Home/Confidentiality & Data Protection

Confidentiality & Data Protection

QA Assessor is committed to protecting the confidentiality of all information obtained during certification activities. Personal data is handled in accordance with applicable data protection laws and best practices. All candidates and certified persons can trust that their information is processed securely, responsibly, and only for legitimate certification purposes.

1. Confidential Information

Confidential information includes: candidate and certified person information (applications, eligibility, results, certificates); examination materials (question banks, papers, marking guides); certification and recertification records; and complaints and appeals information. QA Assessor ensures that confidential information is accessible only to authorised personnel and is used solely for its intended purpose.

2. Separation of Records

QA Assessor maintains strict separation between preparation course and certification data. Training participation or performance records are never used in certification decisions, and access is restricted to authorised staff only. Records are retained only as long as necessary for certification, recertification, administration, and legal obligations.

3. Third-Party Access

External service providers (examiners, IT providers, or contractors) must comply with QA Assessor confidentiality and data protection requirements and handle data only for the purposes authorised.

4. Public Certificate Register

QA Assessor maintains a publicly accessible certificate register containing only: full name of the certified person, certification title, unique certificate number, certification status (Active / Expired / Suspended / Withdrawn), and certificate expiry date. No contact details, employer information, date of birth, or other personal identifiers are published. Candidates provide consent for this limited disclosure when applying.

5. Data Protection Principles

QA Assessor processes personal data according to these principles: lawfulness, fairness, and transparency; purpose limitation (only for certification or administration); data minimisation (collect only what is necessary); accuracy and ability to update data; storage limitation (retain only as required); and security and confidentiality.

6. International Data Transfers

For candidates applying from outside the country, QA Assessor ensures personal data is transferred and stored securely with safeguards compliant with applicable law.

7. Data Breach Response

In the event of a data breach, QA Assessor takes immediate steps to contain, assess, and mitigate risk, and notifies affected individuals and authorities where required by law.

8. Your Rights

Individuals have the right to: access, correct, or request deletion of their personal data; restrict or object to processing; receive their data in a portable format; withdraw consent where applicable; and lodge a complaint with a relevant data protection authority. To exercise your rights, contact: certification@qaassessor.com. QA Assessor responds to all requests within 30 calendar days.