BTPAC wants to keep your data safe.
At the BIZTECH Professional Association of Canada (BTPAC), we pride ourselves on our commitment to protecting your privacy and maintaining the currency of your certification records as long as you remain a member or rejoin. Our data governance and privacy policies reflect our company’s values and how we strive to maintain your privacy.
The BTPAC is a not-for-profit organization, with a principal office located in Mississauga, Ontario. BTPAC develops and administers tests leading to professional credentials, offers training, and certifications to individuals as well as organizations. In addition, BTPAC organizes conferences in Canada. BTPAC manages the website www.BTPAC.org.
QUESTIONS OR CONCERNS: CONTACT US
If you have any questions about this Policy or questions or complaints about our privacy practices, please contact us using the details below:
Data Protection Officer
The contact information above should also be used for communications relating to exercising the rights described in section 6.2 below.
INFORMATION WE COLLECT
We collect personal information in the following ways:
1.1 INFORMATION THAT YOU PROVIDE TO US DIRECTLY
We gather information that you provide to us when you:
- purchase products or services from us
- subscribe to our newsletters and mailing lists including from our websites
- participate in promotional offers or free products
- fill in forms, conduct searches, post content on the website, respond to surveys, or use any other features of our websites
- make an inquiry, provide feedback, submit correspondence, or make a complaint over the phone, by email, on our website or by post
- register to, present at, and/or attend, our events and conferences, scan your attendance badge at any of the booths at our conferences/events, or at our booths when we are present at someone else’s conference/event
- enter into a contract with us
The information you provide to us will include (depending on the circumstances):
- Identity and contact data: title, names, addresses, email addresses, phone numbers or your signature.
- Account profile data: a username/display name, password, user preferences and, if you sign up through a social media account, certain information about that account.
- Conference registration details: the company/organization you work for, job title/position, language preferences, your name, your email, your age, your gender, your job function, your experience, your opinions and why you are attending the conference and what you hope to learn, your accessibility needs.
- Financial data: payment details, which may include billing addresses, credit/debit card details, and bank account details.
- Visual and audio information about yourself: e.g. a photo or video footage, or sound recording.
- Your preferences: information about your preferences, interests, industry focus, community choices, and other customer profile information.
- Any other information that you choose to share with us: for example, any information that you provide via correspondence, when you fill out our survey(s), that you share via our website, such as ongoing education credits, or social media accounts linked to our website, or any information that you choose to provide in person at events, meetings, or over the phone.
1.2 INFORMATION FROM OTHER SOURCES
In certain circumstances, we will receive information about you from other sources, including third parties. For example, we may receive personal information from any of the following, who may be based inside and/or outside the EU:
- Data Management and Intelligence Conference partners and co-organizers.
- Other website users.
- Event attendees.
- Your agents or representatives who are acting on your instructions.
- Commercial contact lists that we acquire from other organizations.
- Organizations that we acquire or merge with.
- Organizations with whom we provide co-branded events, websites, products, and services.
- Service providers including our website developers, IT support providers, cloud services providers, payment services providers, billing service providers, contractors, consultants, advertising agencies and platforms, digital performance monitoring and management providers, advertising analytics providers, marketing and sales service providers, user experience testing platforms, B2B contact databases, recruitment agencies, survey tool providers, customer relationship and customer support service providers, event ticket retailers, event management platform service providers, customer identity account management providers, HR service providers, couriers, instant messaging service providers.
USING PERSONAL INFORMATION
2.1 HOW WE USE INFORMATION WE COLLECT
We use your information for the following purposes:
- To process and fulfill your orders from our websites and bookstores.
- To process and facilitate transactions and payments, and recover money owed to us (on the basis of performing our contract with you, and on the basis of our legitimate interest to recover debts due).
- To conduct business with you or your employer, including to contact you and manage and facilitate our business relationship with you and your employer (on the basis of performing our contract with you, and our legitimate interest in running our business).
- To provide customer service and support, like dealing with inquiries or complaints about the website, which may include sharing your information with our website developer, IT support provider, and payment services provider as necessary (on the basis of performing our contract with you, our legitimate interest in providing the correct products and services to our website users, and to comply with our legal obligations).
- To enable you to take part in prize drawings, competitions, and surveys (on the basis of performing our contract with you, and our legitimate interest in studying how our website and services are used, to develop them, and to grow our business).
- To work with you and undertake projects with you, including to process any proposals that you submit to us (on the basis of our contract with you, and our legitimate interest in running our business).
- To carry out marketing and let you know about our news, events, new website features products or services that we believe may interest you, including sharing your information with our marketing services providers (either on the basis of your consent where we have requested it, or our legitimate interests to provide you with marketing communications where we may lawfully do so).
- To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you (on the basis of our legitimate interests in studying how our website/services are used, to develop them, to grow our business and to inform our marketing strategy).
- To interact with users on social media platforms (on the basis of our legitimate interest in promoting our brand and communicating with interested individuals).
- To conduct data analytics to improve our website, products/services, marketing, customer relationships and experiences (on the basis of our legitimate interests in defining types of customers for our website and services, to keep our website updated and relevant, to develop our business, to provide the right kinds of products and services to our customers, and to inform our business and marketing strategy).
- To make suggestions and recommendations by sharing your information with selected third parties such as sponsors and partners, so they can contact you about things that may interest you (either on the basis of your consent where we have requested it, or on the basis of our legitimate interest to share details of conference attendees with our co-presenters and sponsors).
- To carry out marketing research and user testing to assess the levels of satisfaction of existing and proposed products and services (on the basis of our legitimate interest in carrying out research, providing the right kinds of products and services to our customers).
- To protect, investigate, and deter against fraudulent, unauthorized, or illegal activity (on the basis of our legitimate interests to operate a safe and lawful business, or where we have a legal obligation to do so).
- To enable us to comply with our policies and procedures and enforce our legal rights, and to protect the rights, property or safety of our employees and share your information with our technical and legal advisors (on the basis of our legitimate interests to operate a safe and lawful business, or where we have a legal obligation to do so).
2.2 LEGITIMATE INTERESTS
As outlined above, in certain circumstances we may use your personal information to pursue legitimate interests of our own or those of third parties. Where we refer to our “legitimate interests”, we mean our legitimate business interests in conducting and managing our business and our relationship with you, including the legitimate interests we have specified in section 2.1 above.
Where we use your information for our legitimate interests, we make sure that we take into account any potential impact that such use may have on you. Our legitimate interests don’t automatically override yours and we won’t use your information if we believe your interests should override ours unless we have other grounds to do so (such as your consent or a legal obligation). If you have any concerns about our processing, please refer to details of “Your Rights” in Section 6 below.
HOW WE SHARE AND DISCLOSE PERSONAL INFORMATION
We consider your personal information to be a vital part of our relationship with you and do not sell your personal information to third parties. There are, however, certain circumstances in which we may share your personal information with certain third parties, as follows:
- Other website users and clients who use our websites and/or applications to communicate or otherwise interact with you;
- Sponsors, partners and collaborators, including sponsors of our events, products or services, and organizations with whom we host co-branded events.
- Our service providers who are acting as processors and who assist us with our administrative or business functions, or in the provision of any of our products/services to you.
- Regulators and governmental bodies like the IRS, HMRC, and other authorities and regulators acting as processors or joint controllers who require reporting of processing activities in certain circumstances.
- Marketing parties which are any selected third party that you consent to our sharing your information with for marketing purposes.
- Any prospective buyer of our business or assets, only in the event that we wish to sell any part of our business or assets.
- Other third parties including legal, professional or other advisors, regulatory authorities, courts, law enforcement agencies and government agencies) where necessary to enable us to enforce our legal rights, or to protect the rights, property or safety of our employees or where such disclosure may be permitted or required by law.
HOW WE LOOK AFTER YOUR PERSONAL INFORMATION AND HOW LONG WE KEEP IT
We use administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personal data against loss, misuse and unauthorized access, disclosure, alteration, and destruction. We also operate a policy of “privacy by design” by looking for opportunities to minimize the amount of personal information we hold about you.
The safeguards we use include:
- ensuring the physical security of our offices, warehouses, or other sites
- ensuring the physical and digital security of our equipment and devices by using appropriate password protection and encryption
- using standard security protocols and mechanisms (such as secure socket layer (SSL) encryption) to transmit sensitive data such as credit card details
- limiting access to your personal information to those who need to use it in the course of their work
If you have any questions about the security of your personal information, please contact us using the methods outlined in the “Contact Us” section above.
We will keep your information for as long as is necessary to provide you with the services that you have requested from us or for as long as we reasonably require to retain the information for our lawful business purposes, such as for the purposes of exercising our legal rights or where we are permitted to do. We operate a data retention policy and look to find ways to reduce the amount of information we hold about you and the length of time that we need to keep it.
Please contact us using the methods outlined in the “Contact Us” section above if you would like to obtain details of our retention.
The Institute for Certification of Computing Professionals is based in the United States of America.
We transact business throughout the world and have operations, processes and systems that cross borders.
- only transferring your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission;
- where we use providers based in the US, we may transfer data to them if they are part of the EU-US Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US; or
- where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe (the so-called European Commission’s Standard Contractual Clauses).
- We may transfer your personal information to countries in the following regions outside of the EEA: North America and Asia.
YOUR RIGHTS: ACCESS AND ACCURACY, UPDATING, CORRECTING, OR DELETING INFORMATION
6.1 YOUR RIGHTS – SUMMARY
You have certain rights in respect of the information that we hold about you, including:
- the right to ask us not to process your personal data for marketing purposes
- the right to request access to the information that we hold about you
- the right to request that we correct or rectify any information that we hold about you which is out of date or incorrect
- the right to object to our using your information on the basis of our legitimate interests (refer to section 2 above to see when we are relying on our legitimate interests) (or those of a third party)) and there is something about your particular situation which makes you want to object to processing on this ground
- the right to receive a copy of any information we hold about you (or request that we transfer this to another service provider) in a structured, commonly-used, machine readable format, in certain circumstances
- in certain circumstances, the right to ask us to limit or cease processing or erase information we hold about you
- the right to lodge a complaint about us to the UK Information Commissioner’s Office (https://ico.org.uk/) as well as a right to lodge a complaint with the relevant authority in your country of work or residence
6.2 HOW TO EXERCISE YOUR RIGHTS
You may exercise your rights above by contacting us using the methods outlined in the “Contact Us” section above and we will comply with your requests unless we have a lawful reason not to do so.
In the case of preventing processing for marketing activities, you can opt out of receiving newsletters or other communications by following the opt-out instructions included in each newsletter or communication or by contacting us using the methods outlined in the “Contact Us” section above.
Please note that your objection to processing (or withdrawal of any previously given consent) could mean that we are unable to provide you with our services. Even after you have chosen to withdraw your consent we may continue to process your personal information when required or permitted by law, in particular in connection with exercising and defending our legal rights or meeting our legal and regulatory obligations.
6.3 WHAT WE NEED FROM YOU TO PROCESS YOUR REQUESTS
We may need to request specific information from you to help us confirm your identity and to enable you to exercise the rights set out above. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
You will not have to pay a fee to exercise the rights set out above. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances. We will try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Our website is not intended for children. We do not knowingly collect or maintain the personal information of children under the age of 13, and in some jurisdictions under the age of 16. If you are under the age of 13, please do not access our website at any time or in any manner. If we learn that we have collected personal information of children under the age of 13 or 16 (as applicable), we will take appropriate steps to delete that data.
SHARING DATA WITH THIRD PARTIES
If you do not want us to share your personal information with these companies, contact us at using one of the methods described in the “Contact Us” section above.
Please be responsible with personal information of others when using our website and the services available on it. We are not responsible for your misuse of personal information, or for the direct relationship between you and others that takes place outside of the website or our services.
Please note that this Policy may change from time to time. We will not reduce your rights under this Policy without your consent. If we make any material changes we will notify you by email or by means of a notice on the BTPAC.org website prior to the change becoming effective.