# PRIVACY POLICY
Last updated February 01, 2024
This privacy notice for TEST SUCCEED LIMITED (" we ," " us ," or " our "), describes how and why we
might collect, store, use, and/or share (" process ") your information when you use our services
(" Services "), such as when you:
■ Visit our website at https://testsuceed.com, or any website of ours that links to this privacy
notice
■ Engage with us in other related ways, including any sales, marketing, or events
Questions or concerns? Reading this privacy notice will help you understand your privacy rights
and choices. If you do not agree with our policies and practices, please do not use our Services. If
you still have any questions or concerns, please contact us at hitthetest@gmail.com.
# SUMMARY OF KEY POINTS
This summary provides key points from our privacy notice, but you can find out more details
about any of these topics by clicking the link following each key point or by using our table of
contents below to find the section you are looking for.
What personal information do we process? When you visit, use, or navigate our Services, we
may process personal information depending on how you interact with us and the Services, the
choices you make, and the products and features you use. Learn more about personal information
you disclose to us.
Do we process any sensitive personal information? We do not process sensitive personal
information.
Do we receive any information from third parties? We do not receive any information from third
parties. How do we process your information? We process your information to provide, improve, and
administer our Services, communicate with you, for security and fraud prevention, and to comply
with law. We may also process your information for other purposes with your consent. We process
your information only when we have a valid legal reason to do so. Learn more about how we
process your information.
In what situations and with which parties do we share personal information? We may share
information in specific situations and with specific third parties. Learn more about when and with
whom we share your personal information.
How do we keep your information safe? We have organizational and technical processes and
procedures in place to protect your personal information. However, no electronic transmission over
the internet or information storage technology can be guaranteed to be 100% secure, so we cannot
promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be
able to defeat our security and improperly collect, access, steal, or modify your information. Learn
more about how we keep your information safe.
What are your rights? Depending on where you are located geographically, the applicable privacy
law may mean you have certain rights regarding your personal information. Learn more about your
privacy rights.
How do you exercise your rights? The easiest way to exercise your rights is by visiting
https://hitthetest.com/profile, or by contacting us. We will consider and act upon any request in
accordance with applicable data protection laws.
Want to learn more about what we do with any information we collect? Review the privacy notice in
full.
# TABLE OF CONTENTS
1. WHAT INFORMATION DO WE COLLECT?
2. HOW DO WE PROCESS YOUR INFORMATION?
3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR PERSONAL INFORMATION?
4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION? 5. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?
6. HOW LONG DO WE KEEP YOUR INFORMATION?
7. HOW DO WE KEEP YOUR INFORMATION SAFE?
8. DO WE COLLECT INFORMATION FROM MINORS?
9. WHAT ARE YOUR PRIVACY RIGHTS?
10. CONTROLS FOR DO-NOT-TRACK FEATURES
11. DO UNITED STATES RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?
12. DO WE MAKE UPDATES TO THIS NOTICE?
13. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?
14. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?
15. EFFORT IN COMPLIANCE WITH GDPR
# 1. WHAT INFORMATION DO WE COLLECT?
# Personal information you disclose to us
In Short: We collect personal information that you provide to us.
We collect personal information that you voluntarily provide to us when you register on the Services,
express an interest in obtaining information about us or our products and Services, when you
participate in activities on the Services, or otherwise when you contact us.
Personal Information Provided by You. The personal information that we collect depends on the
context of your interactions with us and the Services, the choices you make, and the products and
features you use.
All personal information that you provide to us must be true, complete, and accurate, and you must
notify us of any changes to such personal information. The personal information we collect may
include the following:
● In case of joining membership by connecting a Facebook account: name, e-mail address (ID)
of a User as listed on Facebook account, phone number, preferred country(ies) for study
abroad.
● In case of joining membership by connecting a Google account: name, e-mail address (ID)
of a User as listed on Google account, phone number, preferred country(ies) for study
abroad. ● In case of joining membership by connecting an Apple account: name, e-mail address (ID) of
a User as listed on Apple account, phone number, preferred country(ies) for study abroad.
● Other information as may be needed.
● In case of joining membership by email: name, email address, phone number, preferred
country(ies) for study abroad and password of a User
Sensitive Information. We do not process sensitive information.
Payment Data. We may collect data necessary to process your payment if you make purchases,
such as your payment instrument number, and the security code associated with your payment
instrument. All payment data is stored by Stripe. You may find their privacy notice link(s) here:
https://stripe.com/privacy.
Social Media Login Data. We may provide you with the option to register with us using your existing
social media account details, like your Facebook, Twitter, or other social media account. If you
choose to register in this way, we will collect the information described in the section called "HOW
DO WE HANDLE YOUR SOCIAL LOGINS?" below.
# Information automatically collected
In Short: Some information — such as your Internet Protocol (IP) address and/or browser and
device characteristics — is collected automatically when you visit our Services.
We automatically collect certain information when you visit, use, or navigate the Services. This
information does not reveal your specific identity (like your name or contact information) but may
include device and usage information, such as your IP address, browser and device characteristics,
operating system, language preferences, referring URLs, device name, country, location, information
about how and when you use our Services, and other technical information. This information is
primarily needed to maintain the security and operation of our Services, and for our internal analytics
and reporting purposes.
Like many businesses, we also collect information through cookies and similar technologies. You
can find out more about this in our Cookie Notice: https://docs.google.com/document/d/e/2PACX-1vQm4UJBJ3f4UnroBydwxshkH7Z6UjRclpNqC8zoU
EpLAqg2nKh5hu9P38psnGjCF9HLtuKy-qZv3YQd/pub.
The information we collect includes:
■ Log and Usage Data. Log and usage data is service-related, diagnostic, usage, and
performance information our servers automatically collect when you access or use our
Services and which we record in log files. Depending on how you interact with us, this log
data may include your IP address, device information, browser type, and settings and
information about your activity in the Services (such as the date/time stamps associated with
your usage, pages and files viewed, searches, and other actions you take such as which
features you use), device event information (such as system activity, error reports
(sometimes called "crash dumps"), and hardware settings).
# 2. HOW DO WE PROCESS YOUR INFORMATION?
In Short: We process your information to provide, improve, and administer our Services,
communicate with you, for security and fraud prevention, and to comply with law. We may also
process your information for other purposes with your consent.
We process your personal information for a variety of reasons, depending on how you
interact with our Services, including:
1) Member management: The Company uses the Personal Information for member management
including confirmation of the intent to join membership, confirmation of ages, process of the consent
of a legal representative, confirmation of identification of a User and a legal representative, User
identification and confirmation of the intent to membership withdrawal.
2) The Company uses the Personal Information for the purpose of restrictions on the use of
Members violating laws, regulations, terms and conditions of use; prevention and disciplinary action
against any act disrupting the smooth operation of Services including wrongful use, prevention of
account theft and wrongful transactions; delivery of details to be notified such as notice of
modification of functions or policies of the Company site or application; record preservation for
dispute mediation; protection of Users such as processing of civil complaints; and operation of
Services. 3) The Company uses the Personal Information for the execution of an agreement for provision of
Services as requested by the User, identification after provision of paid-up Services, purchase,
payment of fees and settlement of fees.
4) Company uses the Personal Information for the purpose of providing services such as
personalized learning and study materials.
5) In addition to provision of existing Services including content, the Company uses the Personal
Information for demographic analysis, analysis of visits and records of usage of Services, and
discovery of new Services and improvement of existing Services including provision of customized
Services based on the Personal Information and interest.
6) The Company uses the Personal Information for the provision of events and advertising
information and provision of an opportunities to participation therein, provision of customer-based
customized Services, provision of Services and the posting of advertisements based on statistical
characteristics, confirmation of effectiveness of Services, identification of access frequency and
statistics on the Member’s use of Services.
7) The Company may provide the Personal Information to institutions such as overseas educational
organizations, overseas visa agencies, TOEFL and IELTS test centers, etc., for the purpose of
service improvement and development, or as required for specific objectives.
8) The Company uses the Personal Information in order to construct a safe environment for using
Services so that the User feels at ease and uses the Services in terms of security, privacy and
safety.
In cases where the Company uses the Personal Information for purposes other than those as set
forth herein, the Company shall try to obtain the consent from the Members.
# 3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR
# INFORMATION?
In Short: We only process your personal information when we believe it is necessary and we have a
valid legal reason (i.e., legal basis) to do so under applicable law, like with your consent, to comply
with laws, to provide you with services to enter into or fulfill our contractual obligations, to protect
your rights, or to fulfill our legitimate business interests.
If you are located in the EU or UK, this section applies to you. The General Data Protection Regulation (GDPR) and UK GDPR require us to explain the valid legal
> bases we rely on in order to process your personal information. As such, we may rely on the
> following legal bases to process your personal information:
■ Consent. We may process your information if you have given us permission (i.e., consent) to
> use your personal information for a specific purpose. You can withdraw your consent at any
> time. Learn more about withdrawing your consent.
■ Legitimate Interests. We may process your information when we believe it is
reasonably necessary to achieve our legitimate business interests and those
interests do not outweigh your interests and fundamental rights and freedoms. For
example, we may process your personal information for some of the purposes
described in order to:
■ Send users information about special offers and discounts on our products and
services
■ Analyze how our Services are used so we can improve them to engage and
retain users
■ Legal Obligations. We may process your information where we believe it is
necessary for compliance with our legal obligations, such as to cooperate with a law
enforcement body or regulatory agency, exercise or defend our legal rights, or
disclose your information as evidence in litigation in which we are involved.
■ Vital Interests. We may process your information where we believe it is necessary to
protect your vital interests or the vital interests of a third party, such as situations
involving potential threats to the safety of any person.
In legal terms, we are generally the "data controller" under European data protection laws of
the personal information described in this privacy notice, since we determine the means
and/or purposes of the data processing we perform. This privacy notice does not apply to
the personal information we process as a "data processor" on behalf of our customers. In
those situations, the customer that we provide services to and with whom we have entered
into a data processing agreement is the "data controller" responsible for your personal
information, and we merely process your information on their behalf in accordance with your
instructions. If you want to know more about our customers' privacy practices, you should
read their privacy policies and direct any questions you have to them. If you are located in Canada, this section applies to you.
We may process your information if you have given us specific permission (i.e., express
consent) to use your personal information for a specific purpose, or in situations where your
permission can be inferred (i.e., implied consent). You can withdraw your consent at any
time.
In some exceptional cases, we may be legally permitted under applicable law to process
your information without your consent, including, for example:
■ If collection is clearly in the interests of an individual and consent cannot be obtained
in a timely way
■ For investigations and fraud detection and prevention
■ For business transactions provided certain conditions are met
■ If it is contained in a witness statement and the collection is necessary to assess,
process, or settle an insurance claim
■ For identifying injured, ill, or deceased persons and communicating with next of kin
■ If we have reasonable grounds to believe an individual has been, is, or may be victim
of financial abuse
■ If it is reasonable to expect collection and use with consent would compromise the
availability or the accuracy of the information and the collection is reasonable for
purposes related to investigating a breach of an agreement or a contravention of the
laws of Canada or a province
■ If disclosure is required to comply with a subpoena, warrant, court order, or rules of
the court relating to the production of records
■ If it was produced by an individual in the course of their employment, business, or profession
> and the collection is consistent with the purposes for which the information was produced
■ If the collection is solely for journalistic, artistic, or literary purposes
■ If the information is publicly available and is specified by the regulations
# 4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL
# INFORMATION? In Short: We may share information in specific situations described in this section and/or with the
following third parties.
We may need to share your personal information in the following situations:
■ Business Transfers. We may share or transfer your information in connection with, or
during negotiations of, any merger, sale of company assets, financing, or acquisition of all or
a portion of our business to another company.
The duties consigned to be processed in overseas countries out of the processes of the Personal
Information consigned by Hitthetest are as follows:
Consignee
company
Purpose of
transfer
Items of the
Personal
Information to
be transferred
Country
to which
transfer
is made
Date and
method of
transfer
Period of use
of the
Personal
Information
Google LLC Service use
statistics
Device
information,
Service use
information
USA While joining
membership
Until the
consignment
contract
terminates
AWS Membership ID, encoded
password,
email and the
UID, name
and email of
SNS user
information
while joining
SNS
membership
USA While joining
membership
While
withdrawing
membership
or until the
consignment
contract
terminates In order to provide better Service, when it is necessary for Hitthetest to provide the Personal
Information of a User to a 3 rd party including other companies, the Company will go through the
process of obtaining the consent after giving prior notice to Users on the following: who is the
partner; what are the items of the Personal Information to be provided or shared; the purpose of use
of the Personal Information to be provided or shared; until when the Personal Information is shared;
and how the Personal Information is protected and managed. Any Personal Information without the
consent of the User is not provided or shared to a 3 rd party.
As for the method of notice and consent, the notice is to be given, and the consent is to be obtained
by sending email simultaneously at least 7 days prior thereto through the bulletin board on the
homepage. However, in an exceptional case where prior notice is not possible, the provision and
sharing of the Personal Information may be held concurrently with the notice. Hitthetest will make its
best effort in ensuring that the Personal Information of a User will not be provided thoughtlessly in
violation of the original purpose of collection and purpose of use as set forth in the Privacy Policy.
The Company uses Google Analytics.
Method of Opt-out: ‘Opt-out’ means ensuring that the data of a User is not collected by others. As for
Google Analytics, a User may opt out itself in the program of Google by using the Opt-out Browser
Add-on of Google Analytics. The Opt-out Browser Add-on of Google Analytics may be used by
visiting https://tools.google.com/dlpage/gaoptout.
# 5. DO WE USE COOKIES AND OTHER TRACKING
# TECHNOLOGIES?
In Short: We may use cookies and other tracking technologies to collect and store your information.
We may use cookies to access or store information. Specific information about how we use such
technologies and how you can refuse certain cookies is set out in our Cookie Notice:
https://docs.google.com/document/d/e/2PACX-1vQm4UJBJ3f4UnroBydwxshkH7Z6UjRclpNqC8zoU
EpLAqg2nKh5hu9P38psnGjCF9HLtuKy-qZv3YQd/pub .
The User may reject or delete the establishment of Cookies at any time. Accordingly, the User may
allow all the Cookies by setting the option in the web browser, go through the confirmation process
whenever the Cookies are to be stored, or reject the storage of all the Cookies. However, if the User rejects the storage of Cookies, the User may have difficulty in using some Services of the Company
that requires log-in. For allowance for the establishment of Cookies, a separate setting shall be
made by web browsers.
# 6. HOW LONG DO WE KEEP YOUR INFORMATION?
In Short: We keep your information for as long as necessary to fulfill the purposes outlined in this
privacy notice unless otherwise required by law.
We will only keep your personal information for as long as it is necessary for the purposes set out in
this privacy notice, unless a longer retention period is required or permitted by law (such as tax,
accounting, or other legal requirements). No purpose in this notice will require us to keep your
personal information for longer than the period of time in which users have an account with us.
We keep and manage separately the Personal Information of a Member if the Member does not use
the Services for one year in accordance with the ‘expiration system of personal information.’
In such event, until 30 days before the lapse of such periods as set forth above, the Company
informs the Member of the fact that the Personal Information of the Member is stored and managed
separately, expiration date and the items of such Personal Information in a way of sending email,
written, fax, telephone call or in other similar way.
However, while using the Service, the Personal Information is converted into a dormant ID at the
time of deletion of Service regardless of the expiration date. The Personal Information converted into
dormant ID will be discarded without delay after being retained for 4 years.
# 7. HOW DO WE KEEP YOUR INFORMATION SAFE?
In Short: We aim to protect your personal information through a system of organizational and
technical security measures.
In order to safely manage the Personal Information of Users, Hitthetest seeks for the following
technical/managerial measures:
- Encryption of the Personal Information:
Member’s ID and password are stored and managed after being encoded so that they are known only to the Member, and the confirmation and modification of the Personal Information are
available only to the User him/herself who knows the password.
- Countermeasures against hacking:
Hitthetest makes its best effort in preventing any divulge or damage in the Personal Information
of the Member caused by hacking or computer virus.
In order to be prepared for the damage in the Personal Information, the Company frequently
makes backup and prevents the divulge or damage in the Personal Information or data of Users
by using the latest vaccine program and ensures that the Personal Information can be safely
transmitted in the network through encoded communication.
In addition, the Company controls unauthorized access from the outside by using an invasion
blockage system and makes its best effort in being equipped with all the technical devices
available for securing systematic security.
- Establishment and execution of an internal management plan:
The Company establishes an internal management plan for the Personal Information including
the matters of an organization and operation of the organization for protecting Personal
Information such as designating a responsible person for privacy protection and checks whether
such plan is executed well or not every year.
Hitthetest staff handling the Personal Information related matters is limited to the person in
charge thereof, and a separate password is given for this and renewed regularly. Compliance
with the Privacy Policy is always emphasized through frequent training of the person in charge.
- Countermeasures against falsification and alteration of access record:
However, notwithstanding such effort, the Company shall never be responsible for any problem
caused by divulge of the Personal Information including ID and password arising out of the
problem in the internet or communication or negligence of Users.
# 8. DO WE COLLECT INFORMATION FROM MINORS?
In Short: We do not knowingly collect data from or market to children under 18 years of age. We do not knowingly solicit data from or market to children under 18 years of age. By using the
Services, you represent that you are at least 18 or that you are the parent or guardian of such a
minor and consent to such minor dependent’s use of the Services. If we learn that personal
information from users less than 18 years of age has been collected, we will deactivate the account
and take reasonable measures to promptly delete such data from our records. If you become aware
of any data we may have collected from children under age 18, please contact us at
hitthetest@gmail.com.
# 9. WHAT ARE YOUR PRIVACY RIGHTS?
In Short: In some regions, such as the European Economic Area (EEA), United Kingdom (UK),
Switzerland, and Canada, you have rights that allow you greater access to and control over your
personal information. You may review, change, or terminate your account at any time.
In some regions (like the EEA, UK, Switzerland, and Canada), you have certain rights under
applicable data protection laws. These may include the right (i) to request access and obtain a copy
of your personal information, (ii) to request rectification or erasure; (iii) to restrict the processing of
your personal information; (iv) if applicable, to data portability; and (v) not to be subject to automated
decision-making. In certain circumstances, you may also have the right to object to the processing of
your personal information. You can make such a request by contacting us by using the contact
details provided in the section "HOW CAN YOU CONTACT US ABOUT THIS NOTICE?" below.
We will consider and act upon any request in accordance with applicable data protection laws.
If you are located in the EEA or UK and you believe we are unlawfully processing your personal
information, you also have the right to complain to your Member State data protection authority
or UK data protection authority.
If you are located in Switzerland, you may contact the Federal Data Protection and Information
Commissioner.
Withdrawing your consent: If we are relying on your consent to process your personal information,
which may be express and/or implied consent depending on the applicable law, you have the right to
withdraw your consent at any time. You can withdraw your consent at any time by contacting us by using the contact details provided in the section "HOW CAN YOU CONTACT US ABOUT THIS
NOTICE?" below or updating your preferences.
However, please note that this will not affect the lawfulness of the processing before its withdrawal
nor, when applicable law allows, will it affect the processing of your personal information conducted
in reliance on lawful processing grounds other than consent.
Opting out of marketing and promotional communications: You can unsubscribe from our
marketing and promotional communications at any time by clicking on the unsubscribe link in the
emails that we send, or by contacting us using the details provided in the section "HOW CAN YOU
CONTACT US ABOUT THIS NOTICE?" below. You will then be removed from the marketing lists.
However, we may still communicate with you — for example, to send you service-related messages
that are necessary for the administration and use of your account, to respond to service requests, or
for other non-marketing purposes.
# Account Information
If you would at any time like to review or change the information in your account or
terminate your account, you can:
■ Log in to your account settings and update your user account.
■ Contact us using the contact information provided.
Upon your request to terminate your account, we will deactivate or delete your account and
information from our active databases. However, we may retain some information in our files to
prevent fraud, troubleshoot problems, assist with any investigations, enforce our legal terms and/or
comply with applicable legal requirements.
Cookies and similar technologies: Most Web browsers are set to accept cookies by default. If you
prefer, you can usually choose to set your browser to remove cookies and to reject cookies. If you
choose to remove cookies or reject cookies, this could affect certain features or services of our
Services. For further information, please see our Cookie Notice:
https://docs.google.com/document/d/e/2PACX-1vQm4UJBJ3f4UnroBydwxshkH7Z6UjRclpNqC8zoU
EpLAqg2nKh5hu9P38psnGjCF9HLtuKy-qZv3YQd/pub. If you have questions or comments about your privacy rights, you may email us at
hitthetest@gmail.com .
# 10. CONTROLS FOR DO-NOT-TRACK FEATURES
Most web browsers and some mobile operating systems and mobile applications include a
Do-Not-Track ("DNT") feature or setting you can activate to signal your privacy preference not to
have data about your online browsing activities monitored and collected. At this stage no uniform
technology standard for recognizing and implementing DNT signals has been finalized. As such, we
do not currently respond to DNT browser signals or any other mechanism that automatically
communicates your choice not to be tracked online. If a standard for online tracking is adopted that
we must follow in the future, we will inform you about that practice in a revised version of this privacy
notice.
# 11. DO UNITED STATES RESIDENTS HAVE SPECIFIC PRIVACY
# RIGHTS?
In Short: If you are a resident of , you are granted specific rights regarding access to your personal
information.
What categories of personal information do we collect?
We have collected the following categories of personal information in the past twelve (12) months:
Category Examples Collected
A. Identifiers Contact details, such as real name, alias, postal address,
telephone or mobile contact number, unique personal
identifier, online identifier, Internet Protocol address, email
address, and account name
NO B. Protected classification
characteristics under state or federal
law
Gender and date of birth
NO
C. Commercial information Transaction information, purchase history, financial
details, and payment information NO
D. Biometric information Fingerprints and voiceprints
NO
E. Internet or other similar network
activity
Browsing history, search history, online behavior, interest
data, and interactions with our and other websites,
applications, systems, and advertisements
NO
F. Geolocation data Device location
NO
G. Audio, electronic, visual, thermal,
olfactory, or similar information
Images and audio, video or call recordings created in
connection with our business activities YES
H. Professional or
employment-related information
Business contact details in order to provide you our
Services at a business level or job title, work history, and
professional qualifications if you apply for a job with us
NO
I. Education Information Student records and directory information
NO
J. Inferences drawn from collected
personal information
Inferences drawn from any of the collected personal
information listed above to create a profile or summary
about, for example, an individual’s preferences and
characteristics
NO K. Sensitive personal Information
NO
We will use and retain the collected personal information as needed to provide the Services or for:
■ Category G - As long as the user has an account with us
We may also collect other personal information outside of these categories through instances where
you interact with us in person, online, or by phone or mail in the context of:
■ Receiving help through our customer support channels;
■ Participation in customer surveys or contests; and
■ Facilitation in the delivery of our Services and to respond to your inquiries.
How do we use and share your personal information?
Learn about how we use your personal information in the section, "HOW DO WE
PROCESS YOUR INFORMATION?"
Will your information be shared with anyone else?
We may disclose your personal information with our service providers pursuant to a written contract
between us and each service provider. Learn more about how we disclose personal information to in
the section, " WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL
INFORMATION? "
We may use your personal information for our own business purposes, such as for undertaking
internal research for technological development and demonstration. This is not considered to be
"selling" of your personal information.
We have not disclosed, sold, or shared any personal information to third parties for a business or
commercial purpose in the preceding twelve (12) months. We will not sell or share personal
information in the future belonging to website visitors, users, and other consumers.
# 12. DO WE MAKE UPDATES TO THIS NOTICE? In Short: Yes, we will update this notice as necessary to stay compliant with relevant laws.
We may update this privacy notice from time to time. The updated version will be indicated by an
updated "Revised" date and the updated version will be effective as soon as it is accessible.
Upon addition, deletion and amendment of the contents hereof, the Company will give a prior notice
through the ‘bulletin board’ at least 7 days prior to revision.
However, upon important changes in the rights of a User including changes in the items of the
Personal Information to be collected and purpose of use, the Company gives a prior public notice at
least 30 days before and, if necessary, may obtain the consent from the User.
# 13. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?
If you have questions or comments about this notice, you may email us at hitthetest@gmail.com or
contact us by post at:
Kseniia Rudskikh
__________
Kaizlovy Sady 434/13, 18600 Prague
Prague , Prague 18600
Czechia
If you are a resident in the European Economic Area, we are the "data controller" of your
personal information. We have appointed Kseniia Rudskikh to be our representative in the
EEA. You can contact them directly regarding our processing of your information , by email at
hitthetest@gmail.com, by visiting https://hitthetest.com, by phone at +79131008892, or by post to:
Kaizlovy Sady 434/13, 18600 Prague
Prague, Prague 18600
Czech Republic
# 14. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE
# COLLECT FROM YOU? Based on the applicable laws of your country, you may have the right to request access to the
personal information we collect from you, change that information, or delete it. To request to review,
update, or delete your personal information, please visit: https://hitthetest.com/profile.
# 15. EFFORT IN COMPLIANCE WITH GDPR
In order to comply with the privacy protection law (GDPR) of the EU, Hitthetest (the “Hitthetest”)
makes the following efforts:
• Activities for enhancement of the awareness of GDPR;
• Conducting an evaluation of the impact of the Personal Information;
• Guaranteeing the right of a User; and
• Reporting and giving notice of divulge of the Personal Information.
## Activities for Enhancement of the Awareness of GDPR
In order to comply with GDPR, Hitthetest makes its best effort and interest company-wide. Hitthetest
confirms the effect of GDPR on the Company and makes its best effort in complying with GDPR by
the duties through the following activities:
• Participating department: Customer management, human resources, finance, marketing, system
development, etc.;
• Conducting a survey on the level of knowledge of privacy protection of the members of
organization;
• Making official announcements of executives’ willingness for compliance with GDPR;
• Encouraging the participation in GDPR conference and seminar; and
• Managing the checklist of items to be carried out by departments.
## Conducting an Evaluation of the Impact of the Personal Information
If the case falls under any of the followings which are likely to result in high risk to the right and
freedom of natural person as prescribed in GDPR, Hitthetest evaluates the impact of the Personal
Information:
1. Evaluation or grade;
2. Automated decision making which has legal effect or other similar important effect;
3. Monitoring by using a system;
4. Sensitive information;
5. Information to be processed massively; 6. Series of information linked or consolidated; or
7. Information about vulnerable information principal.
## Guaranteeing the Rights of Users
Hitthetest makes its best effort in guaranteeing the following rights of Users as prescribed in GDPR:
• Right to deletion (right to be forgotten)
The information principal shall have the right (right to deletion) to request for deleting the Personal
Information related to him/herself.
1. When it is no longer necessary in relation to the purpose of collection or processes of the
Personal Information;
2. When the information principal withdraws the consent to the processes of the Personal
Information and there is no legal ground for the processes of such Personal Information;
3. When the information principal objects to the processes of the Personal Information under
Article 21 (Right to Rejection) (1) of GDPR and there is no justifiable reason for preference over
the processes of the Personal Information or the information principal objects to direct marketing
under Article 21 (2) of GDPR;
4. When the Personal Information is unlawfully processed;
5. When the deletion of the Personal Information is necessary for complying with the laws and
regulations of EU or EU member state; or
6. When the Personal Information is collected related to the provision of information society
service for the children.
However, if the case falls under any of the followings, Hitthetest may reject to request for deletion
of Personal Information:
1. When it is for exercising of the right to freedom of expression and information;
2. When it is for complying with the legal obligations of the EU or EU member state, or exercising
public duties or public authority granted to Hitthetest;
3. When it is for the purpose of public health for public interest;
4. When it is for the purpose of record preservation for public interest, scientific or historical
research and statistical purpose; or
5. When it is for proving, exercising or defending the right to file legal claims.
• Right to transfer Personal Information
1. Upon request of the information principal, Hitthetest shall provide the information to the
information principal without unreasonable delay and provide information related to the transfer of information received by Hitthetest within one month after receiving the application for information
transfer. If the time is to be taken because the information processes to be transferred is
complicated, the Company will give notice of the cause and period of extension (2-month
extension is available but total extension period cannot exceed 3 months) within 1 month.
2. If no measures are taken by Hitthetest for the application from the information principal, the
information principal may request Hitthetest to explain the reason not to take the measures or
request for judicial remedy filed with the regulatory organization within 1 month from the
application date.
3. The transfer of information is provided free of charge.
4. The information principal may directly receive the Personal Information provided to Hitthetest
and, if technically available, may apply for direct provision with other controllers.
5. Upon receiving an application for transfer of information from the information principal,
Hitthetest shall provide the Personal Information in the “form systematically constituted, generally
and broadly usable and readable with a machine.”
## Report and Notice of Divulge of the Personal Information
If any of the following infringement which may cause a risk to the right and freedom of individuals
occurs, Hitthetest shall make a report with regulatory agencies within 72 hours from the date when it
came to know the fact of divulgence:
1. Discriminatory act;
2. Damage on reputation;
3. Financial loss;
4. Divulgence of secret; or
5. Other important economic or social disadvantageous risks.
If a high risk on the freedom and right of information principle is expected, Hitthetest shall inform the
information principal of the fact of such divulgence without unreasonable delay.
Date of public notice: February 1, 2024
Date of execution: February 8, 2024