Privacy Policy

This privacy policy lets you know what happens to certain personal data that you provide to us, or that we may collect about you through your participation in the Experience Research Program. This notice was last updated on August 23rd, 2023. We may update this privacy policy to reflect changes to the way we process your personal data. If we propose to make any material changes, we will notify you by means of a notice on this page. You can find information about how we may process your data in your capacity as a customer of one of our platforms here.

About us and how to contact us

The UserTesting Group (“UserTesting” or “we” or “us”) consists of UserZoom Technologies, Inc, together with a number of subsidiaries (including User Zoom Inc, UserZoom Limited, UserZoom GmbH, UserZoom Technologies, Inc Sucursal en España, Panisero SAS, User Testing, Inc., Human Insights Canada, Inc., User Testing Limited, User Testing Singapore Pte Ltd, Teston AS and Teston Germany GmbH ). You can contact us via email at privacy@usertesting.com or by phone at 1 (888) 877-1882.

Who is my data controller?

UserTesting is your data controller.

What personal data do we collect and why?

We collect information from you when you visit our website, create and complete profile on our Experience Research Panel or participate in studies operated by us on the applicable digital user testing and customer experience measurement solution(s) (the “Platform”). We may also collect information from you when you contact us by email or through other means, or when you receive communications from us.

We may collect the following types of data from you: 

  • Identity Data. This is information that helps us identify who you are, like your name, email address or organisation.
  • Contact Data. This is information that details how we can contact you, like your email address, telephone number or postal address.
  • Survey Data. This is any information which you provide as part of a Test, which may include any information recorded in your survey responses, audio and video recordings and/or any information collected during screen recording. Please note, all survey data is voluntary. You can always choose not to provide Survey Data, however, this may prevent you from participating in Tests.
  • Payment Data. This is information that you have provided in order to receive an incentive or payment (if applicable) for having completed a survey, including payment details
  • Observed Data. This is information about your online browsing behaviour on the Platform, including information about any devices or applications you have used to access our services (including the make, model and operating system, IP address, general location, browser type and mobile device identifiers) or information about how and when you used the Platform.
  • Referral Data. This is information about how you arrived at our site (i.e. if you arrive on our website from an external source, such as a link on another website or in an email, we record information about the source that referred you to us).

Voluntary Data. This is any other information that you voluntarily provide to us, for example demographic information provided through your participant profile, or in correspondence between you and any UserTesting employee through any means of communications, including through email or other support means, or via our social media channels.

How do we use your data?

We may use the data we collect about you for a variety of purposes. European data protection legislation sets out specific “lawful bases” for processing personal data. The below sets out the basis under which we may process different information about you, and explains the purpose of that processing.

Pupose Example of Types of Personal Data used for Purpose Lawful bassis
Provide you with access to the Platform, including the ability to participate in Tests Identity Data, Contact Data Necessary for contract
Personalise the services, including to send you Tests that match your Contributor profile Voluntary Data, Observed Data Legitimate interests
Improve and manage our services and to create new services and features Observed Data, Voluntary Data, Referral Data, Survey Data (where permitted) Legitimate interests
Contact you for marketing purposes (if you opt in), including to invite you to participate in Tests Identity Data, Contact Data Consent
Comply with legal obligations, including document retention or responding to relevant communications from supervisory authorities or other governmental authorities Identity Data, Contact Data, Survey Data, Observed Data, Referral Data, Voluntary Data Compliance with legal obligations
If you are due to receive an incentive for having completed a Test, to pay you that incentive Contact Data, Payment Data Necessary for contract
Contact you to provide you with relevant information in relation to the services and/or the Platform Contact Data, Payment Data, Observed Data Legitimate interests

Who do we share your information with and where are they?

Your personal information may be shared with our processors. We may also share your data amongst the UserTesting group companies (as outlined above). We will have in place an agreement with each of these processors which will restrict how they are able to process your personal information and require them to keep it secure. We will never sell your personal data.

We may also share your personal information: (a) as required by law or legal process; (b) in response to lawful requests by public authorities, including to meet national security or law enforcement requirements or other requests; (c) to investigate suspected violations of any terms or policies applicable to our products or the services provided by us or our third party providers or affiliates; (d) where we reasonably conclude that it is necessary for defending, exercising or establishing our legal rights; (e) to investigate alleged or actual fraud, misrepresentation or other misconduct; (f) in connection with a prospective sale, merger, change of control, bankruptcy or similar transaction; and (g) to other third parties with your express consent. 

Third-party 

The website (or the platform) may contain links to other websites or Internet resources. When you click on one of those links, you are contacting another website or Internet resource. We have no responsibility or liability for, or control over, those other websites or resources or their collection, use and disclosure of your information. We suggest that you read the privacy policy and terms of use of each such website.

Security

The security of your personal information is important to us. We have adopted appropriate technical and organisational measures and follow industry best practices in order to protect any personal data submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore we cannot guarantee its absolute security.

How long do we keep your information for?

We may only retain your personal information for the purposes set out in this policy and for as long as we have a legal or business requirement to do so. By law, different retention periods apply to different types of records and data, however the longest we will normally hold any personal data is 7 years from the date of your last interaction with us.

Exercising your rights

You have the right to request that we: 

  • Provide you with access to your personal information 
  • Rectify or correct your personal information
  • Erase your personal information
  • Restrict processing of your personal information, including refraining from selling it or otherwise providing it to any third parties

You also have the right to lodge a complaint with the appropriate supervisory authority in your country if applicable, if you consider that we are in breach of our obligations under data protection laws. The foregoing rights may be subject to certain limitations pursuant to applicable law. You may request the exercise of these rights by sending an email to privacy@usertesting.com. Additionally, you may unsubscribe from marketing emails by clicking the ‘unsubscribe’ button in the footer of any of those emails.

We will respond to your request within 30 days, unless a faster response is required by law.

Sources of Personal Data

We collect information about you from several sources, which include third party providers or directly from you. Because information from several sources may be combined into one record, it may be difficult or impossible to identify the exact source of one particular piece of information

Cookies and Other Tracking Technologies

We and our partners use cookies or similar technologies to analyse trends, administer the website, track users’ movements around the website and to gather demographic information about our user base as a whole. 

If you want to restrict or block cookies set by our website, you may change your browser settings to do so. For more information about our cookies and to learn more about the cookies on your device, and opt out of them if you wish, please visit https://www.usertesting.com/cookie-policy. If you use your browser settings to block all cookies (including strictly necessary cookies) you may not be able to access all or parts of our website.

EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield

We adhere to the principles of the EU-U.S. and Swiss-U.S. Privacy Shield frameworks, although we do not rely on such frameworks as a legal basis for transfers of personal data in light of the judgment of the Court of Justice of the EU in Case C-311/18. If any personal data is transferred outside of the EEA, we will ensure that any such transfer of personal data is governed by an adequacy decision or an alternative valid mechanism for international data transfers, such as the Standard Contractual Clauses. 

We participate in and have certified our compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework.  We are committed to subjecting all personal data received from European Union (EU) member countries and Switzerland, respectively, in reliance on each Privacy Shield Framework, to the Framework’s applicable Principles.  To learn more about the Privacy Shield Frameworks, and to view our certification, visit the U.S. Department of Commerce’s Privacy Shield List

We are responsible for the processing of personal data we receive, under each Privacy Shield Framework, and subsequently transfer to a third party acting as an agent on its behalf.  We comply with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.

With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, we are subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.  In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.

Under certain conditions, more fully described on the Privacy Shield website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.

Cookies and Other Tracking Technologies

We and our partners use cookies or similar technologies to analyse trends, administer the website, track users’ movements around the website and to gather demographic information about our user base as a whole. 

If you want to restrict or block cookies set by our website, you may change your browser settings to do so. You may wish to visit www.youronlinechoices.com/uk/your-ad-choices to learn more about the cookies on your device, and opt out of them if you wish. If you use your browser settings to block all cookies (including strictly necessary cookies) you may not be able to access all or parts of our website.