DAT privacy policies
Biometric Data Defined
As used in this policy, “biometric data” includes fingerprints or palm vein scans.
Purpose for Collection of Biometric Data
ADA DTS service providers collect, store, and use biometric data solely for identification of test candidates and other individuals participating in ADA-DTS projects and for test-taking fraud prevention.
Disclosure and Authorization
To the extent that ADA DTS service providers collect, capture, or otherwise obtain biometric data relating to an individual, the ADA DTS must first:
- Inform the individual in writing that an ADA DTS service provider will collect the individual’s biometric data, and that ADA DTS authorizes its service provider to collect, process and maintain such biometric data;
- Inform the individual in writing of the specific purpose and length of time for which the individual’s biometric data is being collected, stored, and used; and
- Receive a written release signed by the individual (or his or her legally authorized representative) authorizing the ADA DTS service provider to collect, store, and use the individual’s biometric data for the specific purposes disclosed by the ADA, and for ADA DTS to so authorize its service provider.
ADA DTS shall not, nor shall it authorize its service providers, to sell, lease, trade, or otherwise profit from individuals’ biometric data; provided, however, that ADA DTS’s service providers may be paid for products or services used by ADA DTS that utilize such biometric data.
ADA DTS will not disclose or disseminate any biometric data, and will not authorize its service providers to disclose or disseminate any biometric data, to anyone without/unless:
- First obtaining written consent to such disclosure or dissemination;
- The disclosed data completes a financial transaction requested or authorized by the individual;
- Disclosure is required by state or federal law or municipal ordinance; or
- Disclosure is required pursuant to a valid warrant or subpoena issued by a court of competent jurisdiction.
ADA DTS shall retain biometric data only until the first of the following occurs, and shall require that its service providers permanently destroy such data at that time:
- The initial purpose for collecting or obtaining such biometric data has been satisfied; or
- Within 3 years of the individual’s last interaction with the ADA.
ADA DTS shall use, and shall require its service providers to use, a reasonable standard of care to store, transmit and protect from disclosure any paper or electronic biometric data collected. Such storage, transmission, and protection from disclosure shall be performed in a manner that is the same as or more protective than the manner in which ADA DTS or the service provider stores, respectively, transmits and protects from disclosure other confidential and sensitive information, such as personal information that can be used to uniquely identify an individual or an individual’s account or property, such as genetic markers, genetic testing information, account numbers, PINs, driver’s license numbers and social security numbers.
For each visitor to ADA.org, our web server automatically recognizes only the user’s domain name, but not the email address (where possible). We collect the domain name and internet protocol (IP) address of visitors to ADA.org, aggregate information on what pages users access or visit, user-specific information on what pages users access or visit, and information volunteered by users.
Unless authorized by you and except as provided herein, we will not give or sell your email address, contact information or other personal information to any third party.
The ADA reserves the right to use personal information in its databases to confirm your identity for test administration purposes or in relation to unauthorized use of ADA services, networks or intellectual property. The ADA may provide your personal information to government agencies or others as necessary to comply with the law or in response to legal or administrative processes such as subpoenas. The ADA may also use your personal information to give notice to you in relation to any unauthorized use of ADA services, networks or intellectual property. In addition, the ADA may release your personal information as permitted by law in the unlikely event ADA deems release necessary to protect the health and safety of its customers or others, or to legally protect ADA, its customers or service providers.
On request we provide site visitors with access to the contact information that we may maintain about them (e.g., name, address, phone number, email address and identification numbers).
On request we also offer visitors the ability to update or correct inaccuracies in contact information or unique identifiers.
You may also contact us if you believe your information is being used for purposes other than those for which it was originally collected.
With respect to security: We use industry-standard encryption technologies when transferring and receiving consumer data exchanged with our site. When we transfer and receive certain types of sensitive information such as financial information, we redirect visitors to a secure server and will notify visitors through a pop-up screen on our site. We have appropriate security measures in place in our physical facilities to protect against the loss, misuse or alteration of information that we have collected from you at our site. When users choose to make payments via credit cards, we submit the information needed to obtain payment to the appropriate clearinghouses. We do not store or reuse this credit card information, unless you have given your authorization for us to do so.
ADA Department of Testing Services
211 E. Chicago Avenue
Chicago, IL 60611-2637
Via email: firstname.lastname@example.org