Privacy Policy

This privacy policy explains how your personal data is processed as part of our service. Protecting your privacy and the security of your data are our highest priority. Especially for online exams, we implement appropriate technical and organizational measures to ensure the confidentiality, integrity, and security of your data. Please read this notice carefully.

Responsible provider

Responsible for data processing is
Digital Language Testing UG (limited liability)
Vorm Berge 49, 32429 Minden
Email: support@eutschtest.digital

Purpose and legal basis of data processing

Your personal data will be processed exclusively for the purposes of conducting, evaluating, and documenting our examination and teaching programs. Processing is based on a contractual relationship or pre-contractual measures, if necessary. Legal obligations and your consent may also be used as a legal basis.

storage period and deletion

Your personal data will be stored only for as long as necessary for the stated purposes. Upon termination of the contractual relationship or expiration of statutory retention periods (e.g., according to the German Commercial Code (HGB) or the German Fiscal Code (AO), up to 10 years), your data will be deleted. In certain cases, longer retention periods may be necessary to preserve evidence within the framework of statutory limitation periods – for example, this applies to periods under Section 195 of the German Civil Code (BGB) (usually 3 years, in some cases up to 30 years).

Types of data collected and their use

As part of our examinations and online services, we collect the following personal data:

a) First and last name and title in order to clearly identify you and address you correctly
b) Address for delivery of documents relevant to the examination
c) Email address for planning, communication and transmission of results or certificates as well as for optional authentication by third parties
d) Telephone number for last-minute queries or organizational changes on the day of the exam
e) Date and place of birth for age verification and statistical purposes
f) We collect gender, country of origin, and place of residence solely for statistical purposes in order to evaluate equal opportunities and diversity. Providing information about gender is voluntary.
g) Identification data and copies of identification documents (e.g. identity card, passport) as well as selfies for identity verification and fraud prevention
h) Test results and documents for evaluation and documentation
i) Video and audio recordings of the exam as well as chat histories during the Zoom session to maintain exam integrity
j) Zoom cache data up to seven days after the examination has been conducted or until the certificate is sent for the evaluation of oral performances or the processing of appeals

The video exams take place via the platform Zoom X from Telekom Deutschland GmbH The platform is subject to the data protection requirements of the GDPR. The platform offers hosting on European servers and meets high security standards. Further information on data protection at Zoom X can be found on the provider's website.

Room monitoring during the exam

During the video exam, the room will be video monitored. This monitoring will be limited to what is necessary to ensure the proper conduct and fairness of the exam without disproportionately restricting your privacy. Please refer to our examination regulations for further details.

Your rights as a data subject

You have the right to:

a) Information about the data stored about you
b) Correction of incorrect data
c) Deletion or restriction of processing under certain conditions
d) Revocation of consent given with effect for the future
e) Data portability
f) Objection to the processing of your data (see next section)
g) Complaint to a data protection supervisory authority

To assert your rights, please contact the above-mentioned contact address.

Right of appeal

If you believe that the processing of your personal data violates applicable data protection law, you have the right to lodge a complaint with the competent supervisory authority:

State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia
Kavalleriestraße 2–4, 40213 Düsseldorf
Fax: 0211 38424-999
Email: poststelle@ldi.nrw.de

Your right to object

You can object to the processing of your personal data at any time if it is based on Art. 6 (1) (e) or (f) GDPR. In this case, we will not process your data any further unless there are compelling legitimate grounds or the processing serves to assert legal claims. You can also object to processing for direct marketing purposes at any time, as well as to any associated profiling.

Notes on the GDPR

The General Data Protection Regulation (GDPR) is a Europe-wide regulation that came into force on May 25, 2018. It sets standards for the processing of personal data and strengthens the rights of those affected. The GDPR also applies to companies outside the EU if they provide services to EU citizens or process their data.

Personal data is any information relating to an identified or identifiable natural person – including name, address, date of birth, email address, IP address and similar.

Key data protection principles of the GDPR are:

a) Legality, fairness and transparency
b) Purpose limitation
c) Data minimization
d) Accuracy
e) Memory limitation
f) Integrity and confidentiality

Data subjects have the right to information, rectification, erasure, restriction, portability, and objection to processing. In certain cases, companies are required to appoint a data protection officer. Likewise, a data protection impact assessment may be necessary for risky processing. Data protection violations must be reported within 72 hours.

For further information, please see the full text of the law at: https://dejure.org/gesetze/DSGVO