Personal data
1. About personal data at eurotest.me
The sections below describe how we collect, process and store personal data about you when you visit our website and use our language test. Our clear goal is to be transparent with regard to the way we handle personal data and to protect data in accordance with legislation. Eurotest.me is owned and operated by Studieskolen. See contact details below. This Privacy Policy will be updated as required. Most recent update: 13 April 2021.
2. What personal data do we process and what is the purpose?
In order to be able to deliver the language test for our users to take the test and pay for it, we process the data which are objectively necessary for us to provide the service and comply with legislation.
These data typically include:
- Name and surname
- Email address
- Telephone number
- Test results
- Payment details (through payment gateway)
We do not process any sensitive personal data.
We use your name and email address later on for marketing purposes with a view to selling similar services, such as a language course.
3. How do we collect data?
Collection of personal data takes place through eurotest.me, where you enter your personal data yourself.
4. How long do we store data?
We store your name, telephone number, email address and your test results for six months, and then we delete them.
In line with section 10 of the Bookkeeping Act, we store personal data relating to payments for five years, reckoned from the end of the relevant financial year in which the last activity was completed.
5. Who has access to the data?
Only trusted staff members who need access for objective reasons have access to all or part of the stored personal data. This includes Studieskolen's administrative staff who are responsible for eurotest.me.
6. Disclosure of data
In order to process payments, we disclose data essential to completing the payment and identifying the payer. Information about the payer’s ID and the amount is passed on to Quickpay, which we use for payment gateway services.
7. Data storage and data processors
Studieskolen has entered into data processing agreements with its usual IT providers. These agreements ensure that the data passed on to the individual systems (such as payment gateways, email, website hosts, etc.) are processed and stored in a secure manner as these providers guarantee that they will comply with GDPR legislation.
8. Cookies and log files
On this website, we use cookies for Piwik Pro. We use cookies to improve the website’s features and for statistics. The cookies we use contain data about:
- Which pages visitors visit and when they visit.
- Visitors’ IP addresses.
- Location in the country and which country visitors come from.
- The language used by the visitor’s computer.
- The browser and OS used by visitors.
- The keywords visitors have used to generate content.
- The page visitors have just come from (external and internal links).
- The links visitors have clicked on.
- Visitors on our website indicate their acceptance of these statistics cookies. If you turn off cookies in your browser, you will still be able to use our website.
Instructions on how to delete or block cookies are usually found in your browser’s help file.
If you use one of our IT services that require a login, your actions will be registered in our log files. This registration is in accordance with current legal requirements regarding the registration of activities in IT systems in order to prevent misuse and hacking. These digital trails are stored for a maximum of five years in accordance with the agreement with our data processors.
9. Your rights
Under current legislation, everyone is guaranteed the following rights:
1. The right to receive information about how your personal data have been processed (duty of disclosure).
You generally have the right to know who is the data controller, what the purpose of the processing is, and who receives/processes the data.
This Privacy Policy generally contains all this information.
2. The right to access your personal data (right of access).
You have the right to be informed about what sort of data we are processing as well as any printouts or copies of the collected data that may have been made.
3. The right to have incorrect personal data corrected (right to rectification).
If you believe that any data we have are incorrect, inaccurate or inadequate, you may request that the data be corrected.
4. The right to have your personal data erased (right to be forgotten).
If you believe that the data we have are not necessary for the purpose for which they were originally collected, you may request that the data be erased. Please be aware, however, that we have a duty and a right to store certain personal data in order to comply with the rules of the law.
5. The right to move your personal data (data portability).
You generally have the right to receive information about yourself in a structured, commonly used and machine-readable format, and you have the right to transfer this information to another company.
6. The right to object
You have the right to object to the use of personal data for things like direct marketing and profiling. However, we do not use profiling, and any marketing will always be associated with explicit consent if required.
If you contact us regarding one of the above points (access, rectification, erasure, etc.), you will be notified within one month about what we intend to do with regard to your enquiry. For example, if you request that your data be corrected or erased, we will usually check whether all relevant conditions are met, including whether there is a legal basis for the continued processing of data. If we conclude that the objection is justified, we will comply with the request.
10. Consent
For general use of the language test, invoicing and bookkeeping, we do not need to obtain consent to process data as its lawfulness (see Article 6 of the EU General Data Protection Regulation) is derived from the necessity of processing data to be able to fulfil the contract.
However, in order to collect personal data for other purposes, e.g. for signing up to receive our newsletter, we may request consent if necessary.
Consent may be written or oral, but we must be able to document that consent has been given. In most cases, this consent will take the form of a ticked box on our website or during the enrolment process when our IT systems will record the time and form. Consent may also be given via email or other digital communication.
When giving consent, you will be informed about the details, including the purpose and the process of withdrawal of consent.
11. Security
Of course, we ensure that data are stored safely and discreetly. Our security measures are divided into organisational and technical measures.
The organisational security measures mean that only Studieskolen’s trusted persons with a relevant professional purpose have access to your personal data (see also section 6 above).
Our staff are guided and instructed about data security on an ongoing basis. This includes how to handle and protect data. We also keep track of our data processing activities, which are subject to the control of the Danish Data Protection Agency.
The technical security measures are related to our use of IT systems. Our data are securely located and have the required level of protection. All communication (for example in relation to enrolments and payment) that occurs on our website is protected by authenticated security certificates with a 256-bit encryption key. A backup of the data is performed daily.
Our internal IT systems (PCs, etc.) are further protected with passwords, updated antivirus programs and a firewall, while any physical materials are kept under lock. In the event of destruction or repair of IT equipment, every effort is made to ensure that data cannot be accessed by unauthorised persons.
12. Complaints and contact details
Any complaints about the way Studieskolen processes personal data, objections or questions concerning the school’s privacy policy should be addressed to:
Studieskolen
Borgergade 12, 1300 Copenhagen K
Denmark
persondata@studieskolen.dk
You can file a complaint about Studieskolen’s processing of your data with the Data Protection Agency. The contact details of the Data Protection Agency can be found at the Agency’s website, www.datatilsynet.dk.