Versant Privacy Notice

Introduction

This Privacy Notice describes how NCS Pearson, Inc. and its affiliated companies (Pearson) collect, protect, use and share personal information collected and processed through the Versant language skill assessment services (Service).

The Service generally is purchased and used by businesses, government agencies and higher education institutions.  This Privacy Notice covers the handling of personal information by Pearson as a data processor when business, government agencies and higher education institutions purchase access to the Service.  This Privacy Notice also covers the handling of personal information by Pearson as a data controller when individual consumers purchase access to the Service to take a Versant language skill assessment outside of a corporate, institutional or government setting.

Other Pearson products and websites have their own privacy notices.  This Privacy Notice only applies to the Versant skill assessment service.

Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us at support@pearsonkt.com.

Definitions

For purposes of this Privacy Policy:

Assessment” means a Versant language skill assessment delivered through the Service.

Customer” means a purchaser of the Service.

Institutional Customer” means a Customer that is a business, higher educational institution or government agency, body or entity.

Pearson” means NCS Pearson, Inc.

Personal Information” means personal information or personal data subject to protect under applicable law.

Service” means the Versant language skill assessment services, which may be delivered via phone or via mobile app, web or computer (Windows-based) applications or Versant test management platforms.

Test Administrator” means an individual who, on behalf of an Institutional Customer, manages the assignment of the Assessment to Test Takers and receipt of Assessment results, scores and reports for a Customer or otherwise uses the Service on behalf of an Institutional Customer.

Test Taker” means an individual who takes an Assessment through the Service.

Service Purchased by an Institutional Customer 

The business, higher educational institution or government agency, body or entity (Institutional Customer) is the data controller for Personal Information uploaded, accessed, collected or processed through the Service purchased by such Institutional Customer.  The Institutional Customer is responsible for ensuring that it has a legal basis to process this Personal Information and, to the extent required by applicable law, secures all required authorization and consents to do so.  Pearson only processes such Personal Information as a data processor on behalf of the Institutional Customer.

Legal Basis for Using Personal Information

Where an individual consumer purchases the Service from Pearson, or where we contact an individual in accordance with the Marketing Communications and Opting-Out section of this Privacy Notice, Pearson acts as a data controller.  Certain laws require data controllers to explain the legal bases for handling personal information, so we have described these bases here.  As a data controller, we may use personal information:

  • to enter into or perform a contract (e.g. to provide an individual consumer with access to the Service purchased by that individual); and/or·       
  • with the consent of the individual (e.g. we may sometimes ask the individual for specific consent to use personal information in a particular way); and/or·       
  • to comply with our legal obligations (e.g. we might have regulatory obligations to report or share or archive Personal Information); and/or·       
  • for a variety of business purposes which are in our legitimate business interests as a provider of assessment products and services (e.g. as described in the Marketing Communications and Opting-Out section of this Privacy Notice).

Where we are handling Personal Information on behalf of an Institutional Customer, the Institutional Customer is the data controller and will establish the legal basis for handling the Test Taker’s Personal Information.  Test Takers should direct any questions to the Institutional Customer that scheduled their Assessment and provided them with access to the Service.

Protection and Security 

Pearson maintains appropriate physical, administrative, technical and organizational measures to protect personal information from unauthorized or unlawful access, use, disclosure or processing of personal information, as well as against accidental loss, theft, destruction of, or damage to, personal information.

Collection and Processing 

Pearson collects and processes data in order to provide the Service.  This data may include Personal Information.  Pearson collects information when the Customer, Test Administrator or Test Taker discloses Personal Information through purchasing and registering to the use the Service, scheduling assessments, taking assessments, contacting Pearson (either online or offline) or otherwise using the Service.  In addition, the Service may collect information through a Customer, Test Administrator or Test Taker’s interaction with the Service, Pearson’s website, mobile application or email communications.

Payment Data.  If the Service is purchased online, payment data submitted by the Customer will be used and disclosed to the Customer’s financial institution and Pearson’s payment processor for the purpose of processing payment for the Service ordered.

Account Data.  Pearson collects and processes account data to set up, maintain and enable a Customer and its Test Administrator to obtain and assign Assessment codes and receive Assessment results and score reports.  Account data may include a Customer or Test Administrator’s name, organization, email address, user name and password.

Rostering Data.  The Test Administrator, on behalf of the Customer, may choose, on an optional basis, to upload first name, last name, email address or an alternative ID for a Test Taker into a roster to facilitate assigning Assessments and tracking Assessment results.

Assessment Data.  Assessment data may include the Test Taker’s first name and last name*; city*; country*; gender*; year of birth*; native language*; Assessment responses and answers (which may be spoken and audio recorded or, in certain cases, written); Assessment score, report and recommendations and the Assessment code assigned to, and used by, the Test Taker to take an Assessment.*

Optional Data: The following Test Taker information is not required by Pearson, but may be required by a Customer: name*; country*; gender*; year of birth*; or native language.*  City information is required for the phone version of the Service, but is optional for all other versions.  In lieu of a name, a Customer may assign an alternative ID for a Test Taker.

Online Proctoring.  If an Institutional Customer schedules an Assessment with Online Proctoring, the Test Taker will be monitored in real time during the testing session and an audio and video recording of the Test Taker’s face, voice, desk and workspace will be made through the Test Taker’s computer, webcam and microphone.  In addition, images of the Test Taker and their identification documents may be collected and used for identity verification and authentication, to prevent fraud and cheating, for test security and to maintain the integrity of the Assessment and the Assessment process.  For additional information, please see the Online Proctoring section of this Privacy Notice.

Cookies and Related Technologies.  The Service uses cookies to enable Test Administrators to sign-in to the Service and access stored preferences and settings and to enable Test Takers to take an Assessment.  Cookies also may be used for Service maintenance, support and security.  There are a variety of tools to control the use of cookies and similar technologies, including browser controls to block and delete cookies.  Disabling or blocking these technologies, however, may prevent or impair required functionality and use of the Service.  For more information, please see our Cookies Policy.

Application and System Logs.  Application and system logs are critical to ensuring the availability and security of the Service.  Pearson collects log data to monitor the health of the Service, detect unauthorized access, cheating and fraudulent activity, prevent and respond to security incidents and appropriately scale the computing resources for the Service. 

De-Identified and Aggregate Data.  Pearson may use de-identified data that has been anonymized or aggregated to maintain, support, evaluate and improve the Service, conduct research, develop new products and services and for other purposes.  Such de-identified data is not considered Personal Information under this Privacy Policy.

Do Not Track.  Do Not Track (DNT) is a proposed mechanism for allowing website visitors to control the collection of certain usage data.  Although there has been research into the development of a standard to support the use of DNT signals, there is no adopted standard to follow.  The Service does not currently respond to Do Not Track signals.

Online Proctoring

If an Institutional Customer schedules an Assessment with online proctoring, the Test Taker will be monitored over the Internet through the Test Taker’s computer, webcam and microphone.  Online proctoring means that the Test Taker will log on to a test platform through the Internet to take the Assessment and will be monitored during their entire testing session in real-time so that the Test Taker’s face, voice, desk and workspace will be captured and a video recording will be made for the purposes of test security and the integrity of the testing process.  The Test Taker must monitor their online proctored testing environment to make sure that only the Test Taker will be recorded during  the testing session and that no one else will be physically in the room where the Test Taker is testing and that no one speaks to the Test Taker during the testing session.

If the Institutional Customer specifies, the Test Taker may be required to check-in by uploading their photo and sharing identification documents (IDs) on camera.  Images of these IDs may be used for identity verification and authentication.

Data Transmission and Storage  

Due to the global nature of Pearson’s business and this Service, Personal Information may be transmitted, stored and processed in a country other than the one in which a Customer, Test Administrator or Test Taker resides.  The computer servers for the Service are currently based in the United States and Ireland.

We take appropriate steps to ensure that Personal Information is provided the same level of protection as described in this Privacy Notice.  For example, we have entered into an intercompany data processing agreement using the European Commission standard contractual clauses (in the absence of an adequacy decision) for data transfers to Pearson group companies located outside of the United Kingdom (UK) and the European Economic Area (EEA); and we rely on adequacy decisions or adequate data transfer mechanisms adopted by the European Commission or a supervisory authority from time to time for transfers of personal information to third parties located in countries outside of the UK or EEA.

Disclosure and Use 

Delivery of the Service.  Pearson processes and uses Personal Information in order to deliver the Service.  In delivering the Service, Pearson provides and discloses Personal Information of a Test Taker to the Customer who assigned the Assessment and Test Administrators of the Service for such Customer.

Affiliates and Contractors.  Pearson may share or disclose Personal Information with affiliated Pearson companies and other companies and organizations who perform work for Pearson under contract and are obligated to protect the privacy of Personal Information consistent with this Privacy Policy.

Other Circumstances.  Pearson otherwise does not share, disclose or use Personal Information collected and used for purposes of providing the Service except as follows: (a) with the consent of the individual to whom such Personal Information relates; (b) to the Customer who purchased the Service involving the processing of such Personal Information; (c) in response to a subpoena, court order or legal process, to the extent permitted or required by law; (d) as otherwise required by law; (e) to protect the security and safety of the individual and other persons, data and systems, consistent with applicable law; (f) in connection with a sale, joint venture or other transfer of some or all of Pearson’s business or its assets, subject to the commitment of the acquiring entity to comply with this Privacy Policy; (g) to investigate or address actual or suspected fraud or other illegal activities; or (h) in order to enforce any applicable contract or terms of use.

No Sale of Personal Information for Monetary Consideration.  Pearson does not sell or rent Personal Information for monetary consideration.

Marketing, Communications and Opting-Out

Contact details for Test Administrators, Test Takers or Customers may be used for these purposes:

  1. to contact the Test Administrator, Test Taker or Customer with more information about our products and services and those of our group companies, except where such Test Administrator, Test Taker or Customer has told us not to do so;
  2. to invite participation in online surveys.

Participation in surveys is entirely voluntary.  Test Administrators, Test Takers and Customers may unsubscribe from being contacted for these purposes at any time.  Survey information will be used for market research with the aim of improving the Service.

We will not send marketing emails to anyone who has opted out of receiving them.  Any marketing communications we send will include an unsubscribe link at the end of the email.  While the Service is not intended for individuals under the age of 16, we will not knowingly send marketing to any individual under the age of 16.

Retention of Personal Information

Pearson will retain personal information only for as long as reasonably necessary to fulfil the purposes for which Pearson processes Personal Information, unless the law permits or requires longer retention.  For example, we may need to keep Personal Information for quality assurance of the Service, to comply with contractual obligations or to defend future legal claims.

Personal Information Rights

In some regions and countries, individuals may have certain rights in relation to their Personal Information, including the right to ask the data controller to update and correct their personal information, to request access to and obtain a copy of their personal information, to rectification of their personal information if it is no longer accurate, to erasure of their personal information if retention is no longer necessary for the purposes for which it was collected, to restrict or object to the processing of their personal information in certain circumstances, and data portability (if applicable).  Our Supplemental Privacy Policy for California Residents  provides information for individuals in California about their consumer privacy rights.

If a Test Taker’s access to the Service was provided by an Institutional Customer, then the Test Taker should address any such request to the Institutional Customer.

Individual consumers who purchased the Service from Pearson should address their request to Pearson as follows:

In the United States: using one of the contact methods explained on this Pearson Rights Request page.

In all other areas: by contacting us at dataprivacy@pearson.com or by writing to the Data Privacy Office, Pearson, 80 Strand, London WC2R 0RL United Kingdom.

We will consider and act upon any request in accordance with applicable data protection laws.

If an individual purchased the Service from Pearson, they may have the right to complain to the Information Commissioner (if they are in the UK), or to their local data protection supervisory authority, if they are unhappy with our privacy practices set forth in this Privacy Notice.

Supplemental Privacy Policy for California Residents

California residents should read our Supplemental Privacy Statement for California Residents  in conjunction with this Digital Services Privacy Notice.  The Supplemental Privacy Statement for California Residents explains Pearson’s commitment to comply with California law and applies to personal information of California residents collected through the Service.

Changes to the Policy   

This Privacy Notice may be revised from time to time through an updated posting.  Pearson will identify the effective date of the revision in the posting.  Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements.  If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will endeavor to provide notice of the revision in advance through a notice conspicuously posted on the Service, an email to registered Test Administrators or another appropriate way.  Continued use of the Service after the effective date of a posted update will evidence acknowledgement of the updated version.  Please contact us at support@pearsonkt.com, if you have questions or concerns about the Privacy Policy or any objection to any revisions.

Cookies Policy

Pearson may use cookies and related technologies to deliver, support, secure and maintain the Service. 

Cookies.  Cookies are small text files that a web server places on a computer or mobile device.  Cookies contain information that can later be read by the web server that originally placed the cookie on the computer or mobile device.  Cookies that may be used in connection with the Service include: 

Strictly Necessary Cookies.  These cookies are essential for use of the Service, such as accessing an Assessment and secure areas of the Service.  Without these cookies, the Service cannot be provided. 

Performance Cookies.  These cookies collect information about how the Service is used, such as what time is spent in a portion of the Service.  Some of these may be analytics cookies, set using third party web analytics software, which provide information about how the Service is used.  These cookies generally collect data on an aggregated basis for system administration purposes and to identify problems and improve service.  For example, like many companies, Pearson may use Google Analytics to obtain web trend information about user interaction with a Service.  While Google Analytics reports information on an anonymous basis, Google Analytics uses cookies and collects IP addresses to gather web trend information.    

Functionality Cookies.  These cookies enable the Service to remember choices made and options selected in order to provide enhanced, more personal features.  For example, these cookies can be used to remember changes made to text size.  They may also be used to provide the specific functionality requested. 

Advertising Cookies.  The Service does not enable advertising cookies. 

Web Beacons.  Web beacons are small strings of code that provide a method for delivering a graphic image on a web page for the purpose of transferring data.  For example, when the Service is used, the code for the part of the Service accessed may be transferred to Pearson via a web beacon.  Pearson uses any information transmitted through web beacons to deliver the Service in accordance with the Privacy Policy. 

Managing and Disabling Cookies.  Browser controls and other tools may be used to manage and disable the use of cookies and similar technologies.  See, for example, https://ico.org.uk/for-the-public/online/cookies.  Disabling or blocking cookies and related technologies, however, may prevent or impair required functionality and use of the Service.