Published on November 23, 2022
The defined terms in this Policy have the same meaning as in our Terms and Conditions, which you should read together with this Policy. By accessing our Website and using our Service, you are accepting and consenting to the practices described in this policy.
For the purpose of the General Data Protection Regulation (GDPR), the data controller is Testable Research Inc, Delaware, USA. We can be contacted at firstname.lastname@example.org.
Testable is a provider of beautiful research software that’s simple, smart, and secure and gives researchers flexibility to create great-looking experiments. We care about our users’ privacy, and try to only collect necessary data – our legal basis for using your personal information will depend on the context in which we collect it.
When registering on our site, you are asked to enter your first and last name, academic email address (to verify your academic status) and your academic institution. We ask for this data in order to facilitate your use of our service, such as contacting you about important changes to the site or to your account. If you choose to post experiments on our sister platform Testable Minds for our subject pool to complete, this information (excluding your email address) will be made available to signed up users of Testable Minds. Our legal basis for collecting these mandatory pieces of information is for our legitimate business interests, where we are providing functionality
We may also collect and process data regarding your correspondence with us, your experiments posted on our platform and the data associated with them. We may also collect personal information from you when you use our service, contact our support team, or visit our website. This information is collected on the legal basis of our legitimate business interests.
In some circumstances, Testable may have to share some of your personal information if it is connected with a legal obligation we have, a government authority requests it or in response to a court order. The legal basis for this under the GDPR would be ‘legal obligation.’
In order to receive email newsletters from us or from third parties that are not directly about your account’s operation, we ask for your consent to send you these kind of emails, so using the basis of consent.
We may use the information we collect from you when you register, sign up for our newsletter, respond to a survey or marketing communication, participate in an experiment, browse experiments, surf the website, or use other site features to personalise your experience and to allow us to deliver the type of content you may be interested in.
We will not keep your information any longer than is necessary. If your account remains dormant (not signed into) for over two years, we will email you to clarify if you want your account to remain open, under the basis of legitimate interest.
Your information will only be accessible to authorised individuals in the Testable team or to third parties when relevant (eg third parties who process payments).
We do not sell or make available any information about you without your awareness.
Your personal information is contained behind secured networks located in the EU and is only accessible by a limited number of persons who have special access rights to such systems, and who are required to keep the information confidential. In addition, all sensitive information you supply is encrypted via Secure Socket Layer (SSL) technology. We implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of your personal information. Should a data breach occur, we will notify you via email within 7 business days. All monetary transactions are processed through a gateway provider and are not stored or processed on our servers.
You can request access to your personal data free of charge, although if the request is unfounded or excessive, we charge a reasonable fee to cover administrative costs. We will provide this information within one month of receipt in an electronic format.
If the data we hold about you is inaccurate or incomplete, you are entitled to contact us to have that data rectified. We must respond within one month. If we decide not to take action, it is our duty to explain this to you – you then have a right to complain to the ICO and potentially could have a judicial remedy.
You are entitled to ask for your personal data to be erased when:
We will restrict this when requested if:
You have the right to request your personal data from us in a machine-readable format, which you can then transmit to any other provider you wish to hold your data. We will respond with this information within one month.
You can do this at any time, either through your account or through a Testable email previously sent to you (just click on the unsubscribe link!)
We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information without your consent.
We do not currently include or offer third-party products or services on our website.
We value your privacy and your rights as a data subject and have therefore appointed Prighter Group with its local partners as our privacy representative and your point of contact.
Prighter gives you an easy way to exercise your privacy-related rights (e.g. requests to access or erase personal data). If you want to contact us via our representative, Prighter or make use of your data subject rights, please visit the following website. https://prighter.com/q/16015358531