OVERVIEW
At Administrate, we take care in safeguarding the privacy of our customers’ data, and believe it is not only a legal obligation to establish and protect these privacy practices, but is also an ethical practice that aligns with our values. This page is intended to supplement our Privacy Policy, available at https://www.getadministrate.com/us-privacy-policy/ for our US-based business and https://www.getadministrate.com/privacy-policy/ for our non-US business, and to clearly and specifically outline how it meets the requirements of the California Consumer Privacy Act (CCPA).
Let’s cut to the most important part:
WE DO NOT SELL YOUR PERSONAL INFORMATION
The remainder of this document will outline what information we collect, how we use it, who we share it with and why, as well informing you of your rights under this program.
WHAT PERSONAL INFORMATION WE COLLECT
At Administrate, we collect the following information, as defined :
- Identifiers: Name, alias, postal address, unique personal identifier, online identifier, Internet Protocol (IP) address, email address, account name, or other similar identifiers.
- Customer records information: Name, address, telephone number, education, employment or other similar information collected in the course of purchasing and registering for training.
- Commercial information: Records products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
- Internet or other electronic network activity information: Browsing history, search history, and information regarding a consumer’s interaction with an Internet website, application, or advertisement.
- Professional or employment-related information: Records may be collected as provided by learners for professional and continuing education purposes.
- Education information: Information that is not “publicly available personally identifiable information” as defined in the California Family Educational Rights and Privacy Act (20 U.S.C. section 1232g, 34 C.F.R. Part 99). Administrate is a training platform and will maintain training records about learners. FERPA may apply when the training is in the context of a publicly funded educational program.
- Inferences: Inferences about the types of training and related products learners prefer.
HOW WE USE PERSONAL INFORMATION
The CCPA defines various business and commercial purposes for collecting, using, and disclosing Personal Information. While we collect, use, and disclose Personal Information pursuant to our Privacy Policy as a whole, we wanted to clarify out that this includes Personal Information in accordance with the specific CCPA business and commercial purposes below:
- Auditing related to a current interaction with the consumer and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards.
- Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.
- Debugging to identify and repair errors that impair existing intended functionality.
- Short-term, transient use, provided the personal information that is not disclosed to another third party and is not used to build a profile about a consumer or otherwise alter an individual consumer’s experience outside the current interaction, including, but not limited to, the contextual customization of ads shown as part of the same interaction.
- Performing services on behalf of the business or service provider, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider.
- Undertaking internal research for technological development and demonstration.
- Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by the business, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by the business.
- “Commercial purposes” means to advance a person’s commercial or economic interests, such as by inducing another person to buy, rent, lease, join, subscribe to, provide, or exchange products, goods, property, information, or services, or enabling or effecting, directly or indirectly, a commercial transaction.
WHAT PERSONAL INFORMATION WE SHARE
Administrate does not sell, rent, or disclose personal information to marketers or unaffiliated third parties. We may share your personal information with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, insofar as reasonably necessary for the purposes set out in our privacy policy.
We may also share your personal information with selected third parties including:
- Business partners, suppliers and subcontractors for the performance of any contract we enter into with them or you, which include web hosting facilities, data processors for services like automated emails, and contracted development firms; and
- Those who perform functions on our behalf and who also provide services to us such as professional advisors as it is in our legitimate interest to do so.
We will disclose your personal information to third parties:
- In the event that we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets as part of the sale or purchase process in order to allow such transaction to complete as is in our legitimate interest to do so;
- If Administrate or substantially all of its assets are acquired by a third party or its business merges with another business or company, we may share personal data with the new owners of the business or company or their professional advisers as is in our legitimate interests to do so; and
- If we are under a duty to disclose or share your personal data in order to comply with any legal obligation or to protect the rights, property, or safety of Administrate Inc., our customers or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction as it is in our legitimate interests to do so.
YOUR RIGHTS UNDER THE CCPA
Right to Know:
If you are a California resident, you may submit, free of charge, but no more than twice in a 12-month period, a verifiable request for the following information:
- The specific pieces of personal information we have about you;
- The categories of personal information we collected, sold, or disclosed for a business purpose about you within the last 12 months;
- The categories of sources from which the personal information was collected;
- The purposes for which the information was collected or sold; and
- The categories of third parties to whom the information was sold, disclosed for a business purpose, or otherwise shared.
Right to erasure:
You may also request that we delete personal information that we collected from you. Some information may be exempt from such requests under California law.
Right to opt-out from sale:
We use and share your information as described in this document and our privacy policy. We have not sold personal information about you in the last 12 months and currently have no plans to do so in the future. Based on the definition of “sell” under the CCPA guidance, all personal data we collect is treated as ‘opt-out from sale’ by default.
RIght to non-discrimination:
The CCPA provides that you may not be discriminated against for exercising these rights.
HOW TO EXERCISE YOUR RIGHTS
Submit a request:
To make a data access request, you may either:
Complete the form on our website: https://www.getadministrate.com/data-subject-access-request/
Send an email to [email protected] with the subject line “CCPA Data Access Request”
You can request deletion of your personal information by sending an email to [email protected] with the subject line “CCPA Data Erasure Request” or by responding on a data access request email chain stating you would like to exercise this right.
For security purposes, we will verify your identity – including requesting information from you – when you request to exercise your California privacy rights. Once we have verified your identity, we will respond to your request as appropriate. If we are unable to complete your requests, we will provide you information about the reasons that we could not comply with your request.
Administrate endeavors to process all data access and data deletion requests within 28 days of the request being submitted. However, if a request is complex or our resources are limited at that time then we may require an additional 28 days for processing (56 days total). In either case, we will inform you of an expected deadline when we receive your request and notify you if there are any delays affecting your request.
AUTHORIZED AGENTS:
If you would like to designate an authorized agent to make a request on your behalf, please be sure the agent can (i) demonstrate you have provided written permission for the agent to submit the request on your behalf, and (ii) provide proof of his or her own identity. If the agent does not satisfy these requirements, we will deny the request.