection regulations of RAIDBOXES GmbH. These can be viewed here.

RAIDBOXES GMBH operates on the basis of order processing in accordance with Art. 28 GDPR. We have also concluded a contract for commissioned data processing (AVV). This contract regulates the scope, type and purpose of RAIDBOXES GmbH’s access to data. The access options are limited only to necessary accesses that are required to fulfill the hosting services.

Server Log Files

For the purpose of monitoring the technical function and increasing the operational security of our web host, connection data is processed when the website is used. The duration of processing is limited to 7 days.

The legal basis for data processing is the legitimate interest (absolute technical necessity of a server log file as a basic database for error analysis and for security measures in the context of the “website” service expressly requested by you) in accordance with Art. 6 para. 1 lit. f GDPR.

Testify sets the following cookies for customers with their explicit consent when they visit our website for the first time:

Web fonts
Google Fonts

We process connection data and browser data with our processor Google Fonts, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland for the purpose of providing the fonts required by the web browser to display the website. This data is only processed for the duration required to select and transmit the fonts.

If you have consented to the use of Google Fonts, the legal basis for the corresponding data processing is this consent. According to Art. 6 para. 1 lit. a GDPR (consent), this consent constitutes the legal basis for the processing of personal data, as may occur when Google Fonts is used.

Insofar as Google Fonts carries out further independent processing of the data, Google is solely responsible for this. Details can be found in Google Fonts’ privacy policy and FAQ.

Analysis services
Google Analytics

If you give your consent, we process your personal data with the service Google Analytics, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland Google LLC, as joint controllers for the purpose of error analysis and statistical evaluation of our website. Failure to give consent has no direct effect on the function of the website, but without statistical data it will be more difficult for us to further develop the website. You can revoke any consent you have already given by changing the data protection settings.

We enable the service to collect connection data, data from your web browser and data about the content accessed as well as the execution of analysis software and the storage of data on your end device. The service anonymizes the collected data immediately after collection and provides us with the anonymous data in the form of statistics for evaluation. We use these statistics to correct errors and to further develop our website. The data on your end device is stored for a period of up to two years. The cookies are deleted after 2 years.

The legal basis for data processing is your consent in accordance with Art. 6 para. 1 lit. a GDPR. The Google Group transfers your personal data to the USA. The legal basis for the data transfer to the USA is your consent in accordance with Art. 49 para. 1 lit. a in conjunction with Art. 6 para. 1 lit. a GDPR. You were already informed before giving your consent that the USA does not have a level of data protection corresponding to the standards of the EU. In particular, US intelligence services can access your data without you being informed and without you being able to take legal action against this. For this reason, the European Court of Justice has declared the previous adequacy decision (Privacy Shield) invalid in a ruling.

Testify users have the option of using so-called remarketing. This involves the user independently defining certain triggers that lead to the setting of cookies. A code is required for the setting of cookies, which is stored independently by the user and for which Testify is not liable.

Salespanel

Information on consent to the processing of personal data by Salespanel:

We obtain your consent to process personal data on behalf of Vardhaman Syndicate (Salespanel’s legal entity). Information collected by the cookies placed on your device that is considered personal data is processed by Salespanel. Salespanel stores the IP address from which you visited our website, the email address when you fill out a web form in the website domain, and browser meta information that allows it to uniquely identify and track a visitor. The cookies are deleted after 9 months.

The purpose of processing the personal data: Salespanel helps us to identify and qualify relevant leads by tracking their web visit activity and providing us with publicly available information, such as social media profiles and your company website. Salespanel uses the information collected from the cookie set on your devices to improve our sales and marketing and to improve lead generation and lead qualification services. This information is for our internal purposes only and may be shared with other GDPR compliant applications to help us serve you. Salespanel stores all customer data in a fully encrypted environment and uses ECDSA signature with SHA-256 for data exchange. For complete information about Salespanel’s privacy policy, please visit: https://salespanel.io/privacy/

Salespanel operates on the basis of order processing in accordance with Art. 28 GDPR. As part of this service, data is transferred outside the EU or such a transfer cannot be ruled out. A contract for commissioned data processing (DPA) including standard contractual clauses for third country transfers has been concluded. The legal basis for data processing is your consent in accordance with Art. 6 para. 1 lit. a GDPR.

You can withdraw your consent to this processing at any time. Such a revocation can be made either by contacting us or by contacting Salespanel directly:

Salespanel / Vardhaman Syndicate
303, Lunkad Skymax,
Viman Nagar, Pune.
India – 411014

E-mail to: support(at)salespanel.io

WPML

To ensure multilingualism, Testify uses the plugin for the maintenance of multilingual content from WPML. By agreeing to this privacy policy, the customer accepts the use of this service. Testify does not transfer any personal data of the Customer to WPML.

LinkedIn Insights Tag

We use the “LinkedIn Insight Tag” conversion tool from LinkedIn Ireland Unlimited Company. This tool creates a cookie in your web browser, which enables the collection of the following data, among others: IP address, device and browser properties and page events (e.g. page views). This data is encrypted, anonymized within seven days and the anonymized data is deleted within 90 days. LinkedIn does not share any personal data with Testify, but offers anonymized reports on the website target group and ad performance. In addition, LinkedIn offers the option of retargeting, which allows Testify to place targeted advertising outside the website without identifying website visitors. Further information can be found in the LinkedIn privacy policy.

To deactivate the LinkedIn tag, please change your cookie preferences, which can be edited at the bottom of this page.

Facebook Pixel

We use the “Facebook Pixel” conversion tool from Facebook, based in Menlo Park, California. This tool creates a cookie in your web browser, which enables the collection of the following data, among others: IP address, device and browser properties and page events (e.g. page views). This data is encrypted and deleted after 1 year. Facebook does not share any personal data with Testify, but offers anonymized reports on the website target group and ad performance. In addition, Facebook offers the option of retargeting, which allows Testify to place targeted advertising outside the website without identifying website visitors. Further information can be found in the Facebook privacy policy.

To deactivate the LinkedIn tag, please change your cookie preferences, which can be edited at the bottom of this page.

Calendly

We use the planning and organization tool “Calendly” from the American company Calendly LCC, 271 17th St NW, Ste 1000, Atlanta, Georgia, 30363, USA.

Calendly operates on the basis of order processing in accordance with Art. 28 GDPR. As part of this service, data is transferred to the USA or such a transfer cannot be ruled out. A contract for commissioned data processing (DPA) including standard contractual clauses for third country transfers has been concluded. The legal basis for data processing is your consent in accordance with Art. 6 para. 1 lit. a GDPR.

If you enter data for the purpose of making an appointment (e.g. e-mail address), this data will be stored on Calendly’s servers.

Google Ads

The Google Ad Manager service from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”) is used on our website for the purpose of analyzing, optimizing and economically operating our online offering.

As part of this service, data is transferred to the USA or such a transfer cannot be ruled out.

This is done by means of a pseudonymous identification number (pID), which is assigned to your browser. This pID allows the service to recognize which ads have already been displayed to you and which have been accessed. The data is used to display advertisements across websites by enabling Google to identify the pages visited.

The information generated is transmitted by Google to a server in the USA for analysis and stored there. A transfer of data by Google to third parties only takes place on the basis of legal regulations or in the context of order data processing. Under no circumstances will Google combine your data with other data collected by Google.

The processing of your data is based on your consent within the meaning of Art. 6 para. 1 lit. a GDPR. You can revoke this consent at any time with effect for the future.

Here you can find out exactly where Google data centers are located: https://www.google.com/about/datacenters/inside/locations/

Further information on the use of data by Google, as well as setting and objection options, can be found in Google’s privacy policy at https://policies.google.com/technologies/ads and in the settings for the display of advertisements by Google at https://adssettings.google.com/authenticated

Data processing conditions for Google advertising products: Information on the services Data processing terms between controllers and standard contractual clauses for third country transfers of data: https://business.safety.google/adscontrollerterms

Google reCAPTCHA

Our website uses the reCAPTCHA service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”) to protect against misuse by non-human visitors (bots) and to prevent spam.

As part of this service, data is transferred to the USA or such a transfer cannot be ruled out.

When you start reCAPTCHA, your browser establishes a connection to Google’s servers. This informs Google that our website has been accessed via your IP address.

The purpose of reCAPTCHA is to check whether data is entered on our website by a human or by an automated program. For this purpose, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters our website. For the analysis, reCAPTCHA evaluates various pieces of information.

According to our information, the following data is processed by Google:

  • the address of the page from which the visitor came
  • IP address
  • Information about the operating system
  • Cookies
  • Mouse and keyboard behavior
  • Date and language settings
  • All Java-Script objects
  • Screen resolution

The data collected during the analysis is forwarded to Google and used by Google. The reCAPTCHA analyses run completely in the background.

Cookies are used to process the service. These cookies require a unique identifier for tracking purposes. According to Google, the IP address is not merged with other data from other Google services unless you are logged into your Google account while using the reCAPTCHA plug-in. Furthermore, reCAPTCHA also uses the local storage on the user’s device to store data.

Here you can find out exactly where Google data centers are located: https://www.google.com/about/datacenters/inside/locations/

You can find more information about Google reCAPTCHA here: https://developers.google.com/recaptcha/

Please refer to the following link for Google’s privacy policy: https://policies.google.com/privacy

Google Tag Manager

Our website uses the Google Tag Manager service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

As part of this service, data is transferred to the USA or such a transfer cannot be ruled out.

When you start the Google Tag Manager, your browser establishes a connection to Google’s servers. This informs Google that our website has been accessed via your IP address.

The Tag Manager is a service that allows us to manage website tags via an interface. This allows us to add code snippets such as tracking codes or conversion pixels to websites without interfering with the source code. The Tag Manager only forwards the data, but does not collect or store it. The Tag Manager itself is a cookie-less domain and does not process any personal data, as it is used purely to manage other services in our online offering. The Tag Manager ensures the resolution of other tags, which in turn can collect data. However, the Tag Manager does not access this data. If deactivation has been carried out at domain or cookie level, this remains in place for all tracking tags that are implemented with the Tag Manager.

Here you can find out exactly where Google data centers are located: https://www.google.com/about/datacenters/inside/locations/

Further information on data protection can be found on the following Google websites:

Privacy Policy: https://policies.google.com/privacy
FAQ Google Tag Manager: https://www.google.com/intl/de/tagmanager/faq.html
Terms of Use Google Tag Manager: https://marketingplatform.google.com/intl/de/about/analytics/tag-manager/use-policy/
Google Ads Data Processing Terms including Standard Contractual Clauses for Third Country Transfers: https://business.safety.google/adsprocessorterms/

Youtube

We use the “YouTube” service on our website to embed videos. The provider of this service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“YouTube”).

As part of this service, data is transferred to the USA or such a transfer cannot be ruled out.

We have activated the extended data protection mode on YouTube. According to YouTube, this mode means that YouTube does not store any information about visitors to this website before they watch a video. However, the transfer of data to YouTube partners is not excluded by the extended data protection mode.

As soon as you start a YouTube video, a connection to the YouTube servers is established. This tells YouTube which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. This can be prevented by logging out of your account.

Furthermore, YouTube may store various cookies on your end device after starting a video or use comparable technologies (e.g. device fingerprinting). YouTube also uses local storage on your device. In this way, YouTube can obtain information about visitors to this website. This information is used, among other things, to record video statistics, improve user-friendliness and prevent fraud attempts.

The use of YouTube is in the interest of an appealing presentation of our website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time for the future.

The applicable YouTube privacy policy can be found at: https://www.google.com/policies/privacy/, opt-out option: https://adssettings.google.com/authenticated

Zapier

We use the Zapier tool to integrate various databases and tools, a service provided by Zapier Inc, 548 Market St #62411, San Francisco, California 94104, USA.

Zapier operates on the basis of order processing in accordance with Art. 28 GDPR. As part of this service, data is transferred to the USA or such a transfer cannot be ruled out. The legal basis for data processing is your consent in accordance with Art. 6 para. 1 lit. a GDPR.

We have concluded a contract with Zapier for commissioned data processing (DPA) including standard contractual clauses for third country transfers. This is a contract in which Zapier undertakes to protect the data of our users, to process it on our behalf in accordance with its data protection provisions and, in particular, not to pass it on to third parties. You can view Zapier’s data protection provisions at https://www.zapier.com/privacy.

Zoho Bigin (CRM)

We use the CRM system “Bigin” from the provider Zoho Corporation, 4141 Hacienda Drive, Pleasanton, CA 94588, USA, to manage inquiries and organize the project status. The processing is based on our legitimate interest in efficient and structured customer communication in accordance with Art. 6 para. 1 lit. f GDPR.

Zoho acts on our behalf on the basis of an order processing contract in accordance with Art. 28 GDPR. A corresponding data processing agreement (DPA) has been concluded with Zoho Corporation. Zoho processes personal data exclusively in accordance with our instructions and does not pass it on to unauthorized third parties.

Further information on data processing by Zoho can be found at: https://www.zoho.com/privacy.html

Zoho Invoices

We use the “Zoho Invoices” system from Zoho Corporation, 4141 Hacienda Drive, Pleasanton, CA 94588, USA, to process our invoicing and manage payment processes. The data required to fulfill the contract, such as information on contact persons and invoice recipients, is processed. The processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR (fulfillment of contract).

Here, too, data processing is carried out within the framework of order processing in accordance with Art. 28 GDPR. A corresponding DPA has been concluded with Zoho Corporation. Zoho processes the data exclusively in accordance with instructions and does not transmit it to unauthorized third parties.

Further information on data processing by Zoho can be found at: https://www.zoho.com/privacy.html

Gravity Forms

Our website forms use the “Gravity Forms” service. This is offered by Rocketgenius, Inc, 1620 Centerville Turnpike #102, Virginia Beach, VA 23464, USA. The use is based on our legitimate interests within the meaning of Art. 6 para. 1 lit. f) GDPR, as we intend to make our online offer user-friendly, which also includes a contact and order form for easy contact.

Entered form data is sent to us, the website operator, by email and thus stored on our self-hosted mail server. In addition, the data is stored in the WordPress database to provide proof of the request.

The documentation section of the company website confirms that the plugin is GDPR-compliant. Data is not passed on or stored on the servers of Rocketgenius, Inc. or on the gravityforms.com website. Further information on the collection and use of data by Gravity Forms can be found in the Rocketgenius, Inc. privacy policy: https://www.gravityforms.com/privacy/

Cookie preferences

When using the “Testify” software, the following sub-processors are used:

Microsoft Ireland Operations Limited

We use the services of Microsoft Ireland Operations Limited for user management via Azure Active Directory (AAD). This cloud-based identity and access management service from Microsoft makes it possible to centrally manage and secure user accounts and access rights. The name, title and contact details are transmitted.

Further information on the collection and use of data by Microsoft Ireland Operations Limited can be found in the data protection information: https://privacy.microsoft.com/de-de/privacystatement

Brevo

We use Brevo to send notifications within our “Testify” software. The control of notification settings is the responsibility of the Testify administrators in your company.

Brevo operates on the basis of order processing in accordance with Art. 28 GDPR. When notifications are sent, the name, title and contact details are transmitted. A contract for commissioned data processing (AVV) has been concluded.

Further information on the collection and use of data by Brevo can be found in the data protection information: https://www.brevo.com/de/legal/privacypolicy/

Atlassian

We use the Atlassian services Confluence & Jira for internal project documentation (project management) and for support requests. People who have a role as a key user in the company, submit requests via the support tool or are involved in the Testify project team in any other way (e.g. via appointments or emails) can be recorded in Confluence and Jira.

Atlassian operates on the basis of order processing in accordance with Art. 28 GDPR. Name, title, contact details, function and online data (IP, location, etc.) may be transmitted. A contract for commissioned data processing (AVV) has been concluded.

Further information on the collection and use of data by Atlassian can be found in the data protection information: https://www.atlassian.com/de/legal/privacy-policy

Last update: 04.04.2024