Certible Privacy Policy

Contents

Certible and Privacy

Certible GmbH takes data protection seriously. You can browse most of our website — general content, syllabi, and information pages — without creating an account or filling in any forms. Some technical data (such as your IP address) is necessarily processed in the background to deliver the site to you; section 5 explains this in detail. We do not show third-party advertising, do not build profiles of individual visitors, and do not allow third parties to profile visitors on our site. We do measure aggregate website usage through privacy-friendly analytics — see section 5.1.

Some parts of the site do involve personal data: registering for an exam, contacting us, or using the Trainer Portal cannot work without it. Once you are certified, your name, scheme, and examination date also become publicly verifiable through our verification page and, if you opt in, through a digital badge — section 12 explains what this means in practice and how to control visibility. Where we process personal data, we do so in line with the EU General Data Protection Regulation (GDPR) and the Austrian Data Protection Act (Datenschutzgesetz, DSG), and we inform you below about the nature, purpose, and retention of that processing. Where we rely on your consent, we obtain it first.

Certible GmbH, as the controller, has put technical and organisational measures in place to protect personal data. Internet communication can never be made perfectly secure, however, so absolute protection cannot be guaranteed.

1. Who We Are (Controller)

The controller under the GDPR is:

Certible GmbH Löwelstraße 20/2-3 1010 Vienna Austria Phone: +43 1 348 39 93 Email: privacy@certible.com Website: https://www.certible.com

2. Key Terms

This policy uses a few terms defined in the GDPR. The full definitions are in Article 4 GDPR; the ones worth knowing up front are:

3. Your Rights

Under the GDPR, you have the following rights in relation to personal data we hold about you:

To exercise any of these rights, please email privacy@certible.com. We will respond without undue delay, and in any event within the time limits set by the GDPR.

Depending on the activity, we rely on one of the following legal bases under Article 6 GDPR:

5. Website Access and Analytics

When you visit our website, your request passes through our content delivery network (AWS CloudFront) and reaches our web servers, which is how the site is actually delivered to you. During that request, the CDN and the server see your IP address, the timestamp, the HTTP method and requested path, your browser type and version, your operating system, and the referrer URL — none of which the site could be delivered without.

For persistent logging, however, most of this data is stripped: an AWS Lambda function processes log records before archival and removes identifying attributes, so our long-term logs do not carry full request details back to an individual visitor.

The legal basis for this short-lived technical processing is our legitimate interest in a secure and functioning website under Article 6(1)(f) GDPR.

AWS services used by Certible, including CloudFront, are provided under a contract with Amazon Web Services EMEA SARL (Luxembourg). CloudFront’s edge infrastructure is globally distributed, so the delivery of our site may involve processing by AWS in third countries including the United States. Any such transfers are covered by the EU–U.S. Data Privacy Framework and by AWS’s standard contractual clauses.

If you register for an exam through our registration system, the IP address you used is stored with your registration record so that we can investigate any misuse of our services.

5.1 Matomo Analytics

We use Matomo — a self-hosted, privacy-friendly open-source analytics tool — to understand how visitors use our site. Matomo data stays entirely within our control and is never shared with third parties. IP addresses are anonymised before Matomo stores them, Matomo does not track visitors across sessions, and no persistent tracking cookie is set — a visitor cannot be re-identified from Matomo data.

Matomo uses two strictly functional cookies. Both are session cookies with no explicit expiration date; your browser deletes them automatically when the browser session ends, typically when you close the browser.

The legal basis is our legitimate interest in understanding site usage to improve the site (Article 6(1)(f) GDPR), combined with the IP anonymisation and no-persistent-cookies safeguards described above. You can opt out at any time:

Note: Also if you clear your cookies, delete the opt-out cookie, or if you change computers or Web browsers, you will need to perform the opt-out procedure again.

6. Contacting Us

If you email or call us using the contact details on this site, we store the personal data you send us for as long as is needed to handle your request. We do not pass this data on to third parties unless the law requires us to.

7. Registration for a Certification Examination

When you register for a certification exam on our website, we ask for the personal data we need to organise and evaluate the exam, issue an invoice, and (if you pass) deliver a certificate. The specific fields appear on the registration form and are described in detail, alongside their retention periods, in the Privacy Policy for Candidates section below.

In addition, we store the IP address you used, the date, and the time of registration with the registration record. This lets us investigate misuse of our services if it occurs. We do not pass this data on to third parties unless the law requires it or it is needed for a criminal investigation.

You can change the personal data on your registration, or ask us to delete it, at any time — unless we have already issued an invoice to you or you have already taken the exam, in which case the retention periods in Deletion Periods apply.

To request access to, correction of, or deletion of your registration data, email privacy@certible.com. Your broader GDPR rights (see section 3) remain available to you at all times.

8. Payment Processing (Stripe)

For card, Apple Pay, EPS, and similar electronic payment methods, we use Stripe Payments Europe Limited (The One Building, 1 Grand Canal Street Lower, Dublin 2, Ireland).

If you choose one of these payment methods on our registration page, and only after you confirm it, we send Stripe a reference ID linking the registration to the payment and the invoice amount. For EPS payments, your first and last name are additionally transmitted. Your card or account details are entered directly into Stripe’s payment form; we never see or store them on our servers.

Stripe may share payment data with its affiliates, service providers, and sub-processors where necessary to process the payment.

The legal basis is Article 6(1)(b) GDPR (contract performance). Stripe’s own privacy notice is at stripe.com/privacy.

9. LinkedIn Company Page

Certible maintains a public profile on LinkedIn. When you visit our page or interact with our posts, LinkedIn collects technical and behavioural data about you under its own privacy policy. This applies whether or not you have a LinkedIn account — LinkedIn also drops cookies on non-members.

LinkedIn also surfaces information about visitors to us as the page operator. Depending on your LinkedIn privacy settings, this information can include your name and allow us to follow the link to your public LinkedIn profile. This is how LinkedIn Pages work by default; if you would rather not be identifiable to us, you can adjust the “profile viewing options” setting in your LinkedIn account to browse in private or semi-private mode.

Certible does not store this visitor information, does not export it, and does not use it for outreach or marketing. It is visible to us only as ephemeral data in the LinkedIn page dashboard accessible to our administrators.

If you send us a message or connection request on LinkedIn, we process the personal data in that message to handle your enquiry.

Certible and LinkedIn Ireland Unlimited Company are joint controllers for this visitor-identification flow (which LinkedIn calls “Page Insights”) within the meaning of Article 26 GDPR. The division of responsibilities is set out in LinkedIn’s Pages Joint Controller Addendum; under that addendum LinkedIn assumes primary responsibility for GDPR compliance in respect of Page Insights, and the Irish Data Protection Commission is the lead supervisory authority. For all other processing LinkedIn performs in its own capacity (advertising, user-level tracking, behavioural analytics), LinkedIn is the sole controller.

Under Article 26(3) GDPR, you may exercise your data-subject rights against either Certible or LinkedIn, regardless of the internal allocation of responsibilities. For matters concerning what Certible sees or processes, email privacy@certible.com; for matters concerning LinkedIn’s own processing, refer to LinkedIn’s privacy policy and your LinkedIn account settings. Where we receive a request that primarily concerns LinkedIn’s processing, we will forward it or coordinate with LinkedIn as required.

The legal basis for our part in this processing is our legitimate interest in a professional presence and in interacting with our community under Article 6(1)(f) GDPR.

10. Job Applications

If you apply for a role with us, we process the personal data in your application to decide whether to make you an offer. If you are hired, that data becomes part of your employment record and is retained in accordance with employment and tax law. If you are not hired, we delete your application no later than seven months after informing you of the decision, unless we need to keep it longer to defend against a potential claim under the Austrian Equal Treatment Act (Gleichbehandlungsgesetz, GlBG) or other applicable law.

The legal bases are Article 6(1)(b) GDPR (steps taken at the data subject’s request prior to entering a contract) and Article 6(1)(f) GDPR (our legitimate interest in defending against claims).

11. How Long We Keep Personal Data

We keep personal data only for as long as we need it for the purpose for which it was collected, or as long as required by law. The most common statutory period is seven years, for invoicing and tax records under § 132 of the Austrian Federal Fiscal Code (Bundesabgabenordnung). When the purpose ends and no legal obligation requires continued storage, we delete the data or restrict access to it.

Concrete retention periods for candidate data are set out in the Privacy Policy for Candidates section below. For CDN and server logs, retention is short and identifying attributes are stripped before archival as described in section 5. Matomo analytics data is retained without identifying information.

For certification records specifically (name, examination date, scheme, and result), we retain data for a longer period — typically ten years in our internal records — to support traceability of the certification process in line with ISO/IEC 17024 §9.4.10 and to enable ongoing verifiability. The name, scheme, date, and status presented on the public verification page and digital badge (see section 12) are retained for the lifetime of the certification. The legal basis for this longer retention is Article 6(1)(f) GDPR (our legitimate interest in maintaining an auditable certification record and verifiable certifications). Once Certible is formally accredited under ISO/IEC 17024, Article 6(1)(c) GDPR (legal obligation) may additionally apply.

12. Public Verifiability of Certifications

Once you are certified, the fact of your certification and certain identifying information become publicly verifiable. This is both a contractual consequence of holding a certification (a certification is only meaningful if it can be confirmed) and a requirement under ISO/IEC 17024, the international standard for bodies certifying persons.

What is made publicly verifiable:

Self-hosted verification and badges: Certible is its own badge issuer and verification host. Both the verification page and the digital badge are served directly from certible.com, and we do not transmit any of your certification data to third-party badging services such as Credly, Badgr, or Open Badge Factory. If you choose to share or embed your badge on a third-party platform (for example by pasting the badge URL into a LinkedIn profile), that is your own action; Certible itself does not push your data to any such service.

Disabling your verification page: you can hide your verification page yourself. On any /verify/ page, use the option labelled “If you are the holder of this certificate, you can enter your password in order to disable the visibility of this page”, enter the password issued with your certificate, and the page will no longer be viewable to others. You can re-enable visibility at any time through the same mechanism. Disabling the page does not affect the validity of your certification; it only removes the publicly-accessible online view. On request, Certible can still confirm the validity of a given certification in line with ISO/IEC 17024.

Legal basis: Article 6(1)(b) GDPR (contract performance — a certification is only useful if verifiable) and Article 6(1)(f) GDPR (the legitimate interest of employers, clients, and other relying parties in verifying claimed credentials). Where our accreditation under ISO/IEC 17024 imposes a specific requirement, Article 6(1)(c) GDPR may additionally apply.

Right to object and opt-out limits: your options for limiting the public face of your certification are (a) to disable your verification page and/or not publish a digital badge (see above), or (b) to request withdrawal of the certification itself by emailing privacy@certible.com. Withdrawal ends your certification going forward; the retention periods for historical records described in the candidate section above continue to apply. Because a certification body is obligated under ISO/IEC 17024 to be able to confirm the validity of any certification it has granted, a full opt-out from that confirmation capability while the certification remains valid is not available.

Privacy Policy for the Trainer Portal

Authentication

For our trainer portal, we use AWS Cognito as an identity provider. This service enables trainers to log in using their existing Google or LinkedIn accounts via OAuth.

When using these login options, you will be redirected to the respective login page of Google or LinkedIn. There you will enter your login details. We do not receive access to your password from these services.

The following data is transmitted to us by Google or LinkedIn and stored in AWS Cognito:

This data is used exclusively for authentication and to provide the trainer portal services described below.

Trainer Profile and Public Pages

When you set up your trainer profile, you may choose to provide the following information:

All profile information is optional, and you control what information you wish to share.

Public Display: If you choose to make your trainer profile public, the information you have provided (excluding your login email address) will be displayed on our website to help potential candidates find and contact you. You can opt out of public display at any time through your portal settings.

Email Communications: We use your uploaded logo in emails we send on your behalf to candidates, including certification voucher emails and other communications related to your training services.

Certification Voucher Management

When you request certification vouchers through the portal:

Payment Processing

If you choose to pay for vouchers directly through the portal, we use Stripe as our payment processor. When processing payments:

Reporting and Analytics

We provide you with access to anonymized reports about past exams related to your training activities. These reports contain:

Data Retention and Security

Your Rights

You have the right to:

Data Sharing

We do not share your personal information or candidate email addresses with third parties, except:

For questions about data processing in the trainer portal, please contact us at privacy@certible.com.

Privacy Policy for Candidates

Purposes of Data Use

The personal data of candidates (name, address, email address, student status, company name, and VAT ID number/UID number) is used by Certible for the following purposes:

In case of passing the examination, the above data is additionally used for the following purposes:

Live Exam Supervision (Audio/Video Stream)

During a remote examination, our examination supervisor (invigilator) is connected to you in real time by video and audio: the supervisor can see you and your examination environment through your webcam and hear what your microphone picks up. This is required to verify your identity, to confirm the integrity of the examination environment (no unauthorised materials, no unauthorised persons), and to intervene if needed.

By default, this live stream is not recorded or retained by Certible — it exists only as a live transmission during the examination session. The exception is ISTQB Certified Tester examinations, where recordings are made and retained as described below.

The legal basis is Article 6(1)(b) GDPR (contract performance — conducting the examination in line with scheme requirements and our examination regulations).

Identity Verification

Before the examination starts, you will be asked to show a government-issued photo ID (passport, national ID card, or driver’s licence) to the examination supervisor via your webcam. The supervisor verifies your identity visually.

By default, the supervisor does not retain any copy of your ID — only a live visual check is performed.

Optionally, you may choose to use our temporary ID-upload feature. If you do:

The legal basis is Article 6(1)(b) GDPR (contract performance).

Invigilator Notes and Exam System Logs

During and after each exam, our examination supervisor (invigilator) may record brief written observations in our exam management system. Examples include confirmation that visible items in the workspace are not exam-related, explanations for interventions, notes on technical issues, or flagged observations of potentially suspicious behaviour. These notes can reference you by name and may describe your examination environment as seen on camera.

Separately, the exam system records technical events for each session — for example, when and why the exam was locked or unlocked, timestamps of workspace check events, mouse position at the moment of a significant event, changes of active tab or application, and connection interruptions.

Purpose: to support the integrity and auditability of the certification process, to provide an evidentiary basis if an appeal, complaint, or integrity investigation arises, and to aid technical support and quality improvement.

Retention: these records are kept as part of your exam record and follow the same retention pattern as the other exam-related attributes described in the retention table below (typically ten years for passed exams, fourteen months otherwise). They may be retained for longer in the context of an ongoing appeal or integrity investigation.

Legal basis: Article 6(1)(b) GDPR (contract performance — conducting the exam and the associated certification) and Article 6(1)(f) GDPR (our legitimate interest in the integrity and auditability of the certification process).

Sharing: these records are not shared with third parties unless we are required by law to do so, or their disclosure is warranted as part of an appeal, complaint, or integrity investigation.

Deletion Periods

Video Recordings for Remote Examinations

Certible is obligated to supervise examination participants to ensure compliance with the applicable examination regulations. Supervision occurs exclusively in real-time unless the certification scheme owner requires recording of the examination session.

Recordings are currently limited to ISTQB Certified Tester remote examinations; this has been our practice since 1 January 2023.

Recordings are under no circumstances shared with third parties and are only used in one of these three cases:

  1. Appeal against termination of an examination by Certible due to violations of examination regulations or due to the behavior of the examination supervisor. More information can be found under Examination Support.
  2. Complaint by the examination participant about the behavior of the examination supervisor.
  3. Investigation by Certible of a suspicion of cheating or fraud by the candidate, in line with the applicable examination regulations.

For failed examinations, recordings are retained for the duration of the appeal period against termination of an examination or due to the behavior of the examination supervisor and then deleted.

For passed examinations, recordings are retained until the end of the following day after the examination and then deleted, unless the examination participant submits a formal complaint about the behavior of the examination supervisor.

If a suspicion of cheating or fraud arises, recordings may be retained for the duration of the investigation and any resulting appeal or disciplinary process, after which they are deleted. This may extend the retention period beyond the rules stated above.

Use, Storage and Deletion of Your Personal Data

The data you enter will be used by us exclusively for the following purposes and will be deleted after the periods specified below:

Attribute: Title (optional), Form of Address, Name, Student Status Purpose: We need this information to address you correctly, so our examination supervisors know whom to expect at the examination date, and we know who to issue an invoice to (if not paid by third parties, i.e., registration with voucher). Additionally, we use this data for the certification process and, in case of passing, for issuing the certificate. Since most schemes require proof of certified persons, in case of passing, Name (as well as Examination Scheme, Date, Examination Location) will be transmitted to the respective creator of the certificate (“Scheme Owner”). For details, please refer to the section “Data Transmission to Certification Scheme Owners After Completed Certification Examination”

Attribute: Address (Either private address and/or company address) including City, Postal Code, and Country Purpose: We need this data for issuing an invoice (if the examination fee was not paid by third parties), and in case of passing, for shipping the printed certificate.

Attribute: Company and VAT ID Number/UID Number Purpose: If you want a company invoice, we need this information for correct invoicing; the VAT ID number is needed for issuing a “Reverse Charge” invoice. If the company headquarters is not in Austria, the VAT ID number must be provided to avoid double taxation. Please do not provide this information if we should not issue a company invoice.

Attribute: Email Address Purpose: We need this email address for sending registration confirmation, payment confirmation, invoice, for inquiries about admission requirements (e.g., Foundation Level certificates for Advanced Level certifications), transmission of examination results and possible delivery of a digital certificate, as well as for queries regarding the planned examination and questions or requests as part of the certification process.

Attribute: Phone Number Purpose: In the rare case that time or location of the examination changes at short notice, or if you are not present at the planned examination start, our examination supervisor may need to contact you, for example, to decide whether to wait for you. Being able to reach you is therefore very important to us, which is why this is a mandatory field. If you still don’t want us to be able to reach you by phone for this purpose, please enter a “0” instead of your phone number. Please do not enter a randomly chosen phone number that could belong to someone else.

Deletion Timing

When a particular attribute is deleted depends on whether the examination was passed or not and whether an invoice was issued to you. The following table shows the duration until deletion from the day of the examination.

The values in the Passed column indicate after what time after the examination the respective attributes will be deleted if the examination was passed; the values in the Not Passed column indicate after what time the respective attributes will be deleted if the examination was not passed. These periods may vary due to invoice issuance, see the following section.

AttributePassedNot Passed
Name (incl. title and form of address)10 years14 months
Phone Number1 day1 day
Email Address7 years14 months
Address, Postal Code, City14 months2 months
Country14 months14 months
Student Status14 months14 months
Examination Location14 months14 months
Examination Country7 years7 years
Examination Date10 years10 years
Examination Scheme10 years10 years
Examination Result10 years10 years

Note on public verification data: The name, examination scheme, examination date, and certification status shown on your public verification page and digital badge (see section 12) are retained for the lifetime of the certification — which may exceed the internal periods in the table above. This is what makes the certification verifiable under ISO/IEC 17024.

Invoice Based on Your Registration Data

If we have issued an invoice based on your registration data, we must retain the following attributes for 7 years according to legal requirements:

Name, if applicable Student Status (if the chosen examination scheme provides for a student discount, the student status is visible in the form of the student discount shown on the invoice), Examination Location, Examination Date and Examination Scheme as well as those Email Address(es), Address (including City, Postal Code, Country), Company and VAT ID Number/UID Number provided in the billing data step.

No Invoice to You, i.e., Billing by Third Parties

If you have received a voucher from a training provider or your employer, we must show which service we have provided as part of the billing process. As part of the invoice, we must therefore retain the attributes Name, Examination Location, Examination Date and Examination Scheme for 7 years according to legal requirements.

Data Transmission to Third Parties

The following section describes the two cases in which Certible transmits personal data to third parties in connection with certification scheme owner reporting and billing by third parties:

1. Certification Scheme Owners After Completed Certification Examination

Certible is obligated to transmit data about examinations of a certification scheme to the respective scheme owner:

IREB

International Requirements Engineering Board (IREB) e.V., Mahlbergstr. 25, 76189 Karlsruhe, Germany - Contact: Website

iSAQB

International Software Architecture Qualification Board e. V., Donnersbergweg 4, 67059 Ludwigshafen am Rhein, Germany - Contact: Website

UXQB

UXQB – International Usability and User Experience Qualification Board e.V., Burgmauer 10, D-50667 Köln - Contact: Website

ISTQB / Austrian Testing Board

Austrian Testing Board (ATB), Hauptstrasse 240/4, 2391 Kaltenleutgeben, Austria - Contact: Website

ICPMSB

ICPMSB e.V. c/o UFIT AG, Industriestr. 1, 67141 Neuhofen, Germany - Contact: Website

ITEDAS

itedas.org, Owner Gerd Bauer, Reginbaldstr. 12, 81247 München - Contact: Website

2. Invoicing

If the examination registration is made using a voucher provided by a training institute or company, then any invoice to this company will contain the attributes First Name, Last Name, Date, Examination Location (where applicable) and Examination Type.