Data Privacy at Alpine Testing Solutions, Inc.
Alpine Testing Solutions, Inc. (“Alpine”) has established a comprehensive privacy program designed to help us respect and protect your data privacy rights. The following statement includes (i) Alpine’s Privacy Shield Framework compliance statement and certification of adherence to the Privacy Shield Principles and (ii) Alpine’s website privacy statement.
Alpine’s Privacy Shield Compliance and Certification
Alpine complies with the Privacy Shield Framework as set forth by the International Trade Administration (ITA) within the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member states. Alpine certifies its adherence to Privacy Shield Principles for personal data received or collected by Alpine from individuals or organizations in the European Union member states and in connection with the delivery of certification, licensure, and other testing services. Alpine’s Privacy Shield certification can be found here. For more information about the Privacy Shield Principles, please visit https://www.privacyshield.gov/.
Collection and Use of Personal Information
Alpine has adopted the following policies (collectively, the “Policy”) applicable to personal information that Alpine may receive related to certification, credentialing, licensure and other testing received on all applications, websites and web pages that provide a link to this Policy (collectively, the “Site”). By visiting or providing information to Alpine on the Site, you are accepting the practices described in this Policy and agree that Alpine may collect, use, and disclose your personal information as described herein. If you do not agree to this Policy, please request that the test sponsor remove your records from the system. Do not provide your personal information to Alpine. Alpine will use your personal information only for the purposes and in the manner set forth herein.
Alpine provides test development and candidate management services as a service provider to test sponsors. A test sponsor is a company or organization that offers certification, credentialing, licensure or other testing and controls the test(s) that must be taken to secure such certification, credentialing, or licensure. Alpine collects or receives personal information from certification, credentialing, licensure, and other testing candidates. Alpine uses this personal information to perform services relating to certification, credentialing, licensure, and other testing purposes on behalf of the test sponsor. This includes—among other things—determining testing eligibilities, supporting test registration, analyzing test results, calculating and awarding credentials, supplying testing information to the test sponsor programs and their authorized vendors, and communicating with candidates and the test sponsor about the testing and the results of such testing. A candidate does not have to provide any personal information to Alpine unless the candidate wishes to participate in the testing offered by the test sponsor and receive testing results. The personal information that Alpine collects or receives for certification, licensure, or in the testing process may include—without limitation—name, address, email address, phone number, fax number, company, title, language, employment information, previous examination history, education information, work history, source of financing for the examination, all or part of a government-issued identification number, and mother’s maiden name. Alpine may also collect a candidate’s signature, photographic image, fingerprint, and/or palm vein image digitally to verify identity and to protect the security and integrity of the test. When a test is administered to you, Alpine may collect and score your test responses and then derive a test score and generate a report about your test results. Unless Alpine provides specific notice and obtains your consent, Alpine does not collect or process any Human Resource Data (HRD), as defined under the U.S.-EU Privacy Shield Framework, in connection with certification, credentialing, licensure or other testing services.
Transfer of Personal Information to Third Parties
By registering for a test, you acknowledge and agree that your personal information may be transmitted to Alpine to manage on behalf of the test sponsor from whom you seek certification, credentialing, or licensure. You further acknowledge and agree that Alpine may disclose your personal information to the test sponsor and its associates. The test sponsor requires this personal information so that, among other things, (a) tests can be correctly administered, (b) certification, credentialing, and licensure can be processed and administered, and (c) candidates can receive further information about certification, credentialing, and licensure testing. For further information about how the test sponsor may use your personal information, please contact the test sponsor.
Alpine may also statistically aggregate, in non-person–specific form, test responses and other information collected in the test registration and delivery process and transfer this information to test sponsors and to independent testing centers. Such aggregated non-person–specific information may be used for quality control, operations management, security, and marketing purposes as well as to enhance, develop or improve testing processes, testing services, tests, and related products and services. By registering for a test, you acknowledge and agree to this non-person–specific data aggregation and the use and transmission of this statistical data as outlined above. Alpine abides by the Privacy Shield Onward Transfer of Data Principles when transferring data to third parties.
In addition to transmitting certain personal information about you to a test sponsor or its associates, Alpine may disclose personally identifiable information in the following situations: (a) in response to a subpoena, court order, or legal process, to the extent permitted and required by law; (b) to protect your security, or the security of other persons, consistent with applicable law; (c) to address actual or suspected fraud or other illegal activities; (d) in connection with a sale, joint venture, or other transfer of some or all of the assets of Alpine; and (e) to the test sponsor and its associates for use within the test sponsor’s systems.
Choice - Limiting Use of Personally Identifiable Information
Alpine discloses personally identifiable or sensitive information to third parties when Alpine is acting as a data processor under the direction of a test sponsor or other organization who is acting as the data controller. If your personally identifiable or sensitive information is provided to Alpine by the data controller or a third-party (e.g., test delivery provider) acting under the direction of the data controller, Alpine is only acting as a processor of data under the instruction of the data controller based on a contract with the data controller. Alpine will follow the instructions of the data controller in its processing activities. As data processor, we treat as sensitive any personal information received from data controllers that are designated as sensitive. If the data controller intends to (i) use your personally identifiable or sensitive information for a purpose that is materially different from the purposes for which the personal identifiable or sensitive information was originally collected or subsequently authorized, or (ii) transfer you personally identifiable or sensitive information to a third party not contemplated by the purposes for which the personally identifiable or sensitive information was originally collected or subsequently authorized, the data controller is responsible to give you notice and an opportunity to opt out. If the data controller permits us to do so, we will allow you to log into Alpine's systems and opt out or make changes to your designation. If the data controller does not permit us in out systems to allow you to opt out or make changes to your designation, or if you prefer not to log into our systems, you must contact the data controller (e.g. test sponsor) and use the mechanism it provides to opt out or make changes to your designation.
You understand that if you opt out of sharing your personally identifiable information with data controllers or certain third parties, your decision may impact your certification, credential, or licensure status. Furthermore, Alpine may still retain all non-identifiable data and information, including test responses and other information collected, to use for statistical purposes, aggregate purposes, and improvement of systems and processes.
If your personally identifiable or sensitive information is provided to Alpine and Alpine is acting in the capacity of a data controller (e.g., you or others request that we provide you marketing or sales information and share with us your personally identifiable information so we can contact you), Alpine will use such data only for the purposes for which it was collected. Alpine will not disclose that information to any third-parties except for third-parties acting as a data processor for the purposes for which the data was collected (e.g., sales and marketing automation tools and services used by Alpine) under the direction of Alpine. If you request, you may opt out of having Alpine share your personally identifiable or sensitive information, limit with whom such information is shared, or have such information removed from our systems by contacting us at email@example.com. If Alpine is acting in the capacity of data controller and intends to (i) use your personally identifiable or sensitive information for a purpose that is materially different from the purposes for which the personally identifiable information was originally collected or subsequently authorized, or (ii) transfer your personally identifiable or sensitive information to a third party not contemplated by the purposes for which the personally identifiable or sensitive information was originally collected or subsequently authorized, will give you notice and an opportunity to opt out. While Alpine, when acting as a data controller, will honor your opt out requests personally identifiable or sensitive information, Alpine may still retain all non-identifiable data and information to use for statistical purposes, aggregate purposes, and improvement of processes and systems.
Alpine shall take reasonable steps to protect all personal information from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. Alpine has put in place appropriate physical, electronic, and managerial procedures to safeguard and secure all personal information from loss, misuse, unauthorized access or disclosure, alteration, or destruction.
Alpine only processes personal information in a way that is compatible with and relevant to the purpose in which it was collected or authorized by you. To the extent necessary for those purposes, Alpine shall take reasonable steps to ensure that personal information is accurate, complete, current, and reliable for its intended use.
Alpine shall allow you access to your personal information and allow you to correct, amend, or delete inaccurate information, except where the burden or expense of providing access would be disproportionate to the risks to your privacy or where the rights of persons other than you would be violated.
Alpine uses a self-assessment approach to assure compliance with this Policy and periodically verifies that the Policy is accurate, comprehensive for the information intended to be covered, prominently displayed, completely implemented, and accessible and in conformity with the Privacy Shield Principles. Alpine encourages interested persons to raise any concerns using the contact information provided and will investigate and attempt to resolve any complaints and disputes regarding use and disclosure of personal information in accordance with the Privacy Shield Principles.
All questions, concerns, complaints, access requests, and any other issues arising under the U.S.-EU Privacy Shield or this Policy should be directed to: Blair Harris, Vice President of Technology Solutions (firstname.lastname@example.org). If a complaint or dispute cannot be resolved through our internal process, Alpine agrees to dispute resolution using the American Arbitration Association (AAA) as a third-party resolution provider; for additional information, please visit AAA’s website here. Under certain conditions, an individual may invoke binding arbitration. Arbitral decisions will be binding on all parties to the arbitration. Alpine is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).
This Policy may be amended periodically consistent with the requirements of the U.S.-EU Privacy Shield Framework. Alpine will post any revisions or amendments to the Policy on its website.
Alpine’s Website Privacy Statement
Alpine respects the privacy of visitors to its website. This Policy applies only to the operation of websites that directly link to this Policy when you click on “privacy statement” in the website footer. Through its Site, Alpine will collect personal information when it is voluntarily submitted to Alpine (however, see discussion below about “IP Addresses” if you have a broadband connection). Alpine will use your personal information as described above.
Any other information transferred by you in connection with your visit to the Site that cannot be used to identify you (“Other Information”) may be included in databases owned and maintained by Alpine. Alpine retains all rights to these databases and the information contained in them. Other Information Alpine collects may include your IP Address and information gathered through Alpine’s weblogs and cookies (see below).
This Site receives information that is automatically generated by a user’s Internet service provider (ISP). This information may include the IP address (a number automatically assigned to a computer by the telephone area code, the location of the ISP’s servers, the pages of Alpine’s Site that the user views, any search terms entered on this Site, and the user’s website address and email address. This information may be collected for system administration purposes, to gather broad demographic information, and to monitor the level of activity on the Site. Alpine reserves the right to link IP addresses and other information supplied by the ISP to personally identifiable information to control which users can and cannot access our system based on their IP address, protect the integrity of our systems, and for security purposes.
This Site may use a technology known as web beacons that allow the Site to collect web log information. A web beacon is a graphic on a web page or in an e-mail message designed to track pages viewed or messages opened. Web log information is gathered when you visit one of our websites by the computer that hosts Alpine’s website (called a “webserver”). The webserver automatically recognizes some non-personal information, such as the date and time you visited Alpine’s Site, the pages you visited, the website you came from, the type of browser you are using (e.g., Internet Explorer), the type of operating system you are using (e.g., Windows 2000), and the domain name and address of your Internet service provider (e.g., AOL). Alpine may also include web beacons in promotional e-mail messages in order to determine whether messages have been opened.
The Site may use a technology called a “cookie”. A cookie is a piece of information that Alpine’s webserver sends to your computer (i.e., your browser file) when you access a website. When you return, Alpine’s Site will detect whether you have one of its cookies on your computer. Alpine’s cookies help provide additional functionality to the Site and help us analyze Site usage more accurately.
Data collected and received by Alpine may be transmitted to the United States and other countries. Although Alpine’s technical team members are currently based in the United States, the Internet is a global environment. By using this Site and sending information to Alpine electronically, you consent to trans-border and international transmission of any data that you may choose to supply to Alpine. Information transmissions to this Site and emails sent to Alpine may not be secure. Given the inherent operation and nature of the Internet, all Internet transmissions are done at your own risk.
This Site is not intended for, or designed to attract, individuals under the age of 18 (“Minors”). When acting as a data controller, Alpine does not collect personally identifiable information from any person Alpine knows is a Minor. However, from time to time, test sponsors may ask Alpine to process personal information of a Minor. In such cases, Alpine will process the Minor’s personal information in accordance with this Policy and under the direction of the test sponsor. Alpine does not knowingly process personal information from persons under the age of 13 without parental consent.