Skip to Content

Terms and Conditions

AGREED TERMS

Last updated: 1 August 2024. Changes since the previous version include (but are not limited to): 2.4 change; 3.1 definition of Services; 4.1 refunds; 4.3 recurring charges; 5.5 dormant accounts; and Schedule B physical access controls.

These terms and conditions (Terms) give you information about us and detail the legal basis on which we supply services to you.

Please read these Terms carefully and make sure that you understand them before ordering any services from us. By ordering any of our services, you agree to be bound by these Terms and the other documents expressly referred to in them.

If you refuse to accept these Terms, you will not be able to order any services from us.

You should print a copy of these Terms for future reference.

We amend these Terms from time to time as set out in clause 2.4. Every time you wish to order services from us, please check these Terms to ensure you understand the terms which will apply at that time.

1. About us

1.1 Our Company details: Test Partnership Ltd, with company number 08020351, (we and us) is a company registered in England and Wales having its registered office at Censeo House, 6 St Peters Street, St Albans, AL1 3LF, United Kingdom. Our VAT number is 223214555. We operate the websites www.testpartnership.com and www.tptests.com.

1.2 Contacting us. To contact us, telephone our customer service team at 020 8142 8208 or email us at info@testpartnership.com. How to give us formal notice of any matter under the Contract is set out in Clause 16.2.

1.3 Your Company Details. References to "you" means the company or organisation that you are acting on behalf of. You need to be aware that when you enter into this Contract, you are acting on behalf of the company that you work for and we have the right to treat you as having full authority to bind that organisation.

2. Our contract with you

2.1 Our contract. These Terms apply to the order by you and supply of Services by us to you (Contract). They apply to the exclusion of any other terms that you seek to impose or incorporate, or which are implied by trade, custom, practice or course of dealing.

2.2 Entire agreement. The Contract is the entire agreement between you and us in relation to its subject matter. You acknowledge that you have not relied on any statement, promise or representation or assurance or warranty that is not set out in the Contract or the Terms.

2.3 Language. These Terms and the Contract are made only in the English language.

2.4 Change. We may revise these Terms from time to time. Historic versions can be obtained by contacting us. Every time you order Services from us or the Contract between us is renewed, the Terms in force at that time will apply to the Contract between you and us.

3. Placing an order and its acceptance

3.1 Placing your order. You may place an order by either:

(a) signing these Terms; or
(b) by following the onscreen prompts and using the method set out on our website.

Each order is an offer by you to buy the services specified in Schedule A (Services) subject to these Terms.

3.2 Correcting input errors. Our order process allows you to check and amend any errors before submitting your order to us. Please check the order carefully before confirming it. You are responsible for ensuring that your order is complete and accurate.

3.3 Accepting your order. After you place your order, you will receive an email from us acknowledging that we have received it. Our acceptance of your order takes place when we countersign these Terms or, if earlier, we send an email to you to accept it (Order Confirmation), at which point and on which date (Commencement Date) the Contract between you and us will come into existence. The Contract will relate only to those Services confirmed in the Order Confirmation.

4. Cancelling your order

4.1 You may cancel the Contract as set out in Clause 4.2. Except as set out in Clause 13.2, Charges owed by you to us at the time of your cancellation will not be refunded. You may cancel future charges as set out in Clause 4.3.

4.2 To cancel the Contract, you must complete the cancellation process on our website at https://www.tptests.com/client or email us at info@testpartnership.com. We will email you to confirm we have received your cancellation.

4.3 Where our Charges are listed as annual, per 12-month period, per month, or recurring, you will pay those future charges unless you cancel the Contract in accordance with Clause 4.2 before those charges occur.

5. Our services

5.1 Compliance with specification. Subject to our right to amend the specification (see Clause 5.2), we will supply the Services to you in accordance with the specification for the Services appearing in Schedule A.

5.2 Changes to specification. We reserve the right to amend the specification of the Services if required by any applicable statutory or regulatory requirement or if the amendment will not materially affect the nature or quality of the Services.

5.3 Reasonable care and skill. We warrant to you that the Services will be provided using reasonable care and skill.

5.4 Candidate credits. The Services allow you create a collection of one or more assessments (each group of assessments being a Project) and invite candidates to take the assessments within a Project. At the time of a candidate starting the first assessment within a Project, a candidate credit (Candidate Credit) will be deducted from your Candidate Credit balance. You may buy more Candidate Credits at any time by placing an order. When your Candidate Credit balance falls below zero we may disable your access to the Services until your Candidate Credit balance is returned to zero or above. Resetting a candidate assessment for a retake will also deduct a Candidate Credit.

5.5 Dormant accounts. If during any uninterrupted 24-month period your account has had no assessment completions and no assessment invites, we may set your account to a dormant state. We will email you at least 30 days before setting your account as dormant explaining how you can prevent your account being set to dormant. The Candidate Credit balance on a dormant account will be cleared to nil without any refund being due to you on those cleared Candidate Credits.

6. Your obligations

6.1 It is your responsibility to ensure that:

(a) the terms of your order are complete and accurate;
(b) you provide us with such information and materials we may reasonably require in order to supply the Services, and ensure that such information is complete and accurate in all material respects;
(c) your use of the Services is in compliance with all applicable laws, regulations, and employment guidelines (by way of example this includes, but is not limited to, you not adversely discriminating against legally protected groups of people);
(d) you, and any users acting on your behalf, do not copy, reproduce, modify or adapt, translate, disassemble, reverse engineer, create derivative works from, republish, display, transmit, or distribute all or any portion of the Services in any form or media or by any means, except as permitted in accordance with the Terms;
(e) you cooperate with us in all matters relating to the Services;
(f) you do not interfere with the security of, or disrupt or otherwise cause harm to the Services, or its system resources;
(g) unless otherwise agreed in writing, you use the Services to assess no more than 10,000 candidates in any uninterrupted 12-month period; and
(h) you obtain and shall maintain all necessary licences, consents, and permissions necessary for us to perform our obligations under these Terms, including without limitation the Services.

6.2 If our ability to perform the Services is prevented or delayed by any failure by you to fulfil any obligation listed in Clause 6.1 (Your Default):

(a) we will be entitled to suspend performance of the Services until you remedy Your Default, and to rely on Your Default to relieve us from the performance of the Services, in each case to the extent Your Default prevents or delays performance of the Services. In certain circumstances Your Default may entitle us to terminate the Contract under Clause 13 (Termination);
(b) we will not be responsible for any costs or losses you sustain or incur arising directly or indirectly from our failure or delay to perform the Services; and
(c) it will be your responsibility to reimburse us on written demand for any costs or losses we sustain or incur arising directly or indirectly from Your Default.

6.3 Non-solicitation. You must not attempt to procure services that are competitive with the Services from any of our directors, employees or consultants, whether as an employee or on a freelance basis, during the period that we are providing the Services to you.

7. Charges

7.1 In consideration of us providing you the Services you must pay our charges (Charges) in accordance with this Clause 7.

7.2 The Charges are the prices quoted in Schedule A.

7.3 We may change the Charges for Services not already delivered provided we give you not less than thirty (30) days advance written notice.

7.4 Our Charges are, unless otherwise stated, exclusive of VAT. Where VAT is payable in respect of some or all of the Services you must pay us such additional amounts in respect of VAT, at the applicable rate, at the same time as you pay the Charges.

8. How to pay

8.1 You can pay for the Services using either a debit card, credit card, or bank transfer.

8.2 Unless otherwise stated on our invoice you shall pay all undisputed amounts on our invoice within 30 days.

9. Intellectual property rights

9.1 All intellectual property rights in or arising out of or in connection with the Services (other than intellectual property rights in any materials provided by you) will be owned by us.

10. Data protection

10.1 For the purposes of this Clause 10 and Schedule B, the following definitions shall apply:

Applicable Laws means:
(a) To the extent the UK GDPR applies, the law of the United Kingdom or of a part of the United Kingdom.
(b) To the extent EU GDPR applies, the law of the European Union or any member state of the European Union to which the Supplier is subject.

Applicable Data Protection Laws means:
(a) To the extent the UK GDPR applies, the law of the United Kingdom or of a part of the United Kingdom which relates to the protection of personal data;
(b) To the extent the EU GDPR applies, the law of the European Union or any member state of the European Union to which the Supplier is subject, which relates to the protection of personal data.

Customer Personal Data means any personal data which we (the Supplier) processes in connection with this agreement, in the capacity of a processor on behalf of you (the Customer).

EU GDPR means the General Data Protection Regulation ((EU) 2016/679).

Purpose is the purposes for which the Customer Personal Data is processed, as set out in Clause 10.7(a).

UK GDPR has the meaning given to it in the Data Protection Act 2018.

10.2 For the purposes of this Clause 10 and Schedule B, the terms controller, processor, data subject, personal data, personal data breach and processing shall have the meaning given to them in the UK GDPR.

10.3 Both parties will comply with all applicable requirements of Applicable Data Protection Laws. This Clause 10 is in addition to, and does not relieve, remove or replace, a party's obligations or rights under Applicable Data Protection Laws.

10.4 The parties have determined that, for the purposes of Applicable Data Protection Laws, the Supplier shall process the personal data set out in Schedule B, as a processor on behalf of the Customer, who shall be a sole, independent controller, in respect of the processing activities set out in Schedule B.

10.5 Without prejudice to the generality of Clause 10.3, the Customer will ensure that it has all necessary appropriate consents and notices in place to enable lawful transfer of the Customer Personal Data to the Supplier or lawful collection of the same by the Supplier for the duration and purposes of this agreement.

10.6 In relation to the Customer Personal Data, Schedule B sets out the scope, nature and purpose of processing by the Supplier, the duration of the processing and the types of personal data and categories of data subject.

10.7 Without prejudice to the generality of Clause 10.3, the Supplier shall, in relation to Customer Personal Data:

(a) process that Customer Personal Data only on the documented instructions of the Customer, which shall be to process the Customer Personal Data for the purposes set out in Schedule B, unless the Supplier is required by Applicable Laws to otherwise process that Customer Personal Data. Where the Supplier is relying on Applicable Laws as the basis for processing Customer Processor Data, the Supplier shall notify the Customer of this before performing the processing required by the Applicable Laws unless those Applicable Laws prohibit the Supplier from so notifying the Customer on important grounds of public interest. The Supplier shall inform the Customer if, in the opinion of the Supplier, the instructions of the Customer infringe Applicable Data Protection Laws;
(b) implement the technical and organisational measures set out in Schedule C to protect against unauthorised or unlawful processing of Customer Personal Data and against accidental loss or destruction of, or damage to, Customer Personal Data, which the Customer has reviewed and confirms are appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the data to be protected, having regard to the state of technological development and the cost of implementing any measures;
(c) ensure that any personnel engaged and authorised by the Supplier to process Customer Personal Data have committed themselves to confidentiality or are under an appropriate statutory or common law obligation of confidentiality;
(d) assist the Customer insofar as this is possible (taking into account the nature of the processing and the information available to the Supplier), and at the Customer's cost and written request, in responding to any request from a data subject and in ensuring the Customer's compliance with its obligations under Applicable Data Protection Laws with respect to security, breach notifications, impact assessments and consultations with supervisory authorities or regulators;
(e) notify the Customer without undue delay on becoming aware of a personal data breach involving the Customer Personal Data;
(f) at the written direction of the Customer, delete or return Customer Personal Data and copies thereof to the Customer on termination of the agreement unless the Supplier is required by Applicable Law to continue to process that Customer Personal Data. For the purposes of this Clause 10.7 (f) Customer Personal Data shall be considered deleted where it is put beyond further use by the Supplier;
(g) maintain records to demonstrate its compliance with this Clause 10.

10.8 The Customer hereby provides its prior, general authorization for the Supplier to:

(a) appoint processors to process the Customer Personal Data, provided that the Supplier:
(i) shall ensure that the terms on which it appoints such processors comply with Applicable Data Protection Laws, and are consistent with the obligations imposed on the Supplier in this Clause 10;
(ii) shall remain responsible for the acts and omission of any such processor as if they were the acts and omissions of the Supplier;
(iii) shall inform the Customer of any intended changes concerning the addition or replacement of the processors, thereby giving the Customer the opportunity to object to such changes provided that if the Customer objects to the changes and cannot demonstrate, to the Supplier's reasonable satisfaction, that the objection is due to an actual or likely breach of Applicable Data Protection Law, the Customer shall indemnify the Supplier for any losses, damages, costs (including legal fees) and expenses suffered by the Supplier in accommodating the objection.

(b) transfer Customer Personal Data outside of the UK as required for the Purpose, provided that the Supplier shall ensure that all such transfers are effected in accordance with Applicable Data Protection Laws. For these purposes, the Customer shall promptly comply with any reasonable request of the Supplier, including any request to enter into standard data protection clauses adopted by the EU Commission from time to time (where the EU GDPR applies to the transfer) or adopted by the Commissioner from time to time (where the UK GDPR applies to the transfer).

10.9 Either party may, at any time on not less than 30 days' notice, revise Clause 10 by replacing it (in whole or part) with any applicable standard clauses approved by the EU Commission or the UK Information Commissioner's Office or forming part of an applicable certification scheme or code of conduct (Amended Terms). Such Amended Terms shall apply when replaced by attachment to this agreement, but only in respect of such matters which are within the scope of the Amended Terms.

11. Limitation of liability

11.1 Nothing in the Contract limits any liability which cannot legally be limited, including liability for:

(a) death or personal injury caused by negligence;
(b) fraud or fraudulent misrepresentation; and
(c) breach of the terms implied by section 2 of the Supply of Goods and Services Act 1982 (title and quiet possession).

11.2 Subject to Clause 11.1, we will not be liable to you, whether in contract, tort (including negligence), for breach of statutory duty, or otherwise, arising under or in connection with the Contract for:

(a) loss of profits, loss of sales or business, loss of agreements or contracts, loss of use or corruption of software, data, or information, loss of or damage to goodwill; and
(b) any indirect or consequential loss.

11.3 Subject to Clause 11.1, we will not be liable to you for any loss or damage suffered by you relating to:

(a) a decision made by you to use or rely on the Services; or
(b) any employment selection decisions made by you following your use of the Services.

11.4 Subject to Clause 11.1, our total liability to you arising under or in connection with the Contract, whether in contract, tort (including negligence), breach of statutory duty, or otherwise, will be limited to 100% of the total Charges paid under the Contract during the 12 months immediately preceding the date on which the claim arose.

11.5 We have given commitments as to compliance of the Services with the relevant specification in Clause 5.1. In view of these commitments, the terms implied by sections 3, 4 and 5 of the Supply of Goods and Services Act 1982 are, to the fullest extent permitted by law, excluded from the Contract.

11.6 This Clause 11 will survive termination of the Contract.

12. Confidentiality

12.1 Each of us may use the other’s confidential information only for the purpose of fulfilling our respective obligations under the Contract.

12.2 Each party agrees that it shall keep any non-public information that it receives from the other party strictly confidential and shall not disclose it to a third party unless (a) it is required to by a legal or regulatory authority or (b) has the prior written consent of the disclosing party.

13. Termination

13.1 Termination. Without limiting any of our other rights, we may suspend the performance of the Services, or terminate the Contract with immediate effect by giving written notice to you if:

(a) you commit a material breach of any term of the Contract and (if such a breach is remediable) fail to remedy that breach within 30 days of you being notified in writing to do so;
(b) you fail to pay any amount due under the Contract on the due date for payment and remain in default not less than 30 days after being notified in writing to make such payment;
(c) you take any step or action in connection with you entering administration, provisional liquidation or any composition or arrangement with your creditors (other than in relation to a solvent restructuring), applying to court for or obtaining a moratorium under Part A1 of the Insolvency Act 1986, being wound up (whether voluntarily or by order of the court, unless for the purpose of a solvent restructuring), having a receiver appointed to any of your assets or ceasing to carry on business;
(d) you suspend, threaten to suspend, cease or threaten to cease to carry on all or a substantial part of your business; or
(e) your financial position deteriorates to such an extent that in our opinion your capability to adequately fulfil your obligations under the Contract has been placed in jeopardy.

13.2 We may terminate the Contract provided:

(a) we give you not less than 60 days prior written notice; and
(b) we refund you the Charges you have paid, less the charges reasonably and actually incurred by us in performing the Services up to the date of termination.

13.3 You may terminate the Contract as set out in Clause 4.2.

13.4 Effect of Termination. Upon termination of the Contract for any reason:

(a) Any rights or licences granted under or pursuant to the Contract shall cease to have effect;
(b) Any provision of the Contract that expressly or by implication is intended to come into or continue in force on or after termination will remain in full force and effect; and
(c) All Charges owing at the time of termination shall become due.

14. Indemnities

14.1 You shall defend, indemnify and hold us harmless against claims, actions, proceedings, expenses and costs arising out of or in connection with any third party claiming to be affected by any decision by you to rely on the Services or any other decision made by you based on your use of the Services.

14.2 We shall defend you, your officers, directors and employees against any claim that your use of the Services in accordance with these Terms infringes any United Kingdom patent effective as of the Commencement Date, copyright, trade mark, database right or right of confidentiality, and shall indemnify you for any amounts awarded against you in judgment or settlement of such claims, provided that:

(a) we are given prompt notice of any such claim;
(b) you do not make any admission, or otherwise attempt to compromise or settle the claim and provide reasonable co-operation to us in the defence and settlement of such claim, at our expense; and
(c) we are given sole authority to defend or settle the claim.

15. Events outside our control

15.1 We will not be liable or responsible for any failure to perform, or delay in performance of, any of our obligations under the Contract that is caused by any act or event beyond our reasonable control (Event Outside Our Control).

15.2 If an Event Outside Our Control takes place that affects our ability to perform our obligations under the Contract:

(a) we will contact you as soon as reasonably possible to notify you; and
(b) our obligations under the Contract will be suspended and the time for performance of our obligations will be extended for the duration of the Event Outside Our Control. We will arrange a new date for performance of the Services with you after the Event Outside Our Control is over.

15.3 You may cancel the Contract affected by an Event Outside Our Control. To cancel please contact us. If you opt to cancel we will refund the price you have paid, less the charges reasonably and actually incurred by us in performing the Services up to the date of the occurrence of the Event Outside Our Control.

16. Communications between us

16.1 When we refer to “in writing” in these Terms, this includes email.

16.2 Any notice or other communication given by one of us to the other under or in connection with the Contract must be in writing and be delivered by email.

16.3 A notice or other communication sent by email is deemed to have been received at 9.00 am the next working day after transmission, provided no undeliverable or similar notice has been received by the sender.

16.4 In proving the service of any notice, it will be sufficient to prove, in the case of an email, that such email was sent to the specified email address of the addressee, provided no undeliverable or similar notice has been received by the sender.

16.5 The provisions of this clause will not apply to the service of any proceedings or other documents in any legal action.

17. General

17.1 Waiver. If we do not insist that you perform any of your obligations under the Contract, or if we do not enforce our rights against you, or if we delay in doing so, that will not mean that we have waived our rights against you or that you do not have to comply with those obligations. If we do waive any rights, we will only do so in writing, and that will not mean that we will automatically waive any right related to any later default by you.

17.2 Severance. Each paragraph of these Terms operates separately. If any court or relevant authority decides that any of them is unlawful or unenforceable, the remaining paragraphs will remain in full force and effect.

17.3 Third party rights. The Contract is between you and us. No other person has any rights to enforce any of its terms.

17.4 Governing law and jurisdiction. The Contract is governed by English law and we each irrevocably agree to submit all disputes arising out of or in connection with the Contract to the exclusive jurisdiction of the English courts.

17.5 Assignment and transfer
(a) We may assign or transfer our rights and obligations under the Contract to another entity.
(b) You may assign or transfer your rights or your obligations under the Contract to another person only if we agree in writing.

17.6 Variation. Any variation of the Contract has effect only if it is in writing and signed by you and us (or our respective authorised representatives).

----------------
Schedule A
1. Services

1.1 The specification of the Services shall be:

Online access to Test Partnership’s suite of psychometric assessments that allows you to invite candidates to take the assessments and which:
(a) includes all the Standard features listed at https://www.testpartnership.com/pricing.html as updated from time to time to incorporate updates to the functionality; and
(b) includes any Custom features listed at https://www.testpartnership.com/pricing.html as agreed in writing between you and us.

2. Charges

The Charges are the prices quoted on our websites at the time you submit your order.

We may change the Charges in accordance with Clause 7.3.

----------------
Schedule B
1. PARTICULARS OF THE PROCESSING

1.1 SCOPE

The Supplier will process Customer Personal Data as necessary to perform the Service pursuant to the Contract, and as further instructed by Customer in its use of the Service.

1.2 NATURE

The Supplier will process (including, as applicable to the Contract and the Customer’s instructions, collecting, recording, structuring, organising, consultation, storing, altering, retrieving, using, disclosing, combining, erasing, and destroying) personal data for the purpose of providing psychometric assessments and any related technical support in accordance with this Agreement.

1.3 PURPOSE OF PROCESSING

The Supplier shall process Customer Personal Data in order to fulfil its obligations under the Contract, in particular for the purposes of conducting psychometric assessment and providing technical support.

1.4 DURATION OF THE PROCESSING

The duration of the processing will be until the earliest of either (i) expiry/termination of the Contract, or (ii) 24 months, or (iii) a request by the Customer to cease processing.

2. TYPES OF PERSONAL DATA

Personal Data processed by the Supplier on the Customer’s behalf in providing the Service is expected to include, but is not limited to, the following types of personal data:

- First and last name
- Business or personal email address
- Business or personal phone number
- Physical address of company/organisation where applicable
- Online identifiers (including cookie identifiers, connection data, internet protocol addresses and device identifiers, and browser identifiers)
- Employer

3. CATEGORIES OF DATA SUBJECT

- data subjects about whom the Supplier collects personal data in its provision of the Services; and
- data subjects about whom the personal data is transferred to the Supplier in connection with the Services by, at the direction of, or on behalf of, the Customer.

These data subjects may include individuals: (a) who have been directed by the Customer to visit the Supplier’s online properties; and/or (b) whose details have been transferred by the Customer to the Supplier; and/or natural persons authorised by the Customer to use the Service.

4. APPROVED SUBCONTRACTORS

Sub-processor Basis for data transfer Data processing location
Calendly, LLC Calendly LLC is certified under the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. Data processing agreement signed. USA
Cronos Internet
Ltd
Data processing agreement signed. UK
Google LLC Google LLC is certified under the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. Data processing agreement signed. USA
HubSpot Inc HubSpot Inc is certified under the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. Data processing agreement signed. USA
Microsoft Corporation Microsoft Corporation is certified under the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. Data processing agreement signed. USA
Stripe Inc Stripe Inc is certified under the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. Data processing agreement signed. USA
Twilio Inc Twilio is certified under the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. Data processing agreement signed. USA
Zendesk Inc Zendesk Inc is certified under the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. Data processing agreement signed. USA
----------------
Schedule C

TECHNICAL AND ORGANISATIONAL MEASURES

1. PEOPLE

Test Partnership requires all staff to take at least on an annual rolling basis data protection training which includes GDPR compliance, Data Protection Act 2018, information security, privacy, data storage and retention, access rights security breaches, and cyber risks. Test Partnership trains staff in its privacy and data security policies and procedures.

2. ORGANISATION OF INFORMATION

Test Partnership has a comprehensive set of information security policies, approved by senior management and disseminated to all employees.

3. PHYSICAL ACCESS

Test Partnership servers are located in Telehouse London data centres which meet high levels of building security, constant security by trained security staff 24/7, electronic access management, proximity access control systems and CCTV.

4. SYSTEM AND DATA ACCESS

To ensure systems containing personal data are used only by approved, authenticated users:

(a) access to Test Partnership systems is granted only to permitted employees and approved subcontractors and access is strictly limited as required for those persons to fulfil their function.

(b) all users who access Test Partnership servers have a unique identifier;

(c) Test Partnership has a password policy that prohibits the sharing of passwords and requires passwords to be changed on a regular basis and default passwords to be altered. All passwords must fulfil defined minimum complexity requirements and are stored in encrypted form;

(d) access to Test Partnership servers are possible only through a secure VPN tunnel;

(e) users who no longer need to access data or who leave the company have their access revoked;

(f) all access to systems is logged.

(g) admin access to personal data requires multi-factor authentication; and

(h) Test Partnership end user devices automatically lock after periods of non-use.

5. DATA TRANSMISSION

Customer access to personal data is protected by TLS version 1.2 or above.

Subprocessors who may have access to personal data are required to execute data protection agreements that meet or exceed Processor’s standard data processing clauses.

6. AVAILABILITY

Test Partnership maintains a business continuity and disaster recovery plan which is reviewed at least annually.

7. DATA SEPARATION

To ensure applicable personal data is processed separately:

(a) Test Partnership uses logical (but not physical) separation within its multi-tenant architecture to enforce data segregation between customers as applicable; and

(b) personal data is assigned a unique identifier so data is logically separated.

8. INCIDENT MANAGEMENT

Test Partnership maintains an up-to-date incident response plan that includes responsibilities, how information security events are assessed and classified as incidents and response plans and procedures.