(Effective 5 August 2019)
Types Of Information We Collect
We receive personal information from affiliated organizations that license our certification programs, in some cases from our certification holders directly, from visitors to our website, and from our employees. The following provides examples of the type of information that we collect and how we use that information.
|Context||Types of Data||Primary Purpose for Collection
and Use of Data
|Information about certification holders||We collect the name, contact information, professional information (including employer) and gender of our certification holders from our affiliated organizations. In some instances, and in some jurisdictions, we may collect information about certification holders directly from individuals that hold our certification.||We have a legitimate interest in communicating with certification holders about topics that may be relevant to them, or impact their certification. In addition, if an individual submits personal information directly to FPSB as part of obtaining a certification, we may also process that information in order to perform contractual obligations, or based upon consent.|
|Information about affiliate organizations and their employees||We collect information about our affiliate organizations such as contact information about their employees.||We have a legitimate interest in using information about affiliate organizations to communicate with those organizations, and to administer our products and services.|
|Cookies and third party tracking||We participate in behavior-based advertising, this means that a third party uses technology (e.g., a cookie) to collect information about your use of our website so that they can provide advertising about products and services tailored to your interests on our website, or on other websites.||We have a legitimate interest in engaging in behavior-based advertising.|
|Employment||If you apply for a job posting, or become an employee, we collect information necessary to process your application or to retain you as an employee. This may include, among other things, your Social Security Number. Providing this information is required for employment.||We use information about current employees to perform our contract of employment, or the anticipation of a contract of employment. In some contexts, we are also required by law to collect information about our employees. We also have a legitimate interest in using your information to have efficient staffing and work force operations.|
|Feedback/support||If you provide us feedback or contact us for support we will collect your name and e-mail address, as well as any other content that you send to us, in order to reply.||We have a legitimate interest in receiving, and acting upon, your feedback or issues.|
|Mailing list||We may offer you the ability to sign up for a mailing list. If we do so we will collect your email address or postal address.||We have a legitimate interest in sharing information about our events or services.|
|Website interactions||We use technology to monitor how you interact with our website. This may include which links you click on, or information that you type into our online forms. This may also include information about your device or browser.||We have a legitimate interest in understanding how you interact with our website to better improve it, and to understand your preferences and interests in order to select offerings that you might find most useful. We also have a legitimate interest in detecting and preventing fraud.|
|Web logs||We collect information, including your browser type, operating system, Internet Protocol (IP) address (a number that is automatically assigned to a computer when the Internet is used), domain name, click-activity, referring website, and/or a date/time stamp for visitors.||We have a legitimate interest in monitoring our networks and the visitors to our websites.|
In addition to the information that we collect from individuals directly, we may also receive information about an individual from other sources, including third parties, affiliated organizations, or publicly available sources. For example, if you apply for a position with us we may conduct a background check, and or receive information from references.
Use And Processing Of Information
In addition to the purposes and uses described above, we use information in the following ways:
- To identify you when you visit our website or our events.
- To provide, maintain, or verify certifications.
- To provide or improve our products and services.
- To conduct analytics.
- To respond to inquiries related to support or other requests.
- To update certification holders on changes to our certification requirements or our affiliate organizations.
- To send marketing and promotional materials, including information relating to our services.
- For internal administrative purposes, as well as to manage our relationships.
Although the sections above describe our primary purpose in collecting information, in many situations we have more than one purpose. For example, if you submit a question to us we collect your information based upon your consent in providing that information to us, but we also collect your information because we have a legitimate interest in understanding the types and quantity of question that we receive concerning our certification programs. As a result, our collection and processing of your information is based in different contexts upon your consent, our need to perform a contract, our obligations under law, and/or our legitimate interest in conducting our business.
Sharing Of Information
In addition to the specific situations discussed elsewhere in this policy, we disclose information in the following situations:
- Corporate Affiliates and Acquisitions. We may share information with our corporate affiliates (g., parent company, sister companies, subsidiaries, joint ventures, or other companies under common control). If another company acquires, or is considering acquiring, our organization or our assets, we will also share information with that company. Note that “affiliated organizations” are not our affiliates (i.e., they are not under common ownership or control).
- Other Disclosures with Your Consent. We may ask if you would like us to share your information with unaffiliated third parties who are not described elsewhere in this policy.
- Other Disclosures without Your Consent. We may disclose information in response to subpoenas, warrants, discovery requests, or court orders, or in connection with any legal process, or to comply with relevant laws. For example, we may be required to disclose personal information to government agencies of the United States pursuant to a lawful request received by such agencies. We may also share your information in order to establish or exercise our rights, to defend against a legal claim, to investigate, prevent, or take action regarding possible illegal activities, suspected fraud, safety of person or property, or a violation of our policies, or to comply with your request for the shipment of products to or the provision of services by a third party intermediary.
- Service Providers. We may share your information with service providers. Among other things service providers may help us to administer our website, conduct surveys, provide technical support, process payments, and assist in the fulfillment of orders. We are responsible for our agents when we share your information with them. We will be liable if they process your data in a manner inconsistent with the Privacy Shield Principles, unless we can prove that we are not responsible for an event that gives rise to damages.
You can make the following choices regarding your personal information:
- Promotional Emails. You may choose to provide us with your email address for the purpose of allowing us to send promotional materials to you. You can stop receiving promotional emails by following the unsubscribe instructions in e-mails that you receive. If you decide not to receive promotional emails, we may still send you service related communications.
- Access To Your Personal Information. We will grant you, where required by law, reasonable access to the personal information that we have about you. You may request access to your personal information by contacting us at the address described below.
- Changes To Your Personal Information. You can contact us at the address described below in order to request that your information be modified. We will do so unless it is unduly burdensome, or if a third party’s rights are implicated.
- Deletion Of Your Personal Information. We typically retain personal information for the period necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required or permitted by law. You may request information about how long we keep a specific type of information, or request that we delete your personal information, by contacting us at the address described below.
- Revocation Of Consent or Objections. You may revoke consent to processing (where our processing is based upon consent), or object to our processing (where our processing is not based upon your consent) by contacting us at the address described below. If you revoke your consent/object we may no longer be able to provide you services. In some cases we may limit or deny your request to revoke consent, object to processing, or access, modify, or delete your information if the law permits or requires us to do so, or if we are unable to adequately verify your identity.
- Online Tracking. We do not currently recognize automated browser signals regarding tracking mechanisms, which may include “Do Not Track” instructions.
How We Protect Personal Information
No method of transmission over the Internet, or method of electronic storage, is fully secure. While we use reasonable efforts to protect your personal information from unauthorized access, use, or disclosure, we cannot guarantee the security of your personal information. In the event that we are required by law to inform you of any unauthorized access to your personal information we may notify you electronically, in writing, or by telephone, if permitted to do so by law.
Some of our websites permit you to create an account. When you do you will be prompted to create a password. You are responsible for maintaining the confidentiality of your password, and you are responsible for any access to or use of your account by someone else that has obtained your password, whether or not such access or use has been authorized by you. You should notify us of any unauthorized use of your password or account.
The following additional information relates to our privacy practices:
- Transmission Of Information To Other Countries. By submitting your personal information to us you agree to the transfer, storage and processing of your information in a country other than your country of residence including, but not necessarily limited to, the United States. If you would like more information concerning our attempts to apply the privacy principles applicable in one jurisdiction to data when it goes to another jurisdiction you can contact us using the contact information below.
- Adequacy Measures. FPSB has joined the US-EU Privacy Shield and US-Swiss Privacy Shield Frameworks, as established by the US Department of Commerce, and has agreed to comply with the principles of those frameworks. These concern the collection, use, and retention of Personal Information from EU affiliate countries and Switzerland.
- Self-Certification. FPSB adheres to the Privacy Shield principles of notice, choice, onward transfer, security, data integrity, access, and enforcement.
If you have any questions, comments, or complaints concerning our privacy practices please contact us at the appropriate address below. We will attempt to respond to your requests and to provide you with additional privacy-related information.
Financial Planning Standards Board Ltd.
707 17th Street, Suite 2925
Denver, CO 80202 USA
If you are not satisfied with our response, and are in the European Union or Switzerland, you may have a right to lodge a complaint with your local supervisory authority.
Effective Date: 5 August 2019