Certification Privacy FAQs
IAPP uses an exam hosting service, PearsonVUE, to make its exams available to people globally. PearsonVUE has relationships with testing centers all over the world so that candidates can sit for an exam close to their home or work. PearsonVUE also has a program, called OnVUE, that allows candidates to take an exam online from their home or office. The IAPP signed up to make the OnVUE option available to its candidates shortly after the COVID-19 pandemic struck.
This document has been created to explain the unique data processing activities involved in taking an IAPP exam. Information is also available in the IAPP Privacy Notice, but this set of frequently asked questions is specifically tailored to the exam experience, whether at a testing center or online using OnVUE.
After a candidate passes an exam, they can receive a digital certificate to display from the IAPP’s subcontractor, Accredible.
The IAPP shares the candidate’s first and last name, email address, and a personal authorization code that allows access to the exam. In an effort to minimize the data PearsonVUE collects, the address and phone number on your PearsonVUE account will be the IAPP headquarters’ address and phone number.
PearsonVUE communicates exam scheduling, rescheduling and cancellations with the IAPP’s database. Once an exam is taken, the results of the exam are also sent to the IAPP. The IAPP uses the pass/fail score to update the certification information in the candidate’s IAPP account. The actual results of the exams are used to monitor the health of the exam. They are kept by the IAPP for only six months and then are destroyed.
When checking in, OnVUE will require a phone number so the proctor can reach the candidate if any issues occur during the exam, as well as photographs of the candidate’s room surroundings to verify compliance with testing protocols (e.g., no one is allowed in the room with the candidate, no materials are allowed to assist the candidate, limited food/beverage, etcetera). OnVUE will also require a photograph of the candidate’s face and the candidate’s photo identification. Facial recognition software, provided by IDEMIA, will then compare the photo in the identification to the candidate’s face. IDEMIA’s technology verifies that the name and face on the identification conform to the candidate’s name and face. If the match fails, a human proctor is summoned to perform the match identification in person. Immediately following the match verification, the information from the candidate’s identification is deleted by IDEMIA’s system and it is never shared with PearsonVUE or the IAPP. The only data retained by PearsonVUE are a photographs of the candidate, photographs of their room surroundings, and the recording of their testing experience. This information is retained in case the candidate has a reason to appeal the exam based on a claim of cheating in the testing environment. This information is collected only to validate the identity of the test taker for exam security and certification integrity purposes. All this information is deleted within 30 days of the test. None of the information collected at check-in is shared with the IAPP or any other entity (other than IDEMIA as described above).
If a candidate refuses to participate in the facial recognition process performed by IDEMIA’s system, the candidate may contact PearsonVUE’s call center at https://home.pearsonvue.com/iapp/contact and arrange to have the candidate’s identity verified by a person. Please note, this may create delays in the testing process.
Upon checking in at a testing center, a greeter will collect the candidate’s signature and take a photograph of the candidate’s face. The greeter will also check the candidate’s photo identification to verify the candidate’s identity. No record of the identification is saved. The candidate’s photograph will be stored for one year in PearsonVUE’s system for testing by proxy prevention. Test takers can request the deletion of the photo prior to the one-year mark by contacting the IAPP at firstname.lastname@example.org. None of the information collected at check-in is shared with the IAPP or any other entity.
Yes, exam sessions and communications between the proctor and test takers are recorded and kept within PearsonVUE’s system for 30 days after the exam. The recording is retained in case an appeal or issue is filed and needs further investigation. The recordings are not shared with the IAPP or any other entity. If the IAPP needs to review the recordings in light of a filed issue, IAPP will be given secure access to the file within PearsonVUE’s system.
Accredible is the IAPP’s digital certificate provider. Creation and delivery of the certificate requires the certification holder’s first and last name, the certification earned, the certification’s term dates, the certification ID, and the test taker’s email address.