This Privacy Notice, effective as of the date of May 1, 2018 for an indefinite period, informs you of our policies regarding the collection, use and disclosure of any personal information received from users of Disaster Recovery Institute International Inc. (hereafter 'DRI").
DRI respects the privacy of the users of its education programs, certification programs, websites, social media pages, blogs, mobile applications, and other electronic correspondence (hereafter "Programs"). DRI has policies to respect the privacy of the users of its websites, social media pages, blogs, mobile applications, and other electronic correspondence (hereafter "Website"). DRI strongly believes that if electronic commerce and online activities are to flourish, consumers must be assured that information provided online is used responsibly and appropriately.
We process your personal information only for providing and improving the Programs or as specifically stated on the application or Program that you are using. By using the Programs, you agree to the collection and use of information in accordance with this policy. To protect online privacy, DRI has implemented the following policy.
1. Information collection and use
Most data DRI collects are used only to help us better serve our Certified Professionals and customers. It is our general policy to collect and store only personal information that our customers and visitors knowingly provide. If our privacy policies change, we will notify all users by e-mail or a special announcement placed on the Website.
- From general users:
DRI does not collect any personal information from users browsing its Website. Only aggregate data -- such as the number of hits per page -- are collected. Aggregate data are only used for internal and marketing purposes and do not provide any personally identifying information.
- From DRI Certified Professionals, course registrants, certification applicants and other customers:
To gain access to restricted access resources and personalization features on the Website, users are asked to register and provide some limited information. This information is submitted voluntarily. DRI asks users to provide their name, business phone, e-mail, and other relevant information. Similar information may be submitted to DRI through certification applications, course registration, and other orders. You are also assigned a DRI identification number when you register for a Website account. We retain 'Personal Data' including your name, address, email address, telephone number to allow us to perform administrative and financial functions associated with your DRI account. We track and maintain an 'Activity Record' of the educational courses you have taken, certifications for which you have applied, examination scores, continuing education credits and the amounts associated with payments you have made.
You may access, correct, review, edit all the Personal Data that DRI stores about you. Information pertaining to your Activity Record may only be changed by DRI personnel, who you may contact at any time as outlined in Section 11 of this notice.
2. Log Data
Like many site operators, DRI may collect information from your browser sends when you visit the Website ("Log Data"). This Log Data may include, but is not limited, to information including your computer's Internet Protocol address, browser type, browser version, the pages of our Website that you visit, the time and date of your visit, the time spent on those pages and other statistics.
Additionally, DRI reserves the right to use third -party services such as Google Analytics or other analytics platforms, that collect, monitor and analyze Log Data.
3. How does DRI use the data collected?
DRI uses information voluntarily submitted by users in the following ways:
- DRI services and products
Generally, DRI uses data collected to deliver and improve its own Programs; to respond to users' interests, needs and preferences; and to develop new products and services.
- Consent to use personal information
For the purposes of the Data Protection Act(s) 1984 and 1998 (as applicable), DRI and/or its designated agents must store, host and otherwise process the information (including personal data) supplied by the user when registering for its Programs. User supplies personal information as defined above when registering for the Programs in order to allow DRI and/or its designated agents to use the information to send the user unsolicited direct mail advertisements, promotions, and solicitations for third parties' products and services.
- Disclosures to third parties
DRI also makes Certified Professional contact information available through an on-line listing. Certified Professionals may opt out of this listing. On occasion, DRI may also provide limited data to third parties that offer education offerings or other items of interest that are deemed to be in alignment with the mission of DRI. User may opt-out of receiving these correspondences through an electronic opt-out option located at the bottom of the e-mails or by contacting DRI headquarters. DRI headquarters may be contacted according to the means presented in Section 10 of this Privacy Notice.
- Credit card account information
DRI does not retain or disclose credit card account information provided by its customers. When customers choose to pay using their credit cards, DRI submits the information needed to obtain payment to the appropriate clearinghouse. Wherever we collect sensitive information, including, but not limited, to credit card information, that information is encrypted and transmitted to us in a secure way. DRI uses encryption to protect sensitive information transmitted online. DRI is PCI DSS compliant through Trustwave.
DRI may use your personal information collected through our Programs in order to contact you with newsletters, marketing materials, promotional materials, and other information. You may limit your communications or unsubscribe at any time by clicking the unsubscribe link included in the communication.
You may opt out of any future contacts from DRI at any time. You can do the following at any time by contacting us via the email address in Section 9 of this Privacy Notice:
- See what personal information DRI has collected about you, if any;
- Request changes or corrections to any personal information DRI has collected about you;
- Request that DRI delete any personal information we have about you; and
- Express any concern you have about our use of your personal information.
5. Data Retention and GDPR
DRI complies with the General Data Protection Regulation (GDPR) in its processing of personal data. DRI has all the obligations and rights of a Data Controller under the GDPR, to the extent that the GDPR applies to its activities. All DRI partners, licensees, and affiliates including the DRI Foundation must also comply with the GDPR where its activities fall within the scope of the regulation.
As a data subject you have certain rights under the GDPR including, for example, the right to access the data that we hold about you. You can contact DRI directly to exercise your GDPR rights to review your information or raise a complaint.
7. Restricted access
Certain areas of its Website are restricted and require registration for entry and use. In order to access restricted areas of its Website, DRI reserves the right to require the collection of additional personal information from the user in order to grant access to the restricted area.
8. Links to external websites
Programs and the Website may contain links to third-party websites that are not owned, operated, or controlled by DRI. DRI has no control over, and assumes no responsibility for, the content, privacy policies, or practices of any third-party websites. By using the Programs, you further acknowledge and agree that DRI shall not be held responsible or liable, directly or indirectly, for any damage or loss caused, or alleged to be caused by, or in connection with use of, or reliance on, any such content, goods or services available on or through any external websites.
We respect and value the security of your personal information and we take precautions to protect it. When you submit personal information via the Programs, your information is protected both online and offline. Wherever we collect sensitive information, including, but not limited, to credit card information, that information is encrypted and transmitted to us in a secure way. DRI uses encryption to protect sensitive information transmitted online. DRI is PCI DSS compliant through Trustwave.
DRI also protects your personal information offline. Only employees who need the information to perform a specific job, including, but not limited, to billing or customer service, are granted access to personal information. The computers and servers used to store personal information are kept in a secure environment.
It is important to remember that no method of transmission over the Internet, or other methods of electronic communication and storage, is entirely secure. We use commercially acceptable means to protect your personal information at all times and to the extent possible, but it is important to remember that we cannot guarantee its absolute security.
DRI reserves the right, at our sole discretion, to modify or replace this Privacy Notice at any time. DRI may revise this Privacy Notice at any time by updating its Programs. Changes will be binding on you on the date they are posted on its Website or as otherwise stated in the any notice of such changes. Any use of its Programs will be considered acceptance by you of the then-current Privacy Notice. If at any time you find the Privacy Notice unacceptable, you may no longer use its Programs and may request the deletion of your personal information. DRI may change its Website at any time, for any reason, at its sole discretion.
11. Contact us
If you have any questions regarding this Privacy Notice or if you suspect that DRI has handled your personal information in a manner that does not comply with this Privacy Notice, contact us by e-mailing to firstname.lastname@example.org or by calling +1-866-542-3744.