PURPOSE AND NOTICES
Note: Alliance Safety Council is a private organization retained by private employers for training and verification of employees. The Privacy Act and other rules applicable to public entities do not apply to ASC.
THE SITE IS NOT INTENDED FOR CHILDREN AND ASC DOES NOT KNOWINGLY SOLICIT OR COLLECT PERSONAL INFORMATION ON THE SITE FROM CHILDREN UNDER THE AGE OF 13. IF ASC LEARNS THAT A CHILD UNDER THE AGE OF 13 HAS SUBMITTED PERSONALLY IDENTIFIABLE INFORMATION TO COMPANY THROUGH THE SITE, IT WILL TAKE REASONABLE MEASURES TO DELETE SUCH INFORMATION FROM ITS RECORDS AND TO NOT USE SUCH INFORMATION FOR ANY PURPOSE (EXCEPT WHERE NECESSARY TO PROTECT THE SAFETY OF THE CHILD OR OTHERS, AS REQUIRED BY LAW, OR AS MAY OTHERWISE BE REQUIRED BY LAW).
YOUR CONSENT AND POLICY CHANGES
This website operates as-is and as-available without any warranties of accuracy, quality, title, fitness or merchantability. These disclaimers include any liability for any damages or injuries caused by any failure of performance, error, omission, interruption, deletion, defect, delay in operation or transmission, computer virus, communication line failure, theft or destruction or unauthorized access to, alteration of, or use of record, whether for breach of contract, tortious behavior, negligence, or under any other cause of action including damage caused by ASC’s sole negligence.
Neither ASC nor any of its employees, agents, successors, assigns, affiliates, or content or service providers shall be liable to users or other third parties for any direct, indirect, incidental, special or consequential damages arising out of use of our Web site, any inability to gain access to or use our Web site, or out of any breach of any warranty or duty.
OUR DATA PRACTICES
What are cookies?
Cookies are text files placed on your computer to collect standard internet log information and visitor behavior information. When you visit our website, we may collect information from you automatically through cookies or similar technology.
We mostly use “session cookies” that are automatically deleted after each visit. Other websites cannot read cookies from our website. Most browsers will accept cookies until you change browser settings to refuse them.
For further information, visit www.allaboutcookies.org.
What types of cookies do we use?
There are several different types of cookies; however, our website uses:
How to manage your cookies
You can set your browser not to accept cookies by changing your cookie preferences at any time. However, in a few cases, some of our website features may not function as a result.
What data do we collect and how?
1. “Account data”
When you register for an account on our Site; place an order; purchase a membership; schedule a training; participate in a training; subscribe to our newsletter; or respond to a survey, the following data may be collected: your name, email address, home address, phone number, social security number, date of birth, photos, information contained on a government-issued ID, signatures, information on associated contact persons. We may also collect employment information such as your company’s name; address; phone number; tax identification number; purchase details and history; contact information of partners; invoice receivers; credit card information; and banking details.
2. “System Generated Data”
Our service automatically creates and stores meta data based on the other types of data, e.g.:
3. “Cookie Consent Data”
When an end user submits a cookie consent for the website(s), the following data is automatically logged at Alliance Safety Council:
The key and consent state are also saved in the end user’s browser in a first-party cookie so that the website can automatically read and respect the end user’s consent on all subsequent page requests and future end user sessions for up to 12 months. The key is used for proof of consent and an option to verify that the consent state stored in the end user’s browser is unaltered compared to the original consent submitted to ASC.
If you enable consent for multiple websites by a single end user submission, the Cookie Manager will also store a separate random, unique ID with the end user’s consent. If all of the following criteria are met, this key will be stored in an encrypted form in a third-party cookie on the end user’s browser:
How we use your student data
Student Records – ASC collects information from you and stores it on a computer. This is your student record.
Regular Training Operations – ASC will disclose your student information to our instructors, billing clerks, administrative staff, and other employees involved in your training and employment.
Electronic Messaging – It is the policy of ASC to use electronic messaging like voice mail, text and email to phone numbers, and email addresses that the student provides to ASC regarding appointments, billing or payment issues, or other information related to training, payment, or other operations.
As Required by Law and Public Safety – It is the policy of ASC that we may use and disclose your information as required by applicable law, such as to a law enforcement official for purposes such as identifying or locating a suspect, fugitive, material witness or missing person, complying with a court order or subpoena, and/or for other law enforcement purposes. We may also disclose your student information to appropriate persons in order to prevent or lessen a serious and imminent threat to the health or safety of a particular person or the general public.
Change of Ownership – In the event that ASC is sold or merges with another organization, your student information/record will become the property of the new owner.
How we use your online information
Pseudonymous Profile – ASC may build a pseudonymous profile of your online habits, interests, and activities when you use ASC websites. We compile these profiles from information about user devices (e.g., IP address or browser type), user navigation and browsing patterns, data showing usage of interactive features (e.g., search engine queries), demographic information (e.g., gender, marital status, age, income, job), and we use these profiles for the purposes described below.
Personal Contact Information – If ASC collects personal contact information (as described below), you may later access it; however, you may not modify or remove it from our system yourself. We may collect your name, address and phone number. When you use our website, we may request your name, address, telephone number, email address, or other contact information. This information may reveal your identity or be linked to you personally. We use this information to complete and support the immediate activity requested; customize and personalize content to your request; market products and services to you in the future (other than by telemarketing); build a profile of your habits, interests or activities to treat you as an individual; build individual profiles for ongoing research, analysis and reporting; comply with laws requiring preservation of social histories; and to comply with any requirements of law. This information may be disclosed to our staff and agents and to outside organizations with the same or different privacy practices.
Other Collected Information – You may be prompted to submit your government-issued ID number; Social Security number; employee ID or similar identifier so we can recognize you. We use this information to complete and support the immediate activity requested, administer and run the website, comply with laws requiring preservation of social histories, and to comply with any requirements of law. This information may be disclosed to our staff and agents and to other councils with whom we have reciprocal agreements. You may later access the information. However, you may not modify or remove it from the system yourself.
You will be prompted for a user ID and password. We may ask you to enter a website ID, password or other identifiers. We use this information to complete and support the immediate activity requested, administer and run the website, comply with laws requiring preservation of social histories, and to comply with any requirements of law. This information may be disclosed to our staff and our immediate agents and to other organizations adhering to our privacy practices.
Purchase Information – We may collect information actively generated by the purchase of a product or service, such as a payment method. We use this information to complete and support the immediate activity requested and to comply with any requirements of law. This information may be aggregated with similar data and may be disclosed only to our staff and to our immediate agents.
Computer Information – When you visit our website, we may automatically collect information about your computer configuration, such as your browser type, operating system, IP address or ISP domain name. This information will not reveal your identity or be linked to you personally. We use this information to complete and support the immediate activity requested; administer and run the website; build a profile of your habits, interests or activities to treat you as an individual; build individual profiles for ongoing research, analysis and reporting; and to comply with any requirements of law. This information may be aggregated with similar data in a manner that does not reveal your personal identity and may be disclosed only to our staff and to our immediate agents.
Navigational and Clickstream Data – As you browse websites owned by ASC, we may gather navigational and clickstream data that shows what pages are visited and how long various features are used. This information will not reveal your identity or be linked to you personally. We use this information to customize and personalize content to your request; improve the website for everyone; market products and services to you in the future (other than by telemarketing); build a profile of your habits, interests or activities to treat you as an individual; build individual profiles for ongoing research, analysis and reporting; and to comply with any requirements of law. This information may be aggregated with similar data in a manner that does not reveal your personal identity and may be disclosed only to our staff and to our immediate agents.
Interactive Data – You may decide to input data while using certain interactive features on our website, such as queries submitted to a search engine. We use this information to complete and support the immediate activity requested; customize and personalize content to your request; build a profile of your habits, interests or activities to treat you as an individual; build individual profiles for ongoing research, analysis and reporting; and to comply with any requirements of law. This information may be aggregated with similar data in a manner to our staff and to our immediate agents.
Demographic Data – We may request information about your demographic or social characteristics, such as gender, age and income level. We use this information to build individual profiles for ongoing research, analysis and reporting, and to comply with any requirements of law. This information may be aggregated with similar data in a manner that does not reveal your personal identity and may be disclosed to our staff and our immediate agents, and to other organizations adhering to our privacy practices.
Online Posting and Content – Certain features of our website may allow you to contribute content, such as instant messages, chat room postings, etc. We use this to comply with any requirements of law. This information may be disclosed to third parties and in public forums generally.
Exceptional Disclosure – We may disclose your information if necessary to protect our legal rights or if the information relates to actual or threatened harmful conduct. Disclosure may be required by law or if we receive legal process.
Storage And Protection of Data
ASC implements the following technical, physical, and organizational measures to maintain the safety of your personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized use, unauthorized modification, disclosure or access, and against all other unlawful forms of processing.
Protection of Collected Information
We offer secure webpages to collect certain kinds of user information, and we store certain kinds of data in encrypted form. We follow reasonable technical and management practices to help protect the confidentiality, security and integrity of data stored on our system. While no computer system is completely secure, the commercially reasonable measures implemented by our Site reduce the likelihood of security problems to a level appropriate to the type of data involved.
Time User information is Kept
We generally keep user data on our server or in our archives for approximately five (5) years. We may alter this practice according to changing requirements. For example, we may delete some data due to storage constraints. We may keep other data for longer periods if required by law. Data management requests are administered in an orderly manner to the extent feasible and within our direct control. Note: We have greater control over recently collected data than archived data. Once data is removed from the system and archived, it may not be feasible to accommodate specific requests. In those cases, our general data retention policy applies.
ASC services utilize the extensive features of the cloud environment to ensure high availability, like full redundancy, load balancing, automatic capacity scaling, continuous data backup and geo-replication, along with a traffic manager for automatic geographical failover on datacenter level disasters. All failover mechanisms are fully automated.
ASC does not store personal data permanently outside of our cloud platforms. The physical security of the cloud platform is thereby maintained by ASC’s cloud services providers, such as Amazon Web Services and VENYU. Amazon Web Services and VENYU datacenters represent that they comply with industry standards, such as ISO 27001 for physical security and availability, e.g., by using security staff around the clock, two-factor access control using biometric and card readers, barriers, fencing, security cameras and other measures.
To ensure integrity, all data transits are encrypted to align with best practices for protecting confidentiality and data integrity (i.e., all supplied credit card information is transmitted via Secure Socket Layer, or SSL, technology and then encrypted into our payment gateway provider’s database only to be accessible by those who are authorized to access such systems and who are required to keep the information confidential).
For data in transit, the services use industry-standard transport protocols between devices and datacenters and within datacenters themselves.
All personnel are subject to full confidentiality agreements and any subcontractors and sub-processors are required to sign a confidentiality agreement if full confidentiality is not part of the main agreement between the parties.
Whenever personal data is accessed by authorized personnel, the access is only possible over an encrypted connection. When accessing the data in a database, the identity of the person accessing the data must also be pre-authorized to obtain access.
Any device being used to access personal data is login protected by ASC’s identity and access management service and has ASC’s corporate antivirus solution installed. If any personal data is temporarily stored on a device, the storage unit on the device must also be strongly encrypted.
On-premise devices storing personal data temporarily is always, except when not being actively used or relocated under uninterrupted supervision, locked in a safe. Personal data is never stored on mobile media like USB sticks and DVDs.
ASC will keep you informed to the extent practicable about changes to the processes to protect data privacy and security, including practices and policies. You may at any time request information on where and how data is stored, secured and used. ASC will also provide summaries of independent audits of the Service upon reasonable request.
The default permission for Access to personal data is “blocked” using a zero privileges policy. ASC’s policy is to restrict access to personal data to individually authorized personnel. ASC administrates its restrictions through authorized administrative personnel (“authorized administrators”) that must issue authorizations upon request. The authorized administrators maintain a log of granted authorizations. Authorized personnel are granted minimum access on a need-to-have basis through Azure Active Directory, AWS Cognito and ASW IAM (Identity Access Management).
ASC uses security reports to monitor access patterns and to proactively identify and mitigate potential threats. Administrative operations, including system access, are logged to provide an audit trail if unauthorized or accidental changes are made.
System performance and availability are monitored with both internal and external monitoring services.
Personal Data breach notification
ASC will notify you if after an investigation it is determined that there is a reasonable likelihood of harm as a result of your personally identifiable information having been acquired by an unauthorized person provided that the notification is allowed by law and will not compromise a criminal investigation of a law enforcement agency. ASC will also otherwise notify you of data breach incidents in accordance with applicable law. The notification may be made in writing, electronically, or by any other method authorized by law at the sole election of ASC.
Our company would like to send you information about products and services of ours that we think you might like.
If you have agreed to receive marketing, you may always opt out at a later date.
You have the right at any time to stop ASC from contacting you for marketing purposes.
If you no longer wish to be contacted for marketing purposes, please send your request to email@example.com.
Privacy policies of other websites
Rights of Users located in the EU
Users located in the EU are entitled to the following:
The right to access – You have the right to request ASC for copies of your personal data. We may charge you a fee to fulfill this request.
The right to rectification – You have the right to request that ASC correct any information you believe is inaccurate. You also have the right to request ASC complete information you believe is incomplete.
The right to erasure – You have the right to request that ASC erase your personal data, under certain conditions.
The right to restrict processing – You have the right to request that ASC restrict the processing of your personal data, under certain conditions.
The right to object to processing – You have the right to object to ASC’s processing of your personal data, under certain conditions.
The right to data portability – You have the right to request that ASC transfer the data that we have collected to another organization, or directly to you, under certain conditions.
If you would like to exercise any of these rights, please contact us by email at firstname.lastname@example.org, by phone at (877) 345-1253, or write to us at:
10099 N. Reiger Road
Baton Rouge, LA 70809
ASC will respond within the delays allowed by applicable law.
How to contact us
Or write to us:
10099 N. Reiger Road
Baton Rouge, LA 70809
How to contact the appropriate authorities
In the United States
You may submit a complaint through the FTC’s Complaint Assistant if you believe your personal information has been collected or shared without your permission. For identity theft or data breaches, consumers are advised to visit IdentityTheft.gov to both report and recover their personal information.
In the European Union
You have the right to have recourse (i.e., you can lodge a complaint) to the European Data Protection Supervisor (email@example.com) if you consider that your rights under Regulation (EU) 2018/1725 have been infringed as a result of the processing of your personal data by ASC.
You agree that by accessing our Site that your rights and obligations, as well as the rights and obligations of ASC, shall be governed by the laws of the State of Louisiana without regard to its conflict of law provisions. You further agree to submit to the personal and exclusive jurisdiction of the courts located within the state of Louisiana.
Last Updated: February 3, 2023