Who are we?
TSTC - IT & Security Training is a training institute for IT and security training and also an accredited examination institute. This privacy statement applies to all students, exam candidates, prospects, teachers, suppliers, and other customers of TSTC. After all, we are in many cases the so-called data controller. This means that you may contact TSTC regarding the processing of your data.
However, TSTC also processes a lot of data on behalf of others, for example, by acting as an examination and training partner. In that case, you do not enter into a training or examination agreement directly with us. In that case, we refer to the privacy statements of the relevant parties.
Processing of personal data
For our activities, it is necessary for us to process personal data. Personal data are data that can be traced back to a person in one way or another. Think of your name, address, date of birth, but also the result of an exam and your preferences for training. Without data, we cannot provide our services.
What do we do with your data?
TSTC processes personal data for various purposes. For example, for entering into a training agreement, creating a quote, or answering questions. Sometimes you provide this data to us yourself, but in many cases, this data is also provided to us by employers. For example, because you are registered for training or an exam through the employer.
TSTC has developed a schedule in which you can see exactly which data we use for which purposes, on what basis we are allowed to do this, and how long we retain the data. We only ask for data that is necessary for the mentioned purposes. If you would like to view this schedule, please contact TSTC – see the contact section for this.
Consent
For some of our activities, you give your consent in advance, such as for receiving our newsletter. Of course, you can withdraw your consent at any time. This can be done easily by clicking a link in the newsletter.
Automated decision-making, including profiling
TSTC does not have automated decision-making processes. We also do not create profiles.
Data sharing with others
Outside the circle of our partners, we do not share data with third parties, unless this is required by law or when we have your explicit consent. You can see which data we share in the table under the heading 'what do we do with your data'.
Our partners include both exam providers and other accreditation partners. For exam providers, we are a certified test center. This means that we act as an intermediary on behalf of this party. The conditions of these partners apply; we provide data on your behalf or receive data from you on behalf of the exam provider for the execution of the agreement you have with the respective provider. For participation certificates, TSTC uses Diplomasafe. They process the data on behalf of TSTC (our purposes) and not further for their own purposes.
We also collaborate with parties with whom we may or may not jointly offer courses and act as a specialized training partner/reseller for various parties. The conditions of these partners apply when you enter into a training agreement directly with them.
If you enter into a training agreement with us and take an exam? Then both we and the provider are responsible. We for our activities (quotes, training, invoicing, services) and the provider for the membership, the exam, the certification, the surrounding services, and the inclusion in their (inter)national training register.
Exam providers
Kryterion
Pearson Vue
Castle Worldwide
Prometric
PAN
Review
Through klantenvertellen.nl you can leave your review about our training. However, we only receive static information from klantenvertellen.nl. Their conditions therefore apply.
Chat
Zendesk Chat, our chat program, offers the possibility to automatically fill in your email address via Google+ or Facebook when the chat agent is absent. This is not necessary. Keep in mind that in that case, you allow Zendesk to receive data about you, which may be more data than we need for the execution of the chat service. The conditions of Zendesk also apply here.
Processing outside the EEA
Since a large part of our exam and accreditation partners are located outside the EEA, we may also transfer your data to these countries. This concerns IAPP (USA), PECB (Canada), and EC-Council.
For processing our newsletters, we use Mailchimp. This is a party based in the United States. We have concluded a processing agreement with Mailchimp.
Security and confidentiality
We take the processing of personal data very seriously. All information provided by or about participants or services before or during the training/sessions, and which can be expected to be confidential in nature, is handled confidentially by TSTC, its employees, and all instructors.
We secure your data appropriately. To prevent the data from the website from being misused, the data traffic between you and the web servers is encrypted, making it unreadable to outsiders. You can therefore register for exams and make requests via our website with peace of mind.
If you believe there has been a data breach, please contact us immediately by email and clearly describe what you believe is happening.
Your rights
Under the General Data Protection Regulation, you have the right to request access to your personal data and, if necessary, to have it corrected or deleted. At the bottom of this privacy statement, you can find how to contact us. We must verify your identity in this regard and therefore ask you to send a copy of your identity card or driver's license. We recommend that you make your BSN number and photo invisible and indicate that it is a copy. Of course, you can also object to the processing of your data.
We can only delete your data if we have no legal obligation to retain your data, such as tax obligations.
You will always receive a response from us to your request within a month.
Do you have a complaint regarding the processing of your personal data? Please contact us. If we cannot resolve it together, you can contact the national supervisory authority, the Authority Personal Data.
Cookies
Cookies are small text files that you receive on your device (computer, tablet, phone) when you visit our website. These cookies keep track of information about your website visit.
To establish chat contact, we use functional cookies from Zopim (Zendesk Chat). This cookie is used for a certain period. We use the cookie solely to process information for the use of the chat function.
If you do not provide your name, you will be assigned a customer number for the duration of the chat session.
To inform you about the data we collect via these cookies, we have listed them below.
These cookies are retained for the duration of the session or depending on the functionality on your device.
To analyze and improve the use of our website and how visitors arrived at our website, we place analytical cookies on your device. The statistics generated with these cookies are used only to improve our website. The data is not shared with third parties. With the help of Mouseflow, we can map so-called click paths. In this case, the last 3 digits of the IP address are anonymized. Because the impact of this analytical cookie on your privacy is very limited, you do not need to give consent for this.
Change of privacy statement
We may change this privacy statement. We will announce this change on our website. Older versions of this statement can be requested by email.
Contact
For questions about privacy, you can always contact Janine de Jong at janine@tstc.nl. By post, we can be reached at: TSTC, Plesmanstraat 62, 3905 KZ Veenendaal. You can reach us by phone at: 0318 58 14 80.