Privacy Policy
What we collect, why, and for how long.
TestTorch records testing sessions on purpose — that's the product. This page says exactly what that means for your data, in plain words.
Version 2026-07-03 · Last updated 3 July 2026
1. Who is responsible
The controller for your personal data is TTB Software Development B.V. (Lagedijk 11A, 2064 KV Spaarndam, the Netherlands — full details on the imprint). For anything privacy-related, write to info@testtorch.com.
2. What we collect and why
| Data | Purpose | Legal basis | Kept |
|---|---|---|---|
| Account data (name, email, time zone, roles) | Running your account and the marketplace | Contract | Life of the account + 30 days |
| Tester application (your pitch, availability) | Screening testers for quality | Contract (pre-contractual measures) | Life of the account |
| Session recordings (see section 3) | Proof of work for the client; dispute evidence | Contract | 18 months after the job ends, then deleted |
| Payment & payout records | Escrow, payouts, tax obligations | Contract; legal obligation | 7 years (Dutch fiscal retention) |
| Disputes and rulings | Arbitration record for money decisions | Contract; legitimate interest | 7 years (with the money records they justify) |
| Technical logs (IP addresses, error reports) | Security and debugging | Legitimate interest | Up to 90 days |
3. Session recordings, specifically
When a tester starts a testing session, their walkthrough of the client's app is recorded: screen interactions (the page structure and what was clicked), console output, and request metadata (method, URL without query parameters, status, sizes — never request or response bodies, never headers). Everything typed into form fields is masked before it leaves the browser.
Recording is scoped to the tester's own session via a signed, time-limited token — it never captures a client's real users. The client who posted the job can watch the recording; TestTorch staff view it when a dispute needs a ruling. Recordings are deleted 18 months after the job they belong to ends; the tester's written findings remain with the account.
4. Automated decision-making
Tester applications are screened with the help of an AI model, which scores the application (pitch quality, experience signals, availability). High-confidence scores approve or reject the application automatically; anything the model is unsure about goes to a human reviewer. Because an automated rejection affects your ability to earn on the platform, you always have the right to request review by a human: reply to the decision email and a person will re-review your application themselves. This is the Article 22 GDPR safeguard, and it's also just how we'd want to be treated.
5. Who processes data for us
| Processor | What for | Where / transfer safeguard |
|---|---|---|
| Stripe | Payments, escrow, tester payouts (Stripe is independently responsible for its own account verification) | EU entity; SCCs for any US processing |
| OpenAI | Scoring tester applications (the pitch text you submit) | United States; EU-US Data Privacy Framework |
| Google (Gmail) | Sending transactional email | United States; EU-US Data Privacy Framework |
| Sentry | Error monitoring (with personal-data scrubbing enabled) | United States; EU-US Data Privacy Framework |
| Hosting | Running the application and database | EU datacenter |
| jsDelivr | CDN serving the recording library to pages being tested (not to this site) | Global CDN; serves a public JS file, receives no account data |
7. Your rights
Under the GDPR you can ask for access to your data, correction, deletion, restriction of processing, a portable copy, and you can object to processing based on legitimate interest. Email info@testtorch.com and we'll respond within 30 days. One honest caveat: payment, payout and dispute records are kept for 7 years under Dutch tax law even if you delete your account — we anonymize the account they point to instead of deleting the financial history. If you're not happy with how we handle a request, you can complain to the Dutch supervisory authority, the Autoriteit Persoonsgegevens.
8. Security
Data travels over TLS and lives in an EU datacenter. Application secrets are encrypted at rest, access to data inside the product is role-gated and deny-by-default, and recordings are reachable only by the people section 3 names. No system is perfectly secure; if a breach ever affects your data we'll notify you and the authority as the GDPR requires.