Privacy Shield

This document defines Mocha Technologies’ (iMocha) policies and processes for implementing the US Privacy Shield Program.

iMocha (Incorporated under Mocha Technologies Inc) is engaged in the business of providing services to various corporates, which helps them evaluate their existing employees or evaluate and recruit any prospective employees. iMocha (Mocha Technologies Inc) complies with the EU-US. Privacy Shield Framework set forth by the United States Department of Commerce with respect to the collection, use and retention of the Personal Data transferred from the European Union to the United States as further described in the Scope section below. This Privacy Shield Policy outlines our commitment to the Privacy Shield Principles (“the principles”) and our practices for implementing the Principles. If there is any conflict between the terms in this Privacy Shield Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.


iMocha complies with the Principles with respect to Personal Data the company receives from its Customers or their Users in the European Union in connection with the use of iMocha as a pre- employment skills testing service. In this Privacy Shield Policy, the Subscription Service, Software, and Support are collectively referred to as the “Service.”


For the purposes of this Privacy Policy:

“Controller” means a person or organization which, alone or jointly with others, determines the purposes and means of the processing of Personal Data.

“Customer” means any entity that purchases the Service.

“Customer Data” means the electronic data uploaded into the Subscription Service by or for a Customer or its Users.

“Candidate Data” means the electronic data uploaded into the software by candidates/employees for the purpose of appearing for the skill test.

“Personal Data” means any information, including Sensitive Data, that is (i) about an identified or identifiable individual and (ii) received by iMocha from the European Union in connection with the service.

“Processor” means any natural or legal person, public authority, agency or other body that processes Personal Data on behalf of a Controller.

“User” means an individual authorized by the Service/Customer to access and use the Subscription Service.

Types of Personal Data Collected
Candidate Data (Data Subject)

iMocha acts as a Data Processor for its customers. For the purpose of administering the skills tests, we require the candidates to provide their full name and email address

Besides the above, our customers can request the candidates/employees for additional data. Data like IP address, geographic location, and time zone are also captured by iMocha.

Customer Data

iMocha also collects several types of information from our Customers, including:

1. Information and correspondence our Customers and Users submit to us in connection with Expert Services or other requests related to our Service.

2. Information we receive from our business partners in connection with our Customers’ and Users’ use of the Service or in connection with the services provided by our business partners on their behalf, including configuration of Service.

3. Information related to Users’ use of the Mobile Applications, including geographic location data and information regarding Users’ Devices and OS identification, login credentials, language and time zone.

In addition, iMocha collects general information about its Customers, including a Customer’s company name and address (“General Information”) for billing and contracting purposes.

Purposes of Collection and Use

iMocha may use Personal Data submitted by our customers, data subjects, and users as necessary to provide the Service, including updating, enhancing, securing and maintaining the software to carry out iMocha’s contractual obligations to its Customers. iMocha also obtains General Information in connection with providing the Service and maintaining iMocha’s relationships with its Customers.

Third Party Disclosures & Onward transfers of Personal Data

We may disclose Personal Data that our Customers and Users provide to our Service and Mobile Applications:

  • To our subsidiaries and affiliates;
  • To contractors, business partners and service providers we use to support our Service;
  • In the event iMocha sells or transfers all or a portion of its business or assets (including in the event of a merger, acquisition, joint venture, reorganization, dissolution or liquidation), in which case Personal Data held by us about our Customers will be among the assets transferred to the buyer or acquirer;
  • If required to do so by law or legal process;
  • In response to lawful requests from public authorities, including to meet national security, public interest or law enforcement requirements.

iMocha may disclose Personal Data to subcontractors and third-party agents who assist iMocha in providing Services to its customers and prospective customers. Before disclosing Personal Data to a subcontractor or third-party agent, iMocha will obtain assurances from the recipient that it will: (a) use the Personal Data only to assist iMocha in providing the Services; (b) provide at least the same level of protection for Personal Data as required by the Principles; and (c) notify iMocha if the recipient is no longer able to provide the required protections. Upon notice, iMocha will act promptly to stop and remediate unauthorized processing of Personal Date by a recipient. iMocha will remain liable for onward transfers to its subcontractors and third-party agents.

  • As a Data processor processing Personal Data on behalf of its Customers, iMocha does not own or control the Personal Data it processes on behalf of its Customers or their Users and does not have a direct relationship with the Data Subjects whose Personal Data may be processed in connection with providing the Service. Since each Customer is in control of what information, including any Personal Data, it collects from its Users, how that information is used and disclosed, and how that information can be changed, data subjects should contact the applicable Customer administrator with any inquiries about how to access or correct Personal Data. To the extent a User makes an access or correction request to iMocha, we will refer the request to the appropriate iMocha Customer and will support such Customer as needed in responding to any request.
  • To access or correct any General Information Customer has provided, the Customer should contact their iMocha account representative directly or by using the contact information indicated below.

Because the Personal Information is under the control of iMocha’s customers, appropriate notice and choice to the individual (data subject) are provided by iMocha’s customers. As the data processor, iMocha typically does not have a direct relationship with the customers’ end users.

Data Security

We use reasonable physical, electronic, and administrative safeguards to protect your Personal Information from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into account the nature of the Personal Information and the risks involved in processing that information.

Data Integrity and Purpose Limitation

We limit the collection and use of Personal Information to the information that is relevant for the purposes of processing and will not process Personal Information in a way that is incompatible with the purposes for which the information has been collected or subsequently authorized by you. We take reasonable steps to ensure the personal information is reliable for its intended use, accurate, complete, and current to the extent necessary for the purposes for which we use the Personal Information.

Dispute Resolution

In compliance with the Privacy Shield Principles, iMocha commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact iMocha at: [email protected]

iMocha has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) with regard to unresolved Privacy Shield complaints concerning human resources data transferred from the EU in the context of the employment relationship.

If you have any questions or concerns, please write to us at the address listed below. We will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal Information in accordance with the EU-U.S. Privacy Shield Principles.

In the event we are unable to resolve your complaints or disputes, you may contact JAMS an alternative dispute resolution provider located in the United States, for more information or to file a complaint. JAMS will investigate and assist you free of charge in resolving your complaint.

As further explained in the EU-U.S. Privacy Shield Principles, a binding arbitration option will also be made available to you in order to address residual complaints not resolved by any other means. iMocha (Mocha Technologies Inc.) is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.

How to Contact iMocha

To ask questions or comment about this Privacy Shield Policy and our privacy practices or if you need to update, change or remove your information, contact us at: [email protected] or by regular mail addressed to:

Mocha Technologies Inc,
19703, USA