YOUR INFORMATION AND HOW WE MAKE USE OF IT
Visiting the CI Site:
The CI Site collects two kinds of information: (i) information that identifies you or your company, (collectively, “Identifiable Information”); and (ii) information that does not identify any person or company (such as your Internet Protocol (IP) address, browser type, operating system type, access time and page views) (collectively, “Non-Identifiable Information”). As a general policy, only Non-Identifiable Information is automatically collected from your visit to the CI Site.
Information Collected During the Application and Certification Process:
If you choose to apply for Certification, you will be asked to provide us with certain specific information about yourself and/or your company, including: (i) contact information such as your name, phone number, fax number, mailing/e-mail address, and your company’s name, phone number, fax number, mailing/e-mail address and primary contact person (collectively, “Contact Information”); and (ii) information about your company’s policies, procedures, staff and clients as they pertain to worker’s compensation insurance risk management (collectively, “Business Information”). During the application process and initial certification process, we will only share your Contact Information and Business Information with the CI staff and service providers that are involved in verifying your company’s compliance with the certification requirements. None of these individuals will be employed by or own a financial interest in any other company in the same or similar business as your company, and all of these individuals will have executed a non-disclosure confidentiality agreement with respect to information provided to them by CI. Your Contact Information and Business Information will only be shared with the CI Certification Committee if it is determined by CI staff and service providers that, in their opinion, your company is in compliance with the requirements for certification. The CI Certification Committee also will have executed a non-disclosure confidentiality agreement similar to the agreement executed by CI staff. If the CI Certification Committee approves your company for certification, CI will make a press release and update the CI Site identifying by company name, address, phone number and e-mail address the fact that your company is now certified, but no other Contact Information or Business Information will be released to the public without your express written permission. If your company becomes certified, you may request in writing that CI provide a link from the CI Site to your company’s website if someone inquires about the certification status of your company, and CI will honor that request if you execute an agreement authorizing CI to link to your website. CI will also make available your company’s Contact Information and Business Information to your current workers’ compensation insurance carrier if you authorize their access to such information on the CI Site. It will be your responsibility to notify CI when you change insurance carriers, so that CI can cancel the prior carrier’s access to this confidential information and provide your new insurance carrier with authorized access. We will not share any of your Business Information with the CI Certification Board unless you request us to do so in writing because you disagree with a decision made regarding your certification by the Certification Committee. You have the right to request that any director serving on the Certification Board that you believe has a conflict of interest with you or your company recuse himself or herself. CI will not share your Business Information with any director that has been recused at your request.
Collection and Use of 3rd Party PII
You may also provide personal information about other people when adding a user and/or administrator, such as their name, phone number, email address and password. This information is only used for the sole purpose of completing your request or for whatever reason it may have been provided.
Hosting Provider Information:
The Internet service provider that hosts our Web site will have a site administrator (our Webmaster) with the ability to access all such information as part of website maintenance, but this company and the Webmaster have signed a non-disclosure agreement with us. We will maintain your Contact Information and Business Information in our secure and protected information databases as long as you maintain the Certification. If you or we terminate your Certification Application or your Certification Status for any reason, we will deactivate this information unless you submit a written request that we retain this information pending future Certification actions.
We do not resell, trade or rent any of your information to any third party including for their own marketing purposes.
We post testimonials on our Web site which may contain personally identifiable information such as the company contact’s name, business, and location. We obtain the contact’s consent prior to posting their name and testimonial. The contact may request removal of this testimonial at any time by contacting email@example.com.
We may aggregate Non-Identifiable Information to create statistical data, which will be used to help analyze site traffic and improve our services. We may also use such aggregated information to describe CI’s website services to potential partners or other third parties. At no point, however, will the aggregated information identify you, your business or your clients.
Communications from Site:
CI sends automated administrative e-mails related to certification and renewals to company contacts assigned for such communications. These e-mails are related to upcoming data submittal deadlines, application and renewal processing, data receipt confirmations and general certification information.
We reserve the right to disclose any Identifiable or Non-Identifiable Information if required to do so by law or if we believe that such action is necessary in order to (i) conform with the requirements of the law or to comply with legal process served on CI; (ii) to protect or defend the legal rights or property of CI, the CI Site, or its users; or (iii) in an emergency to protect the health and safety of CI’s website users or the general public.
Technologies such as: cookies, tags and scripts are used by Certification Institute or analytics service providers. These technologies are used in analyzing trends, administering the site, tracking users’ movements around the site and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.
As is true of most websites, we gather certain information automatically and store it in log files. This information may include internet protocol (IP) address, browser type, internet service provider (ISP), refering/exit pages, operating system, date/time stamp, and/or clickstream data. We do not link this automatically collected data to other information we collect about you.
We have security measures in place to protect against the loss, misuse and alteration of the information under our control, both online and offline.
The CI Site operates secure data networks protected by industry standard firewall and password protection systems. We use a GoDaddy.com Web Server Certificate for 256-bit SSL encryption of data being sent via the Internet between the browser and our servers. The servers on which we store your personally identifiable information are kept in a secure environment using industry-standard back-up and security procedures and protections.
All application, certification and user information is restricted in our offices. Only employees who need the information to process your certification or provide the Services are granted access to personally identifiable information. All employees have been verified as having a history of honesty and trustworthiness and have signed a non-disclosure agreement prohibiting the unauthorized disclosure, use or distribution of any client or user-related information. Furthermore, all employees are kept up-to-date on our security and privacy policies and practices and on the importance of maintaining and working with all client information in a secure and confidential manner.
Access to CI’s offices is restricted after normal business hours with security cards required for entry into the building and keys required for office access. The building is also equipped with security cameras and a burglar alarm system and has a security guard on the premises after normal business hours and on weekends.
Although we strive to protect our users’ personally identifiable information and privacy, please be advised that we cannot guarantee that the security precautions we take will prevent third parties from illegally obtaining your information. However, our procedures have qualified http://www.certificationinstutute.org for the GoDaddy.com SSL Certificate indicating that we provide you with authentication, confidentiality, and data integrity that meets established industry standards.
The security of your personal information is important to us. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once we receive it. No method of transmission over the internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security. If you have any questions about the security on our website, you can contact us at firstname.lastname@example.org.
TRANSFER OF ASSETS
NOTIFICATION OF CHANGES
CHANGES TO INFORMATION AND QUESTIONS
Each participating user can access and update their personally identifiable information online. Each participating firm also has one or more designated account administrators that can add or delete users and access and update the information of the participating firm and that of all of its users. E-mail addresses entered by participating users and account administrators will be used for administrative purposes to notify users of ongoing certification requirements and do not include an opt-out feature.
We will retain your information for as long as your account is active or as needed to provide you services. If you wish to cancel your account or request that we no longer use your information to provide you services contact us at email@example.com. We will respond to your request within 30 days. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
One Financial Centre
650 S. Shackleford Road, Suite 327
Little Rock, AR 72211-3503