Personal data processor
As a service provider, Assessio acts first and foremost as processor of personal data. Our customers act as Controllers of the personal data. This means we assist our customers according to the instructions we receive. So, when candidates or employees conduct tests in our platforms, it is you as customer who determine the goals and purposes of these treatments.
As processor, we must be able to provide sufficient guarantees that the processing meets the requirements of the data protection regulation and ensures that the data subject’s rights are protected. That is why we have built our services with Privacy by design and default in mind. For this, we have appointed an external data- protection officer (DPO) and certified our management system for information security in accordance with ISO 27001. Our DPO is obliged to support and monitor our implementation of GDPR. Our information security management system (ISMS) is annually audited by external auditors from certification bodies to ensure that security meets the high standards.
We therefore have our own responsibility to ensure processing of personal data takes place in accordance with our customers’ instructions and does not exceed these.
List of sub processors
| Name, address and employer identification number | Purpose of the processing | Location | Legal basis |
| Amazon Web Services EMEA SARL 38 Avenue John F. Kennedy L-1855 Luxembourg Registration No: 186284 | Maintenance and hosting of Ascend | Irreland/Germany | Within EU/EES |
| LogsHero Ltd. HaArba’a St 28 Tel Aviv-Yafo Israel CIK:1690367 | Application logs | Germany | Within EU/ESS |
| Assessio Psychometrics AB Box 55673 102 15 Stockholm Org. nr. 556804-3367 | Supplier of Ascend | Sweden | Within EU/ESS |
| Name, address and employer identification number | Purpose of the processing | Location | Legal basis |
| Amazon Web Services EMEA SARL 38 Avenue John F. Kennedy L-1855 Luxembourg Registration No: 186284 | Maintenance and hosting of Assessio platform | Ireland/Germany | Within EU/EES |
| Assessio Psychometrics AB Box 55673 102 15 Stockholm Org. nr. 556804-3367 | Development and maintenance | Sweden | Within EU/ESS |
| OPTIONAL Open AI, LLC 3180 18th St., San Francisco, CA 94110 Registration No: 7063675 | Provider of content generation and user support. LLM. | USA | SCC |
| Name, address and employer identification number | Purpose of the processing | Location | Legal basis |
| Amazon Web Services EMEA SARL 38 Avenue John F. Kennedy L-1855 Luxembourg Registration No: 186284 | Maintenance and hosting of Assessio platform | Ireland/Germany | Within EU/EES |
| Assessio Psychometrics AB Box 55673 102 15 Stockholm Org. nr. 556804-3367 | Development and maintenance | Sweden | Within EU/ESS |
| OPTIONAL Open AI, LLC 3180 18th St., San Francisco, CA 94110 Registration No: 7063675 | Provider of content generation and user support. LLM. | USA | SCC |
| Name, address and employer identification number | Purpose of the processing | Location | Legal basis |
| Amazon Web Services EMEA SARL 38 Avenue John F. Kennedy L-1855 Luxembourg Registration No: 186284 | Maintenance and hosting of Assessio platform | Ireland/Germany | Within EU/EES |
| Assessio Psychometrics AB Box 55673 102 15 Stockholm Org. nr. 556804-3367 | Development and maintenance | Sweden | Within EU/ESS |
| OPTIONAL Open AI, LLC 3180 18th St., San Francisco, CA 94110 Registration No: 7063675 | Provider of content generation and user support. LLM. | USA | SCC |
| Name, address and employer identification number | Purpose of the processing | Location | Legal basis |
| Amazon Web Services EMEA SARL 38 Avenue John F. Kennedy L-1855 Luxembourg Registration No: 186284 | Maintenance and hosting of Assessio platform | Ireland/Germany | Within EU/EES |
| Assessio Psychometrics AB Box 55673 102 15 Stockholm Org. nr. 556804-3367 | Development and maintenance | Sweden | Within EU/ESS |
| OPTIONAL Open AI, LLC 3180 18th St., San Francisco, CA 94110 Registration No: 7063675 | Provider of content generation and user support. LLM. | USA | SCC |
| Name, address and employer identification number | Purpose of the processing | Location | Legal basis |
| Amazon Web Services EMEA SARL 38 Avenue John F. Kennedy L-1855 Luxembourg Registration No: 186284 | Maintenance and hosting of Assessio platform | Ireland/Germany | Within EU/EES |
| Assessio Psychometrics AB Box 55673 102 15 Stockholm Org. nr. 556804-3367 | Development and maintenance | Sweden | Within EU/ESS |
| OPTIONAL Open AI, LLC 3180 18th St., San Francisco, CA 94110 Registration No: 7063675 | Provider of content generation and user support. LLM. | USA | SCC |
| Name, address and employer identification number | Purpose of the processing | Location | Legal basis |
| Amazon Web Services EMEA SARL 38 Avenue John F. Kennedy L-1855 Luxembourg Registration No: 186284 | Maintenance and hosting of Assessio platform | Ireland/Germany | Within EU/EES |
| Assessio Psychometrics AB Box 55673 102 15 Stockholm Org. nr. 556804-3367 | Development and maintenance | Sweden | Within EU/ESS |
| OPTIONAL Open AI, LLC 3180 18th St., San Francisco, CA 94110 Registration No: 7063675 | Provider of content generation and user support. LLM. | USA | SCC |
| Name, address and employer identification number | Purpose of the processing | Location | Legal basis |
| Amazon Web Services EMEA SARL 38 Avenue John F. Kennedy L-1855 Luxembourg Registration No: 186284 | Maintenance and hosting of Assessio platform | Ireland/Germany | Within EU/EES |
| Assessio Psychometrics AB Box 55673 102 15 Stockholm Org. nr. 556804-3367 | Development and maintenance | Sweden | Within EU/ESS |
| OPTIONAL Open AI, LLC 3180 18th St., San Francisco, CA 94110 Registration No: 7063675 | Provider of content generation and user support. LLM. | USA | SCC |
| Name, address and employer identification number | Purpose of the processing | Location | Legal basis |
| Amazon Web Services EMEA SARL 38 Avenue John F. Kennedy L-1855 Luxembourg Registration No: 186284 | Maintenance and hosting of Assessio platform | Ireland/Germany | Within EU/EES |
| Assessio Psychometrics AB Box 55673 102 15 Stockholm Org. nr. 556804-3367 | Development and maintenance | Sweden | Within EU/ESS |
| OPTIONAL Open AI, LLC 3180 18th St., San Francisco, CA 94110 Registration No: 7063675 | Provider of content generation and user support. LLM. | USA | SCC |
| Name, address and employer identification number | Purpose of the processing | Location | Legal basis |
| Assessio Sverige AB Banérgatan 16 115 23 Stockholm Reg. nr 556047-4255 | Support of the Assessio platform | Sweden | Within EU/EEA |
| Assessio Danmark A/S Adelgade 12, 3 sal 1304 København Reg. nr 30560604 | Support of the Assessio platform | Denmark | Within EU/EEA |
| Assessio Netherlands B.V. Cruquiusweg 111F 1019 AG Amsterdam Reg. nr 34176579 | Support of the Assessio platform | USA | Within EU/EEA |
| Assessio Norge AS St. Olavs gate 27 0166 Oslo Reg. nr 984 801 483 | Support of the Assessio platform | Norway | Within EEA |
| Elevo S.A.S. 86 rue Voltaire 93100 Montreuil Reg. nr 824 459 739 | Support of the Assessio platform | France | Within EU/EEA |
| HR Diagnostics AG Königstraße 20 70173 Stuttgart Reg. nr HRB 24690 | Support of the Assessio platform | Germant | Within EU/EEA |
| Name, address and employer identification number | Purpose of the processing | Location | Legal basis |
| Assessio Sverige AB Banérgatan 16 115 23 Stockholm Reg. nr 556047-4255 | Support of the Assessio platform | Sweden | Within EU/EEA |
| Assessio Danmark A/S Adelgade 12, 3 sal 1304 København Reg. nr 30560604 | Support of the Assessio platform | Denmark | Within EU/EEA |
| Assessio Netherlands B.V. Cruquiusweg 111F 1019 AG Amsterdam Reg. nr 34176579 | Support of the Assessio platform | USA | Within EU/EEA |
| Assessio Norge AS St. Olavs gate 27 0166 Oslo Reg. nr 984 801 483 | Support of the Assessio platform | Norway | Within EEA |
| Elevo S.A.S. 86 rue Voltaire 93100 Montreuil Reg. nr 824 459 739 | Support of the Assessio platform | France | Within EU/EEA |
| HR Diagnostics AG Königstraße 20 70173 Stuttgart Reg. nr HRB 24690 | Support of the Assessio platform | Germant | Within EU/EEA |
| Name, address and employer identification number | Purpose of the processing | Location | Legal basis |
| Assessio Sverige AB Banérgatan 16 115 23 Stockholm Reg. nr 556047-4255 | Support of the Assessio platform | Sweden | Within EU/EEA |
| Assessio Danmark A/S Adelgade 12, 3 sal 1304 København Reg. nr 30560604 | Support of the Assessio platform | Denmark | Within EU/EEA |
| Assessio Netherlands B.V. Cruquiusweg 111F 1019 AG Amsterdam Reg. nr 34176579 | Support of the Assessio platform | USA | Within EU/EEA |
| Assessio Norge AS St. Olavs gate 27 0166 Oslo Reg. nr 984 801 483 | Support of the Assessio platform | Norway | Within EEA |
| Elevo S.A.S. 86 rue Voltaire 93100 Montreuil Reg. nr 824 459 739 | Support of the Assessio platform | France | Within EU/EEA |
| HR Diagnostics AG Königstraße 20 70173 Stuttgart Reg. nr HRB 24690 | Support of the Assessio platform | Germant | Within EU/EEA |
| Name, address and employer identification number | Purpose of the processing | Location | Legal basis |
| Assessio Sverige AB Banérgatan 16 115 23 Stockholm Reg. nr 556047-4255 | Support of the Assessio platform | Sweden | Within EU/EEA |
| Assessio Danmark A/S Adelgade 12, 3 sal 1304 København Reg. nr 30560604 | Support of the Assessio platform | Denmark | Within EU/EEA |
| Assessio Netherlands B.V. Cruquiusweg 111F 1019 AG Amsterdam Reg. nr 34176579 | Support of the Assessio platform | USA | Within EU/EEA |
| Assessio Norge AS St. Olavs gate 27 0166 Oslo Reg. nr 984 801 483 | Support of the Assessio platform | Norway | Within EEA |
| Elevo S.A.S. 86 rue Voltaire 93100 Montreuil Reg. nr 824 459 739 | Support of the Assessio platform | France | Within EU/EEA |
| HR Diagnostics AG Königstraße 20 70173 Stuttgart Reg. nr HRB 24690 | Support of the Assessio platform | Germant | Within EU/EEA |
| Name, address and employer identification number | Purpose of the processing | Location | Legal basis |
| Assessio Sverige AB Banérgatan 16 115 23 Stockholm Reg. nr 556047-4255 | Support of the Assessio platform | Sweden | Within EU/EEA |
| Assessio Danmark A/S Adelgade 12, 3 sal 1304 København Reg. nr 30560604 | Support of the Assessio platform | Denmark | Within EU/EEA |
| Assessio Netherlands B.V. Cruquiusweg 111F 1019 AG Amsterdam Reg. nr 34176579 | Support of the Assessio platform | USA | Within EU/EEA |
| Assessio Norge AS St. Olavs gate 27 0166 Oslo Reg. nr 984 801 483 | Support of the Assessio platform | Norway | Within EEA |
| Elevo S.A.S. 86 rue Voltaire 93100 Montreuil Reg. nr 824 459 739 | Support of the Assessio platform | France | Within EU/EEA |
| HR Diagnostics AG Königstraße 20 70173 Stuttgart Reg. nr HRB 24690 | Support of the Assessio platform | Germant | Within EU/EEA |
| Name, address and employer identification number | Purpose of the processing | Location | Legal basis |
| Assessio Sverige AB Banérgatan 16 115 23 Stockholm Reg. nr 556047-4255 | Support of the Assessio platform | Sweden | Within EU/EEA |
| Assessio Danmark A/S Adelgade 12, 3 sal 1304 København Reg. nr 30560604 | Support of the Assessio platform | Denmark | Within EU/EEA |
| Assessio Netherlands B.V. Cruquiusweg 111F 1019 AG Amsterdam Reg. nr 34176579 | Support of the Assessio platform | USA | Within EU/EEA |
| Assessio Norge AS St. Olavs gate 27 0166 Oslo Reg. nr 984 801 483 | Support of the Assessio platform | Norway | Within EEA |
| Elevo S.A.S. 86 rue Voltaire 93100 Montreuil Reg. nr 824 459 739 | Support of the Assessio platform | France | Within EU/EEA |
| HR Diagnostics AG Königstraße 20 70173 Stuttgart Reg. nr HRB 24690 | Support of the Assessio platform | Germant | Within EU/EEA |
| Name, address and employer identification number | Purpose of the processing | Location | Legal basis |
| Assessio Sverige AB Banérgatan 16 115 23 Stockholm Reg. nr 556047-4255 | Support of the Assessio platform | Sweden | Within EU/EEA |
| Assessio Danmark A/S Adelgade 12, 3 sal 1304 København Reg. nr 30560604 | Support of the Assessio platform | Denmark | Within EU/EEA |
| Assessio Netherlands B.V. Cruquiusweg 111F 1019 AG Amsterdam Reg. nr 34176579 | Support of the Assessio platform | USA | Within EU/EEA |
| Assessio Norge AS St. Olavs gate 27 0166 Oslo Reg. nr 984 801 483 | Support of the Assessio platform | Norway | Within EEA |
| Elevo S.A.S. 86 rue Voltaire 93100 Montreuil Reg. nr 824 459 739 | Support of the Assessio platform | France | Within EU/EEA |
| HR Diagnostics AG Königstraße 20 70173 Stuttgart Reg. nr HRB 24690 | Support of the Assessio platform | Germant | Within EU/EEA |
| Name, address and employer identification number | Purpose of the processing | Location | Legal basis |
| Assessio Sverige AB Banérgatan 16 115 23 Stockholm Reg. nr 556047-4255 | Support of the Assessio platform | Sweden | Within EU/EEA |
| Assessio Danmark A/S Adelgade 12, 3 sal 1304 København Reg. nr 30560604 | Support of the Assessio platform | Denmark | Within EU/EEA |
| Assessio Netherlands B.V. Cruquiusweg 111F 1019 AG Amsterdam Reg. nr 34176579 | Support of the Assessio platform | USA | Within EU/EEA |
| Assessio Norge AS St. Olavs gate 27 0166 Oslo Reg. nr 984 801 483 | Support of the Assessio platform | Norway | Within EEA |
| Elevo S.A.S. 86 rue Voltaire 93100 Montreuil Reg. nr 824 459 739 | Support of the Assessio platform | France | Within EU/EEA |
| HR Diagnostics AG Königstraße 20 70173 Stuttgart Reg. nr HRB 24690 | Support of the Assessio platform | Germant | Within EU/EEA |
| Name, address and employer identification number | Purpose of the processing | Location | Legal basis |
| Assessio Sverige AB Banérgatan 16 115 23 Stockholm Reg. nr 556047-4255 | Support of the Assessio platform | Sweden | Within EU/EEA |
| Assessio Danmark A/S Adelgade 12, 3 sal 1304 København Reg. nr 30560604 | Support of the Assessio platform | Denmark | Within EU/EEA |
| Assessio Netherlands B.V. Cruquiusweg 111F 1019 AG Amsterdam Reg. nr 34176579 | Support of the Assessio platform | USA | Within EU/EEA |
| Assessio Norge AS St. Olavs gate 27 0166 Oslo Reg. nr 984 801 483 | Support of the Assessio platform | Norway | Within EEA |
| Elevo S.A.S. 86 rue Voltaire 93100 Montreuil Reg. nr 824 459 739 | Support of the Assessio platform | France | Within EU/EEA |
| HR Diagnostics AG Königstraße 20 70173 Stuttgart Reg. nr HRB 24690 | Support of the Assessio platform | Germant | Within EU/EEA |
| Name, address and employer identification number | Purpose of the processing | Location | Legal basis |
Assessio Wizz OÜ56 Wharf Rd, London, Tatari 64/1, TallinnReg. nr 17051467 | Support of the Assessio platform | Estonia | Within EU/EEA |
| Google Cloud EMEA Ltd | Infrastructure and data hosting | Germany | Within EU/EEA |
| Intercom R&D Unlimited Company | Customer support messaging | USA | Outside EU/EEA – SCCs in place |
| Twilio Ireland Ltd (SendGrid) | Transactional email delivery | Germany, Ireland and Netherlands | Within EU/EEA |
| OPTIONAL Open AI, LLC 3180 18th St., San Francisco, CA 94110 Registration No: 7063675 | Provider of content generation and user support. LLM. | USA | Outside EU/EEA – SCCs in place |
| Support of the Assessio platform | Germany | Within EU/EEA |
| Name, address and employer identification number | Purpose of the processing | Location | Legal basis |
| Esprit ICT Traverse 1, 3905 NL Veenendaal CoC-number: 30085813 (Underbiträde till Eelloo B.V) | Cloud service provider. Operates the servers where the personal data is stored. | The Netherlands | Within EU/ESS |
| Assessio Bloom B.V. Cruquiusweg 111-f 1019 AG Amsterdam CoC-number: 30136788 | Technical support. | The Netherlands | Within EU/ESS |
| Name, address, and company registration number | Purpose of the processing | Location | Legal basis |
| Amazon Web Services EMEA SARL 38 Avenue John F. Kennedy L-1855 Luxembourg Registration No: 186284 | Provision of operation and hosting services | Ireland / Germany | N/A |
| AddPro i Stockholm AB Box 2201 169 02 Solna Org.nr. 556990-8485 | Operation and administration of Assessio’s IT environment, including access to email systems and data storage facilities | Sweden | No independent data transfers; processing is carried out exclusively on behalf of Assessio |
| LogsHero Ltd. HaArba’a St 28 Tel Aviv-Yafo Israel CIK:1690367 | Application log data | Germany | Within EU/EES |
| Assessio Psychometrics AB Box 55673 102 15 Stockholm Org. nr. 556804-3367 | Supplier of Ascend services | Sweden | Within EU/EES |
| SimplyBook.me Ltd 30 Gladstonos Street, P, Makedonas court Mezzanine Floor. 3041 Limassol, Cyprus Org. nr. 556804-3367 | Customer booking system | Cyprus | Agreement |
| Name, address, and company registration number | Purpose of the processing | Location | Legal basis |
| PSI Services LLC Ranger House, Walnut Tree Close, Guildford, England, GU1 4UL UK Registered in England & Wales No:02202841 VAT-no: GB 492 6643 15 | Development of the PSI assessments / 16PF | United Kingdom | Country recognized by the European Commission as ensuring an adequate level of data protection |
| DevCore AB Brunnsgatan 21 B 111 38 Stockholm Org. nr. 556583-1640 | Development and operation of the MBTI platform, including data storage | Sweden | Within EU/EES |
| Name, address, and company registration number | Purpose of the processing | Location | Legal basis |
| Scaleway (Iliad Group) 8 rue de la Ville l’Évêque, 75008 Paris, France. RCS Paris 433 115 904 | Cloud infrastructure provider – hosting of production databases (all data) | France | Within EU/EEA |
| DigitalOcean LLC 101 Avenue of the Americas, 10th Floor, New York, NY 10013, USA | Backup storage of production databases (all data) | Netherlands | Within EU/EEA |
| Sentry (Functional Software Inc.) 45 Fremont Street, 8th Floor, San Francisco, CA 94105, USA | Error monitoring and debugging (only technical identifiers when errors occur) | Germany | Within EU/EEA |
| Mailjet SAS 13-13 bis rue de l’Aubrac, 75012 Paris, France. RCS Paris 524 536 992 | Email delivery (user invitations, notifications) | France | Within EU/EEA |
| Google Tag Manager (Google LLC) 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA | Product analytics | France | Within EU/EEA |
| Zendesk Inc. 1019 Market Street, San Francisco, CA 94103, USA | Customer support management | Ireland | Within EU/EEA |
| Datadog Inc. 620 8th Avenue, 45th Floor, New York, NY 10018, USA | Monitoring, logging and security monitoring (all data) | Germany | Within EU/EEA |
| Vitally Inc. 548 Market St PMB 39303, San Francisco, CA 94104, USA | Customer success/support tooling | USA | Outside EU/EEA – Data Privacy Framework |
| Mistral AI SAS (optional) 15 rue des Halles, 75001 Paris, France. RCS Paris 952 418 325 | AI processing (text analysis features) | Sweden | Within EU/EEA |
| Postmark (ActiveCampaign, Inc.) (optional) 1 N Dearborn St, 5th Floor, Chicago, IL 60602, USA | Email delivery (alternative provider) | USA | Outside EU/EEA – Data Privacy Framework |
FAQ
- Personal data processed in the platform is encrypted both at rest in the system and during transmission (encryption in transit and at rest).
- Personal data is stored on servers within the EU/EEA (Ireland and Germany).
- Assessio’s DPA with the sub processorsub processorss based on Standard Contractual Clauses (SCC).
- Assessio’s sub processors provide transparency reports (Transparency Reports)
- ISO 27001 certification
- Two-factor authentication for login & Single Sign On (SSO) available.
- In addition to the above security measures, we have also developed an anonymization/pseudonymization function in our platform Ascend. This, in accordance with the European Data Protection Board’s recommendations regarding supplementary measures during transfers, more specifically Use Case 2. This function acts as an additional guarantee of GDPR compliance in the event of a potential involuntary transfer.
We have developed our services with privacy by design and default in mind. This means that our systems support basic data protection principles such as data minimization. Personal data that is no longer necessary to achieve the purpose must be deleted. Within Assessio, standard times are used for checking and, where applicable, deleting personal data. However, you as Controller have full control over this and set the rules for when personal data is to be deleted automatically.
We only process the personal data we are instructed by our customers to process. The categories of personal data vary depending on the service. But most often it is the candidates’ names, e-mail addresses and assessment results. For more information look at the instructions for the respective service.
No. The European Data Protection Board has clarified in its guidance 05/2021 that there is no third country transfer just because a European established company has an overseas parent company.
Within the EU, more information can be found under in our list of sub-processors.
We work with a number of third-party service providers. We require that all our suppliers work to the same high standard as Assessio. We regularly audit our sub processors to make sure they comply with necessary certifications and established processes.
Assessio process personal data in accordance with given instructions from our clients. The purpose is to deliver the service our clients purchased from us. For more information, take a closer look at our DPA, based on the European Commission’s Standard Contractual Clauses (SCC).
Yes, this feature is available in Ascend.
We have developed our services with privacy by design and default in mind. This means our systems support basic data protection principles such as legality and transparency. Our platform enables you to carry out the processing based on the legal basis you consider correct.
We have developed our services with privacy by design and default in mind. This means our systems support basic data protection principles such as transparency. Candidates have the right to be informed about both the collection and use of their personal data and their rights. The information must include, among other things, the purpose of the processing, the storage period, the type of data that will be processed and who will have access to the data. Candidates should also be informed if there is automated decision-making involved (and if so the logic behind it), as well as if data will be transferred outside the EU/EEA.
Candidates also have the right to receive a register extract of what data is processed. Please note that this information must be provided to the candidate at the time of collection. The information must be transparent, easily accessible and in simple language.
Our platform Ascend enables you to link to your privacy policy and thereby comply with your obligation to provide information.
We have an established processes in place to respond to candidate exercise of rights. When a candidate contacts us, we inform our client (data controller) as soon as possible you. The client can hereafter decide to delete data. We will also inform the candidate we have informed our client and the client will get in contact.
