Personal Data Protection
The Certified Professional Trainers Network (CPTN) Inc. takes care in handling our customers personal data. We are in a field which requires verification of large volumes of personal data before services can be offered. The information collected can be used for identification and reporting. In compliance with the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA) and European General Data Protection Regulation (GDPR).
Our Data Handling Operations
- We have penetration testing safe guards for attackers attempting to gain remote access to our server.
- We IP ban attackers for 6 hours for failed authentication attempts to our services.
- We keep a separate database of members and trainers online to allow public information to be controlled.
- We have SQL Injection counter measures in place to terminate connections of malicious attempts to access data.
- Accounts are disabled and wiped of personal address information 12 months after expiration.
- CPTN related CEC and Member ID information is retained for records upon return.
- We protect e-mail addresses from being harvested on the profile page.
- Profiles can be disabled while retaining search rank or relevance.
- Profiles can be deleted from the database and file content removed.
Note: Inactive accounts or profiles will be purged after the maxium allowable expiration date has reached.
- We do not have Google web tracking on our website.
- We do not have social media services integration on our website and no continuous social network tracking.
- We have site access logs which reveals IP Address of visitors viewing each web page.
- We have Live Chat integration which shows the IP Address of visitors viewing each web page.
Note: You can confirm this with the use of the following BuiltWith online profiling service which reveals services.
- Credit card information for automated transactions are processed through our e-commerce provider.
- Credit card information submitted via mail-in forms are shredded after processing with our digital terminal.
- Credit card information over-the-phone is processed through a digital terminal with our e-commerce provider.
Note: Our digital terminal allows us to process the orders as well as provide immediate refunds for cancellations.
- We use a cookie to track the state of the notification bar at the top of the website for announcements.
- We use sessions which will expire once the browser is terminated, cache is cleared, or account is logged out.
- We have logged conversations with IP Address and Host.
- We have deleted logs involving Member ID or passwords or documentation upon ending chat.
- We have assigned a name to each conversation to improve the real-time support for returning customers.
- We are able to see a partial preview of the responses before it is submitted to assist with faster responses.
Note: Please do not twist live chat conversations of one staff for personal gain when communicating with another staff.
- We do not share e-mail account information with third parties.
- E-mail submitted from our order, registration or contact forms will be tagged with IP Address information.
- We have an audit tracking mechanism which records each login attempt, failure, and pages accessed.
- We have digital signatures appended to e-mails is an anti-tamper deterrent for changing message contents.
- Each digital signature can be converted back into the original message. Failure to convert implies tampering.
Note: Please do not edit conversations or timestamps of e-mail issued for personal gain, it can treated as fraud.
- We feature autocomplete which loads information from our database to fill out forms for authenticated users.
Print and Mail-In Forms
- We do not retain order information on file once processed. Information is shredded upon completion.
- We will send messages on-behalf of a partner or affiliate on occasions.
- You will be able to unsubscribe from the newsletters during their issue.
- We have a robots configuration for web crawlers handling of images or specific pages with personal content.
Note: This rule can sometimes be ignored with archival services or web scrapers. We have firewall rules to block most.
- We are using an SSL certificate on our site to protect web traffic information from being intercepted or tampered.
Bug Reward Programs
Our site has been in production for a decade and has been scanned using various online and offline tools for exploits.
- Accunetix Desktop
- Netsparker Desktop
- Virus Total
If an exploit has been detected and reported with proper documentation. After careful review of reported items and server logs are found indicate no malicious actions, researchers would be rewarded with a 20% discount on CPTN Workshops.
Our Data Protections Contact
The designated CPTN department to handle issues regarding data protection Online will be Technical Support.