1. Data Controller

International Board of Skills and Development - UK LTD ("IBOSD", "we", "our", "us") is the Data Controller for all personal data collected through the Free Diagnostic Assessment.

Registered Office: 2 Frederick Street, Kings Cross, London WC1X 0ND, United Kingdom.

2. Legal Basis for Processing (UK GDPR)

Personal data is processed in accordance with the UK General Data Protection Regulation (UK GDPR) under:

• Article 6(1)(a) - Consent.
• Article 6(1)(f) - Legitimate Interests for academic evaluation, quality assurance, fraud prevention, and programme advisory purposes.

Participation in the Free Diagnostic Assessment constitutes explicit consent to the processing activities described in this notice.

3. Personal Data Collected

IBOSD may collect and process:

• Full name.
• Contact details (email, phone).
• Country of residence.
• Educational and professional background (if provided).
• Assessment responses and scores.
• Technical metadata (IP address, device/browser data for security purposes).

IBOSD does not intentionally collect special category (sensitive) data unless voluntarily submitted.

4. Purpose of Data Processing

Personal data will be used strictly for the following purposes:

• Administer and evaluate the diagnostic test.
• Generate performance reports.
• Provide academic counselling or programme recommendations.
• Improve assessment quality and security.
• Prevent fraud, impersonation, or misuse.
• Send relevant programme information (with opt-out facility at any time).

No processing shall occur beyond these stated purposes.

5. Data Access and Custodianship

Personal data shall be used only by IBOSD - UK LTD. Where operationally necessary, data may be processed by an exclusive data custodian formally nominated by IBOSD, bound by strict contractual confidentiality and data protection obligations.

Data shall not be sold, rented, traded, or commercially exploited. Any third-party processor must comply with UK GDPR and ICO standards.

6. Data Security

IBOSD implements appropriate technical and organisational safeguards including:

• Secure server environments.
• Access controls and restricted authorisation.
• Encryption where appropriate.
• Monitoring for unauthorised access or breaches.

7. Data Retention

Personal data will be retained only as long as necessary for assessment evaluation, academic advisory follow-up, and legal or compliance obligations. Thereafter, data may be securely deleted or anonymised for statistical or quality improvement purposes.

8. International Transfers

If data is processed outside the United Kingdom, IBOSD will ensure appropriate safeguards in accordance with UK GDPR, such as adequacy regulations or standard contractual clauses.

9. Data Subject Rights

Under UK GDPR, individuals have the right to:

• Access their personal data.
• Request correction of inaccurate data.
• Request erasure (Right to be Forgotten).
• Restrict processing.
• Object to processing.
• Withdraw consent at any time.
• Request data portability.
• Lodge a complaint with the UK supervisory authority, the Information Commissioner's Office (ICO).

Requests should be submitted through official IBOSD communication channels.

10. Automated Processing

Assessment scoring may involve automated evaluation tools. However, no final academic or admission decision is based solely on automated decision-making.

11. Withdrawal of Consent

Participants may withdraw consent at any time. Withdrawal shall not affect the lawfulness of processing carried out prior to withdrawal.

12. Amendments

IBOSD reserves the right to update this notice to ensure continued compliance with UK GDPR and ICO guidance.

13. Acceptance

By registering for or participating in the Free Diagnostic Assessment, the participant confirms that they have read, understood, and agreed to this Data Protection and Privacy Notice.