This is the Privacy and Cookie Policy of Safe Passage International Incorporated, with registered offices at 333 Metro Park, Rochester, New York, 14623, USA and registered in New York State, USA with registration number: 16-1501833 (hereinafter “Safe Passage”, “us” or “we”) and available via www.safe-passage.com (hereinafter: the Website).
General Terms
Safe Passage declares to abide by the European General Data Protection Regulation 2016/679 of 27 April 2016 with this Privacy Policy.
In respect of the personal data of users of the Website and the Services and business contacts and prospects of Safe Passage, the Data Controller is Safe Passage.
In respect of the personal data of students who undergo our training course, Safe Passage shall process personal data as a data processor on behalf of its Customers.
Where you are an employee or work directly with one of Safe Passage’s Customers, our Customer’s privacy policy, rather than this Privacy Policy, will apply to our processing of your personal data.
Data that we collect about you
Personal data means any information that can identify a natural person or any information that can link to an identifiable natural person. Personal data does not include information that is anonymized and where no natural person can be identified.
Personal data that we collect about you:
Our Internet web server automatically recognizes the domain names and e-mail addresses of visitors to our Website. We may but will not necessarily collect the domain names and the e-mail addresses. We also may collect some or all of the information volunteered by visitors to our Website, such as survey and demographic information and/or site registrations.
For training courses if training is being taken at the request of another party, such as an employer, we also will provide progress and testing reports to the other party. Details of the information that we will collect and report for online training will be provided with the course syllabus or course registration form.
How do we collect data about you
Safe Passage can obtain personal data through different means:
Purposes of processing your data
Safe Passage is a global supplier of training programs and services for the Critical Infrastructure, Transportation, and Ports and Borders markets. As a business to business service provider headquartered in the United States, we specialize in helping organizations create, deliver, and analyze training to promote the screening of people, belongings, and cargo. Continued support from strategic partners, technology vendors, and government agencies have allowed us to develop the most innovative solutions and provide clients with a superior training experience. Safe Passage training solutions are comprehensive, accurate, adaptive, and flexible to counterbalance a constantly changing market. We collect the following types of information in order to perform our role of supporting our customers: IP address and browser information, individual’s name, date of birth, email and address, company name, phone and fax number, job title and credit card details.
Data Retention
We will store and process your personal data for the period necessary depending on the purposes of processing and the contractual relationship you may have with Safe Passage.
We will only retain personal data for as long as necessary. If we are requested to delete your personal information it will be removed as soon as possible, and always within 90 days. However, if a contractual or regulatory obligation requires us to retain your personal information for a specific period of time we will let you know.
Transfer of data
We may share your data with the following categories of third parties:
We do not allow our service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
We guarantee a similar level of protection by imposing contractual obligations to our subcontractors that are similar to this Privacy Policy.
We share data with the following specific third parties:
Third party external links
We may include links to third party websites, applications, plug-ins. By clicking on those links you may allow third parties to collect or share data about you. We do not control these third party websites and this Privacy Policy does not cover the processing performed by them. We suggest you check the third party websites for more information about how they handle personal data.
Security measures
We have implemented appropriate technical and organizational measures, procedures and safeguards to prevent the destruction, loss, adjustment, accidental notification to a third party, removal and unauthorized access of personal data.
We maintain physical, electronic, and procedural safeguards to protect your information related to the taking of courses. These include:
We only allow access to your personal data to those employees, contractors and other third parties who have a business need to know. They only process your personal data on our instructions and are subject to a duty of confidentiality.
Cookies
A cookie is a small text file that is sent from the server of Safe Passage and is stored on your computer’s hard drive. This allows us to remember your preferences when visiting our Website. The information stored through these cookies can only be read by Safe Passage and only for the duration of your visit to the Website.
Our Website uses cookies and similar technologies to identify you from other users of our Website. This allows us to offer you a better experience when you visit our Website and to optimize our Website in the meantime.
When you use the Website, your device or browser may be sent cookies from third parties, for example when using embedded content and social network links. It's important for you to know that we have no access to or control over cookies used by these companies or third-party websites. We suggest you check the third party websites for more information about their cookies and how to manage them.
You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly.
Your GDPR rights (For EU Individuals)
Under the General Data Protection Regulation, data subjects within the European Economic Area are entitled to the following rights:
If you wish to exercise any of your rights under the General Data Protection Regulation:
Safe Passage International, Inc.
To the attention of the privacy office
333 Metro Park
Rochester, New York 14623
USA
Please note that you will be requested to provide specific identification information in order to verify your identity before your request can be processed. This is a security measure that we have implemented to ensure that there is no unauthorized access to personal data by third parties.
We are committed to providing you with a response to your request within 30 days. However, if there are delays in providing you with your request, we will notify you of the delay, the reason for the delay and extend our response time.
Right to make a complaint
You have the right to make a complaint anytime with:
Data Protection Authority
Rue de la Presse 35, 1000 Brussels
Tel : +32 2 274 48 00
Fax : +32 2 274 48 35
contact@apd-gba.be
International transfers
Due to the global nature of our operations, these transfers will involve transferring your data outside the European Economic Area including the United States. We ensure that there is an adequate level of protection for personal data in the receiving entity.
The Data Privacy Framework for EU, UK and Swiss Individual's Data Transfer to the United States
Safe Passage complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Safe Passage has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Safe Passage has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit:
https://www.dataprivacyframework.gov/
Pursuant to the Data Privacy Framework the following notifications apply to EU, UK and Swiss personal data that is transferred into the United States:
In compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), Safe Passage commits to resolve complaints about our collection or use of your personal information transferred to the U.S. pursuant to the EU-U.S. DPF, the UK extension to the EU-U.S. DPF, and the Swiss-U.S. DPF. EU, UK, and Swiss individuals with inquiries or complaints should first contact Safe Passage. You can contact us by:
Safe Passage International, Inc.
To the attention of the privacy office
333 Metro Park
Rochester, New York 14623
USA
Safe Passage has further committed to refer unresolved DPF Principles-related complaints to a U.S.-based independent dispute resolution mechanism, BBB NATIONAL PROGRAMS. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbbprograms.org/dpf-complaints for more information and to file a complaint. This service is provided free of charge to you.
If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf
Changes to this Privacy Policy
We may update this Privacy Policy from time to time to incorporate new rules or guidance issued under the General Data Protection Regulation, Data Privacy Framework, the UK Extension to the EU-U.S. DPF, the Swiss-U.S. Data Privacy Framework and local privacy and data protection legislation. A notice will be posted on the Website for 60 days whenever this Privacy Policy is changed in a material way.
Effective: 10 October 2023.