GDPR Privacy Notice
The Board of Certified Safety Professionals'
GDPR Privacy Notice
This GDPR Privacy Notice is a supplement to our Privacy Policy and covers certain personal data we have collected about residents of the countries in the European Union, consisting of the European Economic Area, Switzerland, and to the extent that the United Kingdom is no longer a member of the European Economic Area, the United Kingdom. It explains why we have that information, how we use and handle it, and your rights to that information, all as required by the European Union's General Data Protection Regulation ("GDPR").
What personal data do we hold?
You Provide to Us
We may collect your personal contact information such as name, e-mail address, phone number, gender, birthdate, and country of residence.
From Others
We may receive information about you from our vendors or affiliates.  This may include your personal contact information, such as name, email address, phone number, and country of residence.  Or, we may obtain information in the context of providing service and support to our customers.
Where did we get your personal data?
We collect your personal data when you ask us to contact you, or when you place an order for our products and services.  Your failure to provide this information means we cannot fulfill your request. We may also collect your contact information when you provide it by using our Sites, as well as your IP address and other information about your activity on our Sites, such as what pages you visit. We may also receive personal data when we are working on the resolution to our customers' problems.
What is our purpose for holding your personal data?
Our lawful basis for holding your information depends on the circumstances under which we acquired it:
Type of Information Lawful Basis for Processing
Customer and prospective customer contact information collected in connection with an order or an inquiry For fulfillment of a contract or service
Customer and prospective customer contact information collected for use in marketing additional products and services Consent or Legitimate Interest
Personal data of our customers' customers For fulfillment of a contract or service
What we do with your personal data:
We use your details so that we can communicate with you by e-mail or phone and to inform you of our services, the status of your order, or questions about invoice payment(s). We may also collect your IP address and details concerning your activity while on our website in order to secure our systems and understand your interests and preferences.
The personal data we hold is stored and processed securely in line with the information security measures and guidance standard in our industry. Considering the level of risk associated with the processing of your personal data, we have implemented appropriate technical and organizational measures designed to prevent the unauthorized disclosure of your personal data.
If we receive your personal data in the context of providing problem-solving services to our customers, we will securely accept that data, segregate it from other customer data, and limit access to the data. We will delete the data once the issue is resolved.
Cross Border personal data transfers:
Your personal data may be transferred to and stored at our servers located in the United States. The United States has personal data privacy laws that are different from your country.
What we don't do with your personal data:
We do not pass your information to anyone else apart from our business services partners as necessary to provide you with the products and services you have requested. We do not use any automated systems relating to your personal data. We do not use your information for profiling.
How long do we keep your personal data?
We will retain your personal data for the period necessary to fulfill the purposes outlined in this Privacy Notice, unless a longer retention period is required or permitted by law, or we have obtained your consent.
What are my personal data rights?
You have the following rights concerning your personal data that we hold and process that you can exercise at any time:
  • Right of access - you have the right to request a copy of the information that we hold about you.
  • Right of rectification - you have a right to correct personal data that we hold about you that is inaccurate or incomplete.
  • Right to be forgotten - in certain circumstances you can ask for the personal data we hold about you to be erased from our records.
  • Right to restriction of processing - where certain conditions apply you can restrict the processing of the personal data we hold about you.
  • Right of portability - you have the right to have the personal data we hold about you transferred to another organization.
  • Right to object - you have the right to object to certain types of processing such as direct marketing.
  • Right to judicial review - in the event that we refuse your request under rights of access, we will provide you with a reason as to why. You have the right to complain as outlined in the process below.
All of the above requests will be forwarded on to other parties holding and processing your personal data where appropriate.
Who do I contact if I have an issue with my personal data that you hold?
Please contact our Privacy Officer at
How do I make a complaint about how my personal data is being held or processed?
If you wish to raise a complaint on how we handle your personal data, you can contact our Privacy Officer as follows:
  • By Email:
  • By Mail:
    Attention: Privacy Officer
    Board of Certified Safety Professionals
    8645 Guion Road
    Indianapolis, IN 46268
If you are not satisfied with our response you can complain to the data protection authority in the country in which you reside.
This GDPR Privacy Notice was last updated on May 25, 2018.
Board of Certified Safety Professionals' GDPR Privacy Notice | Version 2.0 | 05/25/2018
We use cookies on this site to give you the very best experience. By using our website, you agree to our Privacy Policy.  Learn more.