Skip to main content
Test Data Usage and Protection 📜

All about ensuring data privacy during testing

Doris Sooläte avatar
Written by Doris Sooläte
Updated over 2 months ago

This article presents a requirement for our freelancers. Failure to follow the process might represent a breach of the Freelancer Services Agreement.

In today's digital landscape, where data privacy is of utmost importance, it is crucial to exercise caution when using test data that may contain personal or sensitive information.

What is considered as sensitive data?

  • Social security numbers

  • Payment method details (bank card number, bank account information, alternative payment method account details). Both personal payment methods, and payment methods provided by Testlio teams

  • Personal identification document (Driver's license, passport, other equal document)

  • Precise geolocation

  • Passwords and credentials to account(s) beyond the direct system under test (e.g., the application under test integrates with another service by using direct username/password access - such as car charging management app requiring access to car manufacturer’s app credentials)

  • Under GDPR and CCPA, sensitive information also includes any of the following:

    • Personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs;

    • Trade-union membership;

    • Genetic data, biometric data processed solely to identify a human being;

    • Health-related data;

    • Data concerning a person’s sex life or sexual orientation.

Guidelines

  • Ensure that chosen test data is relevant for the context of the application

  • Ensure the availability of appropriate test data - the data used for testing should be suitable for public exposure:

    • Ensure that your appearance during testing an application is professional and representative of Testlio.

    • Avoid using sensitive and private content during testing an application (e.g. family photos, financial invoices, etc)

    • Be mindful when exposing your screen during screen recording - ensure there isn’t anything personal / sensitive that you do not want others to see.

      • This also applies to showing other workspaces that you might have access to on the Testlio platform.

  • Some testing scenarios might require usage of other applications that are installed on your device - such as client emails. Make sure that you don’t expose anything personal in the screen recording in such cases.

    • Be also mindful about Testlio invites that may reside in your inbox.

Guidelines for securing sensitive data

  • Do not include sensitive data to the issue title or to the issue report body

  • Make sure you blur all sensitive data featured in the screenshot or video recording in your issue report attachments

  • Be mindful of featuring sensitive data in Testlio platform, Rocket.Chat or in any direct message chats or channels

Reminders

  • Cross using test data from other applications that you might have tested, is strictly prohibited.

#TestlioBot

Did this answer your question?