1. Information We Collect
We collect the following personal information when you register or use our services:
- Name
- Email address
- Test preferences and usage data for creating practice tests
- Topic-wise results generated from completed tests (stored for two weeks)
2. Purpose of Data Collection
We collect your data to:
- Facilitate the creation of personalized practice tests
- Provide you with a topic-wise result report for self-assessment
- Improve our services and website functionality
- Send you information about upcoming training programs and services related to cybersecurity (opt-out available)
We do not share your personal data with any third parties for marketing or any other purposes.
3. Retention of Data
- Test Results: Stored for two weeks after completion and then permanently deleted.
- Personal Data: Retained for as long as you remain registered on our website or until you request deletion.
4. Legal Basis for Processing Personal Data
We process your personal data based on your consent (when registering) and in accordance with applicable laws. Under the GDPR, we rely on the following legal grounds for processing:
- Consent: By providing your personal data, you consent to us processing it for the stated purposes.
- Legitimate Interest: To offer and enhance our services.
5. Your Rights
Under the DPDP Act and GDPR, you have the following rights:
- Right to Access: You can request a copy of your personal data we hold.
- Right to Rectification: If your personal data is inaccurate or incomplete, you may request correction.
- Right to Deletion: You can request the deletion of your personal data at any time using the self-service URL provided on your profile.
- Right to Withdraw Consent: You may withdraw your consent to data processing at any time.
- Right to Object: You can object to the use of your data for certain purposes (e.g., marketing).
6. Data Security
We have implemented industry-standard security measures to protect your personal data from unauthorized access, misuse, or disclosure. This includes encryption, regular audits, and secure data storage practices. Furthermore, csqna.com operates an Information Security Management System (ISMS) that is certified to ISO 27001 standards, ensuring compliance with internationally recognized security protocols.
7. Data Storage Location
All data is stored in India, on servers located at data centers within India and with cloud service providers on their India-based instances. This ensures your data is always stored in compliance with Indian data protection laws.
8. Third-Party Links
Our website may contain links to external websites. We are not responsible for the privacy practices of these websites and encourage you to review their privacy policies.
9. Changes to the Privacy Policy
We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated effective date.
10. Contact Us
If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us at:
