Privacy Policy

Certiprof registered trademark color

This Privacy Policy governs the manner in which CertiProf®, LLC collects, uses, maintains and discloses information collected from users (each, a “User”) of the http://br.certiprof.org website (“Site”). This privacy policy applies to the Site and all products and services offered by CertiProf®, LLC. Certiprof® respects your privacy and is committed to protecting and handling your personal data with the greatest care.

The Laws and Regulations

In the US, there is no single, comprehensive federal (national) law regulating the collection and use of personal data. However, each Congressional term brings proposals to standardise laws at a federal level. Instead, the US has a patchwork system of federal and state laws and regulations that can sometimes overlap, dovetail and contradict one another. In addition, there are many guidelines, developed by governmental agencies and industry groups that do not have the force of law, but are part of self-regulatory guidelines and frameworks that are considered “best practices”. These self-regulatory frameworks have accountability and enforcement components that are increasingly being used as a tool for enforcement by regulators.

There are already a panoply of federal privacy-related laws that regulate the collection and use of personal data. Some apply to particular categories of information, such as financial or health information, or electronic communications. Others apply to activities that use personal information, such as telemarketing and commercial e-mail. In addition, there are broad consumer protection laws that are not privacy laws per se, but have been used to prohibit unfair or deceptive practices involving the disclosure of, and security procedures for protecting, personal information.

Some of the most prominent federal privacy laws include, without limitation, the following:

  • The Federal Trade Commission Act (15 U.S.C. §§41-58) (FTC Act) is a federal consumer protection law that prohibits unfair or deceptive practices and has been applied to offline and online privacy and data security policies. The FTC has brought many enforcement actions against companies failing to comply with posted privacy policies and for the unauthorised disclosure of personal data. The FTC is also the primary enforcer of the Children’s Online Privacy Protection Act (COPPA) (15 U.S.C. §§6501-6506), which applies to the online collection of information from children, and the Self-Regulatory Principles for Behavioural Advertising.
  • General Data Protection Regulation (GDPR) is a regulation in EU law (2016/679) on data protection and privacy for all individuals within the European Union. It also addresses the exportation of personal data outside the EU.

Personal identification information

We may collect personal identification information from Users in a variety of ways, including, but not limited to, when Users visit our site, register on the site, place an order, fill out a form, respond to a survey, and in connection with other activities, services, features or resources we make available on our Site. Users may be asked for, as appropriate, name, email address, mailing address, phone number, social security number. Users may, however, visit our Site anonymously. We will collect personal identification information from Users only if they voluntarily submit such information to us. Users can always refuse to supply personally identification information, except that it may prevent them from engaging in certain Site related activities.
In order to make use of our services or to be accredited by us, you must be registered with us. We will ask you to provide personal data, including your name, job title, home address, e-mail address and other contact information. The information we ask you to provide depends on the service. The provision of specific data can be required to use our products and services. This will be shown when the information is requested. If your employer or Accredited Training Organization or Accredited Exam Organization creates an account on your behalf, we will also register the name of that employer or Accredited Training Organization or Accredited Exam Organization. The same applies if you subscribe to an examination through one of our partners, such as an Online Proctoring or Computer Based Test Agency.

We use your personal data for internal administration purposes, such as record keeping and to comply with our legal and fiscal obligations.

Non-personal identification information

We may collect non-personal identification information about Users whenever they interact with our Site. Non-personal identification information may include the browser name, the type of computer and technical information about Users means of connection to our Site, such as the operating system and the Internet service providers utilized and other similar information.

examination services

If you take an examination with us, we will use your data to:

  • Administer and assess examinations;
  • Issue personal examination results, certificates and digital badges
  • Save your examination results to our examination database and manage that database;
  • Meet all requirements applicable to administering and assessing examinations;
  • Establish if any fraudulent acts have been committed during the examination;
  • Take measures if fraud or other infringements of the rules and regulations for examinations were detected; measures taken either to prevent further fraud or infringement in the future, or to enforce the rules and regulations for examinations;
  • Verify the authenticity of certificates and/or digital badges and give requests or information about them;

Results of statistical analyses will not be used for marketing activities targeted especially at you, unless with your prior consent

Web browser cookies

Our Site may use “cookies” to enhance User experience. User’s web browser places cookies on their hard drive for record-keeping purposes and sometimes to track information about them. User may choose to set their web browser to refuse cookies, or to alert you when cookies are being sent. If they do so, note that some parts of the Site may not function properly. You can change the settings of your browser in such a way that you no longer receive cookies

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

NAME PROVIDER PURPOSE EXPIRY TYPE
__cfduid bufferapp.com Used by the content network, Cloudflare, to identify trusted web traffic. 1 year HTTP
PHPSESSID [x2] certiprof.com Preserves user session state across page requests. Session HTTP
CookieConsent certiprof.com Stores the user’s cookie consent state for the current domain 1 year HTTP
ASPSESSIONID# mythemelogin.certiprof.nl Preserves users states across page requests.

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

Find out more about how to manage cookies by visiting www.aboutcookies.org or www.allaboutcookies.org.

How we use collected information

CertiProf®, LLC may collect and use Users personal information for the following purposes:

  • To run and operate our Site
    We may need your information display content on the Site correctly.
  • To improve customer service
    Information you provide helps us respond to your customer service requests and support needs more efficiently.
  • To personalize user experience
    We may use information in the aggregate to understand how our Users as a group use the services and resources provided on our Site.
  • To improve our Site
    We may use feedback you provide to improve our products and services.
  • To process payments
    We may use the information Users provide about themselves when placing an order only to provide service to that order. We do not share this information with outside parties except to the extent necessary to provide the service.
  • To run a promotion, contest, survey or other Site feature
    To send Users information they agreed to receive about topics we think will be of interest to them.
  • To send periodic emails
    We may use the email address to send User information and updates pertaining to their order. It may also be used to respond to their inquiries, questions, and/or other requests.

 

How we protect your information

We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored on our Site. Certiprof has an Information Security Management System based on ISO / IE 27001. Certiprof retains your personal data as long as necessary in view of the purposes set out above, or as long as prescribed by law. Based on these purposes, EXIN has determined three separate retention periods for different sorts of personal data consisting of 6 months, 7 years and 30 years. +

Sharing your personal information

We may share or sell information with third parties for marketing or other purposes. We have an authorization policy for our systems, so that persons and organizations only have access to your data in so far as this is necessary for the performance of their tasks and within the framework of the purposes mentioned. All these individuals and organizations have agreed to treat your data confidentially and with the greatest care.

Electronic newsletters

If User decides to opt-in to our mailing list, they will receive emails that may include company news, updates, related product or service information, etc. If at any time the User would like to unsubscribe from receiving future emails, we include detailed unsubscribe instructions at the bottom of each email or User may contact us via our Site.

Third party websites

Users may find advertising or other content on our Site that link to the sites and services of our partners, suppliers, advertisers, sponsors, licensors and other third parties. We do not control the content or links that appear on these sites and are not responsible for the practices employed by websites linked to or from our Site. In addition, these sites or services, including their content and links, may be constantly changing. These sites and services may have their own privacy policies and customer service policies. Browsing and interaction on any other website, including websites which have a link to our Site, is subject to that website’s own terms and policies. We use a third party service, Google Analytics, to collect standard website performance information.  This information is processed in a way that it does not identify individuals. Web usage information is collected by our web server and from other sources including search engines, internet service providers, page tagging techniques including JavaScript, and cookies. We use IP addresses to analyze trends, track users’ movement, and gather broad demographic information for aggregate use. IP addresses are not linked to personally identifiable information.

Compliance with children’s online privacy protection act

Protecting the privacy of the very young is especially important. For that reason, we never collect or maintain information at our Site from those we actually know are under 13, and no part of our website is structured to attract anyone under 13.

Changes to this privacy policy

CertiProf®, LLC has the discretion to update this privacy policy at any time. When we do, we will post a notification on the main page of our Site, revise the updated date at the bottom of this page and send you an email. We encourage Users to frequently check this page for any changes to stay informed about how we are helping to protect the personal information we collect. You acknowledge and agree that it is your responsibility to review this privacy policy periodically and become aware of modifications.

Your acceptance of these terms

By using this Site, you signify your acceptance of this policy. If you do not agree to this policy, please do not use our Site. Your continued use of the Site following the posting of changes to this policy will be deemed your acceptance of those changes.

 

Your rights

You may contact our Privacy Office (please see below) to exercise any of the rights you are granted under applicable data protection laws, which includes (1) the right to access your data, (2) to rectify them, (3) to erase them, (4) to restrict the processing of your data, (5) the right to data portability and (6) the right to object to processing. +

  1. Right to access

You may ask us whether or not we process any of your personal data and, if so, receive access to that data in the form of a copy. When complying with an access request, we will also provide you with additional information, such as the purposes of the processing, the categories of personal data concerned as well as any other information necessary for you to exercise the essence of this right.

  1. Right to data portability

Your right to data portability entails that you may request us to provide you with your personal data in a structured, commonly used and machine-readable format and to have such data transmitted directly to another controller, where technically feasible. Upon request and where this is technically feasible we will transmit your personal data directly to the other controller.

  1. Right to erasure

You also have the right to have your personal data erased, which means the deletion of your data by us and, where possible, any other controller to whom your data has previously been made public by us.  Erasure of your personal data only finds place in certain cases, prescribed by law and listed under article 17 of the General Data Protection Regulation (GDPR). This includes situations where your personal data are no longer necessary in relation to the initial purposes for which they were processed as well as situations where they were processed unlawfully. Due to the way we maintain certain services, it may take some time before backup copies are erased.

  1. Right to restriction of processing

You have the right to obtain the restriction of the processing of your personal data, which means that we suspend the processing of your data for a certain period of time. Circumstances which may give rise to this right include situations where the accuracy of your personal data was contested but some time is needed for us to verify their (in)accuracy. This right does not prevent us from continue storing your personal data. We will inform you before the restriction is lifted.

  1. Right to rectification

You have the right to have your data rectified in case of inaccuracy or incompleteness. Upon request, we will correct inaccurate personal data about you and, taking into account the purposes of the processing, complete incomplete personal data, which may include the provision of a supplementary statement.

Contacting us

If you have any questions about this Privacy Policy, the practices of this site, or your dealings with this site, please contact us.

This document was last updated on March 11, 2016