American Academy of Underwater Sciences

PRIVACY POLICY

Last revised on May 03 2021

1. Scope of this policy

This privacy policy (the “Policy” or the "Privacy Policy”) describes how AAUS collects, uses, consults or otherwise processes an individual's Personal Data. For the purposes of this policy, AAUS refers to the American Academy of Underwater Sciences, a company incorporated under the law of the state of California, having its offices in Mobile, Alabama and email address [email protected]

We are committed to protecting the privacy of our users and customers. This Privacy Policy is especially directed at:

·         visitors and subscribers of the websites of AAUS;

·         natural persons contacting us through the contact or other forms available on the websites;

·         subscribers to our newsletter(s);

·         users signing in to use our services;

·         users signing into our E-learning platform;

 

This Privacy Policy is intended to inform you how we gather, define, and use information that could identify you, such as your name, email address, address, other contact details, online identifiers or other information that you provide to us when using our websites or when relying on our services. Please take a moment to read this Privacy Policy carefully.

This policy includes a description of your data protection rights, including a right to object to some of the processing activities we carry out.

2. Contacting us

For questions about this Privacy Policy or use of your personal information please contact our Operations Manager by mail at : [email protected]

3. Collection of Information

The purpose of the Website and E-Learning platform is to support the community of members, divers and Diving Safety Officers in the American Academy of Underwater Sciences.

As part of our effort to create these online resources, we receive and store information about you such as:

Personal Information

General content published on AAUS.org is accessible by all visitors. However, member-only pages, profiles and the e-learning platform require registration.

Members are required to provide part or all of the following information below, depending on their involvement in the Academy and their membership type.

·         First and last name

·         Email address

·         Company name, website, industry, and address

·         Dive training and certifications

·         Affiliated Dive Programs

Once you complete your membership application, and you will be able to create your profile (“Profile”).

For the e-learning platform, only name, email and program affiliation is required for registration.

Correspondence information

All website generated emails may be stored on our servers.

Payment Information

To protect you against fraud, unauthorized transactions (such as money laundering), claims and other liabilities, we only collect an identification number and order details which enable us to match each user to the payments he makes. We do not collect credit card information.

For those members who choose the auto renewal feature, credit card information is stored in DataVault, a secure PCI compliant tokenization engine hosted by ASI.

4. Use of Information

We use your information to provide, administer, enhance and our services, to process your membership, your orders and your payments and to communicate with you on these and other topics. For example, we use information to :

1. We use your e-mail to send you system e-mails about the status of your membership and the functionality of our Website that you cannot opt out from and you will have to receive if you want to be a member.

2. We use your e-mail associated with your Account in order to send you newsletters, news and announcements, training opportunities and reminders. If you do not wish to receive newsletters you may unsubscribe by clicking the unsubscription link in your profile.

3. We use your e-mail associated with your e-learning account to send you progress reports and class notifications.  If you do not wish to receive e-learning notifications you may modify your e-learning profile preferences.

4. We may use your Organizational Members statistics in order to provide benchmark analysis and aggregate statistics. This particular Business Information will be anonymized, will not contain personal identification and will not be transferred or sold to third parties in any way or format that identifies you.

5. We use e-learning platform progress information to determine course completion.

We do not transfer, sell or rent your Personal or Business Information to third parties for any purpose. We request only the information that we need to operate our Services and improve our Website’s user experience. We do not use your Information to create any advertising creative.

Our legal basis for collecting and using the personal information described in this Privacy Policy will depend on the personal information concerned and the specific context in which we collect and use it. We will normally collect personal information from you where we need the personal information to perform a contract with you (for example to provide our services to you), where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms (for example our direct marketing activities in accordance with your preferences), or where we have your consent to do so (for example, for you to participate in specific surveys and focus groups).

5. Protection of Information

We use reasonable administrative, logical, physical and managerial measures to safeguard your personal information against loss, theft and unauthorized access, use and modification. These measures are designed to provide a level of security appropriate to the risks of processing your personal information. Indicatively:

1.     We do not make any of your Information available to third parties for their marketing purposes.

2.     AAUS eLearning runs on individual servers and no data given or collected is shared with other platforms.

3.     AAUS.org database information is hosted by ASI and no data given or collected is shared with other platforms. The ASI Protection and Privacy policy can be found here.

4.     We use robust security measures to protect data from unauthorized access, maintain data accuracy, and help ensure the appropriate use of data. When the Services are accessed using the internet, Secure Socket Layer (SSL) technology protects your Information, using both server authentication and data encryption. These technologies help ensure that your Information is safe, secure, and only available to you and to whom you have granted access.

5.     AAUS does its utmost to secure communications and data storage in order to protect confidentiality of your Information against loss and interception by third parties. However, it is important to know that there is no zero-risk against loss or interception by others of your Information. You are responsible for maintaining the security and confidentiality of your Account’s username and password.

Please note that no transmission over the internet can guarantee confidentiality and non-disclosure, and as such, you transmit at your own risk.

 

6. Storage of Information

1.     Data on the AAUS website is stored on servers with ASI. The ASI Protection and Privacy policy can be found here.

2.     Data on the e-learning platform runs on individual servers and no data given or collected is shared with other platforms.

 

7. Information and Rights

Once you have provided your Personal Data, you have several rights, which you can in principle exercise free of charge, subject to statutory exceptions. These rights may be limited, for example if fulfilling your request would reveal Personal Data about another person, or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping. To exercise any of your rights, you can file a request [email protected]

Should you have unresolved concerns, you have the right to lodge a complaint with a Supervisory Authority where you live or where you believe a breach may have occurred. We encourage you to come to us in the first instance but, to the extent that this right applies to you, you are entitled to complain directly to the relevant Supervisory Authority.

1. Right to withdraw consent

Wherever we rely on your consent, you will be able to withdraw that consent at any time you choose and at your own initiative by logging into your account on our website (if you have one) or by contacting us at [email protected] The withdrawal of your consent will not affect the lawfulness of the collection and processing of your data based on your consent up until the moment where you withdraw your consent.

2. Right to access and rectify your data

You have the right to access, review, and rectify your Personal Data. You may be entitled to ask us for a copy of your information, to review or correct it if you wish to rectify any information like your name, email address, passwords and/or any other preferences, you can easily do so by logging into your account on our website (if you have one) or by contacting us.

3. Right to erasure

You have the right to erasure of your Personal Data processed by us as described in this Privacy Policy in case it is no longer needed for the purposes for which the Personal Data was initially collected or processed or in the event you have withdrawn your consent or objected to processing as described in this Privacy Policy and no other legal ground for processing applies. Should you wish to have your Personal Data erased, please file a request here [email protected]

4. Right to restriction of processing

Under certain circumstances, you may ask us to restrict the processing of your Personal Data. This is for example the case when you contest the accuracy of your Personal Data. In such event, we will restrict the processing until we can verify the accuracy of your data.

5. Right to object to processing

Under certain circumstances you may object to the processing of your Personal Data, including where your Personal Data is processed for direct marketing purposes. If you no longer want to receive certain communications from us via email, simply click the unsubscription box on your profile preferences.

6. Right to data portability

Where you have provided your data directly to us and where the processing is carried out by automated means and based on your consent or the performance of a contract between you and us, you have the right to receive the Personal Data processed about you in a structured, commonly used and machine-readable format, and request portability of your Personal Data.

8. Other websites

AAUS’s website may contain links to sites operated by third parties whose policies regarding the handling of information may differ from ours. These websites and platforms have separate and independent privacy or data policies, privacy statements, notices and terms of use, which we recommend you read carefully.

9. Changes to this Privacy Policy

We reserve the right to modify and update this Privacy Policy from time to time. We will bring these changes to your attention should they be indicative of a fundamental change to the processing or be relevant to the nature of the processing or be relevant to you and impact your data protection rights.

10. Data Retention

We retain your Personal Data for as long as is required to fulfil the activities set out in this Privacy Policy, for as long as otherwise communicated to you or for as long as is permitted by applicable law.

11. Applicable Law

The validity and interpretation of this Privacy Policy shall be governed by the laws of the state of California. For the purposes described in this policy, your personal data will be transferred to the United States of America.