Confidentiality & Data Protection

1. Policy Statement

QA Assessor is committed to protecting the confidentiality of all information obtained during certification and training activities. Personal data is handled in accordance with applicable data protection laws and best practices.

All candidates and certified persons can trust that their information is processed securely, responsibly, and only for legitimate certification purposes.

2. Confidential Information

Confidential information includes:

  • Candidate and certified person information (applications, eligibility, results, certificates)
  • Examination materials (question banks, papers, marking guides)
  • Certification and recertification records
  • Complaints and appeals information

QA Assessor ensures that confidential information is accessible only to authorized personnel and is used solely for its intended purpose.

3. Separation of Training and Certification Records

QA Assessor maintains strict separation between training and certification data. Training participation or performance records are never used in certification decisions, and access is restricted to authorized staff only.

Training and certification records are retained only as long as necessary for certification, recertification, training administration, and legal obligations.

4. Third-Party Access

External service providers (examiners, IT providers, or contractors) must comply with QA Assessor’s confidentiality and data protection requirements and handle data only for the purposes authorized.

5. Public Certificate Register

QA Assessor maintains a publicly accessible certificate register. It includes only:

  • Full name of the certified person
  • Certification title
  • Unique certificate number
  • Certification status (Active / Expired / Suspended / Withdrawn)
  • Certificate expiry date

No contact details, employer information, date of birth, or other personal identifiers are published. Candidates provide consent for this limited disclosure when applying.

6. Data Protection Principles

QA Assessor processes personal data according to these principles:

  • Lawfulness, fairness, and transparency
  • Purpose limitation (only for certification or training administration)
  • Data minimization (collect only what is necessary)
  • Accuracy and ability to update data
  • Storage limitation (retain only as required)
  • Security and confidentiality

7. International Data Transfers

For candidates applying from outside the country, QA Assessor ensures personal data is transferred and stored securely with safeguards compliant with applicable law.

8. Data Breach Response

In the event of a data breach, QA Assessor takes immediate steps to contain, assess, and mitigate risk, and notifies affected individuals and authorities where required by law.

9. Your Rights

Individuals have the right to:

  • Access, correct, or request deletion of their personal data
  • Restrict or object to processing
  • Receive their data in a portable format
  • Withdraw consent where applicable
  • Lodge a complaint with a relevant data protection authority

To exercise your rights, contact: certification@qaassessor.com

QA Assessor responds to all requests within 30 calendar days.