Alliance Safety Council Privacy Policy (“Privacy Policy”)

The Alliance Safety Council and its affiliated or subsidiary entities (“ASC,” “we,” “us,” or “our”) respect the privacy of individuals who visit our Web site, https://alliancesafetycouncil.org/ (the “Site”), and are committed to protecting your online personal information in accordance with the terms of this Privacy Policy. By visiting our Web site, you accept and agree to the terms described in this Privacy Policy.

PURPOSE AND NOTICES

The purpose of this Privacy Policy is to inform you about the types of personal information we gather about you, including personal information gathered when you visit the Site, and personal information we may receive from third parties or affiliates in addition to that online information, how we may use that information, whether we disclose that information to anyone, and the choices you have regarding our use of, and your ability to correct, the information. This Policy does not cover information that is exempted from privacy policy notification requirements, including information about employees, contractors, job applicants, and information processed exclusively in the context of a business person acting in a business capacity.

Note: Alliance Safety Council is a private organization retained by private employers for training and verification of employees. The Privacy Act and other rules applicable to public entities do not apply to ASC.

THE SITE IS NOT INTENDED FOR CHILDREN AND ASC DOES NOT KNOWINGLY SOLICIT OR COLLECT PERSONAL INFORMATION ON THE SITE FROM CHILDREN UNDER THE AGE OF 13. IF ASC LEARNS THAT A CHILD UNDER THE AGE OF 13 HAS SUBMITTED PERSONALLY IDENTIFIABLE INFORMATION TO COMPANY THROUGH THE SITE, IT WILL TAKE REASONABLE MEASURES TO DELETE SUCH INFORMATION FROM ITS RECORDS AND TO NOT USE SUCH INFORMATION FOR ANY PURPOSE (EXCEPT WHERE NECESSARY TO PROTECT THE SAFETY OF THE CHILD OR OTHERS, AS REQUIRED BY LAW, OR AS MAY OTHERWISE BE REQUIRED BY LAW).

YOUR CONSENT AND POLICY CHANGES

PLEASE READ THIS ENTIRE PRIVACY POLICY CAREFULLY. BY USING THE SITE, YOU EXPRESSLY CONSENT, WITHOUT QUALIFICATION, TO THE COLLECTION, USE, AND DISCLOSURE OF INFORMATION, INCLUDING PERSONAL INFORMATION, AS DESCRIBED IN THIS PRIVACY POLICY. IF YOU DO NOT AGREE TO THE TERMS OF THIS PRIVACY POLICY, YOU ARE NOT AUTHORIZED TO USE THE SITE.

This is our entire and exclusive Privacy Policy, and it supersedes any previous version. ASC may amend this Privacy Policy from time to time. ASC may inform you about relevant changes concerning the service, such as the implementation of additional functions, through the Privacy Policy We will post those changes on the Site or update the Privacy Policy date below. In certain cases, you may be notified via email or by a notice on our website.

DISCLAIMER

This website operates as-is and as-available without any warranties of accuracy, quality, title, fitness or merchantability. These disclaimers include any liability for any damages or injuries caused by any failure of performance, error, omission, interruption, deletion, defect, delay in operation or transmission, computer virus, communication line failure, theft or destruction or unauthorized access to, alteration of, or use of record, whether for breach of contract, tortious behavior, negligence, or under any other cause of action including damage caused by ASC’s sole negligence.

Neither ASC nor any of its employees, agents, successors, assigns, affiliates, or content or service providers shall be liable to users or other third parties for any direct, indirect, incidental, special or consequential damages arising out of use of our Web site, any inability to gain access to or use our Web site, or out of any breach of any warranty or duty.

OUR DATA PRACTICES

What are cookies?

Cookies are text files placed on your computer to collect standard internet log information and visitor behavior information. When you visit our website, we may collect information from you automatically through cookies or similar technology.

How do we use cookies?

Like many other website operators, ASC may use cookies to customize content specific to your interests and track your use of the Site. We use cookies to improve our website and make it easier to use. Cookies permit us to recognize users and avoid repetitive requests for the same information. We also use cookies to help build a pseudonymous profile of your online habits, interests and activities as you navigate our website(s), which we use to individualize your visits. We also use cookies to help build a profile of your online habits, interests and activities as you navigate our website(s), which we use for general research, analysis and reporting.

We mostly use “session cookies” that are automatically deleted after each visit. Other websites cannot read cookies from our website. Most browsers will accept cookies until you change browser settings to refuse them.

For further information, visit www.allaboutcookies.org.

What types of cookies do we use?

There are several different types of cookies; however, our website uses:

  • Necessary – Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies. You cannot opt out of these cookies.
  • Preference – Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.
  • Statistic – Statistic cookies help website owners understand how visitors interact with websites by collecting and reporting information anonymously
  • Marketing – Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and, thereby, more valuable for publishers and third-party advertisers.

How to manage your cookies

You can set your browser not to accept cookies by changing your cookie preferences at any time. However, in a few cases, some of our website features may not function as a result.

What data do we collect and how?

1. “Account data”

When you register for an account on our Site; place an order; purchase a membership; schedule a training; participate in a training; subscribe to our newsletter; or respond to a survey, the following data may be collected: your name, email address, home address, phone number, social security number, date of birth, photos, information contained on a government-issued ID, signatures, information on associated contact persons. We may also collect employment information such as your company’s name; address; phone number; tax identification number; purchase details and history; contact information of partners; invoice receivers; credit card information; and banking details.

2. “System Generated Data”

Our service automatically creates and stores meta data based on the other types of data, e.g.:

  • Membership data such as start date, login data time, usage, invoice data, the result of a mandatory tax identification number validation, credit report results, and billing and payment history.
  • Registration data, like course, score, login date time, usage, date/time of physical location visit, begin and end date time of training, bookmarks indicating training progress, billing and payment history, and certificates of completion.
  • Aggregation of data for analysis, marketing, and internal audit.
  • Terms-of-use agreement acceptance data.
  • Third-party service data such as request and response date time, driver’s license validation results, and background check pass-fail results.
  • Aggregated statistical data on end user consents.

3. “Cookie Consent Data”

When an end user submits a cookie consent for the website(s), the following data is automatically logged at Alliance Safety Council:

  • The end user’s IP number.
  • The date and time of the consent.
  • User agent of the end user’s browser.
  • The URL from which the consent was submitted.
  • An anonymous, random and encrypted key value.
  • The end user’s consent state, serving as proof of consent.
  • The approximate geolocation of the end user.

The key and consent state are also saved in the end user’s browser in a first-party cookie so that the website can automatically read and respect the end user’s consent on all subsequent page requests and future end user sessions for up to 12 months. The key is used for proof of consent and an option to verify that the consent state stored in the end user’s browser is unaltered compared to the original consent submitted to ASC.

If you enable consent for multiple websites by a single end user submission, the Cookie Manager will also store a separate random, unique ID with the end user’s consent. If all of the following criteria are met, this key will be stored in an encrypted form in a third-party cookie on the end user’s browser:

  • You enable the bulk consent feature in the Service configuration.
  • The end user allows third-party cookies through browser settings.
  • The end user has disabled “Do Not Track” through browser settings.
  • The end user accepts all or at least “preferences” types of cookies when consenting.

How we use your student data

Student Records – ASC collects information from you and stores it on a computer. This is your student record.

Regular Training Operations – ASC will disclose your student information to our instructors, billing clerks, administrative staff, and other employees involved in your training and employment.

Electronic Messaging – It is the policy of ASC to use electronic messaging like voice mail, text and email to phone numbers, and email addresses that the student provides to ASC regarding appointments, billing or payment issues, or other information related to training, payment, or other operations. No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.

As Required by Law and Public Safety – It is the policy of ASC that we may use and disclose your information as required by applicable law, such as to a law enforcement official for purposes such as identifying or locating a suspect, fugitive, material witness or missing person, complying with a court order or subpoena, and/or for other law enforcement purposes. We may also disclose your student information to appropriate persons in order to prevent or lessen a serious and imminent threat to the health or safety of a particular person or the general public.

Change of Ownership – In the event that ASC is sold or merges with another organization, your student information/record will become the property of the new owner.

How we use your online information

Pseudonymous Profile – ASC may build a pseudonymous profile of your online habits, interests, and activities when you use ASC websites. We compile these profiles from information about user devices (e.g., IP address or browser type), user navigation and browsing patterns, data showing usage of interactive features (e.g., search engine queries), demographic information (e.g., gender, marital status, age, income, job), and we use these profiles for the purposes described below.

Personal Contact Information – If ASC collects personal contact information (as described below), you may later access it; however, you may not modify or remove it from our system yourself. We may collect your name, address and phone number. When you use our website, we may request your name, address, telephone number, email address, or other contact information. This information may reveal your identity or be linked to you personally. We use this information to complete and support the immediate activity requested; customize and personalize content to your request; market products and services to you in the future (other than by telemarketing); build a profile of your habits, interests or activities to treat you as an individual; build individual profiles for ongoing research, analysis and reporting; comply with laws requiring preservation of social histories; and to comply with any requirements of law. This information may be disclosed to our staff and agents and to outside organizations with the same or different privacy practices.

Other Collected Information – You may be prompted to submit your government-issued ID number; Social Security number; employee ID or similar identifier so we can recognize you. We use this information to complete and support the immediate activity requested, administer and run the website, comply with laws requiring preservation of social histories, and to comply with any requirements of law. This information may be disclosed to our staff and agents and to other councils with whom we have reciprocal agreements. You may later access the information. However, you may not modify or remove it from the system yourself.

You will be prompted for a user ID and password. We may ask you to enter a website ID, password or other identifiers. We use this information to complete and support the immediate activity requested, administer and run the website, comply with laws requiring preservation of social histories, and to comply with any requirements of law. This information may be disclosed to our staff and our immediate agents and to other organizations adhering to our privacy practices.

Purchase Information – We may collect information actively generated by the purchase of a product or service, such as a payment method. We use this information to complete and support the immediate activity requested and to comply with any requirements of law. This information may be aggregated with similar data and may be disclosed only to our staff and to our immediate agents.

Computer Information – When you visit our website, we may automatically collect information about your computer configuration, such as your browser type, operating system, IP address or ISP domain name. This information will not reveal your identity or be linked to you personally. We use this information to complete and support the immediate activity requested; administer and run the website; build a profile of your habits, interests or activities to treat you as an individual; build individual profiles for ongoing research, analysis and reporting; and to comply with any requirements of law. This information may be aggregated with similar data in a manner that does not reveal your personal identity and may be disclosed only to our staff and to our immediate agents.

Navigational and Clickstream Data – As you browse websites owned by ASC, we may gather navigational and clickstream data that shows what pages are visited and how long various features are used. This information will not reveal your identity or be linked to you personally. We use this information to customize and personalize content to your request; improve the website for everyone; market products and services to you in the future (other than by telemarketing); build a profile of your habits, interests or activities to treat you as an individual; build individual profiles for ongoing research, analysis and reporting; and to comply with any requirements of law. This information may be aggregated with similar data in a manner that does not reveal your personal identity and may be disclosed only to our staff and to our immediate agents.

Interactive Data – You may decide to input data while using certain interactive features on our website, such as queries submitted to a search engine. We use this information to complete and support the immediate activity requested; customize and personalize content to your request; build a profile of your habits, interests or activities to treat you as an individual; build individual profiles for ongoing research, analysis and reporting; and to comply with any requirements of law. This information may be aggregated with similar data in a manner to our staff and to our immediate agents.

Demographic Data – We may request information about your demographic or social characteristics, such as gender, age and income level. We use this information to build individual profiles for ongoing research, analysis and reporting, and to comply with any requirements of law. This information may be aggregated with similar data in a manner that does not reveal your personal identity and may be disclosed to our staff and our immediate agents, and to other organizations adhering to our privacy practices.

Online Posting and Content – Certain features of our website may allow you to contribute content, such as instant messages, chat room postings, etc. We use this to comply with any requirements of law. This information may be disclosed to third parties and in public forums generally.

Exceptional Disclosure – We may disclose your information if necessary to protect our legal rights or if the information relates to actual or threatened harmful conduct. Disclosure may be required by law or if we receive legal process.

Web Links – Our website provides both links to email addresses and links to third-party websites. For email, the links provided work directly with your mail client and no information is provided to our website when an email is sent through an email link. As a convenience, this website may also contain links to third-party websites over which we have no control. We make no claims as to the privacy, security or fitness of these third-party websites. When you view these third-party websites, our privacy policy no longer applies. You are encouraged to examine the privacy statement for all third-party websites for their procedures for collecting, utilizing and disclosing your information.

Storage And Protection of Data
ASC implements the following technical, physical, and organizational measures to maintain the safety of your personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized use, unauthorized modification, disclosure or access, and against all other unlawful forms of processing.

Protection of Collected Information
We offer secure webpages to collect certain kinds of user information, and we store certain kinds of data in encrypted form. We follow reasonable technical and management practices to help protect the confidentiality, security and integrity of data stored on our system. While no computer system is completely secure, the commercially reasonable measures implemented by our Site reduce the likelihood of security problems to a level appropriate to the type of data involved.

Time User information is Kept
We generally keep user data on our server or in our archives for approximately five (5) years. We may alter this practice according to changing requirements. For example, we may delete some data due to storage constraints. We may keep other data for longer periods if required by law. Data management requests are administered in an orderly manner to the extent feasible and within our direct control. Note: We have greater control over recently collected data than archived data. Once data is removed from the system and archived, it may not be feasible to accommodate specific requests. In those cases, our general data retention policy applies.

Availability
ASC services utilize the extensive features of the cloud environment to ensure high availability, like full redundancy, load balancing, automatic capacity scaling, continuous data backup and geo-replication, along with a traffic manager for automatic geographical failover on datacenter level disasters. All failover mechanisms are fully automated.

ASC does not store personal data permanently outside of our cloud platforms. The physical security of the cloud platform is thereby maintained by ASC’s cloud services providers, such as Amazon Web Services and VENYU. Amazon Web Services and VENYU datacenters represent that they comply with industry standards, such as ISO 27001 for physical security and availability, e.g., by using security staff around the clock, two-factor access control using biometric and card readers, barriers, fencing, security cameras and other measures.

Integrity
To ensure integrity, all data transits are encrypted to align with best practices for protecting confidentiality and data integrity (i.e., all supplied credit card information is transmitted via Secure Socket Layer, or SSL, technology and then encrypted into our payment gateway provider’s database only to be accessible by those who are authorized to access such systems and who are required to keep the information confidential).

For data in transit, the services use industry-standard transport protocols between devices and datacenters and within datacenters themselves.

Confidentiality
All personnel are subject to full confidentiality agreements and any subcontractors and sub-processors are required to sign a confidentiality agreement if full confidentiality is not part of the main agreement between the parties.

Whenever personal data is accessed by authorized personnel, the access is only possible over an encrypted connection. When accessing the data in a database, the identity of the person accessing the data must also be pre-authorized to obtain access.

Any device being used to access personal data is login protected by ASC’s identity and access management service and has ASC’s corporate antivirus solution installed. If any personal data is temporarily stored on a device, the storage unit on the device must also be strongly encrypted.
On-premise devices storing personal data temporarily is always, except when not being actively used or relocated under uninterrupted supervision, locked in a safe. Personal data is never stored on mobile media like USB sticks and DVDs.

Transparency
ASC will keep you informed to the extent practicable about changes to the processes to protect data privacy and security, including practices and policies. You may at any time request information on where and how data is stored, secured and used. ASC will also provide summaries of independent audits of the Service upon reasonable request.

Isolation
The default permission for Access to personal data is “blocked” using a zero privileges policy. ASC’s policy is to restrict access to personal data to individually authorized personnel. ASC administrates its restrictions through authorized administrative personnel (“authorized administrators”) that must issue authorizations upon request. The authorized administrators maintain a log of granted authorizations. Authorized personnel are granted minimum access on a need-to-have basis through Azure Active Directory, AWS Cognito and ASW IAM (Identity Access Management).

Monitoring
ASC uses security reports to monitor access patterns and to proactively identify and mitigate potential threats. Administrative operations, including system access, are logged to provide an audit trail if unauthorized or accidental changes are made.
System performance and availability are monitored with both internal and external monitoring services.

Personal Data breach notification
ASC will notify you if after an investigation it is determined that there is a reasonable likelihood of harm as a result of your personally identifiable information having been acquired by an unauthorized person provided that the notification is allowed by law and will not compromise a criminal investigation of a law enforcement agency. ASC will also otherwise notify you of data breach incidents in accordance with applicable law. The notification may be made in writing, electronically, or by any other method authorized by law at the sole election of ASC.

Marketing

Our company would like to send you information about products and services of ours that we think you might like.

If you have agreed to receive marketing, you may always opt out at a later date.
You have the right at any time to stop ASC from contacting you for marketing purposes.

If you no longer wish to be contacted for marketing purposes, please send your request to info@alliancesafetycouncil.org.

Privacy policies of other websites
Our website provides both links to email addresses and links to third-party websites. For email, the links provided work directly with your mail client and no information is provided to our website when an email is sent through an email link. As a convenience, this website may also contain links to third-party websites over which we have no control. We make no claims as to the privacy, security or fitness of these third-party websites. When you view these third-party websites, our privacy policy no longer applies. You are encouraged to examine the privacy statement for all third-party websites for their procedures for collecting, utilizing and disclosing your information.

Rights of Users located in the EU
Users located in the EU are entitled to the following:
The right to access – You have the right to request ASC for copies of your personal data. We may charge you a fee to fulfill this request.
The right to rectification – You have the right to request that ASC correct any information you believe is inaccurate. You also have the right to request ASC complete information you believe is incomplete.
The right to erasure – You have the right to request that ASC erase your personal data, under certain conditions.
The right to restrict processing – You have the right to request that ASC restrict the processing of your personal data, under certain conditions.
The right to object to processing – You have the right to object to ASC’s processing of your personal data, under certain conditions.
The right to data portability – You have the right to request that ASC transfer the data that we have collected to another organization, or directly to you, under certain conditions.

If you would like to exercise any of these rights, please contact us by email at info@alliancesafetycouncil.org, by phone at (877) 345-1253, or write to us at:

Privacy Policy Administrator
10099 N. Reiger Road
Baton Rouge, LA 70809

ASC will respond within the delays allowed by applicable law.

How to contact us

If you have any questions about ASC’s privacy policy, the data we hold on you, or you would like to exercise one of your data protection rights, please do not hesitate to contact us at info@alliancesafetycouncil.org or (877) 345-1253.

Or write to us:
Privacy Policy Administrator
10099 N. Reiger Road
Baton Rouge, LA 70809

How to contact the appropriate authorities

In the United States

You may submit a complaint through the FTC’s Complaint Assistant if you believe your personal information has been collected or shared without your permission. For identity theft or data breaches, consumers are advised to visit IdentityTheft.gov to both report and recover their personal information.

In the European Union

You have the right to have recourse (i.e., you can lodge a complaint) to the European Data Protection Supervisor (edps@edps.europa.eu) if you consider that your rights under Regulation (EU) 2018/1725 have been infringed as a result of the processing of your personal data by ASC.

Additional Terms

You agree that by accessing our Site that your rights and obligations, as well as the rights and obligations of ASC, shall be governed by the laws of the State of Louisiana without regard to its conflict of law provisions. You further agree to submit to the personal and exclusive jurisdiction of the courts located within the state of Louisiana.

Should any portion of this Privacy Policy be deemed unenforceable for any reason, you specifically agree that this will not affect the validity or enforceability of the remaining portions of this Privacy Policy. The failure of ASC to exercise or enforce any right or provision of the Privacy Policy shall not constitute a waiver of such right or provision. If any provision of the Privacy Policy is found by a court of competent jurisdiction to be invalid, you nevertheless agree that the court should endeavor to give effect to the intention of the Privacy Policy as reflected in the provision, and the other provisions of the Privacy Policy remain in full force and effect.

Last Updated: February 3, 2023