1. Scope

This Privacy Policy (“Policy”) explains how Apptroid Technology Private Limited (“Apptroid”, “CloudTest”, “we”, “our”, or “us”) collects, uses, stores, shares, and otherwise processes Personal Data when you (“You”, “Your”, or “User”) visit or use cloud-test.in and any subdomains, or use any products, software, mobile applications, integrations, and features provided under the CloudTest platform (collectively, the “Services”).

CloudTest is an online assessment platform used for conducting assessments (including functional, behavioral, technical and MCQ-based assessments) and may include proctoring, reporting, analytics, and integrity features.

By accessing or using the Services, you agree to the practices described in this Policy. If you do not agree, please do not use the Services.

2. Definitions

  • Personal Data means any information that identifies or can reasonably be used to identify an individual, directly or indirectly. This may include name, email, phone number, online identifiers (e.g., IP address), device data, and information generated through use of the Services.
  • Data Controller means the entity that determines the purposes and means of processing Personal Data.
  • Data Processor means the entity that processes Personal Data on behalf of a Data Controller.
  • Customer means an organization (e.g., employer, recruiter, institution) that uses CloudTest to administer assessments.

3. Controller vs Processor Roles

Depending on how you use CloudTest:

  • Direct use: If you use CloudTest directly (e.g., self-signup), CloudTest generally acts as a Data Controller for your Personal Data.
  • Customer-provisioned access: If you access CloudTest through a Customer invitation or account provisioning, the Customer generally acts as the Data Controller, and CloudTest acts as a Data Processor processing data on the Customer’s behalf.

Where CloudTest acts as a Data Processor, the Customer is responsible for lawful collection and providing appropriate notices/consents, unless CloudTest explicitly collects consent in-product.

4. Information We Collect

4.1 Personal Data you provide directly

When you access the Site or create an account on your own, we may collect:

  • Full name
  • Title/role (optional)
  • Email address (personal and/or professional)
  • Phone number (optional)
  • Organization/institution name (optional)
  • Login credentials (username and encrypted password)
  • Support and communication data (when you contact us)

4.2 Personal Data collected through Customers (Customer as Controller)

If you are invited or provisioned by a Customer, the Customer may choose to collect or upload additional details for using the Services, including but not limited to:

  • Profile/display picture
  • Email address (personal and/or professional)
  • Country, state, city, postal code
  • Login name, screen name, handle
  • Telephone number (home/work/mobile)
  • Postal or other physical address
  • Date of birth
  • Gender
  • School/university information (including grades and graduation year)
  • Workplace information
  • Job position/designation
  • Resume/CV and supporting documents
  • Social profile information (e.g., GitHub/LinkedIn) if required by the Customer
  • Assessment responses, scores, rankings, reports, and related metadata

4.3 Automatically collected information (“Usage Information”)

We automatically collect certain information when you use the Services, including during:

  • Account registration
  • Use of certain Service features
  • Creating, taking, or administering tests
  • Generating reports and analytics
  • Requesting support
  • Registering for events/webinars (if any)
  • Participating in surveys (if any)
  • Using forums/discussion areas (if any)
  • Subscribing to newsletters/updates (if any)
  • Customization and preferences

Such data may include cookies, page-view activity, approximate geolocation derived from IP address, IP addresses, browser type, ISP, referring/exit pages, files viewed (e.g., HTML pages, graphics), operating system, date/time stamps, clickstream data, diagnostics, and security logs.

Certain technical and security logs may be stored for extended periods as needed for security, audit, abuse prevention, troubleshooting, and legal compliance.

4.4 Third-party integrations (including Google APIs, if used)

If you connect CloudTest with third-party services (e.g., Google, Microsoft, ATS/HRMS tools), we process data from those integrations as required to provide the integration.

Where CloudTest uses Google APIs, information received from Google APIs will be processed in accordance with applicable Google API policies, including limited use requirements, where applicable.

5. Cookies and Tracking Technologies

We use cookies and similar technologies to analyze trends, administer the Site, track user movements, improve performance, maintain session security, and remember preferences.

You can control cookie use in your browser. If you block cookies, certain features (including login/session features) may not work.

CloudTest Services may not respond to “Do Not Track” signals. When using our Services, information about online activity may be collected while and after you leave our Site to the extent permitted by law.

6. Interest-based Advertisements (Marketing)

We may use cookies and similar technologies to measure marketing performance and understand browsing activity on our Site. We may partner with third parties to display advertising on the Site (if applicable) or manage our advertising on other sites/platforms.

These partners may use cookies or similar technologies to collect information about your browsing activities over time and across websites to provide interest-based advertisements.

7. Mobile Application (If/When Applicable)

If you download and use a CloudTest mobile application (if offered), we may automatically collect device information such as device type, operating system version, device identifiers (where permitted), app usage events, and crash logs.

If push notifications are enabled, we may send notifications for alerts, updates, or promotions (where applicable). You can disable notifications in your device settings.

8. Geolocation

We may collect and process location information such as approximate location derived from IP address and, where enabled and permitted, location data from device settings.

We use location data to optimize performance (e.g., routing to nearest data center), improve security, and offer localization preferences. We may share limited location-related data with cloud infrastructure providers for performance and security operations.

If you wish to opt out of certain location processing (where applicable), you may contact us at info@cloud-test.in and/or disable device-level location permissions.

9. How We Use Personal Data

We process Personal Data only in accordance with this Policy, including to:

  • Provide, operate, maintain, and improve the Services
  • Create and manage accounts, authentication, and access controls
  • Enable assessments, evaluation workflows, reporting, and analytics
  • Provide proctoring and integrity features (where enabled)
  • Personalize and improve user experience
  • Provide customer support and respond to inquiries
  • Send transactional messages (service updates, security alerts)
  • Send marketing communications where permitted and opted-in
  • Conduct surveys/feedback collection
  • Detect, prevent, and investigate fraud, harmful activity, unauthorized access, or misuse
  • Enforce our Terms, policies, and agreements
  • Comply with legal obligations and resolve disputes

10. Lawful Basis for Processing

We process Personal Data only where we have a lawful basis, which may include:

  • Consent (e.g., certain marketing and certain proctoring flows where required)
  • Contractual necessity (to provide the Services you request)
  • Legitimate interests (e.g., platform security, product improvement, abuse prevention)
  • Legal obligation (to comply with applicable laws and lawful requests)

11. Invites / Referral Sharing (If Applicable)

If you use an “Invite” feature to tell someone about CloudTest, you represent that you have their consent to share their name and email. We may send a one-time invitation email and maintain an activity log for referral/invite tracking.

12. Your Choices

  • You can choose whether to provide Personal Data; some features may not be available without it.
  • You may opt out of marketing emails via the unsubscribe link (where provided).
  • We may still send essential service communications (e.g., password reset, security alerts).

13. Your Rights

Depending on your location and applicable law, you may have rights including:

  • Right to access your Personal Data
  • Right to rectification (correction)
  • Right to object to certain processing
  • Right to erasure (deletion) of some or all Personal Data
  • Right to restrict processing
  • Right to data portability (machine-readable copy)
  • Right to refuse or withdraw consent (where processing is based on consent)
  • Right to lodge a complaint with a supervisory authority (where applicable)

To exercise these rights, contact us at info@cloud-test.in. We may request additional information to verify your identity and the nature of your request.

14. Data Retention

Personal Data is generally retained for the duration of your active account or engagement. Following deactivation or termination, we may retain data for up to one (1) year unless:

  • Longer retention is required by law or a lawful request, or
  • Longer retention is necessary for legitimate security/audit purposes, or
  • A Customer (Controller) instructs different retention for Customer-managed accounts.

Upon receiving a valid deletion request, we will mark the data for deletion without undue delay. Residual data in logs/backups may persist temporarily for operational integrity and security and will be securely purged where feasible, typically within thirty (30) days, unless longer retention is required for legal compliance or security reasons.

15. Sharing Your Personal Data

We do not sell or rent your Personal Data.

We may share Personal Data with:

  • Affiliates (within Apptroid group, if applicable) for internal operations
  • Service providers/sub-processors for hosting, storage, monitoring, analytics, communications, and support
  • Customers (Controllers) to deliver the Services (e.g., administering assessments, reporting)
  • Legal authorities where required by law, subpoenas, court orders, or lawful processes
  • Security/fraud investigations to prevent threats, misuse, or violations of our Terms

15.1 Business Transfers (M&A)

If we buy, sell, or transfer assets, or are involved in a merger, acquisition, restructuring, or bankruptcy, Personal Data may be transferred as part of that transaction. Any acquirer may continue to use Personal Data in accordance with this Policy or a substantially similar policy, subject to applicable law.

16. Security of Your Personal Data

We use administrative, technical, and organizational measures to help protect Personal Data against unauthorized access, alteration, disclosure, or destruction, including encryption in transit (HTTPS/TLS), access controls, monitoring, logging, and secure infrastructure practices.

No system is completely secure; therefore, we cannot guarantee absolute security.

17. Linked Websites and Third-Party Services

The Site/Services may provide links to third-party websites or services that are outside our control and not covered by this Policy. You should review those third parties’ privacy policies prior to use.

18. Forums / Public Areas (If Applicable)

If you participate in a discussion forum, message board, or other public area, information you provide may be visible to others who have access. Individual forums/messages may have additional rules and conditions.

19. Children

We do not knowingly collect Personal Data from individuals under the age of 16 without appropriate consent. If we learn we have collected such data, we will delete it promptly. If you believe a child under 16 has provided Personal Data, contact info@cloud-test.in.

20. Proctoring, Monitoring & Assessment Integrity

CloudTest provides optional remote proctoring and assessment integrity features that may be enabled by Customers (such as employers, recruiters, educational institutions, or assessment administrators) to help ensure fairness, authenticity, and compliance during assessments.

20.1 When proctoring applies

Proctoring features may be activated when:

  • You attempt or participate in an assessment configured with integrity controls
  • The Customer has enabled proctoring/monitoring/identity verification features
  • Applicable legal requirements permit such processing

The exact scope of proctoring is configurable by the Customer and may vary across assessments.

21. Proctoring Consent & User Acknowledgement

21.1 Notice and consent

Before the start of a proctored assessment, you will be provided a notice describing the proctoring features enabled and the categories of data that may be collected. By clicking “Start Test”, “Proceed”, or a similar action after being presented with such notice, you acknowledge and consent (where required by law) to the collection, processing, and analysis of proctoring-related Personal Data for assessment integrity purposes.

If you do not consent, you may not be able to proceed with the proctored assessment.

21.2 Categories of proctoring & integrity data

Depending on configuration, CloudTest may collect and process:

  • Identity & visual data: webcam images, video recordings or periodic snapshots; face presence/face-count signals; identity verification images (where enabled).
  • Audio data: microphone audio recordings; ambient voice/noise presence signals (where enabled).
  • Screen & device activity: screen recordings/snapshots; tab switching; window focus changes; copy/paste signals; full-screen enforcement signals; detection of screen sharing or virtual environments (where enabled).
  • Browser & network signals: IP address; device/browser identifiers; timestamped activity logs; session metadata and diagnostic events.
  • Behavioral & integrity signals: automated flags generated by the system (e.g., suspicious activity indicators); time spent per section/question; unusual interaction patterns; repeated reconnect attempts.

CloudTest does not make final hiring, academic, or employment decisions. Proctoring outputs are integrity signals and reports made available to the Customer (Data Controller) for independent evaluation.

21.3 Purpose of processing

  • Verify candidate identity (where enabled)
  • Prevent cheating, impersonation, or misuse
  • Maintain fairness and assessment integrity
  • Generate integrity reports and audit trails
  • Investigate disputes, appeals, or suspected misconduct
  • Meet contractual and compliance obligations

Proctoring data is not used for advertising or unrelated profiling.

21.4 Storage, access & retention

Proctoring data is stored securely with restricted access controls. Access is limited to authorized CloudTest personnel (for support, security, or audit) and authorized Customer representatives (as configured by the Customer). Proctoring data is retained for the period specified by the Customer, or up to one (1) year by default unless legally required otherwise, after which it is securely deleted or anonymized.

21.5 Legal basis

Processing of proctoring data is based on one or more of the following:

  • Consent (where required)
  • Contractual necessity (assessment delivery)
  • Legitimate interests (assessment integrity and security)
  • Legal obligations (where applicable)

21.6 User responsibilities & technical requirements

To participate in a proctored assessment, you may be required to enable camera/microphone/screen permissions, use a compatible browser/device, maintain stable connectivity, and follow assessment rules. Failure to meet requirements may result in incomplete attempts or integrity flags.

21.7 Opt-out

If you choose not to allow proctoring or revoke consent, you may be unable to proceed. Any alternative assessment option (if any) is at the discretion of the Customer.

21.8 CloudTest role & Customer responsibility

Where proctoring is enabled, CloudTest generally acts as a Data Processor and the Customer acts as the Data Controller. Customers are responsible for lawful use, candidate disclosures, and final decisions.

22. California Privacy Rights (CCPA/CPRA Notice)

If you are a resident of California, you may have specific rights regarding your Personal Data, including rights to know, delete, and non-discrimination. We do not sell Personal Data.

22.1 Categories of Personal Data (past 12 months)

  • Identifiers: name, email address, account identifiers
  • Internet/Network activity: IP address, device info, logs, usage data
  • Professional/education information: where provided by Customer
  • Audio/visual: where proctoring is enabled and permitted (webcam/audio/screen records)

22.2 Disclosure

We may disclose Personal Data to service providers for business purposes under written contracts and to Customers (Controllers) to deliver the Services.

22.3 Verification

We may verify your identity before fulfilling requests. Authorized agents may be required to provide proof of authorization. Requests can be sent to info@cloud-test.in.

23. EEA, United Kingdom, and Switzerland (GDPR/UK GDPR)

If you are located in the EEA/UK/Switzerland, GDPR/UK GDPR may apply. CloudTest may act as a Controller for direct users and as a Processor when providing Services to Customers (Controllers).

23.1 Additional rights

GDPR provides rights such as the right to object, restrict processing, and lodge a complaint with a supervisory authority.

23.2 Automated decision-making

CloudTest may generate assessment scores, analytics, and integrity flags. Customers may use these outputs as part of their evaluation processes. CloudTest generally does not use solely automated decision-making that produces legal or similarly significant effects without appropriate safeguards, where required by law.

24. Other Regions

Where applicable, CloudTest aims to comply with data protection laws in relevant regions, such as UK Data Protection Act 2018 and UK GDPR, Canada’s PIPEDA, Singapore’s PDPA, and applicable Indian laws (including evolving requirements).

25. International Transfers

Your Personal Data may be processed in countries other than your own, including where our cloud hosting/service providers operate. We take reasonable measures to ensure appropriate safeguards for cross-border transfers where required by applicable law.

26. Changes to This Privacy Policy

We may update this Policy from time to time due to operational, legal, or regulatory changes. We recommend reviewing it periodically. Your continued use of the Services after updates constitutes acceptance of the updated Policy.

27. Contact Us

Company Name: Apptroid Technology Private Limited

Platform: CloudTest

Website: cloud-test.in

Email: info@cloud-test.in

Address: Marathon Maxima, Moti Nagar, Mulund - West, Mumbai, Maharashtra - 400080

27.1 Grievance / Data Protection Contact

If you have concerns, complaints, or requests regarding privacy or Personal Data, contact:

Grievance Officer / Data Protection Contact: (To be updated by Company)

Email: info@cloud-test.in

Availability: Monday to Friday, 10:00 AM to 7:00 PM IST (except public holidays).

Connect with CloudTest

Discover smarter hiring with CloudTest

Explore coding tests, AI interviews, and assessment workflows designed to help modern teams hire faster and with more confidence.

  • AI-powered assessments
  • Faster hiring workflows
  • Trusted by growing teams
Book a Demo