AIRS Training Privacy Statement

AIRS Training Privacy Statement

ADP Privacy Statement for Enterprise Learning through Shopify

Effective Date: April 3, 2019
Last Update: December 13, 2022

This Privacy Statement explains how ADP, Inc. and the ADP Group Companies listed under section 15 of this Privacy Statement (hereinafter “ADP” or “our” or “we”) use and disclose Personal Data that we collect from individuals who visit adplearning.myshopify.com, airstraining.myshopify.com, and/or their associated mobile applications (the “Sites”).

This Privacy Statement incorporates ADP’s Binding Corporate Rules (“BCR”) Privacy Code for Business Data (the “Business Code”), which includes information about how ADP processes and protects data of our business contacts/professionals and consumers. When processing data on behalf of our clients for client employees located in the European Economic Area (“EEA”), this Privacy Statement also incorporates ADP’s BCR Privacy Code for Client Data Processing Services (the “Processor Code”).

For more information on the Business Code, Processor Code, or our Privacy Program, please visit https://www.adp.com/privacy.aspx. If you have additional questions about privacy or this Privacy Statement, please contact us at Privacy@ADP.com.

1. Types of Personal Data
Personal data is any information that can be used to identify, locate, or contact you. Some examples of personal data include name, username, mailing address, telephone number, email address, geographic location, bank account information, credit card information, debit card information, cardholder data, customer account information, or other information about how you use the Sites. Personal data also includes other information that may be associated with your personal data.

2. How ADP collects Personal Data
In the ordinary course of business, ADP collects and processes personal data on behalf of your employer (our client) when we act as a data processor.

If you are using the Sites as a consumer and not as a client employee, we collect personal data directly from you as a data controller. We will ask you for personal data when you interact with us, such as registering on the Sites, signing up to receive a newsletter or marketing communications, or making a purchase. We may also collect additional information from third party data suppliers who enhance our files and help us better understand our contacts.

Cookies and Tracking Tools. If you interact with the Sites, cookies and other technological tools are used to collect information. For more information, please see the section Cookies and Other Data Collection Technologies below.

Location Information. When you enable, or grant permission to use, the GPS/geo-location feature of the Sites or your mobile device, location data may be processed to provide you functionality, such as validating an address when completing a purchase. You may choose to turn off the GPS/geo-location feature, but doing so may impact the functionality of the Sites and all features may not be available to you.

3. How ADP uses Personal Data
When we are acting as a data processor to your employer, we process your personal data only as instructed or permitted by your employer, in which case only your employer can inform you on the different purposes for which it will process your data through our products.
Otherwise, personal data may be processed as needed:

  1. To provide the information, product, or service requested by an individual, and as would be reasonably expected by an individual given the context in which the personal data was collected, and the information provided in the applicable privacy statement given to the individual (such as for personalization, remembering preferences, or respecting individual rights);
  2. For due diligence, including verifying the identity of an individual, as well as the eligibility of the individual to receive information, products, or services (such as verifying age, employment, or account status);
  3. To send transactional communications (such as requests for information, responses to requests for information, orders, confirmations, training materials, and service updates);
  4. To manage an individual’s account, such as for customer service, finance, and dispute resolution purposes;
  5. For risk management and mitigation, including for audit and insurance functions, and as needed to license and protect intellectual property and other assets;
  6. For security management, including monitoring individuals with access to ADP’s websites, applications, systems, or facilities, investigation of threats, and as needed for any data security breach notification; and
  7. To anonymize or de-identify the personal data.


Business-necessary processing activities. ADP may also process personal data as needed (i) to protect the privacy and security of the personal data it maintains, such as in connection with advanced security initiatives and threat detection; (ii) for treasury operations and money movement activities; (ii) for compliance functions, including screening individuals against sanction lists in connection with anti-money laundering programs; (iv) for business structuring activities, including mergers, acquisitions, and divestitures; and (v) business activities, management reporting, and analysis.

Development and improvement of products and/or services. ADP may process personal data to develop and improve ADP’s products and/or services, and for research, development, analytics, and business intelligence.

Relationship management and marketing. ADP may process personal data for relationship management and marketing. This purpose includes sending marketing and promotional communications to individuals who have not objected to receiving such messages as may be appropriate given the nature of the relationship, such as product and service marketing, investor communications, client communications (e.g., HR compliance alerts, product updates, and training opportunities and invitations to ADP events), customer satisfaction surveys, supplier communications (e.g., requests for proposals), corporate communications, and ADP news.

ADP uses your personal data for secondary purposes such as:

  • Disaster recovery and business continuity, including transferring information to an archive
  • Internal audits or investigations
  • Implementation or verification of business controls
  • Statistical, historical, or scientific research
  • Dispute resolution
  • Legal or business counseling
  • Compliance with laws and company policies
  • Insurance purposes

4. Why and How Personal Data is disclosed by ADP
ADP does not provide your personal data to third parties for their own marketing purposes. We share your personal data:

  • To ADP Group Companies, which use your personal data for the purposes listed in this Privacy Statement.
  • To our service providers, who are bound by law and/or contract to protect your personal data and only use your personal data in accordance with our instructions. For example, we use Shopify to power the Sites’ online stores, which may include certain third party integrations that are necessary for the Sites’ functions. You can read more about how Shopify uses your personal data here: https://www.shopify.com/legal/privacy. For more information on Shopify or the third party integrations, you may contact us at airs@adp.com.
  • To our business partners, but only to the extent you have purchased product or service from such partner, interacted with such partner, or otherwise authorized the sharing. For example, if you are referred to ADP from a business partner website, we may provide that partner with your contact information and certain economic and financial information, such as bank account information, to validate the referral. We may also provide your contact information to companies that offer complementary products and services if you request information about these solutions.
  • To enforce our rights, protect our property, or protect the rights, property, or safety of others; in connection with the sale, assignment, or other transfer of our business or assets, or as needed to support external auditing, compliance and corporate governance functions. We will also disclose personal data when required to do so by law, such as in response to a subpoena, including to law enforcement agencies and courts in the United States and other countries where we operate.
  • As instructed or permitted by your employer (when we are acting as a data processor) or you.
  • As needed to provide the services that you and/or your employer have requested, including to fulfill any orders placed through the Sites (including processing your payment information, arranging for shipping, and providing you with invoices and/or order confirmations), screen our orders for potential risk or fraud; and when in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.


Please note that we may also use and disclose information about you that is not personally identifiable. For example, we may publish reports that contain aggregated, anonymized, and statistical data about our clients. These reports do not contain information that would enable the recipient to contact, locate, or identify you. These reports also do not contain identifiable company information.

5. Cookies and Other Data Collection Technologies
When you visit the Sites (including using the mobile applications), certain information is collected by automated means by Shopify using technologies such as cookies and other tracking technology. To learn more about the types of cookies and other tracking technologies that Shopify uses when you are visiting the Sites, and how to manage such cookies, please review Shopify’s cookie policy, which can be found here: https://www.shopify.ca/legal/cookies.

6. Minors
The Site is not intended for individuals under the age of eighteen (18).

7. Communication Preferences
When we act as a data controller, you may limit the information you provide to ADP. You may also limit the communications that ADP sends to you. To opt-out of commercial emails, simply click the link labeled “unsubscribe” at the bottom of the commercial email we send you.

Please note that if you are currently receiving services from ADP and you have decided to opt-out of emails, this will not impact the messages we send to you for purposes of delivering such services or as permitted by applicable law.

If you have questions about your choices or if you need assistance with opting-out, please contact us via email at Privacy@ADP.com. You may also write us at the address in the How to Contact Us section below. If you send us a letter, please provide your name, address, email address, and information about the communications that you do not want to receive.

8. Access, Correction, Erasure, and Other Individual Rights
ADP respects your right to access, correct, and delete your personal data, or object to the processing of your personal data. If you have an account, you may log into your account to access, update, or delete the information you have provided to us. Additionally, you may contact enterpriselearingsupport@adp.com to request access to your data, or to exercise any of the individual rights afforded to you by ADP’s Business Code or by applicable data protection laws. You may also write to us at the address in the How to Contact Us section below. If you send us a letter, please provide your name, address, email address, and detailed information about the changes you would like to make. ADP will respond to requests as soon as possible and in accordance with applicable data protection laws.

This section is not applicable if we process your data according to a contract with your employer. Your contact will be your employer who can inform you about any rights you may have.

9. Information Security
ADP is committed to maintaining appropriate organizational, technical, and physical controls to protect personal data entrusted to ADP. These controls protect personal data from anticipated threats and hazards and unauthorized access and use. Additional information about ADP’s Global Security Organization may be found here http://www.adp.com/trust.

You should also take steps to protect yourself, especially online. When you register at the Sites, choose a strong password, and do not use the same password that you use on other sites. Do not share your password with anyone else. ADP will never ask you for your password in an unsolicited phone call or in an unsolicited email.

10. Data Retention
ADP will retain your personal data for as long as necessary for the purposes for which the personal data is processed. ADP follows a Global Records Information Management (“RIM”) Policy and has established records retention schedules for personal data that ADP processes. Personal data is retained in accordance with the records retention schedules to ensure that records containing personal data are retained as needed to fulfill the applicable business purposes, to comply with applicable laws, or as advisable in light of applicable statutes of limitations. When the retention period has expired, records containing personal data will be securely deleted or destroyed, de-identified, or transferred to archive, in accordance with ADP’s RIM Policy.

This section does not apply to processing carried out through a contract between us and your employer.

11. International Data Transfers
ADP is headquartered in the United States of America. Your personal data may be accessed by or transferred to the United States or elsewhere in the world in accordance with the Business Code.

Where authorized by your employer, ADP will transfer personal data pertaining to individuals located outside of the United States to our affiliates and suppliers in the United States and elsewhere in the world, pursuant to applicable data protection laws. We will only transfer personal data pertaining to individuals located in the European Economic Area as permitted by the Processor Code. Please click here for the list of our affiliates bound by the ADP Privacy Code for Client Data Processing Services.

12. Privacy Statements of Third Parties
This Privacy Statement only addresses the use and disclosure of information by ADP. Our suppliers, business partners, and other third party websites that may be accessible through the Sites have their own privacy statements and data collection, use and disclosure practices. We encourage you to familiarize yourself with the privacy statements provided by third parties prior to providing them with information or taking advantage of an offer or promotion.

13. Individuals Located in the European Economic Area or Switzerland
In addition to the rights already listed in this Privacy Statement, you also have the right to data portability, as well as the right to be notified of automated decision making or profiling related to your personal data. A Data Protection Officer for the European Economic Area and Switzerland has been appointed and can be reached at DataProtectionOfficer.ADPEMEA@adp.com. You may reach the Data Protection Officer via mail at the address below.

Data Protection Officer - EMEA
ADP Europe SAS
31 Avenue Jules Quentin
92000 Nanterre
France

This section does not apply to processing carried out through a contract between us and your employer. As an employee of an ADP client, please reach out to your employer for more information regarding the collection and processing of your personal data.

14. Changes to this Privacy Statement
We may update this Privacy Statement to reflect new or different privacy practices. We will place a notice online when we make material changes to this Privacy Statement.

15. Group Companies bound by this Privacy Statement
For a listing of Group Companies bound by this Privacy Statement and the Business Code, please click www.adp.com/privacy/pdf/A2CoBDC.pdf.

16. How to Contact Us
Please contact us if you have questions, or comments, at Privacy@ADP.com or via mail at address below. If you send us a letter, please provide your name, address, email address, and detailed information about your question, comment, or complaints.

ADP
Global Data Privacy and Governance Team
MS 325
One ADP Boulevard
Roseland, NJ 07068-1728 USA

17. How to Lodge a Complaint
If you believe that ADP has not handled your personal data properly or that it has breached its privacy obligations, under any applicable data protection laws or the Business Code, you may file your complaint in writing to the address above, or via email, to the Global Data Privacy and Governance Team at Privacy@ADP.com. The Global Data Privacy and Governance Team will investigate each complaint and notify you within a reasonable time-frame of the outcome of the investigation. If you are not satisfied by the resolution ADP proposes, you may lodge a complaint in accordance with the provisions of the Business Code.

This section does not apply to processing carried out through a contract between ADP and your employer. However, if you are a client employee located in the European Economic Area or Switzerland, you may file a complaint as a third party beneficiary in respect of a claim you may have for violation of the Processor Code or applicable law, by contacting the Global Data Privacy and Governance Team at Privacy@ADP.com. If ADP’s response to your complaint is unsatisfactory, you may file a complaint or claim with the relevant regulatory authorities or the courts, in accordance with the provisions of the Processor Code.

18. U.S. State Specific Privacy Rights
Click here for additional information regarding your privacy rights.