Testlio Privacy Policy
Last Updated July 6, 2026
Please note that this privacy statement will regularly be updated to reflect any changes in the way we handle your personal information or any changes in applicable laws. When we make changes, we will update the "Last Updated" date at the top of this Privacy Policy. We encourage you to review this Privacy Policy periodically, as it is your responsibility to remain informed of any updates. Where required by applicable law, or where we consider it appropriate, we will provide additional notice of material changes through appropriate means, such as by email, through our websites or platform, or by other communication channels. Except where required by applicable law, any such notification will be provided on a commercially reasonable effort basis.
Thank you for choosing to be part of our community at Testlio (“company”, “we”, “us”, or “our”). We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about our policy, or our practices with regard to your personal information, please contact us at privacy@testlio.com.
This Privacy Policy (“Privacy Policy”) explains how we collect, use, share, transfer and protect Personal Information where Testlio is acting as a data controller (or any local equivalent), and describes the choices and rights you have about your personal data.
This Privacy Policy applies to individuals who interact with Testlio and its services, including through our websites, platform, applications, products, services, digital assets, communications, events, recruitment activities and other business activities. This includes website visitors, prospective and current customers, customer personnel, platform users, freelance testers, suppliers, business partners, event attendees, job applicants and other individuals who interact with us.
This Privacy Policy does not apply where Testlio processes Personal Information solely on behalf of its customers as a data processor or service provider. In those circumstances, the applicable customer controls how Personal Information is processed and is responsible for providing any required privacy notices.
Please read this Privacy Policy carefully to understand how we handle your Personal Information and the choices and rights available to you. Additional information regarding our processing of Personal Data relating to employees, contractors, temporary workers, and other personnel is set out in Appendix 1 (Personnel Privacy Statement).
Capitalized terms that are not defined in this Privacy Policy have the meaning given them in our Terms of Use.
This Privacy Policy covers:
- The information we collect
- Why we use the personal information we collect
- Who we share the personal information we collect
- Our use of cookies and other tracking technologies
- International Transfers Of Your personal information How long do we keep your personal information
- How do we keep your personal information safe
- What are your privacy rights
- Other important privacy information
- Our contact information
- Appendix 1 – Personnel Privacy Statement
1. THE INFORMATION WE COLLECT
1.1 Personal Information you disclose to us.
We collect personal information that you voluntarily provide to us when you interact with use, our websites, platform, products, services, applications, communications, events, or other digital assets. This may include information provided when you create an account, use our platform or services, request information, communicate with us, register for events, participate in surveys or promotions, apply to become a tester, apply for employment opportunities, engage as a customer or supplier, submit forms, or otherwise interact with us.
The personal information that we collect depends on the nature of your relationship with us the products, the services, functionalities and features you use and the choices you make. The personal information we collect can include the following:
- Contact and Identification Data. We collect your first and last name, email address, postal address, phone number, company name, job title, username, account identifier, and other similar contact data.
- Account Information. We collect passwords, password hints, and similar security information used for authentication and account access, account, profile, and registration information, including account credentials, profile information, preferences, communications preferences, testing qualifications, certifications, areas of expertise, and other information associated with your account or relationship with us.
- Professional and Business Information. We collect professional, recruitment and business information including employer information, job title, business contact details, professional background, employment history, qualifications, skills, certifications, testing experience, references, information contained in resumes, CVs, applications, and other information relating to your engagement with our services or employment opportunities.
- Communications and Support Information. We collect enquiries, requests, feedback, survey responses, support interactions, correspondence, and other information you provide when communicating with us.
- Payment Data. We collect data necessary to process your payment if you make purchases, such as payment details, billing information, tax information, and other information necessary to process payments, compensation, reimbursements, or other financial transactions. All payment data is stored by our payment processor and you should review its privacy policies and contact the payment processor directly to respond to your questions.
- Event and Marketing Information. We collect event and marketing information including registration information, attendance information, preferences, and information collected in connection with webinars, conferences, training sessions, promotions, surveys, and other business engagement activities.
- Social Media Login Data. We might provide you with the option to register using social media account details, like your Facebook, Twitter or other social media account. If you choose to register in this way, we will collect the information described in the social logins.
- Any other information you choose to provide to us in connection with your use of our websites, platform, services, applications, communications, events, or other interactions with us.
You are responsible for ensuring all personal information that you provide to us must be true, complete and accurate, and you must notify us of any changes to such personal information.
1.2 Information automatically collected.
When you visit, use, access or interact with our website, platform, applications, products, services, communications, testing programs, testing projects, or other digital assets, we may automatically collect certain information about your device, browser, account, and use of our services.
This information we automatically collect may include:
- Email address
- Technical device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our digital assets and other technical information.
- Usage and activity information, including pages viewed, links clicked, features used, search queries, session information, navigation paths, user journey flows, interactions with content, and other information regarding how you use and interact with our websites, platform, applications, products, and services.
- Account and platform usage information, including information relating to your use of your account, profile, platform features, testing activities, participation in projects, service usage, preferences, and interactions with our services.
- Location information, such as general geographic location derived from your IP address or other technologies, where permitted by applicable law.
1.3 Information collected from other sources.
We may obtain limited information about you from other sources, such as public databases, joint marketing partners, social media platforms (such as Facebook, LinkedIn), as well as from other third parties. The information we receive depends on the source, the nature of your relationship with us, and the purposes for which the information is collected.
The information we receive from other sources or third parties may include:
- Professional and business information obtained from business information providers, industry databases, professional networking platforms, publicly available sources, referral partners, and other commercially available sources, including your name, employer, job title, business contact details, professional background, qualifications, skills, certifications, and other professional information.
- Customer, supplier, partner, and referral information provided by customers, suppliers, business partners, referral partners, affiliates, subsidiaries, or other third parties in connection with business relationships, projects, services, or enquiries.
- Recruitment and applicant information obtained from recruitment agencies, talent acquisition providers, references, educational institutions, certification bodies, background check providers, publicly available professional sources, and other third parties involved in recruitment, candidate evaluation, onboarding, or engagement activities.
- Social media profile and third party platform information obtained when you interact with us through social media platforms, third-party authentication services, community forums, or similar services, subject to the privacy settings and practices of those platforms.
- Event, marketing, and engagement information obtained from event organizers, sponsors, webinar providers, marketing partners, and similar organizations in connection with conferences, webinars, training sessions, surveys, promotions, and other business engagement activities.
- Technical, analytics, and advertising information obtained from analytics providers, advertising partners, marketing platforms, and other technology providers relating to your interactions with our websites, platform, services, communications, or digital assets..
- Information obtained from our affiliates, subsidiaries, and other group companies in connection with customer relationship management, business operations, recruitment activities, service delivery, compliance activities, and other legitimate business purposes.
- Information obtained from publicly available sources, including public websites, professional networking sites, publications, directories, and other sources where permitted by applicable.
- Where permitted by applicable law, we may combine personal information collected through our websites, platform, or other digital assets with business or professional information obtained from business information providers, commercially available sources, or publicly available sources in order to better understand our website visitors, improve our services, support business development activities, and maintain accurate business records.
If we combine or associate information from other sources with personal information that we collect directly from you or automatically through your use of our websites, platform, services, or digital assets, we will treat the combined information as personal information in accordance with this Privacy Policy.
2. WHY WE USE THE PERSONAL INFORMATION WE COLLECT
We use your personal information for purposes described in this Privacy Policy. Depending on the circumstances and applicable law, we process personal information on one or more of the following legal bases:
- Legitimate business interests.
- The fulfillment of our contract or steps taken prior to entering into a contract.
- Compliance with our legal obligations.
- Your consent, where required by applicable law.
We may use your personal information for the following purposes:
- Providing and Operating Our Services. To provide, operate, maintain, support and administer our websites, platform, products, services, testing engagements, applications, and other digital assets, including creating and managing accounts, authenticating users, facilitating participation in testing activities, and responding to requests and enquiries.
- Service Delivery and Customer Relationship Management. To manage our relationships with customers, prospective customers, suppliers, business partners, freelance testers, applicants, and other individuals who interact with us, including providing customer support, communicating regarding our services, and administering business relationships.
- Recruitment and Talent Management. To evaluate candidates, process applications, verify qualifications, communicate regarding employment and engagement opportunities, administer recruitment activities, and support onboarding processes.
- Platform Operations, Analytics, and Product Improvement. To understand and analyze the usage trends and preferences of our users, including tracking user interactions, feature adoption, and application performance through third-party analytics services, monitor performance; troubleshoot issues in order to improve our websites, platform, products, services, and digital assets, and to develop new products, services, features, functionalities and capabilities; and enhance the user experience.
- Testing Project and Quality Assurance Activities. To administer testing engagements and testing projects, facilitate participation by testers, manage testing activities, evaluate testing results, maintain platform integrity, support quality assurance activities, and deliver services to our customers.
- Communications, Marketing, and Events. To contact you for administrative purposes such as customer service, to address intellectual property infringement, right of privacy violations or defamation issues related to your User Content posted on the Site or to send communications, including updates on promotions and events, relating to products and services offered by us and by third parties we work with and other engagement activities, and send marketing and promotional communications in accordance with applicable law and your communication preferences.
- Security, Fraud Prevention, and Protection of Rights. To maintain the security of our websites, platform, products, services, systems, users, and business operations; detect, prevent, investigate, and respond to fraudulent, malicious, unauthorized, or unlawful activity; enforce our agreements and policies; and protect our rights, property, and interests and those of others.
- Legal, Regulatory, and Compliance Activities. To comply with legal, regulatory, tax, accounting, reporting, and compliance obligations; respond to lawful requests from authorities; establish, exercise, or defend legal claims; and support audits, investigations, and other compliance activities.
- Business Operations and Corporate Activities. To support our internal administration, financial management, reporting, governance, risk management, business continuity, strategic planning, corporate transactions, and other legitimate business activities.
3. WHO WE SHARE THE PERSONAL INFORMATION WE COLLECT
We may share and disclose your personal information with the following categories of recipients where necessary to provide our services, operate our business, comply with legal obligations, protect our rights and interests, or for other purposes described in this Privacy Policy.
- Affiliates and Group Companies. We may share personal information with our affiliates, subsidiaries, and other group companies for business operations, service delivery, administration, compliance, security, reporting, and other legitimate business purposes.
- Vendors, Consultants and Other Third-Party Service Providers. We may share personal information with third-party service providers that support our business operations, website, platform, products, services, and digital assets. These may include hosting providers, cloud service providers, information technology providers, communications providers, exchange, maintenance, product analytics and user behavior tracking, payment processors, customer relationship management providers, marketing providers, recruitment providers, background check providers, identity verification providers, security providers, and other service providers that process information on our behalf.
- Customers and Customer Personnel. Where you participate in testing activities, testing projects, or other customer-related activities, we may share personal information with our customers and their authorized personnel as necessary to facilitate testing activities, project delivery, platform participation, service delivery, reporting, communications, and related business purposes.
- Third-Party Advertisers. We may use third-party advertising companies to serve ads when you visit the Sites. These companies may use information about your visits to our Website(s) and other websites that are contained in web cookies and other tracking technologies in order to provide advertisements about goods and services of interest to you.
- Business Transfers. We may share your personal information to an actual or prospective acquirer, or successor or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, as well as in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets or similar corporate transaction.
- Business Partners. We may share your personal information with our business partners , integration partners, referral partners, event partners, marketing partners, and other organizations with whom we collaborate in connection with our business, products, services, promotions events, or other activities.
- Recruitment and Talent Acquisition Providers. We may share personal information with recruitment agencies, applicant tracking providers, background check providers, skills assessment providers, onboarding providers, and other service providers supporting recruitment and engagement activities.
- Professional Advisors. We may share personal information with legal counsel, accountants, auditors, consultants, insurers, and other professional advisors where necessary in connection with their services or our legal, regulatory, operational, or business requirements.
- Other Users. When you share certain personal information (associated with your profile, account, testing activities, communications, comments, submissions,) or otherwise interact with public areas of our website or platform, such personal information may be viewed by all users where such visibility is necessary to facilitate collaboration, communications, testing activities, project participation, community features, or other functionality made available through our website and platform.
- Government Authorities and Other Third Parties. We may share personal information with regulators, courts, law enforcement agencies, governmental authorities, tax authorities, or other third parties where required by law, legal process, regulatory requirements, or where necessary to establish, exercise, or defend legal claims or protect the rights, property, safety, or security of Testlio, our users, customers, or others.
4. OUR USE OF COOKIES AND OTHER TRACKING TECHNOLOGIES
We use cookies, pixels, software development kits (SDKs), analytics tools, and other similar technologies to operate, secure, and improve our websites, platform, products, services, and digital assets, understand how users interact with them, personalize user experiences, and support analytics, marketing, and business development activities.
For more information about the technologies we use, the purposes for which they are used, and the choices available to you, please see our Cookie Notice.
5. INTERNATIONAL TRANSFERS OF YOUR PERSONAL INFORMATION
We may transfer, access, store, and process your personal information in countries other than the country in which the information was originally collected. This may occur where we operate, where our affiliates or group companies are located, where our service providers and business partners operate, or where it is otherwise necessary to provide our services, operate our business, or fulfil the purposes described in this Privacy Policy.
As a result, personal information may be transferred to and processed in countries that may have data protection laws that differ from those in your country of residence.
Whenever we transfer your personal information, we will take all necessary measures to protect your personal information and comply with applicable law. Depending on the circumstances and applicable legal requirements, these measures may include:
- transferring your personal information to countries that have been recognized by an adequacy decision under applicable law;
- we implement contractual safeguards such as the European Commission's Standard Contractual Clauses or similar approved mechanisms;
- relying on certifications, codes of conduct, binding corporate rules, or other recognized transfer mechanisms where available; and
- implementing appropriate technical, organizational, and security measures to protect personal information during transfer and processing.
Additional information regarding the safeguards we use for international transfers may be provided upon request, subject to applicable law and confidentiality obligations.
6. HOW LONG DO WE KEEP YOUR PERSONAL INFORMATION
We will only keep your personal information for as long as it is necessary for the purposes set out in this Privacy Policy, including providing our services, operating our business, complying with legal obligations, resolving disputes, enforcing our agreements, protecting our rights and interests, and for other legitimate business purposes, unless a longer retention period is required or permitted by applicable law.
When determining how long to retain personal information, we consider factors such as:
- The nature of our relationship with you and the purpose for which the personal information was collected.
- The sensitivity and volume of the personal information.
- Whether we are subject to legal, regulatory, tax, accounting, contractual or other legal requiring us to retain the information.
- Whether the information is necessary to establish, exercise, or defend legal claims.
- Whether we have an ongoing business need to retain the information, including for security, fraud prevention, business continuity, auditing, or recordkeeping purposes.
As a general guide:
- Information relating to customers, suppliers, business partners, platform users, and testers is generally retained for the duration of the relevant relationship and for a reasonable period thereafter to support legitimate business, legal, compliance, and operational requirements.
- Recruitment and applicant information is generally retained for a limited period following the conclusion of the recruitment process, unless a longer retention period is required or permitted by law or you have agreed to be considered for future opportunities.
- Website, platform, analytics, and technical information is generally retained for the period necessary to support service delivery, platform operations, security, troubleshooting, analytics, and performance monitoring activities.
- Marketing and communication preference information is generally retained for as long as we maintain a relationship with you and thereafter as necessary to maintain suppression lists, document preferences, and comply with applicable law.
When personal information is no longer required for the purposes for which it was collected, we will securely delete, anonymize, de-identify, or otherwise dispose of it in accordance with applicable law and our record retention practices. Where deletion is not immediately possible, we will take appropriate measures to securely store and protect the information until deletion can be completed.
When your personal information is no longer required for the purposes for which it was collected we will securely delete or anonymize it, de-identify, or otherwise dispose of it in accordance with applicable law and our record retention practices. When deletion is not immediately possible then we will securely store your personal information and isolate it from any further processing until deletion is possible.
7. HOW DO WE KEEP YOUR PERSONAL INFORMATION SAFE
Keeping your information safe.
We aim to protect your personal information through a system of organizational and technical security measures.
Testlio has reasonable security policies and procedures in place to protect personal information from unauthorized loss, misuse, alteration, or destruction. We care about the security of your personal information and use commercially reasonable safeguards to preserve the integrity and security of all your personal information we collect.
We use certain physical, managerial, and technical safeguards that are designed to improve the integrity and security of personal information that we collect and maintain. Despite Testlio's best efforts, however, security cannot be absolutely guaranteed against all threats. We cannot, however, ensure or warrant the security of any personal information. We also cannot guarantee that such personal information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.
If we learn of a security systems breach, then we may attempt to notify you electronically so that you can take appropriate protective steps. We may post a notice through the website if a security breach occurs. Depending on your location and applicable law, you may have the right to receive notice of certain security incidents or personal data breaches involving your personal information, including information regarding the nature of the incident and the steps you may take to protect yourself..
8. WHAT ARE YOUR PRIVACY RIGHTS
Depending on your country of residence and applicable law, you may have certain rights regarding your personal information. The rights available to you may vary based on your country, state, or region of residence, your relationship with us, and applicable legal requirements. The rights described below are not intended to limit or replace any rights that may be available to you under applicable law.
8.1 General Privacy Rights.
Subject to applicable law, you may have the right to:
- Request the access of the personal information we hold about you.
- Request correction or updating of inaccurate or incomplete personal information.
- Request deletion of your personal information.
- To object to the processing of your personal information, ask us to restrict the processing of your personal information or request the portability of your personal information.
- Opt-out of receiving marketing or promotional communications we send you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing emails we send you.
- If we have collected and processed your personal information with your consent, you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
- Request information regarding our processing of your personal information.
You may also be able to access, update, correct, or manage certain information directly through your account settings where available. Please note that we may retain certain information where required or permitted by law, for legitimate business purposes, security purposes, fraud prevention, dispute resolution, enforcement of our agreements, recordkeeping, or compliance with legal obligations.
You may opt out of receiving promotional or marketing communications from us at any time by following the unsubscribe instructions included in the communication, adjusting your communication preferences where available, or contacting us directly. Even if you opt out of marketing communications, we may continue to send you service-related, transactional, security, legal, or administrative communications where permitted by law.
8.2 Additional Rights for Individuals in the EEA, United Kingdom, Switzerland, Brazil, and Similar Jurisdictions.
If you are located in the European Economic Area, United Kingdom, Switzerland, Brazil, or another jurisdiction that provides similar rights under applicable data protection laws, you may also have, in addition to the rights outlined in section 8.1 above, the right to:
- Object to certain processing of your personal information.
- Request restriction of the processing of your personal information.
- Request portability of your personal information in a structured, commonly used, and machine-readable format.
- Lodge complain to an applicable data protection authority about our collection and use of your personal information.
Where we rely on legitimate interests as a legal basis for processing, you may have the right to object to such processing in certain circumstances.
8.3 Additional Rights for U.S. Residents.
Residents of certain U.S. states may have additional privacy rights, to those outlined in section 8.1 above, under applicable law. Subject to applicable law, these rights may include:
- The right to know and access the categories and specific pieces of personal information we collect, use, disclose, or otherwise process about you.
- The right to request correction of inaccurate personal information.
- The right to request deletion of personal information, subject to applicable exceptions.
- The right to obtain a portable copy of certain personal information.
- The right to opt out of the sale, sharing, targeted advertising, or certain profiling activities involving personal information, where applicable. Please see
- The right to appeal a decision relating to a privacy rights request, where applicable under state law.
We do not discriminate against individuals for exercising their privacy rights.
We do not sell personal information in exchange for money. However, certain uses of cookies, advertising technologies, analytics tools, or disclosures to third parties may be considered a "sale," "sharing," or "targeted advertising" under certain U.S. state privacy laws. Where required by applicable law, U.S. residents may have the right to opt out of such activities. Information regarding available opt-out choices is provided in our Cookie Notice or may be obtained by contacting us using the details provided in this Privacy Policy.
We do not knowingly sell or share the personal information of individuals under the age of 16 for purposes requiring opt-out or opt-in rights under applicable law.
8.4 Exercising Your Rights
To exercise any privacy rights available to you, please contact us using the contact details provided in this Privacy Policy.
We may take reasonable steps to verify your identity before responding to a request and may request additional information where necessary to confirm your identity or authority to act on behalf of another individual. Authorized agents may submit requests on behalf of individuals where permitted by applicable law and subject to appropriate verification requirements. We respond to all requests thar we receive from individuals within the timeframe stipulated in the applicable data protection law.
If you are dissatisfied with our response to a request, you may have the right to submit an appeal or complaint to us or to the applicable supervisory authority, regulator, or government agency, depending on your location and applicable law.
9. OTHER IMPORTANT PRIVACY INFORMATION
Third-Party Services and Websites
Our websites, platform, products, services, communications, or other digital assets may contain features or links to websites and services provided by third parties. Any information you provide on third-party sites or services is provided directly to the operators of such services and is subject to those operators’ policies, if any, governing privacy and security, even if accessed through our websites, platform, products, services, communications, or other digital assets . We are not responsible for the content or privacy and security practices and policies of third-party sites or services to which links or access are provided through our websites, platform, products, services, communications, or other digital assets. We encourage you to learn about third parties’ privacy and security policies before providing them with information.
Children’s Privacy.
Protecting the privacy of young children is especially important. Our websites, platform, products, services, communications, or other digital assets is not directed to and it is not intentionally designed for children under the age of thirteen (13). We do not knowingly collect personal information from children under the age of thirteen (13) without obtaining parental consent. By using our websites, platform, products, services, communications, or other digital assets, you represent that you are at least thirteen (13) or that you are the parent or guardian of such a minor and consent to such minor dependent’s use of our websites, platform, products, services, communications, or other digital assets. If you are under thirteen (13) years of age, then please do not use or access the Service at any time or in any manner. If we learn that personally identifiable information has been collected on the Service from persons under thirteen (13) years of age and without verifiable parental consent, then we will take the appropriate steps to delete this information. If you are a parent or guardian and discover that your child under thirteen (13) years of age has obtained an account on the websites, platform, products, services, communications, or other digital assets, then you may alert us at privacy@testlio.com and request that we delete that child’s personally identifiable information from our systems.
10. Our Contact Information.
Please contact us with any questions or comments about this Policy, your personal information, our use and disclosure practices, or your consent choices by email at privacy@testlio.com.
APPENDIX 1 – PERSONNEL PRIVACY STATEMENT
1. PURPOSE AND SCOPE
This Personnel Privacy Statement supplements the Privacy Policy and applies to our employees, temporary workers, contractors, consultants, interns, directors, officers, and other individuals engaged to perform services for or on behalf of Testlio ("Personnel").
Unless otherwise stated in this Appendix, the Privacy Policy applies to our collection, use, disclosure, retention, and other processing of Personnel personal information. This Appendix describes additional categories of personal information, processing activities, and disclosures that are specific to the employment or engagement relationship.
2. ADDITIONAL PERSONAL INFORMATION WE COLLECT
In addition to the categories of personal information described in the Privacy Policy, we may collect and process the following categories of personal information relating to Personnel, where permitted by applicable law:
- Employment and engagement information, including employee or contractor identifiers, employment status, work location, department, reporting lines, role information, work history, qualifications, certifications, training records, language capabilities, skills, performance information, disciplinary records, and information relating to onboarding and offboarding.
- Payroll, tax, banking, compensation, bonus, equity, benefits, leave, expense reimbursement, travel, and other financial or employment-related information required to administer the employment or engagement relationship.
- Identity verification and compliance information, including government-issued identification, right-to-work documentation, immigration or visa information where applicable, background screening information where permitted by law, sanctions screening, conflict of interest declarations, ethics reports, compliance certifications, and other information required to satisfy legal, regulatory, contractual, or customer requirements.
- Information relating to your use of Testlio-issued devices, systems, networks, collaboration tools, communication platforms, security systems, authentication services, business applications, and other Testlio technology.
- Technical, device, network, system, audit log, and security information collected to maintain the security, integrity, availability, and performance of Testlio systems and information assets.
- Where Testlio-approved mobile devices, mobile applications, or device management solutions are used for business purposes, technical device information, including device identifiers, operating system information, security status, and, where necessary to protect Testlio assets or recover lost or stolen devices, location information.
- Where you use approved personal devices for business purposes (Bring Your Own Device (BYOD)), we may collect and process technical information relating to those devices, including device identifiers, operating system information, security status, audit logs, and, where necessary to protect Testlio assets, maintain information security, enforce Testlio policies, or recover lost or stolen devices, location information collected through Testlio-approved device management or security solutions.
- Business communications, meeting participation, collaboration records, support requests, surveys, training participation, and information relating to your use of Testlio communication and collaboration tools.
- Professional information, including work product, project participation, testing activities, certifications, biographies, photographs, profile information, and other content created or shared in connection with your employment or engagement with Testlio.
3. ADDITIONAL PURPOSES FOR PROCESSING PERSONNEL INFORMATION
In addition to the purposes described in the Privacy Policy, we may use Personnel personal information to:
- administer the employment or engagement relationship;
- recruit, onboard, manage, develop, compensate, support, and offboard Personnel;
- administer payroll, benefits, equity, expenses, leave, travel, and other employment or engagement-related programs;
- manage workforce planning, staffing, project assignments, customer engagements, and professional development;
- provide, manage, maintain, monitor, and secure Testlio systems, devices, applications, networks, collaboration tools, and information assets;
- verify identity, qualifications, certifications, work authorization, and, where permitted by law, conduct background screening and other pre-engagement checks;
- comply with legal, regulatory, contractual, tax, employment, immigration, health and safety, information security, and customer requirements;
- investigate security incidents, policy violations, ethics reports, misconduct, fraud, or other matters affecting Testlio, its Personnel, customers, or business operations;
- facilitate internal communications, collaboration, training, knowledge sharing, and business continuity activities; and
- recognize, promote, and communicate initiatives, events, achievements, and business activities, including through internal communications, websites, social media channels, and other marketing materials, where appropriate and in accordance with applicable law.
4. ADDITIONAL SHARING OF PERSONNEL PERSONAL INFORMATION
In addition to the recipients described in the Privacy Policy, we may share Personnel personal information with:
- payroll, benefits, pension, insurance, equity administration, travel, expense management, and other workforce administration providers;
- recruitment agencies, background screening providers, identity verification providers, onboarding providers, learning and development providers, workforce management providers, and other service providers supporting the employment or engagement relationship;
- customers, where necessary to facilitate customer projects, testing activities, security requirements, access management, or contractual obligations;
- professional advisers, auditors, regulators, certification bodies, government authorities, or other parties where required by law or contractual obligations; and
- service providers supporting employment administration, contractor management, finance, information technology, cybersecurity, legal, compliance, and other business operations.
5. RETENTION OF PERSONNEL PERSONAL INFORMATION
The retention practices described in the Privacy Policy also apply to Personnel personal information. Certain employment, contractor, payroll, tax, benefits, compliance, health and safety, and personnel records may be retained for longer periods where required or permitted by applicable law, to administer the employment or engagement relationship, comply with legal or contractual obligations, establish, exercise, or defend legal claims, resolve disputes, or protect the legitimate interests of Testlio.
6. PERSONNEL PRIVACY RIGHTS
The privacy rights described in the Privacy Policy also apply to Personnel, subject to applicable law.
Please note that certain rights may be limited where Testlio is required or permitted to retain personal information to comply with employment, tax, payroll, social security, regulatory, contractual, information security, health and safety, or other legal obligations, or where retention is necessary to establish, exercise, or defend legal claims or otherwise protect the rights and legitimate interests of Testlio or others.