Overview
Our mission is to drive a dynamic accounting profession globally and, when you register with us, you gain access to a wide range of tools and services to stay ahead. To seamlessly deliver these resources and benefits, we at times need to share your information across our teams and offices – always with a focus on keeping your data secure.
This Privacy Policy describes the ways in which your personal data is collected and used by the Association of International Certified Professional Accountants (the Association), The Chartered Institute of Management Accountants (CIMA), and the American Institute of CPAs (the AICPA) (collectively referred to herein as “the controllers”, “we”, “us”, “our”). By providing your personal data to any of the controllers, you acknowledge and agree that your data may be shared between and/or processed by any of the three controllers.
It is your responsibility to review and understand this Privacy Policy prior to providing your personal data to us. You also should review our Terms and Conditions. If you do not accept and agree to the Privacy Policy and/or Terms and Conditions, please refrain from providing your personal data to us, accessing our websites, and/or utilizing our products and services.
With our websites and services constantly evolving, our Privacy Policy and Terms and Conditions may also change from time to time. Whenever there are changes, the modified policies will be posted on our websites and will be effective at that time. Each time they change, the version number displayed at the top of the page also will change. Consequently, each time you access or use our websites or otherwise engage with us, you accept and agree to the most current Privacy Policy and set of Terms and Conditions. It is your responsibility to be aware of any such changes.
Notice
Our websites contain links to other websites which are managed by third parties (including their use of cookies). As a user of links, it is your responsibility to understand those third parties’ privacy policies. Once you leave our websites using links, we have no control over information that is submitted to or collected by any third parties and are not responsible for other websites.
Collection of Personal Data
In order to provide our products, services and websites and for the other purposes set out in Use of Information below, we collect and process personal data from our members, students, customers, and other users of our websites, products and services. We may collect information from you such as, but not limited to, your name, email address, mailing address, phone/fax numbers, date of birth, gender, ethnicity, payment information, education history, employment information, information related to your professional qualifications, designations and memberships and information about your use of our and third-party websites, products and services ("Personal Data"). You are not required to provide us with all of the Personal Data listed above, but if you do not do so, we may not be able to effectively provide you with our products, services and information. In certain circumstances, you will need to provide us with specific categories of Personal Data (including name, email address and payment information) in order to enter into a contract with us and for us to perform that contract.
From time to time and as permitted by applicable law(s), we may collect Personal Data about you and update any existing Personal Data that we currently hold from other third-party sources, including publicly available data sources, publicly available social networking sites such as LinkedIn, your employer or university/school, your tuition provider, State CPA Societies, our credential and designation examination providers, course providers or data brokers such as Acxiom.
See “Use of Information” section below for details regarding the ways that we use and process your personal data.
Use of Information
Your Personal Data may be used in the following ways:
We will process your Personal Data for the purposes identified above on the following bases:
Unless a longer retention period is required by applicable law, we will retain your information for as long as your account is active, as well as for a short additional period afterwards to cover any outstanding issues or queries that may arise in relation to your account (for example, outstanding payments). This period of retention is subject to our review and alteration.
Sharing and Disclosure to Third Parties
We may disclose your Personal Data to third parties from time to time under the following circumstances:
It is likely that the identity and categories of such third parties will change during the life of your account but, depending on your use of the Site, it is anticipated that your Personal Data will be disclosed to the following categories of third-party service providers who perform functions on our behalf. We require that our third-party service providers only use your Personal Data as necessary to provide the requested services to us and each service provider is subject to a set of terms consistent with this Privacy Policy.
Collection of Information Through Cookie Use
We may obtain information about your general internet usage by using a “cookie” file. A cookie is an element of data that a website can send to your browser, which may then be stored on your hard drive. The following types of cookies may be used on our websites:
If you opt in to use the “Remember me” feature on our websites, we will place a persistent cookie on your hard drive and you will not be required to log in for every session. By disabling cookies on your machine or clearing your browsing history you may deactivate the persistent cookie.
You can view a complete list of the cookies and their purposes used on our website and manage your preferences at any time by clicking on the cookie icon at the bottom left-hand corner of the page.
Additionally, all major browsers allow you to block or delete cookies from your system. To learn more about your ability to manage your preferences related to cookies, please consult the privacy features within your browser.
Further information about cookies:
Communication Preferences
We strive to provide you with relevant and useful information related to our products, services and industry news. You can update your communication preferences at any time by visiting the preference center within your online account on our website(s). Additionally, you can contact us using the information listed at the bottom of this policy to make changes to your communication preferences. Any promotional emails that we send will include a link at the bottom of the email to unsubscribe.
If you have opted in to receive text messages from us, you can opt out at any time by responding with the word STOP. You will receive a confirmation text of your choice to opt out.
Transfer of personal data internationally
By providing us with your Personal Data, you acknowledge and agree that we may from time to time transfer your Personal Data to any of our offices or to the offices of any of our affiliates, agents or appointed representatives located around the world. Where we transfer personal data internationally from one of our global office locations, we ensure the transfer is subject to an appropriate safeguard as recognized by local data protection law. Please do not submit any Personal Data to us if you do not wish for your data to be transferred internationally.
Data Privacy Framework – For EU and UK Individuals Whose Data is Transferred Into The US
As applicable, we comply with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF as set forth by the U.S. Department of Commerce. The Association of International Certified Professional Accountants and the American Institute of CPAs have certified to the U.S. Department of Commerce that we adhere to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, we commit to resolve DPF Principles-related complaints about our collection and use of your personal information. EU and UK individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF should first contact the Association of International Certified Professional Accountants at:
Jonathan Mabe
Data Protection Officer
SecurityandPrivacyOffice@aicpa-cima.com
We are committed to cooperate and comply with the advice of the panel established by the EU data protection authorities (DPAs), the UK Information Commissioner’s Office (ICO) and the Gibraltar Regulatory Authority (GRA) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF.
Pursuant to the Data Privacy Framework Principles, we are obligated to inform EU and UK individuals whose data is transferred to the United States that we may be required to release that information in response to lawful requests by public authorities including to meet national security and law enforcement requirements. We remain responsible and liable under the Data Privacy Framework Principles if third-party agents that we engage with process the personal data in a manner inconsistent with the Data Privacy Framework Principles, unless we can prove we are not responsible for the event giving rise to the damage.
The Federal Trade Commission has jurisdiction over our compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF. Under certain conditions, individuals have the possibility to invoke binding arbitration for complaints regarding DPF compliance not resolved by any of the other DPF mechanisms listed above. Click here to learn more.
Individuals wishing to exercise their rights or submit general inquiries or complaints related to our participation in the Data Privacy Framework should contact us via the methods detailed below under the heading “User Rights and Data Protection Officer.”
Security and Other
We use reasonable measures to strive to safeguard and secure the personal data we collect. Any transmission of personal information is at your own risk. Technology, such as, but not limited to, Transport Layer Security (TLS) and Secured Socket Layer (SSL), is used to enhance security and reduce risk of loss. Our security practices, processes or technology do not guarantee absolute security of your information and you should take all normal personal precautions such as, but not limited to, not sharing passwords, closing browsers, and not using public networks (e.g., internet cafes, etc.).
Parents and Children
We do not knowingly collect personal information from children under the age of 13. Parents have the right to terminate the registration of a child under the age of 13 by contacting us using the information listed at the bottom of this policy.
User Rights and Data Protection Officer
Your rights regarding your Personal Data depend on the local law in the jurisdiction where you reside.
If you are located in the European Economic Area (EEA) or the United Kingdom (UK), you may be subject to certain rights in relation to your Personal Data under the General Data Protection Regulation (GDPR) and the Data Protection Act 2018, as outlined below:
You may seek to exercise any of these rights by completing our GDPR Request Form online, updating your information online (where possible) or by sending a written request to our Data Protection Officer using the contact details listed below.
If you are located in California, United States, you may be subject to certain rights in relation to your personal information under the California Consumer Privacy Act (CCPA), as outlined below:
You may seek to exercise any of these rights by completing our CCPA Request Form online, updating your information online (where possible) or by sending a written request to our Data Protection Officer using the contact details listed below.
If you are a California resident and would like to opt out of the sale of your personal information, please click here: Do not sell or share my personal information
Data Protection Officer Contact Information:
Jonathan Mabe, Data Protection Officer
Association of International Certified Professional Accountants
220 Leigh Farm Rd.
Durham, North Carolina 27707
United States
SecurityandPrivacyOffice@aicpa-cima.com
Contact Information
You are encouraged to report any improvements, suggestions, or any suspected breaches of privacy or security to us by using the contact information listed below.
Association of International Certified Professional Accountants Contact Information:
The Chartered Institute of Management Accountants The Helicon One South Place London EC2M 2RB United Kingdom P: +44 (0)20 8849 2251 Hours of Operation: (9am – 5pm, UK time, M-F) https://www.aicpa-cima.com/hel... | American Institute of CPAs 220 Leigh Farm Road Durham, NC 27707 P: 1.888.777.7077 F: 1.800.362.5066 Hours of Operation: (9am – 6pm, ET, M-F) Email: service@aicpa-cima.com |
---|
Additional Notice for California Users
The information below applies solely to members, students, customers and other users (“Users”) who reside in the State of California. This information is being provided in accordance with the requirements of the California Consumer Privacy Act of 2018 (“CCPA”) and other California privacy laws. Any terms defined in the CCPA have the same meaning when used in this notice.
Please review the Privacy Policy above in its entirety for more detailed information regarding the Personal Information that we collect, including how it is used and shared, as well as information regarding your rights under the CCPA.
Personal Information Collected:
We have collected and shared the following categories of personal information during the past twelve (12) months. Please note that the list of examples for each category is intended to be illustrative and not exhaustive.
Sources of Personal Information
We obtain the personal information listed above from the following sources: