Skip to main content

Privacy Policy

Last Updated: September 13, 2024

The National Center for Construction Education and Research Ltd. d/b/a NCCER (“NCCER”) respects your privacy and is committed to protecting it through compliance with this Privacy Policy (the “Policy”).

This Policy explains how NCCER may collect, use, share, and safeguard information on www.nccer.org, www.byf.org, NCCER’s mobile websites, NCCER’s microsites, NCCER’s mobile applications, NCCER’s social media sites, NCCER’s testing systems and platforms, and any other digital services and platforms officially operated or used by NCCER occasionally (the “Sites” or “Services”).

Our Policy consists of both this Privacy Policy and where applicable, the GDPR Privacy Notice. If you are a resident of a country located in the European Union, or the European Economic Area, including Switzerland and the United Kingdom, please refer to our GDPR Privacy Notice for more information about your rights and our obligations, which applies to Personal Information on EU residents collected by us.

Please read this Policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, you have the choice not to use our Sites. By accessing or using the Sites, you agree to this Policy. This Policy may change periodically. Your continued use of the Sites, after we make changes, is deemed to be acceptance of those changes. Therefore, please check the Policy regularly for updates.

Changes to the Policy

As NCCER, its credential-holders, products, and services change occasionally, this Policy is expected to change as well. We reserve the right to amend the Policy at any time, for any reason. The date of the last revision to the Privacy Policy will be indicated by the “Last updated” date at the top of this page.

Protection of Children’s Privacy

NCCER does not knowingly collect any personal information from children.  If you are under the age of 13, you are not permitted to use the Sites or Services.  Consistent with the Children’s Online Privacy Protection Act (“COPPA”) and the General Data Protection Regulation, the Sites and Services are not intended for use by anyone under the age of 13.

If you are a parent with concerns about children’s privacy issues in conjunction with use of the Sites or Services, please contact NCCER.  NCCER encourages parents to discuss this Privacy Policy and the dangers of providing personal information online.

Information We Collect

Personally Identifiable Information: We may collect information (whether online, by phone, or by paper) that identifies you (“Personally Identifiable Information”) when you:

  • provide such information on our Sites
  • apply or register for NCCER events
  • donate funds to NCCER
  • otherwise interact with NCCER.

The types of Personally Identifiable Information collected may include:

  • your name
  • gender
  • address, including country
  • an official form of identification
  • phone number
  • birth date
  • billing and delivery information
  • email address
  • demographic information
  • educational history
  • information about your profession or business.

Non-Personal Data: As you interact with our Sites, we may also collect information about your browsing history or certain other information that is not Personally Identifiable Information. We collect this data through our use of a variety of technologies (collectively, the “Non-Personal Data”), including, but not limited to,

  • cookies
  • tags
  • beacons
  • Internet Protocol (IP) address
  • other tools.

“Cookies” are small files that we transfer to your computer’s hard drive or your Web browser memory to enable our systems to recognize your browser and to provide convenience and other features to you, such as recognizing you as a frequent user of the Sites.

“Tags” and web beacons refer to code scripts that are primarily used to track visitors’ activities on our Sites using web analytics software.

“Web beacons” are tiny graphics with a unique identifier, similar in function to cookies, and may be used to track the online movements of users, when an email has been opened, and to provide other information.

NCCER may add other means for collecting data, periodically.

The types of non-personal data collected on our Sites may include:

  • the search terms you used
  • new or returning user
  • browser information
  • computer type
  • operating system
  • internet service providers
  • website usage
  • referring/exit pages
  • platform type
  • date/time stamp
  • number of clicks

Additionally, cookies, tags, and other tools placed by third parties may collect other information about you and your visits to Sites and elsewhere on the Internet including, but not limited to,

  • your interests
  • industry and profession related information
  • education and job-related information
  • other information that is of interest to NCCER, its affiliates and its accredited network of companies to better provide its curriculum, training, credentialing resources and other services.

How We Use and Share Personally Identifiable Information

Once collected, we may use your Personally Identifiable Information in a variety of ways including, but not limited to:

  • providing service communications such as statement and other reminders, order confirmations, program registrations, and customer service messages
  • responding to your emails or online requests for products, services, or information
  • performing various accounting processes and/or providing you with donation letters
  • delivering and processing surveys
  • personalizing and improving the usability of the Sites
  • fulfilling and/or delivering NCCER products and services
  • sharing with third parties as required by law or to protect NCCER as described below.

In addition, we may also use your Personally Identifiable Information through the following:

  1. Sharing your Personally Identifiable Information for the purpose of online verification of your NCCER credentials – online verification of NCCER credentials is publicly available on NCCER’s registry website at registry.nccer.org and may be used by anyone with access to your NCCER card number to verify and validate your NCCER credentials.
  2. Sharing Your Personally Identifiable Information to Fulfill Service Requests and Perform Business Functions – When fulfilling service requests, which you have initiated, we may share your Personally Identifiable Information with certain third parties to fulfill the requests. We may also share such information with service providers that perform business functions for us. For example, NCCER occasionally hires other companies to provide limited services on our behalf including, but not limited to,
  • order fulfillment
  • packaging
  • answering customer questions about products or services
  • consulting services
  • data modeling
  • printing
  • sending postal mail, and
  • processing event registration(s).

In such cases, NCCER may share your Personally Identifiable Information.

  1. Sharing Your Personally Identifiable Information When Legally Necessary or to Protect NCCER’s Interests – NCCER may disclose your Personally Identifiable Information if required to do so by law or in the good-faith belief that such action is necessary to: (a) conform to legal requirements or comply with legal process served on NCCER; (b) protect and defend the rights or property of NCCER; or (c) protect the personal safety of NCCER personnel or members of the public in appropriate circumstances. In addition, if NCCER and/or its assets (or a portion of its assets) are sold, assigned, transferred, or merged, or if NCCER undergoes some other change including a change to its corporate form as part of a bankruptcy proceeding or otherwise, information may be transferred as part of that transaction or change.
  2. Sharing Your Email Address Pursuant to NCCER Policy – Your e-mail address will only be used by NCCER and its affiliates. We do not sell or rent e-mail addresses to anyone outside NCCER. NCCER will not share e-mail addresses with unrelated third parties, except to enable NCCER to take security measures to help protect against unauthorized access to or unauthorized alteration, disclosure, or destruction of data, or as necessary for such third party to perform certain services on our behalf, such as packaging, mailing and delivering products and processing event registrations and to respond to your service requests.

How to Manage the Sharing of Your Personally Identifiable Information

You can manage your profile and e-mail preferences, including opting out of e-mail, by contacting us via the contact information provided below.

How We May Use and Share Non-Personal Data

While using various technological tools, we may collect Non-Personal Data to improve the usability of our Sites/Services and for other business reasons. We may share the Non-Personal Data we collect with third parties or permit third parties to place tools like cookies, tags and web beacons, to collect additional Non-Personal Data when you browse our Sites. We or other third-party companies may then use the Non-Personal Data to provide advertisements and targeted advertisements (ads based on the Non-Personal Data) to you. We do not share Personally Identifiable Information with third parties with whom we share your Non-Personal Data. Please note that you may be subject to the privacy policies of other non-NCCER companies when you select an advertising link or other link that takes you to sites not operated by NCCER.

How You Can Manage the Collection of Non-Personal Data

Third-party advertising companies may collect data about your visit to our Sites and others to provide you more relevant advertising here and elsewhere on the Internet. This type of advertising is known as Online Behavioral Advertising. You can stop this collection and use of data for these purposes by companies participating in the Digital Advertising Alliance (“DAA”) by visiting the “Opt Out From Online Behavioral Advertising” website. By opting out, the ads you see may be less relevant, and you may continue to see other non-targeted advertisements on our Sites and elsewhere.

Information Security

NCCER implements commercially reasonable security measures to help protect against unauthorized access to or unauthorized alteration, disclosure, or destruction of the data we collect. Except for the sharing of information as set forth in this Privacy Policy, we restrict access to personal information to certain companies who may need to know that information in order to operate, develop, repair, or improve our services. These individuals or partner organizations are bound by confidentiality obligations and may be subject to discipline, including but not limited to termination and criminal charges, if they fail to meet these obligations.

Unfortunately, no data transmission over the Internet can be guaranteed to be completely secure. Accordingly, and despite our efforts, NCCER cannot guarantee or warrant the security of any information you transmit to us, or to or from our online products or services. If you have questions about this Privacy Policy, please contact us. In no case should you send Personally Identifiable Information, credit card numbers, or other personal information about yourself or anyone else to NCCER via non-secure means such as email, uploading scanned images or pictures of forms of identification via other non-secure channels.

User ID and Password

Certain areas of the Sites may require the use of a user ID, email address, or password as an additional security measure that helps protect your information. To help you protect your privacy, NCCER Sites have tools to help you log in and log out.

Linking to Other Internet Sites

You should be aware that other Internet sites that are linked from the Sites or from a NCCER email message may contain privacy provisions that differ from the provisions of this Policy. To ensure your privacy is protected, we recommend that you review the privacy statements of these other linked sites, applications, or other digital platforms.

How You Can Access and Change Information

If you are a registered user of the Sites, subscriber to NCCER publications, purchaser of NCCER products and services, or the holder of an NCCER credential or certification, you may review and update/correct your information by accessing your account (using your user credentials) at nccer.org/sign-in.

Reporting a Privacy Incident

If you suspect that your personal data has been compromised or if you have identified a potential privacy incident, please follow the steps below to report it:

  1. Immediate Action: As soon as you become aware of a potential privacy incident, take immediate steps to secure your data. This may include changing passwords, securing your devices, and notifying relevant authorities if necessary.
  2. Contact Information: Report the incident to NCCER using the following contact details:
    – Email: support@nccer.org
    – Phone: +1-888-622-5200
    – Mail: Director of Legal & Compliance, NCCER, 13614 Progress Blvd., Alachua, FL 32615
  3. Incident Details: Provide a detailed description of the incident, including:
    – The nature of the incident (e.g., data breach, unauthorized access, etc)
    – The date and time of incident occurred or was discovered
    – The type of personal data involved
    – Any actions you have already taken to mitigate the incident
  4. Supporting Evidence: If possible, include any supporting evidence such as screenshots, emails, or other relevant documents that can help us understand and investigate the incident.
  5. Follow-Up: NCCER will acknowledge receipt of your report within 1 business day and will provide you with updates on the status of the investigation and any actions taken to address the incident.
  6. Confidentiality: All reports will be treated with the utmost confidentiality. We are committed to protecting your privacy and will only use the information provided to investigate and resolve the incident.

By following these steps, you help us ensure that any privacy incidents are promptly addressed and that your personal data remains secure.

Data Removal/Destruction

NCCER has internal procedures in place to ensure that personal information collected is securely erased and/or destroyed once it is identified for destruction.  Records may be identified for removal or destruction if: (i) required by law, (ii) required by contract with a state or local government training provider, or (iii) if requested directly by you.  To request removal or deletion of your data, contact NCCER.  In general, NCCER will maintain and re-disclose your training and certification records indefinitely for the purpose of allowing employers to validate your NCCER credentials.  Your training and certification record includes the student’s first name, last name, NCCER number and training transcript (“NCCER Record”).

Your Consent

BY VISITING NCCER’s SITES, YOU ARE ACCEPTING THE TERMS THAT ARE SET FORTH IN THIS POLICY AND ARE CONSENTING TO THE COLLECTION AND USE OF YOUR INFORMATION BY NCCER.  WE WILL POST ANY CHANGES TO THIS POLICY WE MAY MAKE FROM TIME TO TIME ON OUR SITES. IF YOU DO NOT AGREE TO THIS POLICY, OR TO ANY CHANGES WE MAY SUBSEQUENTLY MAKE, IMMEDIATELY STOP ACCESSING OUR SITES.