Table of Contents
- About Us
- Information We Collect From You
- How We Use Your Information
- Sharing of Information
- Tracking Technologies and Online Advertising
- Retention of Personal Information
- Your Rights
- Third Party Links and Information Collection and Use by Our Users
- Data Transfer
- Notification of Changes
Certified Information Security is a registered trade name for Certified Tech Trainers (CTT) (D-U-N-S# 010573009), a corporation registered in Florida, United States. Certified Tech Trainers, Inc. d/b/a "Certified Information Security" (“we,” “us” or “CIS”) was founded by Allen Keele in October 1999 for the purpose of offering world-class management training for a variety of urgent corporate governance and compliance issues in today's competitive world. Our instruction is provided by published authors, noted speakers, and recognized industry experts.
In the course of your use of the Services, we obtain the following information about you as described below. We collect this data for the purposes described under “How We Use Your Information Your Information”.
- Information you provide prior to any registration process, such as your email when you provide it to us;
- Information that you provide during any registration or purchasing process, including in connection with an offer (such as your name, company name, email address, phone number, billing address or credit card information, geographic location and industry), when you call or email us (for support or otherwise) or when you use our products or services; and
- Payment information that you provide to us (by way of our Services or otherwise) when you purchase some of our products and services, including credit card data.
- Data relating to your online activity on our websites with respect to our Services, including the following:
- IP address
- browser type and version
- geographic location
- pages you view
- how you got to our Services and any links you click on to leave our Services
- when you update your information, communicate with us, or order new Services
- metadata about your use and your contacts’ use of our Services and your emails you send (including clicks and opens)
- your interactions with any videos or online training or online presentations we offer
- issues you encounter requiring our support or assistance
- any device or other method of communication you use to interact with the Services
- Your telephone conversations with us (which we may monitor or record).
- Information from third party social networking sites, including information that social networking sites provide to us if you use your credentials at such social networking sites to log into some of our Services (such as your name and email address to pre-populate our sign-up form).
- The information you allow us to access varies by social networking site, and depends on the level of privacy settings you have in place at the social networking site. You can control and find out more about these privacy settings at the applicable social networking site.
- Information you provide to us at seminars or to our partners;
- Information you provide to us in surveys;
- Information that is publicly available; and
- Information you consent to us receiving from third parties.
We have a legitimate interest in running a successful and efficient business and in providing you with Services and useful content, and we use the information we collect, both on its own and combined with any other information we collect about you, for the following purposes:
- To provide the requested Services to you;
- To provide you with useful content;
- To ensure the proper functioning of our Services
- To offer and improve our Services;
- To provide you with requested information or technical support
- To facilitate your movement through our websites or your use of our Services;
- To do a better job of advertising and marketing our Services (our use of your information to do this is performed with your consent where required by applicable law);
- To advertise and market third party products and services (such advertisement is only performed with your permission where your consent is required by applicable law)
- To diagnose problems with our servers or our Services;
- In connection with our security and compliance programs;
- To administer our website;
- To communicate with you;
- To target prospective customers with our products or services (such targeting is only performed with your permission where your consent is required by applicable law);
- To assist us in offering you a personalized experience or otherwise tailor our Services to you; and
We also use the information we receive in aggregated and anonymized formats to produce reports on trends and statistics, such as mobile search trends, email open rates by industry, campaign best practices or the number of users that have been exposed to, or clicked on, our websites or evaluated or purchased our products and services.
Payment information that you provide to us, including credit card data, will only be used to facilitate payment for our products and services.
We do not use recorded telephone conversations for any reason pr purpose. Your telephone call will not be recorded unless you are leaving a message with our automated voicemail system.
As further described below, we will only share certain personal information with:
- our partners;
- third party service providers and vendors;
- in connection with a sale, merger, acquisition or corporate reorganization;
- authorized users within your organization; and
- for legal reasons.
Further information about the third parties with whom we share personal information is available here.
- assist you in using our products and services,
- contact you with offers, services or products that may be of interest to you, and
- provide you with their products or services.
If you are located in a jurisdiction where such sharing requires your permission, we will only do so with your consent. Please note that if you access our services through a tool that hides your location, such as through a virtual private network, you may not receive our request for permission because we were not able to identify you as being located in a jurisdiction where your permission is required.
Further, our partners are prohibited from using your contact information for any purpose beyond those set forth above without your consent. We will not provide our partners with your credit card information. Further information about certain partners we share personal information with is available here.
Occasionally, we enter into contracts with carefully selected third parties so that they can assist us in servicing you (for example, providing you with customer service, fraud detection and deterrence or access to advertising assets and providing us with information technology and storage services) or to assist us in our own marketing and advertising activities (including providing us with analytic information and search engine optimization services). Additional information about certain third-party service providers we share personal information with is available here. Our contracts with such third parties prohibit them from using any of your personal information for any purpose beyond the purpose for which it was shared.
If you purchase a product or service from a third party through one of our brands, we will pass your personal information to such third party in order for them to fulfill your order.
We also share non-personal information with certain third parties, including the media, industry observers, marketing and advertising partners, vendors, customers, potential customers or partners. For example, we disclose mobile search trends, email open rates by industry, campaign best practices or the number of users that have been exposed to, or clicked on, our websites or evaluated or purchased our products and services.
If we are involved in a merger, acquisition, a sale of all or a substantial portion of our assets, or other similar sale transaction, your information will be transferred as part of that transaction. We will notify you by email and/or a prominent notice on our website of any such transfer and any choices you may have regarding your information.
Lastly, if legally required to do so, or if we have a good faith belief that such disclosure is reasonably necessary, we may disclose your personal information to courts of law, law enforcement authorities and other relevant third parties, such as internet service providers, to conduct an investigation, respond to a third party or law enforcement subpoena or court order, bring legal action, prevent harm to others or pursue other relief when you or a third party are or may be:
- violating our terms and conditions of use;
- causing injury or other harm to, or otherwise violating the property or other legal rights, of us, other users, or third parties; or
- violating federal, state, local, or other applicable law.
This disclosure can include transferring your information to the U.S. and other countries outside the European Economic Area. To the extent we are legally permitted to do so, it is our policy to notify you in the event that we are required to provide your personal information to third parties in connection with a subpoena.
The transmission of information via the internet, email or text message is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your information transmitted through the Services or over email; any transmission is at your own risk. Once we have received your information, we will take appropriate technical and organizational measures to safeguard your personal information against loss, theft and unauthorized use, access or modification.
When we collect financial account information, such as credit card numbers, we protect its transmission through the use of encryption such as the Transport Layer Security (TLS) protocol.
You always have the opportunity to opt out of our marketing communications with you or change your preferences by following a link in the footer of all non-transactional email messages from us or by emailing us at email@example.com. Some communications from us are considered transactional or service communications (for example, important account notifications and billing information), and your account(s) for CIS products and services are provided to you upon the condition that you receive these communications from us. You must cancel your account(s) for CIS products and services, as applicable, if you do not wish to receive any transactional or service communications. To cancel your CIS account(s), contact us at firstname.lastname@example.org . You may still receive marketing communications from us even after you cancel your account unless you also opt-out of our marketing communications, as described above.
We may contact you by telephone, with your consent where applicable, for marketing purposes. If you do not want to receive marketing calls, please contact customer support at email@example.com . You do not need to agree to receive automated marketing phone calls or texts from us to use the Services.
If an account or profile was created without your knowledge or authorization, please contact customer support at the brand on which the account or profile is located to request removal of the account or profile.
We retain your personal information to provide services to you and as otherwise necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. We will retain your personal information for no more than seven years following the later of (i) the date on which you terminate your use of the Services or (ii) May 25, 2018, unless we are otherwise required by law or regulation to retain your personal information for longer.
Where the European Union’s General Data Protection Regulation 2016/679, or GDPR, applies, in certain circumstances and subject to data processing agreements, you have rights in relation to the personal information we hold about you. We set out below an outline of those rights and how to exercise those rights. Please note that we will require you to verify your identity before responding to any requests to exercise your rights by providing details only known to the account holder. To exercise any of your rights, please visit the Privacy Center. Please note that for each of the rights below we may have valid legal reasons to refuse your request, in such instances we will let you know if that is the case.
You have the right to know whether we process personal information about you, and if we do, to access data we hold about you and certain information about how we use it and who we share it with.
You have the right to receive a subset of the personal information you provide us if we process it on the legal bases of our contract with you or with your consent in a structured, commonly used and machine-readable format and a right to request that we transfer such personal information to another party. If you wish for us to transfer the personal information to another party, please ensure you detail that party and note that we can only do so where it is technically feasible. We are not responsible for the security of the personal information or its processing once received by the third party.
You have the right to require us to correct any personal information held about you that is inaccurate and have incomplete data completed. Where you request correction, please explain in detail why you believe the personal information we hold about you to be inaccurate or incomplete so that we can assess whether a correction is required. Please note that while we assess whether the personal information we hold about you is inaccurate or incomplete, you may exercise your right to restrict our processing of the applicable data as described below.
You may request that we erase the personal information we hold about you in the following circumstances:
- where you believe it is no longer necessary for us to hold the personal information;
- we are processing it on the basis of your consent and you wish to withdraw your consent;
- we are processing your data on the basis of our legitimate interest and you object to such processing;
- you no longer wish us to use your data to send you marketing; or
- you believe we are unlawfully processing your data.
Please provide as much detail as possible on your reasons for the request to assist us in determining whether you have a valid basis for erasure.
You have a right to require us to stop processing the personal information we hold about you other than for storage purposes in the following circumstances:
- You believe the personal information is not accurate for the period it takes for us to verify whether the data is accurate;
- We wish to erase the personal information as the processing we are doing is unlawful but you want us to simply restrict the use of that data;
- We no longer need the personal information for the purposes of the processing but you require us to retain the data for the establishment, exercise or defense of legal claims; or
- You have objected to us processing personal information we hold about you on the basis of our legitimate interest and you wish us to stop processing the personal information while we determine whether there is an overriding interest in us retaining such personal information.
You have the right to object to our processing of data about you and we will consider your request. Please provide us with detail as to your reasoning so that we can assess whether there is a compelling overriding interest in us continuing to process such data or we need to process it in relation to legal claims.
You also have the right, at any time, to object to our processing of data about you in order to send you marketing, including where we build profiles for such purposes and we will stop processing the data for that purpose.
Where you have provided your consent to us processing your personal data, you can withdraw your consent at any time by visiting the Privacy Center.
Some of our Services provide links to other websites. Because we do not control the information policies or practices of these third party sites, you should review their privacy policies to learn about how they collect and use personal information.
You may also log in to some of our Services using sign-in services such as Facebook Connect or an Open ID provider. These services will authenticate your identity and provide you with the option to share certain personal information with us, such as your name and email address to pre-populate our sign up form. For example, if you take advantage of certain of our social media features, such as the Facebook Like button, and widgets, such as the “Share This” button or interactive mini-programs that run on our site, the applicable social networking sites may collect your IP address, which page you are visiting on our websites, and may set a cookie to enable it to function properly.
Our Services are not directed to persons under 18. We do not knowingly collect personal information from children under 18. If a parent or guardian becomes aware that his or her child has provided us with personal information without such parent or guardian’s consent, he or she should contact us. If we become aware that a child under 18 has provided us with personal information, we will delete such information from our files.
In order for us to provide the Services to you, your personal information will be transferred to, and stored at/processed in the United States. We will take all steps reasonably necessary to ensure that your personal data is treated securely and in accordance with this policy.
For transfers of data to third parties, such transfers will either (i) be under the Commission’s model contracts for the transfer of personal data to third countries (i.e., the standard contractual clauses), pursuant to Decision 2004/915/EC and 2010/87/EU; or (ii) rely on the EU-US Privacy Shield Framework.
You can contact the Data Protection Officer listed below to obtain a copy of the data transfer agreement or more information regarding the relevant safeguard we put in place. For more information about the EU-US Privacy Shield Framework, please visit the U.S. Department of Commerce’s Privacy Shield website.
In the event that you wish to make a complaint about how we process your personal information, please contact our Data Protection Officer at firstname.lastname@example.org and we will try to deal with your request.
Last modified May 16, 2018