Personal data processor

As a service provider, Assessio acts first and foremost as processor of personal data. Our customers act as Controllers of the personal data. This means we assist our customers according to the instructions we receive. So, when candidates or employees conduct tests in our platforms, it is you as customer who determine the goals and purposes of these treatments.

As processor, we must be able to provide sufficient guarantees that the processing meets the requirements of the data protection regulation and ensures that the data subject's rights are protected. That is why we have built our services with Privacy by design and default in mind. For this, we have appointed an external data- protection officer (DPO) and certified our management system for information security in accordance with ISO 27001. Our DPO is obliged to support and monitor our implementation of GDPR. Our information security management system (ISMS) is annually audited by external auditors from certification bodies to ensure that security meets the high standards.

We therefore have our own responsibility to ensure processing of personal data takes place in accordance with our customers' instructions and does not exceed these.

christin-hume

List of sub processors

Name, address and employer identification number Purpose Location Legal basis

Amazon Web Services EMEA SARL
38 Avenue John F. Kennedy
L-1855
Luxembourg
Registration No: 186284

Maintenance and hosting of Ascend Irreland/Germany Within EU/EES

LogsHero Ltd.
HaArba'a St 28
Tel Aviv-Yafo
Israel
CIK:1690367

Application logs Germany Within EU/ESS

Assessio Psychometrics AB
Box 55673
102 15 Stockholm
Org. nr. 556804-3367

Supplier of Ascend Sweden Within EU/ESS
Name, address and employer identification number Purpose Location Legal basis

Amazon Web Services EMEA SARL
38 Avenue John F. Kennedy
L-1855
Luxembourg
Registration No: 186284

Maintenance and hosting of Assessio platform Ireland/Germany Within EU/EES

Assessio Psychometrics AB
Box 55673
102 15 Stockholm
Org. nr. 556804-3367

Supplier of Assessio platform Sweden Within EU/ESS
Name, address and employer identification number Purpose of treatment Location Legal basis

Amazon Web Services EMEA SARL
38 Avenue John F. Kennedy
L-1855
Luxembourg
Registration No: 186284

Maintenane and hosting of Assessio platform Ireland/Germany Within EU/ESS

Assessio Psychometrics AB
Box 55673
102 15 Stockholm
Org. nr. 556804-3367

Supplier of Assessio platform Sweden Within EU/ESS
Name, address and employer identification number Purpose of treatment Location Legal basis

Detron ICT Group B.V.
Traverse 1,
3905 NL Veenendaal
CoC-number: 30085813 (Underbiträde till
Eelloo B.V)

Cloud service provider. Operates the servers where the personal data is stored. The Netherlands Within EU/ESS

Eelloo B.V.
Cruquiusweg 111-f
1019 AG Amsterdam
CoC-number: 30136788

Technical support. The Netherlands Within EU/ESS
Underbiträdets namn, adress och org.nr. Syftet med behandlingen Lokalisering Legal grund för överföringen

Amazon Web Services EMEA SARL
38 Avenue John F. Kennedy
L-1855
Luxembourg
Registration No: 186284

Drift och Hosting Irland / Tyskland N/A

AddPro i Stockholm AB
Box 2201
169 02 Solna
Org.nr. 556990-8485

Drift av Assessios IT miljö och därmed tillgång till e-mail och lagringsplatser Sverige Ingen egen överföring, enkom data för Assessios vägna

LogsHero Ltd.
HaArba'a St 28
Tel Aviv-Yafo
Israel
CIK:1690367

Applikationsloggar Tyskland Inom EU/ESS

Assessio Psychometrics AB
Box 55673
102 15 Stockholm
Org. nr. 556804-3367

Leverantör av Ascend Sverige Inom EU/ESS
SimplyBook.me
Ltd 30
Gladstonos Street, P,
Makedonas court Mezzanine Floor.
3041 Limassol,
Cyprus Org. nr. 556804-3367
Bokningsystem för kunder Cypern Avtal

 

Underbiträdets namn, adress och org.nr. Syftet med behandlingen Lokalisering Legal grund för överföringen

Amazon Web Services EMEA SARL
38 Avenue John F. Kennedy
L-1855
Luxembourg
Registration No: 186284

Drift och hosting av Ascend Irland/Tyskland Inom EU/EES

AddPro i Stockholm AB
Box 2201
169 02 Solna
Org.nr. 556990-8485

Drift av Assessios IT miljö och därmed tillgång till e-mail och lagringsplatser Sverige Ingen egen överföring, enkom data för Assessios vägnar

LogsHero Ltd.
HaArba'a St 28
Tel Aviv-Yafo
Israel
CIK:1690367

Applikationsloggar Tyskland Inom EU/ESS

Assessio Psychometrics AB
Box 55673
102 15 Stockholm
Org. nr. 556804-3367

Leverantör av Ascend Sverige Inom EU/ESS
Underbiträdets namn, adress och org.nr. Syftet med behandlingen Lokalisering Legal grund för överföringen

The Myers-Briggs Company Limited
15-17 Elsfield Way
Oxford, OX2 8EP
UK
Registered No: 2218212
VAT-no: GB 490 8082 31

Framtagande av MBTI-tester. United Kingdom SCC samt land med adekvat skyddsnivå enligt EU-kommissionens beslut.

DevCore AB
Brunnsgatan 21 B
111 38 Stockholm
Org. nr. 556583-1640

Utvecklar och driftar MBTI-plattformen samt lagring. Sverige Inom EU/EES
Underbiträdets namn, adress och org.nr. Syftet med behandlingen Lokalisering Legal grund för överföringen

PSI Services LLC
Ranger House, Walnut Tree Close,
Guildford, England, GU1 4UL
UK
Registered in England & Wales No:02202841
VAT-no: GB 492 6643 15

Framtagandet av PSI-tester/16PF United Kingdom Land med adekvat skyddsnivå enligt EU-kommissionens beslut.

DevCore AB
Brunnsgatan 21 B
111 38 Stockholm
Org. nr. 556583-1640

Utvecklar och driftar MBTI-plattformen samt lagring. Sverige Inom EU/EES

FAQ

  • Personal data processed in the platform is encrypted both at rest in the system and during transmission (encryption in transit and at rest).

  • Personal data is stored on servers within the EU/EEA (Ireland and Germany).

  • Assessio's DPA with the sub processorsub processorss based on Standard Contractual Clauses (SCC).

  • Assessio's sub processors provide transparency reports (Transparency Reports)

  • ISO 27001 certification

  • Two-factor authentication for login & Single Sign On (SSO) available.

  • In addition to the above security measures, we have also developed an anonymization/pseudonymization function in our platform Ascend. This, in accordance with the European Data Protection Board's recommendations regarding supplementary measures during transfers, more specifically Use Case 2. This function acts as an additional guarantee of GDPR compliance in the event of a potential involuntary transfer.

We have developed our services with privacy by design and default in mind. This means that our systems support basic data protection principles such as data minimization. Personal data that is no longer necessary to achieve the purpose must be deleted. Within Assessio, standard times are used for checking and, where applicable, deleting personal data. However, you as Controller have full control over this and set the rules for when personal data is to be deleted automatically.

We only process the personal data we are instructed by our customers to process. The categories of personal data vary depending on the service. But most often it is the candidates' names, e-mail addresses and assessment results. For more information look at the instructions for the respective service.

No. The European Data Protection Board has clarified in its guidance 05/2021 that there is no third country transfer just because a European established company has an overseas parent company.

Within the EU, more information can be found under in our list of sub-processors. 

We work with a number of third-party service providers. We require that all our suppliers work to the same high standard as Assessio. We regularly audit our sub processors to make sure they comply with necessary certifications and established processes.

Assessio process personal data in accordance with given instructions from our clients. The purpose is to deliver the service our clients purchased from us. For more information, take a closer look at our DPA, based on the European Commission's Standard Contractual Clauses (SCC).

Yes, this feature is available in Ascend.

We have developed our services with privacy by design and default in mind. This means our systems support basic data protection principles such as legality and transparency. Our platform enables you to carry out the processing based on the legal basis you consider correct.

We have developed our services with privacy by design and default in mind. This means our systems support basic data protection principles such as transparency. Candidates have the right to be informed about both the collection and use of their personal data and their rights. The information must include, among other things, the purpose of the processing, the storage period, the type of data that will be processed and who will have access to the data. Candidates should also be informed if there is automated decision-making involved (and if so the logic behind it), as well as if data will be transferred outside the EU/EEA.

Candidates also have the right to receive a register extract of what data is processed. Please note that this information must be provided to the candidate at the time of collection.

The information must be transparent, easily accessible and in simple language.

Our platform Ascend enables you to link to your privacy policy and thereby comply with your obligation to provide information.

We have an established processes in place to respond to candidate exercise of rights. When a candidate contacts us, we inform our client (data controller) as soon as possible you. The client can hereafter decide to delete data. We will also inform the candidate we have informed our client and the client will get in contact.

This website uses cookies

Cookies ("cookies") consist of small text files. The text files contain data which is stored on your device. To be able to place some type of cookies we need your consent. We at Assessio, corporate identity number 556047-4255 use these types of cookies. To read more about which cookies we use and storage duration, click here to get to our cookiepolicy.

Manage your cookie-settings

Necessary cookies

Necessary cookies are cookies that need to be placed for fundamental functions on the website to work. Fundamental functions are for instance cookies that are needed for you to use menus and navigate the website.

Functional cookies

Functional cookies need to be placed for the website to perform in the way that you expect. For instance to remember which language you prefer, to know if you are logged in, to keep the website secure, remember login credentials or to enable sorting of products on the website in the way that you prefer.

Statistical cookies

To know how you interact with the website we place cookies to collect statistics. These cookies anonymize personal data.

Ad measurement cookies

To be able to provide a better service and experience we place cookies to tailor marketing for you. Another purpose for this placement is to market products or services to you, give tailored offers or market and give recommendations on new concepts based on what you have bought from us previously.

Ad measurement user cookies

In order to show relevant ads we place cookies to tailor ads for you

Personalized ads cookies

To show relevant and personal ads we place cookies to provide unique offers that are tailored to your user data