DASA Privacy Policy for End Users

Last Modified: December 2022 

DASA is committed to protecting your privacy and ensuring you have a positive experience on the DASA Portal and in using DASA Services. 

This Privacy Policy explains how DevOps Agile Skills Association (“DASA”, “We”, “Us”, “Our”, “Portal”, and/or “DASA Talent Academy”) collect, use and store personal information when you visit our websites, or when you use our Products and Services. It also explains the specific ways we use and disclose that information. 

DASA offers the following Products and Services to Organizations as part of their offering usage of such services forms a part of these Privacy Policy terms. 

  • Talent solutions: DASA Talent solutions includes DASA Talent Academy, Training Courses, Assessments, DCF(DASA Competency Framework), Recognition Badges and Skills Passport. 
  • Guidance products: DRA(Digital Readiness Assessments), Individual Scans, Team & Organizational scans, & Analyst Advisory Services. 
  • Training & Certifications: DASA Branded Courseware, Certifications, Accredited Training Provider & Accredited Trainer accreditation services forms part of this offering.
  • Event & Communities: DASA offers its Enterprise customers to take part in events such as Awards, Webinars, Workshops, and various DASA Communities 

This policy may be updated from time to time, and our websites will indicate when the policy has been updated. You may access the current version at any time by clicking on the “Privacy Policy” link in the footer on our websites. If you do not agree to this Privacy Policy, please do not use the DASA Portal “DASA Talent Academy”. 

Unless otherwise defined in this Privacy Policy, the capitalized terms shall have the same meaning as used in the other documents in the DASA Portal Terms and Conditions. 

1. DASA Collects Data

1.1. We may collect personal information from sources including: 

  • Directly from your Organization, where we process your personal information as a Data Processor on behalf of your Organization, who is a Data Controller;
  • Through our website;
  • Through Third-Party Services Providers;
  • As part of us executing our services on behalf of Training Providers operating on the Portal who require your personal information in order to fulfill services to you, like for example schedule your exam.
  • Through Third-Party sources such as social media platforms, and our joint marketing partners.

1.2. DASA Collects the Following Information. The types of personal information we may collect include: 

1.2.1. Contact information, such as name, email address, business address, and telephone number. 

1.2.2. End User information, such as name, email address, native language, time zone 

1.2.3. Account information, such as username and password. 

1.2.4. Payment Services information, such as your banking details and billing address. 

1.2.5. Verification information pertinent to your organization, such as VAT number, electronic signature, company registration identifier, and certificate of incorporation. 

1.2.6. Accreditation information pertinent to your organization or yourself, relevant for purchasing Items that may only become available upon your accreditation or registration with DASA. 

1.2.7. Communication information, when you are communicating with other users on the Portal, we collect information you share. This also includes you providing feedback or ratings on the DASA Portal. 

1.2.8. Fulfillment information, this includes the information we need in order to fulfill services to you, or other information we need in order to complete the fulfillment of Items. Fulfillment information may include information from you, or information about the locations we are required to deliver Items to. 

1.2.9. Other information that you may otherwise choose to provide us when you fill in a form, conduct a search, complete a survey, update or add information to your Account, respond to emails from us, participate in promotions or loyalty programs, or use other features on DASA. 

1.3. Information You Voluntarily Provide to Us. When you sign up for, and use DASA Products and Services, consult with our Member’s and Partner’s Solutions Team either by phone or using a virtual conference application, send us an email, you are voluntarily giving us information that we collect. That information may include either your or your End Users’ name, email address, IP address, phone number, credit card information, physical address, as well as details including gender, location, purchase history, and other demographic information. By giving us this information, you consent to this information being collected, used, disclosed, stored by us, as described in the End User License Agreement and in this Privacy Policy. 

1.4. Information We Collect Automatically. When you use DASA Products and Services or browse one of our websites, we may collect information about your visit to our websites, your usage of the Services, and your web browsing. That information may include your IP address, your operating system, your browser ID, your browsing activity, and other information about how you interacted with our Websites or other websites. We may collect this information as a part of log files as well as through the use of cookies or other tracking technologies. Our use of cookies and other tracking technologies is discussed in our Cookies Policy. 

1.5. Information From Your Use of the Service. We may receive information about how and when you use Products and Services, store it in log files or other types of files associated with your account, and link it to other information we collect about you. This information may include, for example, your IP address, time, date, browser used, and actions you have taken within the application. This type of information helps us to improve our Services for both you and for all of our users. 

1.6. Information From End User’s Use of the Service. We use the Personally Identifiable Information that we collect from You when You access any online products including exams hosted on the DASA Portal. This is meant for processing purposes, including but not limited to tracking attendance, progress, and completion. We may also share Your Personally Identifiable Information and performance in a given Course with your Organization or with the Training Provider who has a contractual agreement with Your Organization for accreditation and fulfillment of a contract.

2. How DASA Uses Information

2.1. We use, store, and process information about you to provide, understand, improve, and develop the DASA offerings including our Platform, Products and Services, and to create and maintain a trusted and safe environment. 

2.2. Information from You may be shared with other users on the Platform, or with Third Party Service Providers that perform certain services on our behalf, in connection to fulfilling services to you. 

2.3. Training Providers and other Third-Party Service providers may have access to personal information needed to perform their functions but are not permitted to share or use such information for any other purposes unless this is specifically required by law, or in order for Training Providers or other Third Party Service Providers to comply with accreditation or registration requirements during the provisioning of DASA Products or Services. 

2.4. We may use and disclose Personal Information only for the following purposes: 2.4.1. To send you System Alert messages. For example, we may inform you of temporary or permanent changes to our Services, such as planned outages, new features, version updates, releases, and changes to our Privacy Policy. 

2.4.2. To communicate with you about your user account on the Portal and provide customer support. 

2.4.3. To enforce compliance with our End User License Agreement and applicable law. This may include developing tools and algorithms that help us prevent violations. 

2.4.4. To protect the rights and safety of our Training Providers and third parties, as well as our own.

2.4.5. To provide information to representatives and advisors, including attorneys and accountants, to help us comply with legal, accounting, or security requirements. 

2.4.6. To transfer your information in the unlikely event of a sale, merger, consolidation, liquidation, reorganization, or acquisition. In that event, any acquirer will be subject to our obligations under this Privacy Policy including your rights to access and choice. We will notify you of the change either by sending you an email or posting a notice on our Website. 

2.5. Data Collected by Training Providers 

2.5.1. End Users data shall not belong to DASA and shall not be used by DASA for marketing, communication or other commercial purposes unless we specifically ask permission and you grant this permission to The End Users data shall be used by DASA in provisioning of Services or where You may require support to access or use Items available from DASA.

2.5.2. We shall at all times comply with relevant European data privacy directives that are applicable to DASA. We value your information, and take reasonable measures to protect your information. 

2.5.3. We reserve the right to view or remove your content for any reason at our discretion. Reasons may include quality assurance, accreditation requirements, contractual requirements or legal requirements/considerations (for example if we believe or have received evidence that your use of My DASA or Talent Academy is unlawful, unauthorized, or otherwise may result in a liability to us or anyone else). 

3. Training Providers Responsibility Related to Data Collected Through the DASA Portal, Product & Services

3.1. In agreeing to use the DASA Portal, Product & Services, DASA Members and Your Organization represent and warrant that their use of DASA Talent Solutions, Guidance products, Training and Certifications, & Event & Community and any other product or services that DASA will introduce will comply with all applicable data privacy laws. They are responsible for determining whether their use of the DASA Portal, Products and Services is suitable in light of regulations like HIPAA, GLB, EU Data Privacy Laws, or other laws. 

4. General Use of Portal Data

4.1. If You no longer want any personal data to be stored by My DASA or Talent Academy , and your account is managed by Your Organization, you have to inform Your Organization. If an End User contacts DASA to remove his/her personal data, we will pass on the request to Your Organization who acts as the Data Controller within a reasonable time. It is the responsibility of Your Organization to act on the request. In all other cases DASA will remove your personal data within a reasonable time. 

4.2. DASA will retain personal information we process on behalf of our Members for as long as needed to provide our services, or to comply with our legal obligations, contracts, resolve disputes, prevent abuse, or enforce our agreements. There are several training and certifications that you might take on My DASA or Talent Academy that require us to keep your data in our records as part of the service agreements and regulations with accrediting bodies, under which DASA operates. In such cases, it wouldn’t be possible for us to delete your personal data without the specific written guidance received from accrediting organizations. 

5. Third-Party Services Providers

5.1. We use a variety of third party service providers to help us provide services related to the Platform. Service providers may be located inside or outside of the European Economic Area (“EEA”). 

5.1.1. For example, service providers may help us: (i) verify or authenticate your identification, (ii) check information against public databases, (iii) assist us with background checks, fraud prevention, and risk assessment, or (iv) provide customer service, fulfillment, or payments services. These providers have limited access to your information to perform these tasks on our behalf, and are contractually obligated to use it in a manner consistent with the DASA Privacy Policy. 

5.2. DASA Payment Services. DASA may contract with other companies to provide payment services and facilitate your use of the Platform. We provide these companies with only the information they need to perform their services and work closely with tem to ensure your privacy is respected and protected. These companies are prohibited by contract from using this information for their own marketing purposes or from sharing this information with anyone other than DASA. 

We use a Third Party payment processor to process payments made to us. In connection with the processing of such payments, we do not retain any personally identifiable information or any financial information such as credit card numbers. Rather, all such information is provided directly to our Third Party processor depending on your location, whose use of your personal information is governed by their respective privacy policies. Your credit card data is tokenized and is not being retained by DASA. 

5.3. DASA Fulfillment Services. DASA may share your personal information to provide fulfillment services and facilitate your use of the DASA Portal, product and services.We provide these companies with only the information they need to perform their services and work closely with tem to ensure your privacy is respected and protected. These companies are prohibited by contract from using this information for their own marketing purposes or from sharing this information with anyone other than DASA. 

5.4. Cookies and other Analytic Tools. DASA may use “cookies” and other technologies, such as Google Tag Manager, to gather information about your activities on the Platform. These tools collect data to help us improve the functionality of our website, make it more useful, and make it easier to use. By visiting our website, you acknowledge that you accept and consent to our privacy practices, as well as the privacy policies of the tools listed below. When Items are consumed through My DASA or Talent Academy , anonymous network information may be transmitted back to us, such as Item usage information. This information is transmitted back to us so we can determine how users are interacting on the Platform, to assist us with improving DASA offerings, and to correct any problems that may occur. Users can control the use of cookies at the individual browser level. 

5.5. Our websites make use of Google Analytics, a web analytics service provided by Google, Inc. (“Google”). The information generated by the cookie about your use of our website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of our website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. Further information about Google’s privacy policy may be obtained from http://www.google.com/privacy.html

5.6. Other Third-Party Service Providers. To best provide our services, we work with a few other companies which will only have access to the information they need to provide the service as agreed with DASA. Here is a list of the essential service providers we work with, and their respective privacy policies to provide a great experience.

5.6.1. Adobe EchoSign for signing agreements electronically

5.6.2. Amazon Web Services (AWS) for hosting DASA’s servers

5.6.3. Facebook for simple, optional social sharing

5.6.4. LinkedIn for simple, optional social sharing

5.6.5. Digify to control access and security of documents

5.6.6. MailChimp for sending email updates

5.6.7. Typeform for online forms and surveys

5.6.8. Twitter for simple, optional social sharing

5.6.9. Vimeo for video content

5.6.10. Zoom for virtual conference and customer support

5.6.11. Mettl – for conducting assessments
(https://pages.mettl.com/gdpr-compliance?utm_source=GDPR&utm_cam paign=GDPR )

5.6.12. Freshworks for technical support

5.6.13. Mollie for payment processing

5.7. Linked websites and Third-Party Services 

5.8. DASA may provide links to other Third-Party websites and services whose data protection practices are outside of our control, and therefore fall outside the scope of this policy. We encourage you to review the privacy policies posted on these (and all) sites you visit or services you use. 

6. Protection of Personal Information

6.1. Safeguarding Your Information. DASA is committed to protecting the Personal Information you share with us. We utilize a combination of industry- standard security technologies, procedures, and organizational measures to help protect your personal information from unauthorized access, use or disclosure. We recommend that you take every precaution to protect your personal information and Account information and also instruct your authorized personnel in using the Portal appropriately. 

6.2. Notice of Breach of Security. If a security breach causes an unauthorized intrusion into our system that materially affects our Members or their End Users, then we will notify you as soon as possible and later report the action we took in response. 

6.3. Compliance with Law. DASA may disclose your information to courts, law enforcement or governmental authorities, or authorized third parties, if and to the extent we are required to do so by law or if such disclosure is reasonably necessary: (i) to comply with legal process and to respond to claims asserted against DASA, (ii) to respond to verified requests relating to a criminal investigation or alleged or suspected illegal activity or any other activity that may expose us, you, or any other of our users to legal liability, (iii) to enforce and administer our Terms of Service or other agreements with Members, (iv) for fraud investigation and prevention, risk assessment, customer support, product development and debugging purposes, or (v) to protect the rights, property or personal safety of DASA, its employees, its Members, or members of the public. 

6.4. Accuracy and Retention of Data. We do our best to keep your data accurate and up to date, to the extent that you provide us with the information we need to do so. If your data changes (for example, if you have a new email address), then you are responsible for notifying us of those changes. Upon request, we will provide you with information about whether we hold, or process on behalf of a third party, any of your Personal Information. We will retain your information for as long as your account is active or as long as needed to provide you with our Services. We may also retain and use your information in order to comply with our legal obligations, resolve disputes, prevent abuse, and enforce our Agreements. 

6.5. Access. We will give registered users access to any Personal Information we hold about them within 30 days of any request for that information. Individuals may request to access, correct, amend or delete information we hold about them by writing to info@devopsagileskills.org. Unless it is prohibited by law or the information is necessary for the performance of a contract to which the data subject is party, we will remove any Personal Information about an individual, from our servers at your or their request.

6.6. Compliance. Our servers are located in the European Union, so your information may be transferred to, stored, or processed in the EU. While the data protection, privacy, and other laws of the European Union may differ from those in your country, we take many steps to protect your privacy. By working with DASA, you understand and consent to the collection, storage, processing, and transfer of your information by our facilities in the European Union and those third parties with whom we share it as described in this policy. 

7. Contacting Us About Privacy

If you have any questions or complaints regarding this Privacy Policy, you may contact: Info@devopsagileskills.org