UserTesting, Inc. provides a platform and service (“UserTesting Services”) that allows UserTesting Clients (“Clients”) to conduct usability tests and testers (“Testers”) to perform and record tests.
This Policy does not apply to the collection, use and disclosure of Tester information; Collection, use and disclosure practices for Testers are covered by the terms of the UserTesting Tester Agreement and Privacy FAQs for Testers.
Collection and Use of Client Information
UserTesting collects information about our Clients and consumers who visit the UserTesting website (“Visitors”). This information can include Personal Information (which means individually identifiable information that would allow us to determine the actual identity of, and contact, a specific living person), billing information, account settings and other data (“Client Data”).
UserTesting collects this data in order to provide UserTesting Services to our Clients and does not disclose, sell or use Client Data for any purpose other than those outlined in this Policy or in the UserTesting Services Agreement.
UserTesting acts as a limited agent (and as a data processor in the EU context) to each Client only for the purpose of providing UserTesting Services. UserTesting does not use Client Data for our own purposes, except in limited circumstances described in this Policy, or unless we have express consent. UserTesting does not sell Client Data to third parties. UserTesting collects, uses and discloses Client Data to:
Provide our Services
Manage our Services
Monitor and Improve our Services and Features
Create New Services, Features or Content
Contact Clients about Service or Account
Contact Clients for Marketing Purposes
Respond to Legal Requests
Public Data and Metadata
UserTesting may anonymize Client survey metadata to create and provide new services, features, or content. Neither individual Clients nor Testers will be identified or identifiable unless UserTesting obtains Client or Tester permission.
Usage and Device Data
UserTesting collects usage data about Visitors to our website, including pageviews, clicks, and log files containing originating IP addresses. In addition, UserTesting collects data from the device and applications used to access our Services including IP address and browser type.
UserTesting records if a Visitor arrives at UserTesting website from an external source (such as a link on another website or in an email).
Information from Third Parties
UserTesting collects Personal Information or other data from third parties, if Clients give permission to those third parties to share your information with us.
Visitors have the ability to accept or decline cookies. Most web browsers automatically accept cookies, but individuals can usually modify browser settings to decline cookies. More information about disabling cookies is available at www.allaboutcookies.org. Choosing to decline cookies may result in decreased function on UserTesting websites.
Processing of EU Data
UserTesting provides some of its services to Clients in the EU.
UserTesting will use Personal Information only in ways compatible with the purposes for which it was collected or authorized by our Clients, or as requested in connection with Tester requests.
Our Clients limit UserTesting’s collection, use and disclosure of their customers’ information through the UserTesting Services. We keep information we need to provide our services to our Clients as long as we have a valid business purpose, in accordance with applicable law and our Service and/or Tester Agreements.
In most cases, our collection of Personal information is related to our Clients and Testers and collected under the terms of our Service Agreement and Tester Agreement, respectively.
Individuals that wish to request access to, correction, or deletion of Personal Information they submitted to the UserTesting corporate website should contact UserTesting at firstname.lastname@example.org.
No data transmissions over the Internet can be guaranteed to be 100% secure. UserTesting cannot ensure or warrant the security of any information transmitted to UserTesting. All transmissions of information are done at the senders own risk. Once UserTesting is in possession of any information, UserTesting will make reasonable efforts to ensure the security of its systems.
UserTesting has adopted physical, technological, and administrative procedures to safeguard and secure the information we process.
By using this website or providing Personal Information to us, you agree that we can communicate with you electronically regarding security, privacy, and administrative issues relating to your use of this website.
The Privacy Shield program applies to the processing of Personal Data in regards to the collection, use and retention of Personal Data from Testers located in Switzerland and the European Union and European Economic Area, as set out by the U.S. Department of Commerce. UserTesting has certified that it adheres to the Privacy Shield Principles of notice, choice, account ability for onward transfer, security, data integrity and purpose limitation, access, and recourse/enforcement/liability. UserTesting is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).
All employees of UserTesting who handle Personal Data from Switzerland and the European Union are required to comply with the Privacy Shield Principles.
As part of our participation in the Privacy Shield program, we will resolve disputes you have with us in connection with our policies and practices through JAMS ADR. For more information and to contact JAMS ADR directly, visit www.jamsadr.com. As a last resort and in limited situations, Swiss and EU individuals may seek redress from the Privacy Shield Panel, a binding arbitration mechanism.
UserTesting’s accountability for Personal Data that it receives under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, UserTesting remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the Personal Data on its behalf do so in a manner inconsistent with the Principles, unless UserTesting proves that it is not responsible for the event giving rise to the damage.
UserTesting encourages you to contact our Head of Privacy and Security at email@example.com should have any Privacy Shield-related (or general privacy-related) complaint. As further explained in the Privacy Shield Principles, a binding arbitration option will also be made available to you in order to address residual complaints not resolved by any other means. UserTesting is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).
Changes and Updates