Last Updated: November 2025
This Privacy Policy explains how COREGISTROS, SLU (hereinafter, “MiTest”, “we”, “us”, or “our”) collects, uses, stores and protects your personal data when you access or use our online intelligence test platform available at https://mitest.de/test/en/intelligence-test/ and its related pages (the “Service”).
This Privacy Policy should be read together with our Terms and Conditions of Service, our Cookie Policy and any other legal notices made available on the Service.
COREGISTROS is the Data Controller responsible for your personal data and is committed to protecting your privacy. We process personal data in accordance with the General Data Protection Regulation (EU GDPR), the UK GDPR, the UK Data Protection Act 2018 and, where applicable, the Spanish Ley de Servicios de la Sociedad de la Información y del Comercio Electrónico (LSSI‑CE) and other mandatory consumer protection and e‑commerce laws.
| Detail | Information |
| Data Controller | COREGISTROS, SLU (“MiTest”) |
| Registered Address | Calle París, No. 186, SobreÁtico, 08036 – Barcelona (Spain). |
| Tax ID (N.I.F.) | ESB65146078 |
| Commercial Registry Details | Commercial Registry of Barcelona, Volume 41.466, Page 189, Sheet 385922, Entry 1. |
| Data Protection Contact / DPO | [email protected] |
| Telephone | +34 93 611 21 73 |
When you provide your personal data via this website, such data may be incorporated into the databases of the sponsoring companies associated with the various tests on this website (“Sponsors”). Those Sponsors will act as independent data controllers in respect of your data, under their own privacy policies.
If you are located in the UK and have questions or concerns regarding your personal data, you may contact our appointed GDPR representative:
UK Representative:
Euverify Ltd (UK)
3rd Floor
86-90 Paul Street
London
EC2A 4NE
United Kingdom
Email: [email protected]
To submit a Data Subject Access Request (DSAR), data deletion request, or any other GDPR-related inquiry, please use our secure portal at:
https://gdpr.euverify.com/
This link allows you to verify our appointed representative and submit GDPR requests directly. Requests submitted through this portal are logged and tracked to ensure timely response and compliance.
The Site is not intended for use by children. You must be at least 18 years of age to use our Services. If you are under 18, you must not use the Services or provide us with any personal data unless you have the consent of your parent or guardian. If we become aware that we have collected personal data from a person under the age of 18 without appropriate consent, we will take reasonable steps to delete such data.
We collect and process the following categories of personal data when you access, register for, or interact with the Service. Some data are provided directly by you (for example, when creating an account or completing the IQ test) and others are collected automatically through technical means (for example, cookies and similar technologies, as described in our Cookie Policy).
| Category of Data | Specific Data Points |
| Identity Data | First name, Last name. |
| Contact Data | Email address, Postal address, Telephone number. |
| Personal Characteristics | Date of birth, Gender. |
| Test and Response Data | Answers to IQ test questions, scores and derived indicators, completion time, interaction patterns. |
| Payment / Billing Data (optional) | Billing address, transaction identifiers, payment status and method used. Full card numbers and CVV are processed only by our payment providers (e.g. Stripe, PayPal) and are not stored by MiTest. |
| Technical Data | IP address, device information, language settings, time zone, type and model of a device, operating system, Internet service provider, mobile carrier, hardware ID, and other unique identifiers (such as IDFA and AAID). |
| Usage Data | How you interact with our Services (e.g., taps/clicks, features used, time spent, subscription orders). |
| Marketing and Preference Data (optional) | Marketing consent flags, sectors selected in the granular‑consent pop‑up, preferred communication channels, unsubscribe and opt‑out information. |
| Fraud‑Prevention Data | Technical logs, number of registration attempts, patterns indicative of automated or abusive behaviour. |
We only process your personal data when we have a valid legal basis to do so under Article 6 of the EU GDPR and UK GDPR. Below we explain the purposes for which we process your data and the corresponding legal bases.
Registration and use of the Site is necessary to allow the Website navigation, provide access to tests results and contents, and to fulfil specific requests of the User. The User’s personal data will be used by the Data Controller also for the purpose of ascertaining the identity of the User (also by validating the email address and phone number), thus avoiding possible scams or abuses, and contacting the User for service reasons only (e.g. managing the User’s account, managing the free or paid contents; premium accounts; contact the User to obtain additional data and information – such as a copy of the identity card; make any urgent communications by telephone during the collection and use of promotions).
The registration data must be truthful to send the personalized PDF with the results to the contact channels. This service may be free or paid, depending on the study.
| Purpose of Processing | Legal Basis | Details |
| Account registration and management | Contract (Art. 6(1)(b)) | To create and manage your user account, authenticate you, and allow you to access the Service and its functionalities. |
| Administration of IQ tests and generation of results | Contract (Art. 6(1)(b)) | To present IQ test questions, process your responses and generate the personalised result and PDF report you have requested. |
| Provision of paid reports, subscriptions and customer care | Contract (Art. 6(1)(b)) | To process your orders, provide access to paid features, manage subscriptions, respond to queries, and resolve incidents. |
| Identity verification and prevention of fraud or misuse | Legitimate Interest (Art. 6(1)(f)) / Contract | To validate email and/or telephone numbers, avoid duplicated or abusive registrations, and protect the Service from misuse and security threats. |
| Technical operation, maintenance and security of the Service | Legitimate Interest (Art. 6(1)(f)) | To host the Service, monitor performance, fix bugs, and ensure the security and integrity of our systems. |
Consent Separation: You can register and receive your personalised PDF result without consenting to the marketing and third-party sharing purposes by clicking the «click here» link during registration. Marketing consents are entirely optional and separate from accessing the Site.
These purposes are entirely optional and require your explicit, freely-given consent. Refusal to consent for these purposes does not affect your ability to use the core Service. If you choose to accept the processing by clicking the «Start Now» button and ticking the required checkbox, you are providing consent for the following:
| Purpose of Processing | Legal Basis | Details |
| Direct marketing by MiTest / COREGISTROS | Consent (Art. 6(1)(a)) | To send you commercial communications about MiTest or COREGISTROS products and services via the channels you authorise (email, telephone calls, SMS/MMS, WhatsApp or postal mail). |
| Sharing data with sponsors and third‑party partners | Consent (Art. 6(1)(a)) | To communicate your data to third‑party companies (our “Sponsors” or “Partners”) so that they can send you their own commercial offers through the channels you have selected. These companies act as independent Data Controllers once they receive your data. |
| Algorithmic studies and profiling for marketing optimisation | Consent (Art. 6(1)(a)) | To carry out statistical and algorithmic studies, for example using our Customer Algorithm Predict (C.A.P.) tools, in order to better understand preferences and segment audiences. Note: These profiles are used only to improve the relevance of marketing communications and will not be used for automated decision-making that produces legal effects concerning you. |
| To customize your experience and tailor offers. | Consent (Art. 6(1)(a)) | To adjust the content of the Services and make offers tailored to your personal preferences. |
| To personalize our ads on third-party platforms (e.g., Facebook, Google). | Consent (Art. 6(1)(a)) | To tailor ads and show them to you at the relevant time based on your usage data. |
Explicit Consent Checkbox Text: By clicking «Start Now» and accepting the processing, you agree to the following statement:
«I agree to share my data with the sponsors and third-party companies belonging to the following sectors, under the terms detailed in the data protection policy, in order to participate in this draw and receive commercial information about their services via phone, email, post, SMS, or WhatsApp. I also agree to receive their commercial offers by phone, including those from the energy sector.»
Granular consent: Through the pop‑up shown during registration you may choose the sectors of interest and the communication channels you authorise. You can also view the full list of sectors and partners on the following pages:
– Sectors
– Sponsors / Partners
The marketing communications for which you may give consent can be sent via the following channels:
– Email
– Telephone calls (to landline or mobile numbers)
– SMS or MMS messages
– WhatsApp or similar messaging applications
– Postal mail
Industry Sectors for Marketing and Sharing:
Your data may be used for marketing by COREGISTROS and shared with third-party companies operating in the following sectors:
Consent can be withdrawn at any time as described in Section 4 of this Policy.
We may process aggregated or pseudonymised data to analyse how the Service is used, improve our tests, and protect the Service from fraud and abuse. The legal basis is our legitimate interest (Art. 6(1)(f) GDPR/UK GDPR) in ensuring the quality, security and continuous improvement of our products and services.
| Purpose of Processing | Lawful Basis | Details |
| To research and analyze your use of the Services (e.g., to maintain, improve, innovate, plan, design, and develop the Services). | Legitimate Interest (Art. 6(1)(f)) | Necessary for our business to understand user behaviour, improve our product offerings, and ensure the quality of our Services. |
Where we rely on your consent for marketing, profiling or data sharing with sponsors and partners, you have the right to withdraw that consent at any time, without affecting the lawfulness of processing carried out before withdrawal.
You can withdraw consent or change your marketing preferences by:
– You can unsubscribe from receiving e-mail or SMS marketing communications from any individual third-party by using the instructions in any communication such third-party sends you (usually an ‘unsubscribe’ or ‘STOP’ link).
– Contacting us at [email protected] with your request. Please, add your personal information to identify you.
– You can withdraw or adjust your preferences at any time in your user account by going to My Account → My Settings → Marketing. In the pop-up window, you may select your preferred sectors, view the full list of sectors and partners, and choose the communication channels you wish to authorize.
When you withdraw consent, CoRegistros will stop sending you new marketing communications and will stop sharing your data with new partners. Partners who have already received your data based on your previous consent become independent Data Controllers; to stop their communications you will need to exercise your rights directly with them, using the contact details provided in their own privacy policies.
Certain reports or premium features of the Service require payment, either as a one‑time purchase or as part of a recurring subscription, as described in our Terms and Conditions. Payments are processed exclusively by third‑party providers such as Stripe or PayPal. MiTest does not store or have access to your full credit or debit card details; we receive only limited information such as the last digits of the card, the card type, transaction identifiers and payment status.
The IQ test, scores and related insights offered through the Service are intended for informational and entertainment purposes only. They are not a substitute for professional psychological, psychiatric, medical or educational assessment and must not be used as the sole basis for clinical, academic, legal or employment decisions.
The Service uses cookies, SDKs, pixel tags and similar technologies to operate correctly, remember your preferences, analyse traffic and, where you consent, personalise advertising. The specific types of cookies used, their purposes and how you can manage or withdraw your consent are described in detail in our Cookie Policy
We take the security of your personal information very seriously. We use a variety of security technologies and procedures to help protect your personal information from unauthorized access, use, or disclosure. For example, we store the personal information you provide on computer systems with limited access, which are located in controlled facilities within the European Union (EU).
We use Secure Socket Layer (SSL) encryption when collecting or transferring sensitive data such as credit card and personal information. SSL encryption is designed to make the information unreadable by anyone but us. This security measure is activated when you see either the symbol of an unbroken key or closed lock (depending on your browser) on the bottom of your browser window.
However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. We will not be responsible for any loss or damage you or others may suffer as a result of the loss of confidentiality of such information.
COREGISTROS is based in Spain, and the data we collect may be transferred to, and stored at, a destination outside the United Kingdom (UK) or the European Economic Area (EEA). However, some of our service providers or partners may be located outside the EEA or the United Kingdom. Where this is the case and those countries have not been granted an adequacy decision by the European Commission or the UK Government, we implement appropriate safeguards such as Standard Contractual Clauses approved by the European Commission or by the UK authorities, or other lawful transfer mechanisms under the EU GDPR and UK GDPR.
When we transfer your personal data outside the UK/EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
Under the EU GDPR, the UK GDPR and the Data Protection Act 2018 you have the following rights, subject to the conditions set out in those laws:
Requests: You may exercise these rights by contacting us at:
We may ask you to provide proof of identity if necessary to verify your request.
If you consider that we have infringed your data protection rights, you also have the right to lodge a complaint with a supervisory authority, in particular in the EU Member State or UK country where you habitually reside, work or where the alleged infringement took place.
UK Residents: You may lodge a complaint with the ICO, the UK supervisory authority for data protection issues:
EU/EEA Residents: You may lodge complaints with your national Data Protection Authority:
We retain your personal data only for as long as necessary to fulfil the purposes described in this Privacy Policy, including compliance with legal, accounting and reporting obligations. When data are no longer required they are securely deleted or anonymised.
| Type of Data | Retention Period |
| Account and core service data | For as long as your account remains active and, once closed, for the limitation periods applicable to contractual or legal claims. |
| Test and response data | For the duration necessary to provide you with access to your results and related services, and thereafter for legal limitation periods or until you request erasure, where applicable. |
| Billing and transaction data | For the periods required by tax, accounting and financial regulations (generally between 6 and 10 years, depending on jurisdiction). |
| Marketing and consent records | Until you withdraw your consent or object to processing, or until we determine that the data have become inaccurate or obsolete due to prolonged inactivity. |
| Technical logs and security data | For short periods necessary to ensure security and investigate incidents, unless a longer retention period is required for legal or investigative reasons. |
We may share your personal data with third parties in the following situations:
– Service providers acting as Data Processors who assist us in operating the Service (for example, hosting providers, payment processors, customer support tools, analytics providers). These entities process data only on our instructions and under written agreements.
– Sponsors and commercial partners acting as independent Data Controllers, but only where you have explicitly consented to such sharing in the granular‑consent pop‑up. They will use your data for their own marketing purposes in the sectors and through the channels you have authorised.
– Public authorities or courts where we are legally obliged to do so, or where this is necessary to protect our rights, users or the public.
Furthermore, data may be communicated to the following categories of processors: providers of electronic communications and online office automation, hosting services, SaaS services such as CRM/ERP, and data validators. Specifically, COREGISTROS may use the G Suite tools provided by Google LLC (United States); storage services provided by Dropbox, Inc. (United States); the electronic communications platform ActiveCampaign provided by ActiveCampaign, LLC (United States); and the email validation service provided by Amazon Web Services, Inc. (United States).
The list of sectors and sponsors or partners with whom your data may be shared (when you provide the relevant consent) is always available at:
– Sectors
– Sponsors / Partners
This Privacy Policy may contain links to external websites or documents managed by third parties. Although we try to keep these links up to date, we cannot guarantee that they will always be operational or that their content will remain unchanged. When a link is not functional or its target content has been modified, users should refer to the main page of the relevant organisation or authority to locate the most recent version of the document. MiTest is not responsible for the privacy practices or the content of external websites that are not under our control.
We keep this Privacy Policy under regular review and may update it from time to time to reflect changes in the Service, in applicable law or in our data‑processing practices. When updates are significant we may notify you by email or by displaying a prominent notice within the Service. The date of the latest version will always appear at the top of this document. We encourage you to review this Privacy Policy periodically to stay informed about how we process your personal data.