Knowledge Management Interactive
a. Compliance with Privacy Shield. KMI complies with the Privacy Shield and the Department’s Principles and Supplemental Principles promulgated thereunder regarding the collection, use, and retention of personal data relating to individuals who use KMI’s web-based learning management system. KMI has certified with the Department that it adheres to the Privacy Shield Principles of notice, choice, accountability for onward transfers, security, data integrity and purpose limitation, access, and recourse/enforcement/liability. To learn more about the Privacy Shield program, and to review KMI’s certification with the Department under the Privacy Shield, please visit [http://www.export.gov/privacyshield/_______. (?)]
b. Types of Personal Data. The purpose of the KMI LMS is to operate a web-based learning management system, also referred to as an “online learning program” or “e-learning.” You may use KMI’s website to study course materials (training modules), take tests on those courses, have your tests graded, and have your test scores compiled and reported. All personal data concerning you is collected, used, and stored for the purposes of facilitating your participation in the KMI LMS coursework and recording and reporting the results of your participation in that coursework.
Personal data is collected in two ways.
Active Information Collection
To be able to login to the KMI website, you must have an account. This account will hold some personal data about you, such as your name, e-mail address, employment division, etc. This data will only be used for establishing your personal account and for your registration when visiting the KMI LMS.
Some of the personal data that you submit while using a KMI training module also may be personally identifiable information (that is, information that can be uniquely identified as you, your position your employer, the division of your employer in which you work, your score on a test, and the like).
Passive Information Collection
As you navigate through KMI’s website, certain information about that electronic connection can be passively collected (that is, gathered without your actively providing the information), using various technologies and means, such as Internet Protocol (IP) addresses, cookies, Internet tags, and navigational data collection.
KMI’s web site uses IP addresses. An IP Address is a number assigned to your computer by your Internet service provider so that you can access the Internet; your IP address generally is not considered to be personally identifiable information because, in most cases, an IP address is dynamic (changing each time you connect to the Internet), rather than static (unique to a particular user’s computer). KMI uses your IP address to diagnose problems with its server, report aggregate information, determine the fastest route for your computer to use in connecting to KMI’s website, and administer and improve the site.
Your electronic connection to KMI’s website will create “cookies.” A cookie is a bit of information that a website sends to your web browser that helps the site remember information about you and your preferences.
You can set your browser to notify you when you receive a cookie, giving you the chance to decide whether to accept it. You can also set your browser to block the placing of cookies at all, but you should realize that this can limit your use of KMI’s website or services. You can find more information about cookies at www.cookiecentral.com/faq.
c. Commitment to Principles. All personal data obtained from you by KMI will be subject to the Privacy Shield Principles and Supplemental Principles.
d. Purpose for Use. As noted above, your personal data will be used solely by KMI for the purposes of giving you access to your personal account on the KMI LMS, facilitating your use of the LMS, and to provide scoring and reporting of your training on the KMI LMS.
e. Contact Information. If you have any questions or complaints about the use of your personal data in connection with your training activities on the KMI LMS, you may contact KMI at: email@example.com. Also, KMI has registered with a European Union data protection authority (an “E.U. DPA”) to assist KMI with questions or complaints relating to personal data. You may reach the E.U. DPA at .
Only administrators designated by KMI and/or by your employer who have a defined “need-to-know” within the scope of their function or duties will have access to personal data on an individually-identifiable level.
g. Access and Correction. Each individual registered on KMI’s website has access to his or her personal profile, which contains all data supplied by that individual and/or by his or her employer. Most fields are available for modification by the individual. Some elements of data may not be available for individual modification. Any individual registered on KMI’s website who feels that his/her personal data contains elements that are inaccurate may contact firstname.lastname@example.org to request a revision or correction of the personal data. KMI will take all reasonable steps necessary to resolve issues relating to inaccurate data.
h. Limitations of Use. In the event you wish to limit access to or use of your personal data in some manner, KMI will make reasonable efforts to accommodate requested limitations. However, KMI’s ability to accommodate such requests may be restricted by information requirements for you to use the KMI’s LMS and by system functionality and data security requirements.
i. Independent Dispute Resolution. If you have any questions or complaints concerning the use of your personal data, you are encouraged to contact KMI to resolve such questions or complaints. KMI will act quickly to respond, but in all events, within 45 days. If you wish to submit your questions or complainst to an independent entity, KMI has registered with a panel established by an E.U. DPA to address complaints you may have regarding the use of your personal data, and to provide appropriate recourse for your complaints. Again, the E.U. DPA may be reached at .com.
j. FTC Jurisdiction. KMI is subject to the investigating and enforcement powers of the U.S. Federal Trade Commission pursuant to KMI’s certification with the Department under the Privacy Shield.
k. Arbitration. Under certain circumstances, if you claim that KMI is violating the Privacy Shield, you may be entitled to have your claim arbitrated before a Privacy Shield Panel established by the Department. The Department’s “Annex I,” issued under the Privacy Shield, establishes the terms and conditions applicable to arbitration. Annex I can be found at: .com.
l. Lawful Requests. KMI may be obligated to disclose your personal data to third-persons in compliance with applicable laws, court orders, or government regulations.
III. ACCOUNTABILITY AND TRANSFER
KMI will comply with the Notice and Choice provisions set forth above with respect to disclosure of your personal data to third parties and KMI’s accountability to you for the use of your personal data.
KMI takes reasonable steps to protect your personal data as you transmit it from your computer to KMI’s website, and thereafter, to protect such data from loss, misuse, unauthorized access, disclosure, alteration, or destruction. However, you should keep in mind that no Internet transmission is ever 100% secure or error-free. In particular, e-mail sent to or from KMI’s web site may not be secure, and therefore, you should take special care in deciding what information you send to KMI via e-mail. Moreover, whenever you use passwords, ID numbers, or other special access features on KMI’s website, it is your responsibility to safeguard that access information from being disclosed to others. KMI’s website is password-protected.
- The database for KMI’s LMS is protected by firewalls.
- Any personal data that is transferred from your computer to the KMI website is protected by an SSL certificate so that all such data is encrypted.
V. DATA INTEGRITY AND PURPOSE LIMITATION
KMI limits the personal data it receives about you to the data that is necessary and useful to effectively facilitate your training through the KMI website. KMI processes your personal data only in ways compatible with such purposes for which it is collected. To the extent necessary for such purposes, KMI takes reasonable steps to ensure that your personal data is accurate, complete, current, and otherwise reliable with regard to its intended use.
You have the right to:
a. obtain from KMI a confirmation of whether or not it possesses personal data relating to you;
b. have communicated to you such personal data so that you can verify its accuracy; and
c. have the personal data corrected, amended, or deleted if it is inaccurate or being processed by KMI in violation of the Privacy Shield Principles.
You may exercise these rights by contacting KMI at: email@example.com.
VII. RECOURSE, ENFORCEMENT AND LIABILITY
a. Independent Recourse Mechanism. KMI will attempt to expeditiously resolve any complaints you bring to its attention regarding KMI’s processing of your personal data. For any complaints relating to your personal data that cannot be resolved through KMI’s internal processes, KMI has registered with an E.U. DPA to have a panel established by it resolve disputes pursuant to the Privacy Shield Principles.
KMI will conduct a self-assessment at least once a year. Each self-assessment will verify that:
iii. you are informed of KMI’s in-house arrangements for handling personal data complaints and of KMI’s registration with an E.U. DPA to have it address complaints you may have regarding KMI’s processing of your personal data;
v. KMI has in place internal procedures to periodically conduct objective reviews of its compliance with the foregoing provisions.
d. Response to Department. KMI will promptly respond to inquiries and requests by the Department of Commerce for information relating to the Privacy Shield.
e. Arbitration. KMI will participate in the arbitration of claims pursuant to the Department’s Annex I to the Privacy Shield Principles.
f. FTC and Court Orders. In the event that KMI becomes subject to an FTC or court order based on non-compliance with the Privacy Shield Principles, KMI will make public any relevant Privacy Shield-related sections of any compliance or assessment report submitted to the FTC, to the extent consistent with applicable confidentiality requirements.
© 2016 KMI Learning.