American Academy of
Underwater Sciences
PRIVACY POLICY
Last revised on May 03
2021
1. Scope of this
policy
This privacy policy
(the “Policy” or the "Privacy Policy”) describes how AAUS collects, uses,
consults or otherwise processes an individual's Personal Data. For the purposes
of this policy, AAUS refers to the American Academy of Underwater Sciences, a
company incorporated under the law of the state of California, having its
offices in Mobile, Alabama and email address [email protected].
We are committed to
protecting the privacy of our users and customers. This Privacy Policy is
especially directed at:
·
visitors and
subscribers of the websites of AAUS;
·
natural persons
contacting us through the contact or other forms available on the websites;
·
subscribers to
our newsletter(s);
·
users signing in
to use our services;
·
users signing
into our E-learning platform;
This Privacy Policy is
intended to inform you how we gather, define, and use information that could
identify you, such as your name, email address, address, other contact details,
online identifiers or other information that you provide to us when using our
websites or when relying on our services. Please take a moment to read this
Privacy Policy carefully.
This policy includes a
description of your data protection rights, including a right to object to some
of the processing activities we carry out.
2. Contacting us
For questions about
this Privacy Policy or use of your personal information please contact our Operations
Manager by mail at : [email protected].
3. Collection of
Information
The purpose of the
Website and E-Learning platform is to support the community of members, divers
and Diving Safety Officers in the American Academy of Underwater Sciences.
As part of our effort
to create these online resources, we receive and store information about you
such as:
Personal Information
General content
published on AAUS.org is accessible by all visitors. However, member-only
pages, profiles and the e-learning platform require registration.
Members are required
to provide part or all of the following information below, depending on their
involvement in the Academy and their membership type.
·
First and last
name
·
Email address
·
Company name,
website, industry, and address
·
Dive training
and certifications
·
Affiliated Dive
Programs
Once you complete your
membership application, and you will be able to create your profile
(“Profile”).
For the e-learning
platform, only name, email and program affiliation is required for
registration.
Correspondence
information
All website generated
emails may be stored on our servers.
Payment Information
To protect you against
fraud, unauthorized transactions (such as money laundering), claims and other
liabilities, we only collect an identification number and order details which
enable us to match each user to the payments he makes. We do not collect credit
card information.
For those members who
choose the auto renewal feature, credit card information is stored in DataVault,
a secure PCI compliant tokenization engine hosted by ASI.
4. Use of Information
We use your
information to provide, administer, enhance and our services, to process your membership,
your orders and your payments and to communicate with you on these and other
topics. For example, we use information to :
1. We use your e-mail
to send you system e-mails about the status of your membership and the
functionality of our Website that you cannot opt out from and you will have to
receive if you want to be a member.
2. We use your e-mail
associated with your Account in order to send you newsletters, news and
announcements, training opportunities and reminders. If you do not wish to
receive newsletters you may unsubscribe by clicking the unsubscription link in your
profile.
3. We use your e-mail
associated with your e-learning account to send you progress reports and class
notifications. If you do not wish to receive
e-learning notifications you may modify your e-learning profile preferences.
4. We may use your Organizational
Members statistics in order to provide benchmark analysis and aggregate
statistics. This particular Business Information will be anonymized, will not
contain personal identification and will not be transferred or sold to third
parties in any way or format that identifies you.
5. We use e-learning
platform progress information to determine course completion.
We do not transfer,
sell or rent your Personal or Business Information to third parties for any
purpose. We request only the information that we need to operate our Services
and improve our Website’s user experience. We do not use your Information to
create any advertising creative.
Our legal basis for
collecting and using the personal information described in this Privacy Policy
will depend on the personal information concerned and the specific context in
which we collect and use it. We will normally collect personal information from
you where we need the personal information to perform a contract with you (for
example to provide our services to you), where the processing is in our
legitimate interests and not overridden by your data protection interests or
fundamental rights and freedoms (for example our direct marketing activities in
accordance with your preferences), or where we have your consent to do so (for
example, for you to participate in specific surveys and focus groups).
5. Protection of
Information
We use reasonable
administrative, logical, physical and managerial measures to safeguard your
personal information against loss, theft and unauthorized access, use and
modification. These measures are designed to provide a level of security
appropriate to the risks of processing your personal information. Indicatively:
1. We do not make any of your Information
available to third parties for their marketing purposes.
2. AAUS eLearning runs on individual servers and
no data given or collected is shared with other platforms.
3. AAUS.org database information is hosted by ASI
and no data given or collected is shared with other platforms. The ASI
Protection and Privacy policy can be found here.
4. We use robust security measures to protect
data from unauthorized access, maintain data accuracy, and help ensure the
appropriate use of data. When the Services are accessed using the internet,
Secure Socket Layer (SSL) technology protects your Information, using both
server authentication and data encryption. These technologies help ensure that
your Information is safe, secure, and only available to you and to whom you
have granted access.
5. AAUS does its utmost to secure communications
and data storage in order to protect confidentiality of your Information
against loss and interception by third parties. However, it is important to
know that there is no zero-risk against loss or interception by others of your
Information. You are responsible for maintaining the security and
confidentiality of your Account’s username and password.
Please note that no transmission over the
internet can guarantee confidentiality and non-disclosure, and as such, you
transmit at your own risk.
6. Storage of Information
1. Data on the AAUS website is stored on servers
with ASI. The ASI Protection and Privacy policy can be
found here.
2. Data on the e-learning platform runs on individual
servers and no data given or collected is shared with other platforms.
7. Information and
Rights
Once you have provided
your Personal Data, you have several rights, which you can in principle
exercise free of charge, subject to statutory exceptions. These rights may be
limited, for example if fulfilling your request would reveal Personal Data
about another person, or if you ask us to delete information which we are
required by law to keep or have compelling legitimate interests in keeping. To exercise
any of your rights, you can file a request [email protected].
Should you have
unresolved concerns, you have the right to lodge a complaint with a Supervisory
Authority where you live or where you believe a breach may have occurred. We
encourage you to come to us in the first instance but, to the extent that this
right applies to you, you are entitled to complain directly to the relevant
Supervisory Authority.
1. Right to withdraw
consent
Wherever we rely on
your consent, you will be able to withdraw that consent at any time you choose
and at your own initiative by logging into your account on our website (if you
have one) or by contacting us at [email protected]. The withdrawal of your consent
will not affect the lawfulness of the collection and processing of your data
based on your consent up until the moment where you withdraw your consent.
2. Right to access and
rectify your data
You have the right to
access, review, and rectify your Personal Data. You may be entitled to ask us
for a copy of your information, to review or correct it if you wish to rectify
any information like your name, email address, passwords and/or any other
preferences, you can easily do so by logging into your account on our website
(if you have one) or by contacting us.
3. Right to erasure
You have the right to
erasure of your Personal Data processed by us as described in this Privacy
Policy in case it is no longer needed for the purposes for which the Personal
Data was initially collected or processed or in the event you have withdrawn
your consent or objected to processing as described in this Privacy Policy and
no other legal ground for processing applies. Should you wish to have your
Personal Data erased, please file a request here [email protected]
4. Right to
restriction of processing
Under certain
circumstances, you may ask us to restrict the processing of your Personal Data.
This is for example the case when you contest the accuracy of your Personal
Data. In such event, we will restrict the processing until we can verify the
accuracy of your data.
5. Right to object to
processing
Under certain
circumstances you may object to the processing of your Personal Data, including
where your Personal Data is processed for direct marketing purposes. If you no
longer want to receive certain communications from us via email, simply click
the unsubscription box on your profile preferences.
6. Right to data
portability
Where you have
provided your data directly to us and where the processing is carried out by
automated means and based on your consent or the performance of a contract
between you and us, you have the right to receive the Personal Data processed
about you in a structured, commonly used and machine-readable format, and
request portability of your Personal Data.
8. Other websites
AAUS’s website may
contain links to sites operated by third parties whose policies regarding the
handling of information may differ from ours. These websites and platforms have
separate and independent privacy or data policies, privacy statements, notices
and terms of use, which we recommend you read carefully.
9. Changes to this
Privacy Policy
We reserve the right
to modify and update this Privacy Policy from time to time. We will bring these
changes to your attention should they be indicative of a fundamental change to
the processing or be relevant to the nature of the processing or be relevant to
you and impact your data protection rights.
10. Data Retention
We retain your
Personal Data for as long as is required to fulfil the activities set out in
this Privacy Policy, for as long as otherwise communicated to you or for as
long as is permitted by applicable law.
11. Applicable Law
The validity and
interpretation of this Privacy Policy shall be governed by the laws of the
state of California. For the purposes described in this policy, your personal
data will be transferred to the United States of America.