TestDino

TestDino Privacy Policy

Last updated: May 2026

This privacy policy explains how TestDino (Alphabin Technology Consulting) collects, uses and discloses information when you use services via www.testdino.com and app.testdino.com (the "Site").

Security Certifications

TestDino is SOC 2 Type 2 certified, ISO 27001 certified, and GDPR compliant. Our SOC 2 Type 2 audit covers the Security, Availability, and Confidentiality Trust Services Criteria. For details on controls, encryption, infrastructure, and how to request reports under NDA see our Security page.

Personal Information We Collect

This section covers personal information that relates to permitted users of TestDino, such as account holders, dashboard administrators, and team members. Sign-up requires an email address. Paying customers provide billing information as necessary. TestDino collects only the information needed for the interaction. You may decline to provide personal information, though this may prevent certain website activities.

For permitted users, TestDino collects:

  • Email (used for login)
  • Billing details for paying customers
  • Anonymized IP address
  • Device type, operating system, and browser type
  • Approximate geographic location
  • Preferred language
  • Referring URL and domain
  • Pages visited, with date and time
  • Random user ID

Customer Content (Test Data)

Customer Content is the test data that customers upload to TestDino. It is distinct from the personal information above. TestDino processes Customer Content on behalf of the customer as a data processor under our Data Processing Agreement. The customer remains the controller of that data.

When customers upload Playwright test results through the tdpw CLI, the @testdino/playwright reporter, or supported CI/CD integrations, Customer Content can include:

  • Test names, file paths, and project or spec metadata
  • Pass, fail, flaky, and skipped statuses with retry counts
  • Error messages, stack traces, and assertion diffs
  • Screenshots, videos, and Playwright trace files attached to a test
  • Console logs, network logs, and other Playwright artifacts
  • CI metadata such as branch, commit SHA, run number, environment, and tags
  • Timestamps, durations, and worker or shard identifiers

Customer Content may incidentally contain personal information if a developer captures it in a log, screenshot, or trace. The customer is responsible for what is uploaded. TestDino does not load any tracking script or SDK on customer-owned websites or end-user browsers.

Website Visitors

TestDino collects non-personally-identifying information such as browser type, language preference, referring site, and request date and time to understand visitor usage patterns. We may publish aggregate usage trend reports.

For logged-in users, TestDino collects IP addresses and discloses them under the same circumstances as personal information.

Aggregate visitor statistics, impressions, and clicks may be monitored to improve the service. Aggregate data does not identify individual visitors.

Cookies

A cookie is information a website stores on a visitor's computer that the browser provides upon return. The TestDino marketing site (www.testdino.com) uses cookies for analytics and to remember preferences. The application (app.testdino.com) uses strictly necessary cookies for authentication and session management. Most browsers accept cookies by default. You can set your browser to remove or reject cookies, though certain features may not function without them.

AI Data Processing

TestDino offers AI-powered features that process Customer Content to generate insights such as failure summaries and flake detection. We treat AI processing with the same care as any other handling of Customer Content.

  • LLM provider. AI features use Microsoft Azure OpenAI Service and Azure AI Foundry, hosted within our Azure tenant. Customer Content is sent to these services only at the time of inference for the specific feature you are using. They are listed on our Subprocessors page.
  • No use for provider training. Microsoft does not use Customer Content sent through Azure OpenAI to train its foundation models, in line with the Azure OpenAI Service terms.
  • No TestDino model training by default. We do not train TestDino-owned models on Customer Content by default. If a customer opts in to contribute test data to model training, the scope is documented in writing and the opt-in can be revoked at any time.
  • Enterprise opt-out. Enterprise customers can disable AI-powered features for their workspace.
  • DPA coverage. AI processing of Customer Content is covered by our Data Processing Agreement.

Legal Bases for Processing

For visitors and users in the European Economic Area, the United Kingdom, or Switzerland, we process personal information on the following legal bases under the GDPR:

  • Contractual necessity: to create and operate your account, deliver the service, and provide support.
  • Legitimate interests: to secure our service against abuse, prevent fraud, improve product reliability, and operate our business, where those interests are not overridden by your rights.
  • Legal obligation: to comply with tax, audit, and other applicable legal requirements.
  • Consent: for optional activities such as marketing communications and non-essential cookies, where we ask for it. You can withdraw consent at any time.

For Customer Content, the customer is the data controller and TestDino acts as a processor on the customer's instructions under our Data Processing Agreement.

Protection of Information

TestDino discloses personal information and Customer Content only to employees, contractors, and subprocessors that (i) need it to process the data on TestDino's behalf or to provide the services, and (ii) have agreed in writing not to disclose it to others. Where data is transferred outside your home country, we rely on the legal mechanisms described under International Data Transfers below.

TestDino does not rent or sell personal information. We disclose it only in response to subpoenas, court orders, or governmental requests, or where we believe in good faith that disclosure is reasonably necessary to protect the property or rights of TestDino, third parties, or the public.

We take reasonable technical and organizational measures to protect personal information and Customer Content against unauthorized access, use, alteration, or destruction.

Subprocessors

Our current third-party subprocessor list is published at testdino.com/subprocessors. Each subprocessor is contractually limited to the purpose described and is bound by confidentiality obligations.

Please review each subprocessor's own terms of use and privacy policies to understand their practices. To subscribe to notifications of subprocessor changes, email [email protected].

International Data Transfers

Personal information and Customer Content may be transferred to, stored in, or processed in countries other than your own, including the United States and the European Union, depending on the Azure region used.

For transfers of personal data out of the European Economic Area, the United Kingdom, or Switzerland, we rely on the European Commission's Standard Contractual Clauses (and the UK International Data Transfer Addendum where applicable). The relevant clauses are incorporated into our Data Processing Agreement.

Data Retention

Customer Content is retained for the duration of an active subscription according to the plan's retention window. Older artifacts are deleted on a rolling basis once they fall outside the window.

  • Free plan: 14 days
  • Pro plan: 90 days
  • Team plan: 365 days
  • Enterprise plan: configurable, set per contract

Account and billing records are retained for as long as the account is active and for a limited period after account closure to meet legal, tax, and audit obligations. After that period, account-level personal information is deleted or anonymized.

Account Inactivity and Data Deletion

If an account remains inactive for 60 days after plan cancellation, TestDino may delete the account and all associated personal data. Users receive notification before deletion and can prevent it by logging in or contacting support.

You can request account deactivation or deletion at any time by contacting support. After deletion, some information may be retained to prevent fraud, troubleshoot problems, assist investigations, enforce our Terms of Service, or comply with legal requirements. The retention period for these records is described under Data Retention.

Global Privacy Rights

Depending on where you live, you may have specific rights regarding your personal information. This includes the European Economic Area and the United Kingdom under the GDPR, and certain US states such as California under the CCPA and CPRA.

Subject to applicable law, you may have the right to:

  • Request access to a copy of the personal information we hold about you
  • Request correction of inaccurate or incomplete information
  • Request deletion of your personal information
  • Request that we restrict or object to certain processing
  • Request a portable copy of your information
  • Withdraw consent where we rely on consent as a legal basis

We do not sell or share your personal information for cross-context behavioral advertising as those terms are defined under California law. We will not discriminate against you for exercising any of these rights.

To exercise a right, contact [email protected]. We will respond within the timeframe required by applicable law and may need to verify your identity before acting on the request.

Promotional Communications

You may opt out of promotional emails or texts by following the instructions in those messages or by contacting us. If you opt out, TestDino may still send non-promotional communications about your account or ongoing business relations.

Data Processing Agreement

TestDino is GDPR compliant. Customers processing personal data through TestDino should request and sign our Data Processing Agreement. Send an email to [email protected] requesting the agreement, complete it, and return a signed copy. We will return a counter-signed copy within 10 business days.

For supplemental information on our GDPR program, see our GDPR page.

Business Transfers

If TestDino or substantially all its assets are acquired, or if the company goes out of business or enters bankruptcy, user information would be transferred as an asset. You acknowledge such transfers may occur and that acquirers may continue using personal information per this policy.

Privacy Policy Changes

TestDino may update this Privacy Policy from time to time. Material changes will be communicated through the service or by email where appropriate. Continued use of the service after the effective date of an updated policy constitutes acceptance.

Dispute Resolution

Alphabin Technology Consulting is established in India. Disputes arising out of or relating to this Privacy Policy are subject to the laws of India, without regard to its conflict-of-law principles. For users in the European Economic Area, you also have the right to lodge a complaint with your local Data Protection Authority.

Terms of Service

For more information on terms of use, see the full Terms of Service.

Contact Us

For privacy policy questions, contact [email protected].