1. Who We Are
TestBuddy is operated by TestBuddy SRL, Via dei Platani 19, 40025 Fontanelice (BO), Italy — P.IVA 01939040935. For data protection matters, contact us at privacy@testbuddy.it.
2. Data We Collect
We collect data you provide directly (name, email address, payment details when subscribing), data generated by your use of the platform (answers, time-on-task, session logs, device and browser information), and data from third-party analytics services (Google Analytics, Vercel Analytics). We do not sell your personal data to third parties.
3. How We Use Your Data
Your data is used to: (a) provide and improve the TestBuddy service; (b) personalise your study plan and AI recommendations; (c) process payments; (d) send service communications (account, subscription, security); (e) send marketing communications where you have given consent or where permitted by law; (f) comply with legal obligations.
4. Legal Basis for Processing (GDPR)
For users in the European Economic Area, our legal bases are: performance of a contract (providing the service you signed up for), legitimate interests (improving the platform, preventing fraud), legal obligation (accounting, compliance), and consent (marketing emails, optional cookies). You may withdraw consent at any time without affecting the lawfulness of prior processing.
5. Cookies
We use essential cookies (required for the platform to function), analytics cookies (to understand usage patterns), and, with your consent, marketing cookies. You can manage your cookie preferences via the cookie banner. Strictly necessary cookies cannot be disabled.
6. Data Retention
We retain your account data for as long as your account is active or as needed to provide the service. After account deletion we retain anonymised usage data for analytics. Financial records are kept for 10 years as required by Italian law. You may request deletion of your personal data at any time.
7. Data Sharing
We share data only with: (a) payment processors (Stripe) for billing; (b) hosting providers (Vercel) for infrastructure; (c) email service providers for transactional and marketing emails; (d) analytics providers (Google Analytics) in anonymised or pseudonymised form; (e) authorities when required by law. All processors are bound by data processing agreements.
8. International Transfers
Some of our service providers are based outside the EEA. Where data is transferred internationally, we ensure appropriate safeguards are in place — such as Standard Contractual Clauses approved by the European Commission.
9. Your Rights
Under GDPR you have the right to: access your personal data; rectify inaccurate data; request erasure ("right to be forgotten"); restrict processing; data portability; object to processing based on legitimate interests; and not be subject to solely automated decision-making. To exercise any right, email privacy@testbuddy.it. You also have the right to lodge a complaint with your local data protection authority.
10. Security
We implement appropriate technical and organisational measures to protect your data, including TLS encryption in transit, hashed passwords, access controls, and regular security reviews. No method of transmission over the internet is 100% secure; we cannot guarantee absolute security.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated by email or via in-app notification before they take effect. The date of the last update is shown at the top of this page.
12. Contact
For privacy enquiries: privacy@testbuddy.it · TestBuddy SRL, Via dei Platani 19, 40025 Fontanelice (BO), Italy.