For the purpose of the EU General Data Protection Regulation 2016/679 (the GDPR), the data controller is Codility Limited. Our registered office is on the 9th Floor, 107 Cheapside, London, United Kingdom EC2V 6DN. Our company registration number is 08372083.
Codility Limited is registered as a data controller with the UK’s Information Commissioner’s Office (the ICO), registration number ZA440192. The ICO is selected as Codility’s designated independent dispute resolution body to address complaints and provide appropriate recourse free of charge to individuals. The ICO can be contacted via www.ico.org.uk.
Codility participates in the EU-US Privacy Shield Framework. Full details of Codility’s participation in this scheme can be found at https://www.privacyshield.gov/list. Under the terms of the EU-US Privacy Shield Framework Codility is subject to the investigatory and enforcement powers of the Federal Trade Commission (the FTC), the Department of Transportation or any other U.S. authorized
1. Information We May Collect
are examples of when we may collect information directly from you:
- Account and test access information such as name, email address, telephone number, work, and educational information, details about your professional interests, professional experience, and your academic title.
- If you submit your CV, we will store any personal data not listed above that you include on your CV.
- When you fill in and submit forms on the Service, including forms submitted at the time of registering to use our Service, conducting assessments, reporting a problem with the Service, or requesting further information from us.
- When you contact us via online submission, telephone, electronic mail, or regular mail, we may keep a record of that correspondence.
- When you complete surveys via the Service.
- When you post comments or opinions to us on the Service or third party website where we have a profile or presence (e.g. on our Facebook page).
You are not required to provide your personal information, but you will be unable to use parts of the Service if you do not.
b. Information from the organization that creates your profile on the Service
If you are provided with login details to access the Service through an organization’s account, that organization may provide us with details to create a profile for you on the Service. This can include information such as your name, job title, work telephone number, and email address.
c. Information about how you use the Service
We collect information about how you use the Service such the time you access the Service and duration you are on it, the site you come to the Service from or go to after leaving the Service, selections, and choices you make and preferences that you set when using the Service as well as any data you input while conducting any assessment on the Service.
d. Information about how you connect to the Service
e. Information about your actual location
2. Where We Transfer and Store Your Personal Information
All information you provide to us is stored on a third party’s secure servers providing data hosting services to us under our control or on computers of Codility Ltd or computers of our subsidiary Codility Polska Sp., z.o.o.. Where we have given you (or where you have chosen) a password which enables you to access certain parts of the Service, you are solely responsible for keeping this password confidential. If the password has been stolen or might otherwise be subject to misuse, it is your responsibility to notify us immediately for further action.
In order to provide a comprehensive and effective service to our customers and to the high-tech community as a whole, personal data may be transferred to third parties who provide services to Codility that include email distribution, customer relationship management, sales opportunity management, sales reporting, sales forecasting, and customer feedback applications.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access. For more information about how we safeguard personal information, contact us at [email protected]
3. Uses Made of the Information We Collect
We use the information we collect in the following ways:
- To manage your account and provide you with the features of the Service, validate and keep your personal information accurate. We will use the information we collect directly from you for this purpose.
- To improve the Service and to ensure that content from the Service is presented in the most effective manner for you and for your device and to display content and features that are tailored to you, your interests, and how you use the Service. We will use the information we collect directly from you, information about how you use the Service, and information about how you connect to the Service for this purpose.
- To provide you with information about products or services that you request from us or which we feel may interest you (in accordance with your marketing preferences). We will use the information we collect directly from you for this purpose.
- To determine and predict information that may be of interest or relevant to you. We will use the information we collect directly from you, information about how you use the Service, and information about how you connect to the Service for this purpose.
- To carry out our obligations arising from any agreements entered into between you and us, such as allowing our employer clients to evaluate any test you have taken. We will use the information we collect directly from you, information about how you use the Service, and information about how you connect to the Service for this purpose.
- To notify you about changes to the Service and address complaints, comments, and issues you have in relation to your use of the Service. We will use the information we collect directly from you for this purpose.
- To prevent, detect, and investigate illegal activities, breaches of any agreements entered into between you and us, and threats to the security of the Service. We will use the information we collect directly from you, information about how you use the Service, and information about how you connect to the Service for this purpose.
- To produce aggregate statistical information and analytics about users of and their submissions to the Service from which individuals cannot be identified.
- For more information about how Codility uses personal data see our Data Privacy Notice.
4. Disclosure of Personal Information
We may disclose your personal information to third parties:
- Who provide a service to us. These third parties will only be allowed to use your personal information in accordance with our instructions and will be required to keep your information secure.
- In the event that we sell or buy or transfer any business or assets (in part or whole), in which case we may disclose your personal information to the prospective seller, buyer or recipient of such business or assets.
- In order to respond to a subpoena, court order or other legal duty or obligation (including without limitations requests or demands from law enforcement and government authorities and regulators.
- In order to investigate, prevent, or take action regarding suspected or actual prohibited activities, including but not limited to, fraud and situations involving potential threats to the physical safety of any person or to prevent financial loss to any person or entity, including Codility Ltd, its customers, clients, and other parties.
- In order to enforce or apply any agreement, we have with you.
- Business partners who offer a service to you jointly with us. For example, this includes the employer clients of ours whose assessments you have undertaken.
5. Your Marketing Rights
You have the right to ask us not to process personal information for marketing purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us at
The Service may, from time to time, contain links to and from the websites of our employer partners, partner networks, advertisers, and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
6. Access to and Control of Personal Information
You have the right to access, review, update, correct, or delete the personal information held about you. In some circumstances, you may also have the right to restrict or object to processing and to receive your personal information in a portable form. Under certain conditions, you may have the right to invoke binding arbitration. To exercise these rights contact [email protected]
7. Lawful Bases for Processing
We only collect and process personal information where we have a lawful basis. Lawful bases include consent (where you have given consent), contract (where processing is necessary to perform a contract with you, e.g. to deliver the Service), legal obligation (where processing is necessary to comply with the law), and our legitimate interests (e.g. to protect us and you, to comply with applicable laws, to administer and improve our business, and for our direct marketing purposes).
Where our processing of personal information is based on consent, you have the right to withdraw your consent at any time, and where we rely on legitimate interests, you have the right to object. To exercise these rights contact [email protected].
8. Retention of Personal Information
You may contact our Data Protection Officer at [email protected]. You may also have the right to lodge a complaint with a supervisory authority in the EU as described in Article 77 of the GDPR.
11. EU-US Privacy Shield
Codility is committed to adhering to the Principles of the Privacy Shield Framework in the processing of all personal data across its entire organization including its subsidiaries Codility Polska Sp., z.o.o., Warsaw, Poland and Codility, Inc., San Francisco, USA. The Principles of the Privacy Shield Framework can be found at https://www.privacyshield.gov/EU-US-Framework.
In compliance with the Privacy Shield Principles, Codility commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Codility Ltd at [email protected]
Codility Ltd. has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved Privacy Shield complaints concerning data transferred from the EU and Switzerland.
Codility has self-certified with the US Department of Commerce that it adheres to the seven Privacy Shield principles. Codility is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). Under certain conditions, an individual has the right to invoke binding arbitration. Codility acknowledges liability in cases of onward transfers to third parties.