Privacy Policy
Last updated: January 10, 2026
1. Introduction
Vosqa is a pre-employment testing platform operated by The Future Of Accounting, Inc. ("we," "our," or "us"), a Delaware corporation located at 8 The Green, Suite B, Dover, DE 19901.
This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform. It applies to both employers ("Organizations") who use our platform to administer assessments and individuals ("Candidates") who take those assessments.
By using Vosqa, you agree to the collection and use of information in accordance with this policy.
2. Our Role: Data Controller vs. Processor
Understanding our role helps you know who is responsible for your data:
For Organization/Employer Data
Vosqa acts as the data controller for employer account information, including administrator accounts, billing information, and platform usage data. We determine the purposes and means of processing this data.
For Candidate Data
The employer is the data controller for candidate assessment data. Vosqa acts as a data processor on behalf of employers. This means:
- Employers determine why and how candidate data is collected
- Employers are responsible for having a lawful basis to collect your data
- For rights requests (access, deletion, etc.), candidates should contact the employer who invited them
- Vosqa will assist employers in responding to valid rights requests
3. Information We Collect
3.1 Information You Provide
- Account Information: Name, email address, company name, and password when creating an employer account.
- Candidate Information: Name and email address of candidates invited to take assessments.
- Assessment Responses: Written answers, video recordings for video questions, and completion data.
- Payment Information: For paid assessments, candidate payment details are processed through our payment provider (Ramp) and not stored directly by us.
3.2 Information Collected Automatically
- Device Information: Browser type, operating system, and device identifiers.
- Usage Data: Pages visited, time spent, and features used.
- Assessment Integrity Data: Tab switching events, window focus changes, and browser activity during assessments.
- Periodic Screenshots: Canvas-based screenshots of the test interface captured approximately every 30 seconds during assessments (not screen recordings of your entire desktop).
- Identity Verification Photos: A single photo captured at the start of an assessment for identity verification.
4. Assessment Integrity Monitoring & Identity Verification
To ensure assessment integrity, we collect the following during proctored assessments:
4.1 What We Capture
| Data Type | Description | Frequency |
|---|---|---|
| Identity Photo | Single webcam photo for identity verification | Once at test start |
| Screenshots | Canvas capture of the test interface only | Every 30 seconds |
| Tab/Focus Events | When you switch tabs or the window loses focus | Each occurrence |
| Fullscreen Events | When you exit or enter fullscreen mode | Each occurrence |
4.2 What We Do NOT Do
- No Facial Recognition: We do not use facial recognition technology or create biometric templates from your photos.
- No Biometric Analysis: Photos are reviewed manually by authorized employer administrators only.
- No Screen Recording: We capture periodic screenshots of the test interface, not continuous video of your screen.
- No Desktop Monitoring: We cannot see other applications or windows on your computer.
4.3 Who Can View This Data
Proctoring data (photos, screenshots, event logs) is accessible only to:
- Authorized administrators at the employer organization who invited you
- Vosqa support staff under strict access controls (only when necessary for technical support)
5. Legal Bases for Processing (GDPR)
For users in the European Economic Area (EEA) and UK, we process personal data under the following legal bases:
| Purpose | Legal Basis |
|---|---|
| Service delivery and assessment administration | Contract performance |
| Integrity monitoring and fraud prevention | Legitimate interests |
| Identity verification | Legitimate interests |
| Payment processing records | Legal obligation |
| Error monitoring (Sentry) | Consent |
6. How We Use Your Information
We use the collected information to:
- Provide, maintain, and improve our assessment platform
- Process and score candidate assessments (manual scoring by employers, no automated hiring decisions)
- Detect and prevent cheating or fraudulent activity
- Process payments for paid assessments
- Send notifications about assessments and results
- Respond to support requests and inquiries
- Comply with legal obligations
No Automated Decision-Making: Assessment scores and hiring decisions are made by human reviewers at the employer organization, not by automated systems.
7. Information Sharing
We may share your information with:
- Employers: Assessment results, responses, proctoring data, and candidate information are shared with the organization that invited the candidate.
- Service Providers (Subprocessors): Third-party services that help us operate our platform (see Section 8).
- Legal Requirements: When required by law or to protect our rights.
We do not sell or share your personal information for targeted advertising.
8. Subprocessors
We use the following third-party service providers to operate our platform:
| Provider | Purpose | Location |
|---|---|---|
| Amazon Web Services (AWS) | Cloud hosting, file storage, database | United States |
| Amazon SES | Transactional email delivery | United States |
| Ramp | Payment processing for candidate payouts | United States |
| Sentry | Error monitoring (consent required) | United States |
Enterprise customers may request our complete subprocessor list and subscribe to updates.
9. Data Security
We implement appropriate technical and organizational measures to protect your information:
- Encryption in Transit: All data transmitted using TLS/HTTPS
- Encryption at Rest: Sensitive data encrypted using AWS KMS
- Authentication: Secure authentication with session management and automatic timeouts
- Access Controls: Role-based permissions limiting data access
- Audit Logging: Data deletion and access events are logged
While we strive to protect your information, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.
10. Data Retention
We retain information based on the following schedule. Employers may configure shorter retention periods:
| Data Type | Default Retention | Configurable Range |
|---|---|---|
| Employer Account Data | While account active + 30 days after deletion | N/A |
| Assessment Responses & Scores | 2 years | 90 days - 2 years |
| Identity Photos & Screenshots | 90 days | 30 days - 90 days |
| Proctoring Event Logs | 90 days | 30 days - 90 days |
| Payment Records | 7 years (legal requirement) | N/A |
Data is automatically deleted after the retention period expires. Deletion events are logged for audit purposes.
11. Your Rights
11.1 For All Users
Depending on your location, you may have the following rights:
- Access: Request a copy of your personal information
- Correction: Request correction of inaccurate information
- Deletion: Request deletion of your personal information
- Portability: Request your data in a portable format
- Restriction: Request restriction of processing
- Objection: Object to processing based on legitimate interests
11.2 For Candidates
Since employers are the data controllers for candidate assessment data:
- Contact the employer who invited you to exercise your rights
- The employer will work with Vosqa to fulfill valid requests
- You may also contact us directly and we will forward your request to the relevant employer
11.3 How to Exercise Your Rights
To exercise your rights, contact us at privacy@vosqa.com. We will respond within 30 days (or sooner if required by law). We may need to verify your identity before processing your request.
12. US State Privacy Disclosures
California (CPRA)
If you are a California resident, you have specific rights under the California Privacy Rights Act:
Categories of Personal Information Collected:
- Identifiers (name, email)
- Professional information (job application context)
- Internet activity (usage data, assessment interactions)
- Geolocation (inferred from IP)
- Audio/visual (identity photos, video responses)
Purposes:
- Providing assessment services
- Fraud prevention and security
- Service improvement
Disclosure:
- We do NOT sell personal information
- We do NOT share personal information for cross-context behavioral advertising
- We disclose information to employers and service providers as described above
Your California Rights: Right to know, delete, correct, opt-out of sale/sharing (not applicable), limit use of sensitive information, and non-discrimination. To exercise these rights, email privacy@vosqa.com with subject "California Privacy Request".
14. International Data Transfers
Your information may be transferred to and processed in the United States, where our servers are located. For transfers from the EEA/UK, we rely on:
- Standard Contractual Clauses (SCCs): EU-approved contractual terms with our service providers
- Data Processing Agreements: Contracts ensuring GDPR-compliant handling
To request a copy of applicable transfer safeguards, contact privacy@vosqa.com.
15. Children's Privacy
Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately and we will delete it.
16. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date. For significant changes, we may also notify you by email. Your continued use of our services after changes become effective constitutes acceptance of the revised policy.
17. Contact Us
If you have questions about this Privacy Policy or our data practices:
- Company: The Future Of Accounting, Inc.
- Address: 8 The Green, Suite B, Dover, DE 19901
- Privacy Inquiries: privacy@vosqa.com
- Security Issues: security@vosqa.com