Revised: December 19, 2019
1. The personal data we collect about you
Under the EU’s General Data Protection Regulation (GDPR) personal data means any direct or indirect identifiable information about an individual from which a person can be identified. Under the California Consumer Privacy Act (CCPA), “Personal information” means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. CCPA covers all California residents and households.
We collect, use, store and transfer different kinds of personal data about you, as described below.
- Identity data includes first name, last name, username or similar identifier.
- Contact data includes billing address, delivery address, email address and telephone numbers.
- Commercial information including products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
- Professional or employment-related information including title and current employer.
- Financial data includes bank account and payment card details.
- Transaction data includes details about payment to and from you and other details of services you have purchased from us.
- Technical data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devises you use to access our website, products and services.
- Usage data includes information about how you use our website, products and services.
- Marketing and Communications data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
- Statistical or demographic data to generate statistical reports.
- Images in video or photographs.
We do not collect any special categories of personal data that include race, ethnic origin, political opinions, religious beliefs, philosophical beliefs, genetic data, biometric data, health data, sexual orientation, criminal convictions or offenses.
2. Personal Data Review 2019
3. How we collect information from you
We collect personal information through a variety of methods including:
- Through direct interactions. You may provide your identity, contact and financial data by filling forms, corresponding with us by mail, email phone or otherwise. This includes personal data you provide when you:
- Apply or inquire about AHRI services;
- Register to attend AHRI events;
- Create an account on our websites;
- Subscribe to a service provided by AHRI;
- Request marketing to be sent to you;
- Enter information in a survey; or
- Provide AHRI feedback.
- Automated technologies or interactions. AHRI may collect technical data about your equipment, browsing actions and patters. We collect personal data by using cookies and other similar technologies.
- Cookies are found at most major websites. Cookies are small pieces of information that a web site transfers to your computer for record-keeping purposes (such as retaining login account information).
4. How we use your information
AHRI will only use your personal data when the law allows us to. We will use your personal data for the following circumstances:
- To register you as a new member.
- To register you as an applicant to AHRI’s certification program.
- To register you as a visitor/guest at one of our events.
- To process and deliver your order including to manage payments, fees and charges; collect and recover money owed to AHRI.
- To manage our relationship with you which include:
- Notifying you about changes to event dates, location or related services
- If you are a visitor/guest to one of our AHRI-sponsored events, make logistical arrangements in connection with your participation to AHRI’s event.
- To complete a survey and or leave a review.
- To administer and protect our trade association and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data).
- To deliver relevant website content and information to you and measure or understand the effectiveness of the information we provide you.
- To use data analytics to improve website, products/services, marketing, customer relationships and experiences.
- To send out AHRI press releases, communications, and updates.
- For correspondence purposes and certification purposes.
In any event, we are committed to ensuring that the information we collect and use is appropriate for this purpose, and does not constitute an invasion of your privacy.
In terms of being contacted for marketing purposes AHRI would contact you for additional consent.
5. AHRI’s legal basis for collecting and storing personal data?
AHRI collects and use your personal data for the performance of a contract; necessary to recover debts due to us; necessary to comply with our legal obligation; necessary for our business legitimate interests.
6. Sharing your personal data
We may pass your personal data on to third-party service providers contracted with AHRI in the course of dealing with you.
- Other companies in the AHRI group who may be acting as joint controllers or processors and/or provide IT and system administration services and internal reporting activities.
- Service providers who provide IT systems, customer management systems, visitor registration systems, event management systems and administration services and who will process your data in accordance with the terms of our data processing agreements with them. This include providers such as netFORUM, AHRI Directory, Anant, Real Magnet, Google Analytics, IStars, Castle, and Docusign.
We may share your information with law enforcement agencies, public authorities or other organizations if legally required to do so, or if we have a good faith belief that such use is reasonably necessary to:
- Comply with legal obligation, process or request;
- Enforce our terms and conditions and other agreements, including investigation of any potential violation thereof;
- Detect, prevent or otherwise address security, fraud or technical issues; or
- Protect the rights, property or safety of us, our users, a third party or the public as required or permitted by law.
7. Data Security
We have put into place appropriate security measures to prevent personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. We limit access to your personal data to only those employees, agents or contractors and other third parties who have a business need.
Unfortunately, the transmission of information via the internet is not completely secure. We will do our best to protect your information, but we cannot guarantee the security of your information transmitted over the internet. Any transmission is at your own risk.
8. Data Retention
We will only retain your personal data for as long as necessary to fulfill the purposes we collected the date for, including the purposes of satisfying any legal, accounting, or reporting requirements.
9. Under what circumstances will AHRI contact me?
Our aim is not to be intrusive, and we undertake not to ask irrelevant or unnecessary questions. Moreover, the information you provide will be subject to rigorous measures and procedures to minimize the risk of unauthorized access or disclosure.
10. Your rights
You have the right to:
- Ask for a copy of any information AHRI holds about you.
- Withdraw consents given.
- Ask AHRI to correct any inaccurate or incomplete information.
- Ask AHRI to delete your information from our records.
- Ask AHRI not to sell your information.
- Ask AHRI to send a copy of your information to a third party in a data portable format.
- Object to the processing of your information or suspend the processing of your information.
- File a complaint with AHRI or with any relevant supervisory authority about how we handle your personal data.
If you wish to exercise any rights set out above, please contact AHRI’s Data Protection Officer at email@example.com. We will ask you to provide identification to ensure that the information is provided to the correct individual. We will try our best to respond to requests within one month.
11. Do Not Sell My Personal Information
Under the California Consumer Privacy Act (CCPA), AHRI is required to inform you that you have a right to request that AHRI not sell any information collected in the last year to any third party. In order to make a request, please contact our data protection officer at firstname.lastname@example.org or at the toll-free number (800) 898-7696 to file a request that AHRI not sell any personal data associated with you or your household.
AHRI does not collect personal information for the purpose of selling it to third parties.
We reserve the right, at our discretion, to change, modify, add or remove portions of this policy at any time. Any changes we make to this policy in the future will be posted on this page. Check back frequently to see any updates or changes to this policy.
Data Protection Officer
Air-Conditioning, Heating, & Refrigeration Institute (AHRI)
2311 Wilson Boulevard, Suite 400
Arlington, VA 22201-3001