(Updated 1/1/2022)
Your privacy is extremely important to us at the Certification Institute (CI), and we’re committed to protecting and maintaining the confidentiality and security of the information that you provide to us. This privacy policy applies to http://www.certificationinstitute.org owned and operated by CI. This privacy policy describes the information we collect about you and what may happen to that information.
YOUR INFORMATION AND HOW WE MAKE USE OF IT
Visiting the CI Site:
The CI Site collects two kinds of information: (i) information that identifies you or your company, (collectively, “Identifiable Information”); and (ii) information that does not identify any person or company (such as your Internet Protocol (IP) address, browser type, operating system type, access time and page views) (collectively, “Non-Identifiable Information”). As a general policy, only Non-Identifiable Information is automatically collected from your visit to the CI Site.
Information Collected During the Application and Certification Process:
If you choose to apply for Certification, you will be asked to provide us with certain specific information about yourself and/or your company, including: (i) contact information such as your name, phone number, fax number, mailing/e-mail address, and your company’s name, phone number, fax number, mailing/e-mail address and primary contact person (collectively, “Contact Information”); and (ii) information about your company’s policies, procedures, staff and clients as they pertain to worker’s compensation insurance risk management (collectively, “Business Information”). During the application process and initial certification process, we will only share your Contact Information and Business Information with the CI staff and service providers that are involved in verifying your company’s compliance with the certification requirements. None of these individuals will be employed by or own a financial interest in any other company in the same or similar business as your company, and all of these individuals will have executed a non-disclosure confidentiality agreement with respect to information provided to them by CI. Your Contact Information and Business Information will only be shared with the CI Certification Committee if it is determined by CI staff and service providers that, in their opinion, your company is in compliance with the requirements for certification. The CI Certification Committee also will have executed a non-disclosure confidentiality agreement similar to the agreement executed by CI staff. If the CI Certification Committee approves your company for certification, CI will make a press release and update the CI Site identifying by company name, address, phone number and e-mail address the fact that your company is now certified, but no other Contact Information or Business Information will be released to the public without your express written permission. If your company becomes certified, you may request in writing that CI provide a link from the CI Site to your company’s website if someone inquires about the certification status of your company, and CI will honor that request if you execute an agreement authorizing CI to link to your website. CI will also make available your company’s Contact Information and Business Information to your current workers’ compensation insurance carrier if you authorize their access to such information on the CI Site. It will be your responsibility to notify CI when you change insurance carriers, so that CI can cancel the prior carrier’s access to this confidential information and provide your new insurance carrier with authorized access. We will not share any of your Business Information with the CI Certification Board unless you request us to do so in writing because you disagree with a decision made regarding your certification by the Certification Committee. You have the right to request that any director serving on the Certification Board that you believe has a conflict of interest with you or your company recuse himself or herself. CI will not share your Business Information with any director that has been recused at your request.
Collection and Use of 3rd Party PII
You may also provide personal information about other people when adding a user and/or administrator, such as their name, phone number, email address and password. This information is only used for the sole purpose of completing your request or for whatever reason it may have been provided.
Hosting Provider Information:
The Internet service provider that hosts our Web site will have a site administrator (our Webmaster) with the ability to access all such information as part of website maintenance, but this company and the Webmaster have signed a non-disclosure agreement with us. We will maintain your Contact Information and Business Information in our secure and protected information databases as long as you maintain the Certification. If you or we terminate your Certification Application or your Certification Status for any reason, we will deactivate this information unless you submit a written request that we retain this information pending future Certification actions.
We do not resell, trade or rent any of your information to any third party including for their own marketing purposes.
Testimonials:
We post testimonials on our Web site which may contain personally identifiable information such as the company contact’s name, business, and location. We obtain the contact’s consent prior to posting their name and testimonial. The contact may request removal of this testimonial at any time by contacting service@cimail.org.
Non-Identifiable Information:
We may aggregate Non-Identifiable Information to create statistical data, which will be used to help analyze site traffic and improve our services. We may also use such aggregated information to describe CI’s website services to potential partners or other third parties. At no point, however, will the aggregated information identify you, your business or your clients.
Communications from Site:
CI sends automated administrative e-mails related to certification and renewals to company contacts assigned for such communications. These e-mails are related to upcoming data submittal deadlines, application and renewal processing, data receipt confirmations and general certification information.
LEGAL REQUIREMENTS
We reserve the right to disclose any Identifiable or Non-Identifiable Information if required to do so by law or if we believe that such action is necessary in order to (i) conform with the requirements of the law or to comply with legal process served on CI; (ii) to protect or defend the legal rights or property of CI, the CI Site, or its users; or (iii) in an emergency to protect the health and safety of CI’s website users or the general public.
COOKIES
Technologies such as: cookies, tags and scripts are used by Certification Institute or analytics service providers. These technologies are used in analyzing trends, administering the site, tracking users’ movements around the site and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.
We use cookies for to remember users’ settings. Users can control the use of cookies at the individual browser level. If you reject cookies, you may still use our site, but your ability to use some features or areas of our site may be limited.
LINKS
The CI Site may contain links to other sites, including websites of certified firms and service suppliers that are not maintained by CI. We cannot guarantee the security of your Identifiable Information on those sites. Please review their privacy policy before submitting any Identifiable Information to such websites.
LOG FILES
As is true of most websites, we gather certain information automatically and store it in log files. This information may include internet protocol (IP) address, browser type, internet service provider (ISP), refering/exit pages, operating system, date/time stamp, and/or clickstream data. We do not link this automatically collected data to other information we collect about you.
SECURITY PROCEDURES
We have security measures in place to protect against the loss, misuse and alteration of the information under our control, both online and offline.
The CI Site operates secure data networks protected by industry standard firewall and password protection systems. We use a GoDaddy.com Web Server Certificate for 256-bit SSL encryption of data being sent via the Internet between the browser and our servers. The servers on which we store your personally identifiable information are kept in a secure environment using industry-standard back-up and security procedures and protections.
All application, certification and user information is restricted in our offices. Only employees who need the information to process your certification or provide the Services are granted access to personally identifiable information. All employees have been verified as having a history of honesty and trustworthiness and have signed a non-disclosure agreement prohibiting the unauthorized disclosure, use or distribution of any client or user-related information. Furthermore, all employees are kept up-to-date on our security and privacy policies and practices and on the importance of maintaining and working with all client information in a secure and confidential manner.
Access to CI’s offices is restricted after normal business hours with security cards required for entry into the building and keys required for office access. The building is also equipped with security cameras and a burglar alarm system and has a security guard on the premises after normal business hours and on weekends.
Although we strive to protect our users’ personally identifiable information and privacy, please be advised that we cannot guarantee that the security precautions we take will prevent third parties from illegally obtaining your information. However, our procedures have qualified http://www.certificationinstutute.org for the GoDaddy.com SSL Certificate indicating that we provide you with authentication, confidentiality, and data integrity that meets established industry standards.
The security of your personal information is important to us. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once we receive it. No method of transmission over the internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security. If you have any questions about the security on our website, you can contact us at service@cimail.org.
TRANSFER OF ASSETS
If another entity acquires us or all or substantially all of our assets, your Contact, Business and Order Information, Non-Identifiable Information and any other information about our Clients that we have stored in our databases will be transferred to such entity as one of the transferred assets, but CI agrees that any such transfer will continue to be subject to this or an equivalent privacy policy to be legally binding on the acquiring party and its assigns. If, as a result of this transfer, users’ personally identifiable information is to be used in a manner different than that stated at the time of collection, users will have a choice consistent with our ‘Notification of Changes’ section below.
NOTIFICATION OF CHANGES
If we decide to make a material change to our privacy policy, we will post those changes to this privacy policy on the CI Site and other places we deem appropriate prior to the change becoming effective so our users are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. We will use information in accordance with the privacy policy under which the information was collected. If, however, we are going to use users’ personally identifiable information in a manner different from that stated at the time of collection we will notify users via e-mail. Users will have a choice as to whether or not we use their information in this different manner. However, if users have opted out of all communication with the site, or deleted/deactivated their account, then they will not be contacted, nor will their personally identifiable information be used in this new manner.
CHANGES TO INFORMATION AND QUESTIONS
Each participating user can access and update their personally identifiable information online. Each participating firm also has one or more designated account administrators that can add or delete users and access and update the information of the participating firm and that of all of its users. E-mail addresses entered by participating users and account administrators will be used for administrative purposes to notify users of ongoing certification requirements and do not include an opt-out feature.
Also, if you wish to (i) change or modify any of the information you have provided to us, (ii) terminate your Certification Process or Certification Status, or (iii) ask us questions about this privacy policy, please contact us by e-mail at service@cimail.org, by phone at 501-975-3099, or by mail or delivery service at One Financial Centre, 650 S. Shackleford Road, Suite 327, Little Rock, AR 72211-3503.
We will retain your information for as long as your account is active or as needed to provide you services. If you wish to cancel your account or request that we no longer use your information to provide you services contact us at service@certificationinstitute.org. We will respond to your request within 30 days. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
CONTACT US
One Financial Centre
650 S. Shackleford Road, Suite 327
Little Rock, AR 72211-3503
501-975-3099
service@cimail.org